Security engineer jobs in Spring Hill, TN

The Cybersecurity Engineer is responsible for the technical implementation and management of cybersecurity measures. This role involves extensive hands-on work with security technologies, developing and maintaining security protocols, and ensuring the protection of sensitive data. The Cybersecurity Engineer collaborates within the various IT teams to integrate security solutions into business projects and solutions, while supporting overall compliance with HIPAA regulations. Technical Implementation: Architect, deploy, and maintain enterprise-grade security technologies, including firewalls, intrusion detection/prevention systems, encryption platforms, and vulnerability management tools. Implement and support security controls for network infrastructure such as routers, switches, and wireless access points. Configure, administer, and secure Active Directory and Azure AD environments. Deploy and oversee endpoint protection platforms and Security Information and Event Management (SIEM) solutions. Manage Microsoft 365 security capabilities, including conditional access, data loss prevention (DLP), and advanced threat protection. Evaluate, test, and recommend new security tools, processes, and technologies to strengthen the organization's security posture. Security Operations: Continuously monitor systems for security events, investigate alerts, and respond to incidents with appropriate documentation. Perform ongoing risk assessments and vulnerability scans to identify exposures and drive remediation efforts. Lead technical response efforts during security incidents or breaches in coordination with the incident response team. Administer and monitor Identity and Access Management (IAM) systems to ensure secure and appropriate access. Conduct routine vulnerability assessments and threat analysis to support continual improvement. Perform digital forensics and incident response activities as needed. Compliance: Ensure adherence to HIPAA and all applicable regulatory and security standards. Design and implement technical safeguards that protect sensitive information and support organizational objectives. Collaboration: Partner with IT and business teams to embed security controls into systems, applications, and workflows. Educate and support staff on cybersecurity awareness, best practices, and evolving threats. Documentation: Create and maintain accurate documentation for security configurations, procedures, and incident activity. Remain informed on current cybersecurity trends and recommend enhancements to existing controls. Security Audits: Plan and conduct scheduled and ad-hoc security audits to validate adherence to security policies and standards. Security Standards and Policies: Develop, review, and update security policies and standards in alignment with industry best practices and regulatory requirements. Security Infrastructure Maintenance and Monitoring: Configure, troubleshoot, and maintain security-related hardware and software. Implement and manage monitoring tools to detect intrusions and potential security breaches. Security Strategy Development: Support the planning, execution, and ongoing refinement of the organization's information security strategy. Adhere to organizational policies, procedures, and safety standards; complete required training annually; contribute to performance goals and quality improvement initiatives. Perform additional duties as assigned. Minimum Education: Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related discipline required. Minimum Experience: Ten (10) years of overall IT experience, including at least five (5) years of hands-on cybersecurity leadership with demonstrated success designing, engineering, and deploying security solutions in an enterprise environment. Certifications: Relevant industry certifications such as CISSP, CISM, CISA, CCSP, CEH, Microsoft Azure Engineer, or equivalent are required.

Knoxville, TN | Cybersecurity Engineer | Full-time We are actively recruiting a Cybersecurity Engineer for our client in Knoxville, TN. This is a hybrid direct placement opportunity that will require some onsite work in Knoxville. The successful candidate will be responsible for the design, implementation, and ongoing management of advanced cybersecurity measures to protect sensitive data, systems, and networks. This role involves hands-on work with a wide range of security technologies, development and enforcement of security protocols, and proactive risk mitigation. The engineer collaborates with cross-functional IT teams to integrate security solutions into enterprise projects and ensure compliance with applicable regulatory requirements, including HIPAA. Must have a minimum of five years' experience in cybersecurity engineering, with a proven track record in designing and implementing security solutions within an enterprise environment. Due to client request, candidates must be eligible to work in the United States without sponsorship. Equal Opportunity Employer/Veterans/Disabled

Bellatrix-Latin for "Female Warrior" Owned and operated in a HUBZone, with over 25 years in the HR, Talent Acquisition and Government Contracting. Like the Bellatrix Star in the Orion Constellation, our Team Members are the Brilliance of the company, and are all shareholders, leading the company to success. Bellatrix prides itself on being a Small Woman Owned HUBZone company. We believe big does not equal best. By staying small, we can focus on agility, efficiency, and our people. At Bellatrix we believe in advancement from within through training, mentorship, innovation and truly being a family. Bellatrix believes in excellence in customer service, and catering to the customer's needs. We realize not everyone fits into a box, and we think outside of the box to ensure, affordable and outstanding services. Human Resources, Retention and Recruiting, and Medical Coding/Billing are the HRM of Bellatrix. Come and join our team, where you are a team member and shareholder, working together for growth. Bellatrix has the current position open as a direct W2, Fulltime position for one of our top clients in the Huntsville, AL Market. This position requires a Secret Clearance and is on location with the Missile Defense Agency Title: Cyber Security Analyst Location: Onsite-Huntsville, AL Program: MDA, C3BM and C2BMC Number of Openings: 2 Immediate Direct Hire Clearance: Secret Travel: 25% Salary Range: $150,000-165,000, DOE General Overview: Command, Control, Communications, and Battle Management (C3BM) cyber engineering efforts include engaging in Command, Control, Battle Management, and Communications (C2BMC) technical engineering and integration, future concepts, new functionality, and multi-national exchange designs. Cyber engineering tasking includes participation in reviews and assessments of C2BMC cyber security and documentation. Collaboration with MDS stakeholders is required to prepare C2BMC cyber products as part of the engineering objectives documentation and analysis processes as related to Defense Of Guam (DoG).Other activities include participation in engineering meetings, presenting engineering product development updates, providing analysis and failure review summaries. Responsibilities: Understand cybersecurity aspects of systems engineering development, as well as DoD cybersecurity requirements, and be capable of recommending changes to the Government about the contractor's system engineering development process. Perform cybersecurity risk assessment reviews to include changes, modifications, and/or updates of software and/or hardware to individual information systems and/or enterprise environment. Familiarity with Configuration Management to include oversight and engineering assessments of Cybersecurity fixes, patch development, and pre-release testing in support of DoG. Performing cybersecurity risk assessment describing the posture of an individual information systems through an enterprise architecture in support of DoG. Will directly support the Software Assurance program for C2BMC. Includes ability for assessments of code reviews and approvals/disapprovals of software products for use on Mission, Training and Test/Development C2BMC systems is support of DoG Requirements: Bachelor's degree in STEM program: Computer Science, Information Technology, Network Engineering or other similar program 5+ years of Related Experience Secret Clearance Familiarity with MDS cyber capabilities and policy Familiarity with Missile Defense Agency, Ballistic Missile Defense System, and/or C3BM Program Office work efforts Security +, CE with a preferred certification level of CISSP Ability to work independently within a dynamic environment Apply cyber engineering and solutions to support real-world test, integration, and operations Work within a collaborative environment composed of Government, prime contractor, sub-contractor and supporting contractor personnel in a badge-less contractor environment Bellatrix is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.

Job Description: with a base location in Louisville, KY. What the Role Is The Information Security Engineer is responsible for strengthening and supporting Heaven Hill's cybersecurity program. This hands-on technical role focuses on implementation, monitoring, and continuous improvement of security controls across cloud and on-premise environments. The Engineer supports governance and risk management efforts and plays a key role in incident response and in deploying and maintaining secure technology solutions. This position will collaborate with IT and business units to ensure Heaven Hill's data and systems remain resilient against evolving threats, while helping enable secure and efficient access through identity and access management solutions. This role is instrumental in advancing Heaven Hill's overall security maturity and ensuring that cybersecurity enables, rather than limits, innovation and operational excellence. How You Will Spend Your Time? Security Engineering & OperationsDesign, implement, monitor, and maintain security controls across cloud, identity, endpoint, and network environments. Implement and manage Privileged Access Management (PAM) and Role-Based Access Control (RBAC) programs that align with business needs and support POLP (Principle of Least Privilege). Support and enhance Identity Management solutions, including user provisioning, Single Sign-On (SSO) integrations, and secure application configurations. Support secure configuration and hardening of Windows and Linux servers, as well as Windows and mac OS workstations. Manage and maintain DNS and domain registrar configurations to ensure secure and reliable name resolution and domain integrity. Implement, integrate, and manage authentication, including Kerberos, FIDO2, Smart Cards, passkeys, certificate-based authentication, and TLS or key management solutions. Administer and support Public Key Infrastructure (PKI), including certificate issuance, renewal, and lifecycle management. Perform vulnerability scanning and coordinate remediation activities. Administer and optimize core security platforms such as endpoint detection and response (EDR) and security information and event management (SIEM) systems, including alert tuning, integration, and incident response support. Develop and maintain automation or scripting (e. g. , PowerShell, Python) to improve efficiency in security monitoring, configuration management, and response processes. Monitor security events, investigate incidents, perform root cause analysis, and drive post-incident improvements. Collaborate with IT and business teams to ensure security considerations are integrated into infrastructure and project planning from the outset. Risk & GovernanceConduct and document formal risk assessments, identify, evaluate, and communicate risk mitigation strategies. Develop, update, and maintain cybersecurity policies, standards, and procedures aligned with the NIST framework. Partner across the business to build awareness, ensure accountability, and foster a risk-informed culture. Support security aspects of vendor assessments and technology evaluations. Collaboration & Continuous ImprovementProvide security guidance for new initiatives, integrations, and system changes. Contribute to incident response planning, tabletop exercises, and lessons-learned reviews. Develop, maintain, and refine security operations and incident response playbooks to support consistent and effective response activities. Stay informed on emerging threats, technologies, and best practices relevant to manufacturing and spirits production environments. Who You Are… Required Skills and Experience:Bachelor's degree in Cybersecurity, Computer Science, Information Systems, or equivalent experience along with Information Technology related associate's degree. Minimum 5 years of experience in cybersecurity engineering and/or IT engineering. Strong cloud security experience, including the design input, configuration, and operation of controls in cloud and hybrid environments. Hands-on experience with Microsoft Entra ID (Azure AD), including Conditional Access, identity lifecycle management, and integration within hybrid Active Directory environments. Experience with enterprise email security, endpoint protection, network security, data protection. Experience implementing and managing Microsoft Purview for data protection, governance, and compliance. Experience supporting third-party risk management or vendor assessments. Strong understanding of identity, endpoint, and network security architectures and their integration across enterprise environments. Experience performing root cause analysis during and after security incidents. Experience developing or contributing to security documentation such as policies, standards, or procedures. Strong communication skills across technical and non-technical audiences. Experience in manufacturing or industrial environments. Familiarity with OT/ICS security principles, including network segmentation, asset visibility, and industrial protocol security. Valued but not Required Skills and Experience:Professional certifications such as CISSP, CISM, CRISC, or equivalent. Understanding secure application deployment or DevSecOps principles. Physical Requirements While performing duties of job, employee is occasionally required to:Stand; walk; use hands and fingers to handle or feel objects; use a computer; and reach with hands and arms. Occasionally lift and/or move up to 20 pounds. BenefitsPaid Vacation11 Paid HolidaysHealth, Dental & Vision eligibility from day one FSA/HSA401K match EAPMaternity/Paternity Leave Heaven Hill and its affiliates are committed to fostering a diverse workforce as an Equal Employment Opportunity company. We invite applications from candidates of all backgrounds, without regard to race, religion, color, sex, sexual orientation, natural origin, gender identity or expression, age, disability, veteran status, or any other legally protected characteristic.

The Security Engineer is responsible for ensuring that technical and procedural security controls are established and maintained within the organization and complies with a variety of security requirements as well as industry best practices. The position works closely with the Information Security Officer, IS leadership, and team members to implement and maintain security and compliance across LBMC. The Security Engineer will assist in managing Security Systems such as various endpoints, network logging, monitoring, physical access methods, and preventive systems as needed. The Security Engineer must focus on continuous improvement of response capabilities through automation and critical thinking. The professional is responsible for scrutinizing malware, targeted attacks, and intrusion detection. The Security Engineer will identify, investigate, and respond to information security alerts. They play an active role in searching through datasets, alerts, and notifications to detect any threats and anomalies. The security engineer will help resolve any issues related to network perimeter and security infrastructure devices. They must help resolve Windows and other security vulnerabilities. The Security Engineer must be able to dissect network, host, memory, and other artifacts that are originating from multiple operating systems and applications. The engineer will perform enterprise-wide operations to identify any undetected threats. It is the responsibility of the security engineer to develop alerting and detection strategies to investigate any unusual behavior. They must develop new defensive techniques to recognize any changes in adversary techniques and tactics. The Security professional must be involved in incident response and investigations. The Information Security Engineer may suggest tools and techniques to achieve security goals. The Security Engineer may perform well-researched security enhancement suggestions to the ISO which meet security standards that protect the organization from possible security breaches. Essential Responsibilities * Security Alerts: Review, respond, and remediate where applicable; * Vulnerability remediation (may also be tasked with vulnerability administration, enhancements, scans, and automation development opportunities); * Phish campaign monitoring and resolution; * Analyze security systems and seek improvements on a continuous basis; * Report possible threats or software issues; * Research weaknesses and determine ways to counter them; * Understand software, hardware, and internet needs while adjusting them according to our business environment; * Assist fellow employees with cybersecurity, software, hardware, or IT needs; * Carry out and support information security plans and policies; * Respond to, investigate, and assist in recovery efforts related to a security breach; * Assist in Security Awareness training development and support; * Troubleshoot security and network problems; * Ensure the organization's data and infrastructure are protected by enabling and/or recommending appropriate security controls; * Participate and follow the change management process; * Daily administrative tasks, reporting, and communication within Information Security as well as relevant departments within the organization, as needed or directed; * Administer, configure, and troubleshoot security infrastructure devices such as Varonis; * Test new software and firmware, as needed or directed. Operational Management * Work closely with IS Engineering, Security Engineers/Analysts, and other IS departments on corporate technology development to fully secure information, computer, network, and processing systems; * Recommend and implement changes, where appropriate, related to security policies and practices in accordance with changes in local and federal law; * Creatively provide resolution to security issues/problems in a cost-effective manner; * Collaborate with the Information Security Officer to establish and maintain systems for ensuring security and privacy policies are met. * Other security responsibilities as directed by the Information Security Officer Other Qualifications * Minimum of 1 - 3 years progressive experience in Cybersecurity technology development/engineering, with an emphasis on cybersecurity technology installations projects, administration, development, support, and related security tools/technology implementations; * Position requires a 4-year degree in Information Systems, Computer Science, Information Security or similar. An equivalent combination of education and experience will be considered; * For those not meeting the minimum education, additional work-related experience will be deemed equivalent; * CISSP or related certification is an advantage; * Strong knowledge of core IT and Security infrastructures including Active Directory, Azure AD, Microsoft Windows security controls, SIEM, AV/EDR [specifically Microsoft o365/E5], IPS, PIM, PAM, IAM, Certificate Management, vulnerability scanners, etc.; * Working knowledge and experience in the following areas: * Cloud computing security in Azure/Windows environments, security controls, security capabilities identification; * Experience in working on Microsoft products and can learn new systems quickly; * Experience with Nessus, Sentinel, Log Analytics, M365 Security stack, penetration testing, security patching, AppLocker, etc.; * Strong verbal and written communication skills required; * Must be able to handle multiple, simultaneous tasks effectively and efficiently while maintaining a professional, courteous manner; * Must be able to work well with others; * Must be detail oriented and organized; * High integrity, including maintenance of confidential information; * Must be able to exercise good judgement and positively influence others, including handling confrontations/conflict with poise and efficiency; * Focus on continuously improving skillset to meet security changes and challenges; * Based on business need, ability to work a flexible schedule, including some evenings and weekends as approved in advance or as required to support a security issue; * Regular and reliable attendance required.

+ This position provides support to the Grid Operations and Planning Research area within client Company's Research & Development. + The engineer will support projects and in time lead efforts to deploy and evaluate the performance of emerging technologies in this arena. + The position is focused on cyber-physical security research for Transmission and Distribution. + The engineer will support cyber-physical security projects with power system and cyber modeling, simulation, and analyses to identify and characterize threats, and vulnerabilities and develop mitigation approaches. + Data from various sources and analytics tools will be leveraged to develop models to characterize normal power system and cyber data to facilitate the identification of anomalous events. + Working knowledge of intrusion detection, risk assessment frameworks, databases, data structures, computer networking is required as well as an aptitude to apply engineering analysis to solve problems. **Description:** + This position supports the Schatz Grid Visualization and Analytics Center (SGVAC) within client Company's Research & Development department. + The SGVAC is an innovation center that facilitates the research, pre-operational development and assessment and demonstration of situational awareness technologies for Transmission and Distribution. + Areas of focus include synchrophasor technology, next generation control center functionalities, cyber security testing, new visualization approaches, DERMS platform evaluation, data analytics as well as modeling and simulation including via a Real Time Digital Simulator (RTDS) with hardware-in-the-loop testing capability. **Qualification Requirements** + Experience in cybersecurity, including cyber security modeling and simulation + Experience with intrusion detection and risk assessment frameworks is required + Experience in power system modeling and simulation + Experience with data analytics including machine learning required + Experience with computer programming (Python, C#, SQL) desired **Job Responsibilities:** + Develop research plan to evaluate new technology + Manage multiple tasks at one time + Provide documentation of study assumptions and methods used to arrive at results + Provide informative reports and presentations on projects + Some overnight travel may be required but this is not extensive. **Other Knowledge, Skills & Abilities** + Must demonstrate good communication skills, both internal and external to the company + Must have excellent organizational skills + Must possess analytical skills as well as the ability to manage multiple projects simultaneously + Must work well in a team environment + Must have the ability to manage your own work schedule and work with limited direction + Must have strong initiative - a self-starter + Must be great at problem solving **Education:** + Bachelors in computer science, computer engineering, cyber security, information systems, electrical engineering or related field required + Advanced degree in EE, computer science or other related fields strongly preferred. **About US Tech Solutions:** US Tech Solutions is a global staff augmentation firm providing a wide range of talent on-demand and total workforce solutions. To know more about US Tech Solutions, please visit *********************** (*********************************** . US Tech Solutions is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, colour, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Your Work Shapes the World at Caterpillar Inc. When you join Caterpillar, you're joining a global team who cares not just about the work we do - but also about each other. We are the makers, problem solvers, and future world builders who are creating stronger, more sustainable communities. We don't just talk about progress and innovation here - we make it happen, with our customers, where we work and live. Together, we are building a better world, so we can all enjoy living in it. ERP SAP Application Security Analyst The Caterpillar Information Technology ERP SAP Application Security team is seeking a Senior IT Applications Analyst. As a member of the ERP Application Security team, you will be responsible for safeguarding the integrity, confidentiality, and availability of ERP systems by designing, implementing, and managing security policies and procedures. This role involves analyzing business requirements, configuring ERP roles and authorizations, monitoring user access, and ensuring compliance with internal and external regulations. What You Will Do: * Design, implement, and maintain SAP ERP security roles and authorizations to meet business and compliance requirements. * Use established ERP change and transport management methodology to promote approved changes to production. * Monitor and manage user access, segregation of duties (SoD), and privileged accounts within the ERP environment. * Track and resolve incidents, service requests, and system changes, ensuring proper documentation and compliance with change control processes. * Identify opportunities to optimize current processes, enhance system performance, and improve user experience. * Support technical and operational go-lives for deployments and software upgrades. * Participate in regular security audits, risk assessments, and vulnerability analyses to identify and address potential issues. * Collaborate with business stakeholders, IT teams, and auditors to ensure security controls align with organizational policies and regulatory standards. * Provide support for request and incident response, troubleshooting, and resolution of security-related ERP issues. * Maintain documentation of security policies, procedures, and changes within the ERP landscape. * Drive internal projects as needed to maintain client integrity. Top Candidates Will Have: * Excellent analytical, problem-solving, and communication skills. * AI skills for automation of manual team tasks * Expertise with audit processes, SOX compliance, and risk management principles. * Ability to support Sap Governance Risk and Control AC/PC * ECC to S4 conversion knowledge Skills Descriptors: * Core Application Systems: Knowledge of major production application systems used for delivery services to internal and external clients; ability to leverage major production application systems in diverse situations. * IT Standards, Procedures & Policies: Knowledge of Information Technology (IT) standards and policies; ability to utilize a variety of administrative skills sets and technical knowledge to manage organizational IT policies, standards, and procedures. * Business Process Improvement: Knowledge of business process improvement best practices and ability to use methods for identifying, evaluating, introducing, and implementing more efficient approaches to performing business related activities. * Accuracy and Attention to Detail: Understanding the necessity and value of accuracy; ability to complete tasks with elevated levels of precision. * Problem Solving: Knowledge of approaches, tools, techniques for recognizing, anticipating, and resolving organizational, operational or process problems; ability to apply knowledge of problem solving appropriately to diverse situations. * Application Design, Architecture: Knowledge of basic activities and deliverables of application design; ability to utilize application design methodologies, tools and techniques to convert business requirements and logical models into a technical application design. Implementation: Knowledge of how to run applications for organizations; ability to implement application software within an organization and help end-users perform specific tasks (ex: accounting or graphic design). * Requirements Analysis: Knowledge of tools, methods, and techniques of requirement analysis; ability to elicit, analyze and record required business functionality and non-functionality requirements to ensure the success of a system or software development project. * System Testing: Knowledge of system and software testing; ability to design, plan and execute system testing strategies and tactics to ensure the quality of software at all stages of the system life cycle. * Technical Troubleshooting: Knowledge of technical troubleshooting approaches, tools, and techniques; ability to anticipate, recognize, and resolve technical issues on hardware, software, application or operation. Additional Information: * Location for this role is Peoria, IL, Dallas, TX or Nashville, TN * This role requires 5 days onsite. * SPONSORSHIP IS NOT AVAILABLE. * This position may require 10% travel. * Relocation is not available. What You Will Get: * Our goal at Caterpillar is for you to have a rewarding career. Our teams are critical to the success of our customers who build a better world. * Here you earn more than just a salary because we value your performance. We offer a total rewards package that provides benefits on day one (medical, dental, vision, RX, and 401K) along with the potential of an annual bonus. Additional benefits include paid vacation days and paid holidays. * All qualified individuals - Including minorities, females, veterans, and individuals with disabilities - are encouraged to apply. About Caterpillar - Caterpillar Inc. is the world's leading manufacturer of construction and mining equipment, off-highway diesel and natural gas engines, industrial gas turbines and diesel-electric locomotives. For nearly 100 years, we've been helping customers build a better, more sustainable world and are committed and contributing to a reduced-carbon future. Our innovative products and services, backed by our global dealer network, provide exceptional value that helps customers succeed. Summary Pay Range: $110,520.00 - $165,840.00 Compensation and benefits offered may vary depending on multiple individualized factors, job level, market location, job-related knowledge, skills, individual performance and experience. Please note that salary is only one component of total compensation at Caterpillar. Benefits: Subject to plan eligibility, terms, and guidelines. This is a summary list of benefits. * Medical, dental, and vision benefits* * Paid time off plan (Vacation, Holidays, Volunteer, etc.)* * 401(k) savings plans* * Health Savings Account (HSA)* * Flexible Spending Accounts (FSAs)* * Health Lifestyle Programs* * Employee Assistance Program* * Voluntary Benefits and Employee Discounts* * Career Development* * Incentive bonus* * Disability benefits * Life Insurance * Parental leave * Adoption benefits * Tuition Reimbursement * These benefits also apply to part-time employees This position requires working onsite five days a week. Visa Sponsorship is not available for this position. This employer is not currently hiring foreign national applicants that require or will require sponsorship tied to a specific employer, such as, H, L, TN, F, J, E, O. As a global company, Caterpillar offers many job opportunities outside of the U.S which can be found through our employment website at **************************** Posting Dates: December 18, 2025 - December 30, 2025 Any offer of employment is conditioned upon the successful completion of a drug screen. Caterpillar is an Equal Opportunity Employer, Including Veterans and Individuals with Disabilities. Qualified applicants of any age are encouraged to apply. Not ready to apply? Join our Talent Community.

Job Requirements & Qualifications: •Designs, put into practice, administers, and supports multiple information security platforms, systems, and applications. Supports a variety of technologies in a hands-on manner. •Performs internal security risk assessments, security risk assessments of third party business partners, and detailed security risk assessments of various technologies. (Examples include directory services, database platforms, client and server operating systems, programming languages, web services, firewalls, remote access technologies, messaging platforms, encryption solutions, wireless technologies, internally-hosted applications, externally-hosted applications, and cloud services). •Supports defined Company operating principles via effective, pragmatic information security controls. Analyzes, defines, implements, and administers efficient business processes related to information security programs. Represents the information security function through pragmatic consultation and participation in a defined SDLC. •Maintains knowledge of current and up-and-coming security, compliance, and technical developments. Identifies present and prospective future vulnerabilities and collaborates with suitable leaders to identify, recommend, and develop risk remediation plans, ad to track remediation outcomes and timelines. •Works with the information security management team to administer, maintain, and continuously improve HIPAA, PCI DSS, SOX, and internal controls compliance programs, investigate known or suspected security incidents, support internal and external audits, and assist in the development of appropriate audit response Management Action Plans. •Promotes security best practices via awareness, example, and compliance with policies and regulatory requirements. •Uses project management best practices to initiate, manage, and close projects, often simultaneously across a variety of projects. Creates and maintains a variety of documents related to projects and information security. •Guide and cross-train junior department team members lead meetings construct and uphold strong partnerships with multiple departments coordinate vendor support engagements etc. Knowledge, Skills, and Abilities •Knowledgeable with and ability to apply time-proven, generally-accepted security management concepts, techniques, and methodologies. •Strong understanding of pragmatic implementation of information security controls, holistic defense-in-depth strategies, protocols used to interconnect networks, and publish application resources. •Strong, efficient written and verbal communication skills that enables effective communications to multiple audiences. •Ability to occasionally work unscheduled shifts and in an on-call capacity and be available for occasional travel (up to 25%). •Strong internal (security recommendations) and external (vendor support) negotiation skills. •Ability to influence and encourage others. •Strong understanding of PCI, HIPAA, and SOC regulatory requirements. •Development/analysis proficiency in one or more scripting languages. •Development/analysis proficiency in TSQL. •Capability to learn and preserve new skills required to adapt to growing business and technical environments. •Strong perceptive of present and emergent information security technologies and trends. Qualifications Work Experience and/or Education •Bachelor's and/or Master's degree in information security or computer information systems. •6+ years of information security generalist experience (broad and deep in data, application, system, and network security domains) with complex technical initiatives. •Active CISA, CISSP, or CISM certification. •Experience identifying and addressing security risks associated with host and network operating systems (e.g. Windows, Linux, AS400, PAN OS, AIX, Cisco IOS, etc.) enterprise services (e.g. directory services, email, web publishing, database, virtualization, etc.) content management, client-server, and collaboration, thin-client, and web-based applications enterprise applications (e.g. Lawson) cloud services (e.g. SaaS, IaaS, etc.) data storage, etc. •Hands-on SME/lead experience with the design, implementation, and administration of at least 5 of the following technologies: Palo Alto Networks, IBM Tivoli Endpoint Manager (BigFix), IBM QRadar (SIEM), Qualys Vulnerability Scanning Solutions, Tenable Nessus, Juniper SSL VPN GlobalScape EFT Server Symantec Data Loss Prevention (Vontu), RSA SecurID, and CyberArk Password Management. Additional Information

Provide support to the lead security Analyst in the planning and protection of employee computers and data networks. Monitor and track all security training and education. Assist with the scanning for and identification of security configuration management on computers and servers. Assist in the scanning for security breaches and the reporting of anomalies. Required Qualifications: Experience in administrative support & MS Office proficiency Bachelor's degree or 5 years of experience U.S. citizen and MUST possess a current active DoD Secret clearance Possess an understanding of cyber security principles and be able to obtain a security+ certification within 6 months Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. #clearancejobs

Cyber Security Analyst - (2400000X) Description AL-KHOBAR, KINGDOM OF SAUDI ARABIA Cyber Security Analyst Department Information Technology Institution Prince Mohammad bin Fahd University Reports to Manager - Cyber Security introduction The Cyber Security Analyst at Prince Mohammad bin Fahd University protects the university's digital assets, network, and data by identifying vulnerabilities, monitoring threats, and enforcing security measures. This role ensures compliance with security policies, supporting a safe environment for research and academic activities. Job Purpose The Cyber Security Analyst role is to safeguard the university's IT infrastructure by proactively monitoring, identifying, and addressing security threats. This position involves implementing security measures, responding to incidents, and ensuring compliance with security policies to protect data and maintain the integrity of university systems. The analyst plays a key role in supporting a secure environment for all digital and academic activities. Duties and Responsibilities Major Duties/ Responsibilities: · Monitor all networks and computer systems to prevent, detect, and investigate security breaches. · Perform penetration testing to ensure the company's networks are free of bugs that malware authors can take advantage of. · Design and implement multilevel security strategies to protect networks and data resources. · Plan computer and network security upgrades and test hardware and software related to the upgrade. · Stay up to date on new information technologies and apply those innovations in the company's security standards and best practices. · Lead analysis of current architecture, risk exposure and defining mitigation measures in order to develop suitable recommendations. · Highlight Cyber Security threats and prepare the official reports. · Lead assessments of company's security posture including benchmarking/maturity assessments. · Lead design of cyber security solutions and development of detailed technical specifications for the approved designs. · Lead implementation, integration and testing of approved security solutions. · Provide specialist technical support and address technical problems related to applications and production equipment to ensure any complex/escalated issues are handled with no or minimal downtime. · Oversee/perform preventive maintenance as per schedule to ensure relevant security systems/processes remain fit for purpose. · Provide subject matter expertise for cyber security related projects throughout its lifecycle to ensure delivery is as per plan/budget and client/TCC expectations. · Prepare and deliver technical presentations for successful project delivery · Lead cybersecurity evaluation and configuration review services · Anticipate future problem areas by monitoring workflows and network traffic patterns. · Prepare and perform cyber security awareness activities. · Prepare work papers documenting procedures performed and that fully support audit findings. · Assist IT operational audits in accordance with the annual audit plan. · Follows up the action plan progress (such as penetration tests, vulnerability scans) and ensures that recommendations are implemented in a timely manner · Assist staff members when they need help with security products and processes. Job-Specific Skills: · Working experience in a SOC or NOSC environment · Must have strong working knowledge of information technology, including applications, networks and systems. · Knowledge in performing IT Audit reports · Experience in performing Risk Assessments reports. · Experience in developing Business Continuity Plans and Disaster Recovery Plans · Knowledge in the usage of vulnerability assessment and penetration testing tools · Knowledge of security attacks techniques, familiar with MITRE ATT@CK framework · Experience in using MS Office, MS Visio, Project Management tool. · Experience in project management, problem-solving, training/coaching, presentation skills, and conflict resolution skills. · General knowledge of ISO 27001, ITIL or other control frameworks · Experience in writing SOP's - operation manuals · Independent, motivated, and ambitious personality Qualifications & Experience (Required) Bachelor's degree in computer science, technology or computer engineering 5 to 8 years of experience in progressively more complex and responsible operational roles within a dynamic Enterprise function Certified CompTIA Security+, CEH, CCNA, CCNP, CISSP (preferred) Experience in Cisco ASA, WatchGuard, Juniper, CheckPoint Firewall Knowledge of network and web protocols, and an in-depth knowledge of Linux/Unix tools and architecture Experience in Patch Management and vulnerably assessment. Knowledge and understanding of relevant legal and regulatory requirements. Knowledge of common information security management frameworks. Experience in Information Security and NCA controls implementation. Having experience in IT, Operational IT, Cybersecurity, incident detection, incident response, and forensics. Maintain quality service delivery by adhering to company standards and best practices. Strong attention to detail with an analytical mind and outstanding problem-solving skills. Familiarity with information technology concepts such as infrastructure, cyber security, and application controls. Great awareness of cybersecurity trends and hacking techniques. On-call network troubleshooting Knowledge, Skills and Abilities (Required) · Strong written and verbal communication skills · Strong focus on first time quality · Desire to grow technical skills and ability to learn new technologies swiftly · High attention to detail, self-starter, result driven · Ability to work in a cross-functional team · Professional, polite, and attentive while also being accurate · Always prepared and responsive, willing to meet each challenge directly · Teamwork · Problem solving, Leadership · Perseverance and motivation · Ability to work under pressure, Confidence · Managing ambiguity, Resilience · Analytical skills, IT skills Disclaimer PMU reserves the right to alter, amend and add responsibilities to this position in line with the institutional needs. Changes and amendments to this job description shall be within the academic framework and the general employment conditions. Primary Location: Al-KHOBARJob: AnalystOrganization: Information Technology DepartmentSchedule: Regular StandardJob Type: Full-time Job Posting: Feb 25, 2025, 9:10:34 AM

Job Title: Mid-Level Cybersecurity/Watch floor Analyst Clearance: MUST CURRENTLY POSSESS AND ACTIVE TOP SECRET CLEARANCE Noetic is currently seeking a motivated and detail-oriented Mid-Level Cybersecurity/Watch Floor Analyst to join our growing security team. In this junior-level role, you will play a key part in protecting our organization's digital assets by assisting in the detection, analysis, and response to cybersecurity threats and incidents. The ideal candidate will have foundational knowledge of security principles and a strong interest in security operations, with hands-on experience or coursework involving Splunk. BASIC QUALIFICATIONS: Minimum of 5 year of Splunk/SOC experience. Bachelor's in a computer science related field Active Top Secret Clearance Ability and willingness to do shift work MAIN RESPONSIBILITIES: Responsible for monitoring computer networks for security issues. Investigating security breaches and other cybersecurity incidents. Document security breaches and assess the damage they cause. Work with the security team to perform tests and uncover network vulnerabilities, such as penetration testing. Fix detected vulnerabilities to maintain a high-security standard. Recommend best practices for IT security. Installing security measures and operating software to protect systems and information infrastructure, including firewalls and data encryption programs. Must be capable of conducting analysis, confirming intrusion information and creating a forensically sound duplicate of the files. Decrypts data and provides technical summaries and input. Examines recovered data for relevant information and performs dynamic analysis to include timeline, statistical, and file signature analysis. Performs real-time cyber defense handling tasks to support deployable Incident Response Teams (IRTs). PREFERRED QUALIFICATIONS Microsoft Sentinel GIAC Continuous Monitoring Certification (GMON) GIAC Certified Incident Handler (GCIH) GIAC Certified Forensic Analyst (GCFA) GIAC Certified Intrusion Analyst (GCIA) GIAC Network Forensic Analyst (GNFA) Noetic Strategies Inc. offers a competitive salary, an extensive benefits package and a work environment that encourages excellence. For positions requiring a security clearance, selected applicants will be subject to a government security investigation and must meet eligibility requirements for access to classified information. Noetic Strategies Inc. is an equal opportunity and affirmative action employer that does not discriminate in employment. All qualified applicants will receive consideration for employment without regard to their race, color, religion, sex, age, sexual orientation, gender identity, or national origin, disability or protected veteran status. Noetic Strategies Inc. endeavors to make ************************ accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact noeticstrategies.com for assistance. This contact information is for accommodation requests only and cannot be used to inquire about the status of applications.

Network Security II DNS at DLS Engineering (on-site) DLS Engineering is seeking a Network Security II DNS professional for a full-time position in support of the Air Force Intranet Control (AFINC) support program at Gunter Annex in Montgomery, Alabama. This is an on-site position. As part of AFINC, the mission of the 26th Network Operations Squadron (26 NOS) is to provide mission assurance to the warfighter through the operation, management, and defense of the Department of Defense Information Network (DODIN). In the execution of its mission, the 26 NOS maintains network infrastructure, to include routers, switches, proxies, firewalls, servers, workstations, printers, Storage Area Networks (SAN) and test labs, to provide maneuverability and defense of both classified and unclassified networks. A day in the life: Install, monitor, configure, troubleshoot, upgrade, patch, harden, maintain, and operate intrusion detection/prevention systems, firewalls, load balancers, and web proxies to protect AFNet resources from both internal and external threats according to Department of Defense security standards Perform complex analytics on boundary protection systems to protect system assets from compromise, data loss, and other requirements. Perform Defense Cyberspace Operations (DCO) and DODIN operations. When I read the below it sounds like me: 5+ years of experience with Enterprise DOD boundary protection and CSSP operations. IAT-II Certification (required) Infoblox: Core DDI Administration OR Infoblox: Core DDI Troubleshooting certification Active Secret Clearance About DLS Engineering: DLS is an engineering firm with 30 years of Federal Government contracting experience. Our small business efficiencies coupled with a commitment to excellence allow us to provide reliable solutions with integrity for our nation's most critical defense and national security priorities. Other information: We offer a competitive salary and a 401k program with company match. We offer a comprehensive benefits package including health, vision, dental, life, and disability insurance. We offer a generous paid time off package. If accommodation is needed with the application and / or the interview process for applicants with disabilities, please contact Human Resources at ************. DLS is an E-Verify company. DLS is an equal employment opportunity employer. Qualified applicants will receive consideration without regard to age, race, religion, sex (pregnancy, sexual orientation, gender identity), national origin, or disability. We encourage all qualified applicants to apply. If you believe you have been discriminated against, please contact Barbara Ellison. You also have the right to file a charge of discrimination with the equal employment opportunity commission. Must be able pass a government background check, which will be completed before employment

Job DescriptionDefensive Cyber Operations Junior Analyst East Tennessee Research and Development facility with the Department of Energy seeks to hire a Junior Cyber Security Analyst to immediately support their Defensive Cyber Operations (DCO) team. This position's primary responsibility is to conduct event triage in a tiered operational security model while training in and supporting threat hunting and threat intelligence tasks. Responsibilities: Support the DCO environment in identification and analysis of threats in Security Incident and Event Management (SIEM) alerts, dashboards, and queries Resolve or escalate alerts/events/incidents as defined in DCO service level agreements according to level of severity Help develop advanced queries and alerts to detect adversary actions and compile detailed investigation and analysis reports for internal DCO consumption, and for delivery to management Work with the Emerging Threat team to capture intelligence on threat actor tactics, techniques, and procedures (TTPs) and leverage automated and manual countermeasures in response Work with the Threat Hunting team to perform hypothesis-driven hunts of the network for undetected threats Field customer requests for support ranging from potential phishing events to abnormal system activity Triage reports from DOE entities, CISA, and external penetration testers, and coordinate resolution with system administrators in keeping with BOD 18-01, 19-02, and 22-01 requirements Analyze suspicious links and attachments in a secure malware analytics platform as part of a comprehensive phishing analysis procedure Triage malware and anomalous activity alerts generated by an EDR system Requirements: Bachelor's degree in Computer Science or related field with 1-2 years of cyber operations work experience or an equivalent amount of education and experience Experience with ServiceNow, JIRA ServiceDesk, or other ticketing system Relevant certifications (GSEC, Security+, CEH, etc) preferred The position requires eligibility to obtain a DOE security clearance. Candidates with an Active Q Clearance or Top-Secret Clearance are a plus

SMS is seeking an Information Assurance/Security Specialists Journeyman working at Arnold Air Force base in Tennessee. The Air Force Test Center's (AFTC) Arnold Engineering Development Complex (AEDC) is a national aerospace ground test facility that conducts tests, engineering analyses, and technical evaluations for research, system development, and operational programs of the Air Force (AF) and Department of Defense (DoD), other Government agencies, and industry. As a dynamic systems integrator, SMS offers proven solutions in engineering, operations, cybersecurity, and digital transformation. With expertise in modernizing and optimizing legacy infrastructure and systems, ensuring operational efficiency, and designing, implementing, and managing secure environments, SMS supports business and mission goals with proficiency, quality, and integrity. SMS has been serving the advanced information technology needs of the federal government since 1976, delivering talented teams and innovative, cost-effective solutions and services to support our customers' missions for more than 45 years. SMS is headquartered in McLean, Virginia, with offices and on-site operations at customer locations throughout the United States. For additional information on SMS, visit ************ Submit your resume today! Responsibilities Perform vulnerability scans/assessments utilizing Tenable.SC and Nessus Ensure scheduled scans cover 100% of IP space and are being run successfully with credentialed scans. Responsible for developing System Security Plans and performing LRA Alternate duties as assigned Responsible for vulnerability scanning and correcting vulnerabilities on all BCITS managed systems, applications, networks, and connected systems/networks as required by the Authorization to Operate (ATO). Required to assist teams (internal and external) in maintaining systems at a CORA-Ready compliance level. Troubleshoot credential failure issues by performing configuration analysis against the target device Analyze and assist in the application of Security Technical Implementation Guides (STIGs) and Information Assurance Vulnerability Alerts (IAVAs). Qualifications Education Bachelor's degree in a related field Or equivalent years' experience Experience/Certifications 3-5 years in Cybersecurity/IA Experience with Gov't contracting is a plus Experience in creating/modifying Authority to Operate (ATO) packets to certify and accredit an information system. Experience with Local Registration Authority (LRA) preferred Understanding of Chosen Plaintext Attack (CPA) preferred Active CompTIA Security +CE certification Clearance Active DoD Secret Security Clearance SMS is a dynamic systems integrator established in 1976, delivering talented teams and innovative, cost-effective solutions and services to support our customers' missions for more than 47 years. Our ability to hire and retain quality people in a rapidly evolving IT market is proven through our employee retention rate averaging over 3 years. At SMS, we place a high value on quality of service, customer satisfaction, and best-of-breed policies and practices, resulting in CMMI Level 3 certification and ISO registrations including 9001:2015, 20000-1:2018, and ISO/IEC 27001:2013. SMS is headquartered in McLean, Virginia, with offices and on-site operations at customer locations throughout the United States. SMS is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

xAI's mission is to create AI systems that can accurately understand the universe and aid humanity in its pursuit of knowledge. Our team is small, highly motivated, and focused on engineering excellence. This organization is for individuals who appreciate challenging themselves and thrive on curiosity. We operate with a flat organizational structure. All employees are expected to be hands-on and to contribute directly to the company's mission. Leadership is given to those who show initiative and consistently deliver excellence. Work ethic and strong prioritization skills are important. All engineers are expected to have strong communication skills. They should be able to concisely and accurately share knowledge with their teammates. About the Role As a Physical Security Systems Engineer at xAI, you'll design, implement, and maintain advanced security systems to safeguard our facilities, assets, and personnel. Working onsite in Memphis, Tennessee, you'll tackle complex challenges, leveraging your deep expertise in security technologies to strengthen our infrastructure at a fast-scaling company. Expect to dive into system optimization, ensure robust protection, and travel regularly to xAI sites to support our mission of accelerating human scientific discovery through AI. This is an in-person role based in Memphis, Tennessee, with regular travel required to all xAI sites. Responsibilities Develop detailed design plans for the installation of physical security systems including access control, surveillance cameras, intrusion detection, and alarm systems. Collaborate with InfoSec, IT and facility management teams to integrate security hardware with existing systems across locations. Manage health and configuration of security network infrastructure Regularly assess the performance of installed security systems and make necessary adjustments or upgrades. Conduct preventive maintenance to ensure all security equipment is in optimal working condition. Diagnose and resolve hardware issues promptly to minimize downtime and security risks. Keep detailed records of all service and maintenance activities. Participate in or lead security audits to identify vulnerabilities in physical security measures. Recommend and implement solutions to address identified security gaps. Liaise with vendors for procurement of security hardware, ensuring compliance with organizational standards and budget constraints. Manage relationships with external contractors for installation and maintenance services. Train security and facility staff on the use of new security systems. Ensure all security hardware installations meet local, state, and federal regulations. Maintain up-to-date documentation on system configurations, maintenance schedules, and security incident responses. Required Qualifications Minimum of 5 years in a role focused on physical security systems design. Proven experience with CCTV, access control, and intrusion detection systems. Experience using CAD software and reading architectural drawings Experience using Bluebeam software Preferred Qualifications Bachelor's degree in Electrical Engineering, Computer Science, or related field; or equivalent experience in security systems. Ability to interpret security objectives, develop project schedules and manage adherence to established timetables. Familiarity with Genetec software is a plus. Proficiency in hardware troubleshooting and system diagnostics. Experience configuring security and network architecture in integrated security systems. Familiarity with current security technology trends and innovations. Certifications such as CPP (Certified Protection Professional) or PSP (Physical Security Professional) are highly desirable. Excellent problem-solving abilities and attention to detail. Strong communication skills for effective collaboration with team members and stakeholders. Ability to work under pressure in a dynamic environment on highly condensed timelines. Regular sitting at a desk or computer for extended periods, typing and writing. Occasionally walking, around the facility and standing. xAI is an equal opportunity employer. California Consumer Privacy Act (CCPA) Notice

Build an Aviation Career You're Proud Of At StandardAero, we use our ingenuity and know-how to find solutions for the simple to the most complex challenges in aviation. Together, we get the job done and done well. Our stability, resources, and respectful culture supports you in building a solid career with a great team you can count on day in and day out for the long term. Summary: As an IT Security Analyst position is a critical role in protecting StandardAero's business and technology operations. In this role you will be accountable in securing the enterprise technology and operations against an ever evolving and growing threat landscape. The role is an integral position in supporting StandardAero's global cyber-security defenses, providing tactical cyber security objectives and implementing the security strategy across the organization. What you'll do: Conduct risk and security assessments through vulnerability analysis and reporting Perform mitigation support for both internal and external security audits Investigate, analyze and document security incidents to identify and document the root cause Provides incident response support including mitigating actions to contain activity and facilitating forensics analysis when necessary Partner with IT Operation teams to remediate system vulnerabilities Participates in the production of documentation and management reporting Research security enhancements and make recommendations for improved policy and process Analyze IT requirements and provide objective advice on the use of new IT security offerings Stay up-to-date on information technology and cybersecurity trends and standards Other IT Security-related duties as required Capable of identifying, evaluating and mitigating significant risks within an enterprise. Strong working experience with Microsoft Office Suite. Strong oral and written communication skills and the ability to work well with people from many different disciplines with varying degrees of technical experience. Possess strong analytical skills attention to detail. Ability to prioritize assignments while working on multiple projects Ability to work independently and proactively to meet assigned objectives Flexible with the ability to multi-task, effectively prioritize and work under pressure Basic project management Design, implement, administer, support and maintain cybersecurity technology systems (Endpoint Protection, IDS/IPS, Web and Email Security, SIEM, Multi-Factor Authentication, Network Access Controls, DLP, etc.) Analyze, report and respond to security alerts within the various IT technologies and global locations Proactively remediate information technology security threats as a member of the security team Assist in the designing, documenting, architecting and implementing IT security measures and controls Provide support through ‘Threat Hunting' against anomalous behavior within the enterprise. Correlates activity across assets (endpoint, network, apps) and environments to identify patterns of anomalous activity Conducts log-based and endpoint-based threat detection to detect and protect against threats coming from multiple sources Threat mitigation; malicious code detection, response and prevention; operating system security oversight Minimum Qualifications: Bachelor's degree in Information Security, Computer Science, or a related field; equivalent experience may be considered. 5+ years of progressive experience in cybersecurity and IT, including hands-on security operations, threat detection, or engineering. 5+ years of experience in SIEM Administration, endpoint protection, vulnerability management tools, and security automation. 5+ years of experience of network and application security, threat actor tactics (MITRE ATT&CK), and incident response frameworks. 5+ years of experience working in regulated environments or with industry frameworks (e.g., NIST, ISO 27001, CIS, or CMMC). Preferred Qualifications: IT Security Certification, specifically GSEC, CEH, CISSO, CISA or CISSP, GCIA, OSCP and ITIL SDLC, and understand application security. Containerization and Development Security Operations Benefits that make life better: Comprehensive Healthcare 401(k) with 100% company match; up to 5% vested Paid Time Off starting on day one Bonus opportunities Health- & Dependent Care Flexible Spending Accounts Short- & Long-Term Disability Life & AD&D Insurance Learning & Training opportunities Raising the Standard of Excellence since 1911 With over a century of proven excellence, StandardAero has become an industry leader in MRO services and customized solutions in the aerospace field. Our shared values and learning-based culture inspire our team to exceed their potential and power our customers' missions worldwide. With on-the-job training, advancement opportunities, and excellent benefits, StandardAero invites you to experience a fulfilling and meaningful career with us. Inclusivity Is Our Standard It is StandardAero's policy to provide equal employment opportunities to all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran or disabled status, or genetic information. Our supportive environment celebrates diversity with no room for harassment or discrimination of any kind. We invite you to bring your authentic self to our team and experience our welcoming culture.

Support the Missile Defense Agency (MDA) with development and analysis of programmatic data for program management support, to include monitoring and reporting against the acquisition program baselines, and assistance with program oversight and execution briefings. Alternative responsibilities may encompass development and execution of acquisition strategies/plans, contract requirements packages (e.g., writing SOWs, CDRLs, special provisions, source selection evaluation plans) and supporting prime contract monitoring/management activities. CompTIA Certification Preferred. Certified Authorization Professional (CAP) certification (or ability to attain within 90 days after employment) Provide interpretation and execution of MDA Acquisition policy, directives, guidance, and instructions Provide program management support in developing, maintaining, and reporting against program baselines, gathering and analyzing programmatic data for internal Agency oversight reviews of programs (e.g., MDAR, DPR, PER, PMRs, internal reviews) Prepare briefings and correspondence in response to internal taskings and external RFIs (e.g., GAO/Congressional/DoDIG/DoD oversight organizations) Analyze acquisition requirements and provide recommendations during pre-solicitation phase through contract execution Support program and contract management processes through the preparation and/or review of acquisition and program management documentation, briefings, white papers, reports, metrics Provide support through all phases of the acquisition cycle with an emphasis on cybersecurity throughout the process Requirements Prior MDA experience preferred. Advanced level - Master's degree required and/or 15 years' experience Intermediate level - Bachelor's degree required and/or 10 years' relevant experience Knowledge and experience in acquisition, procurement, and contracting highly desirable Solid background in MS Office tools suite (e.g., Word, Excel, PowerPoint, Access) essential Must possess exceptionally strong communications and analytical skills, be a self-starter, detail oriented, work well with a team, interacts with multiple levels and functional areas and able to manage customer and contractor relationship SECRET or above Security Clearance required.

Description Summary: This role supports the advancement of the organization's Information Security Program, ensuring robust protection of customer, consumer, and proprietary data against evolving threats. The position is a key player with strategic initiatives, enforces corporate and regulatory compliance, and continuously enhances security posture through proactive risk management and visibility improvements. Essential Duties and Responsibilities: Support the security strategies aligned with organizational goals. Lead or serve as a key participant in audits, regulatory examinations, and vendor assessments. Ensure compliance with industry standards and regulatory requirements. Maintain InfoSec dashboards using Power BI to track key metrics and identify trends. Provide actionable insights to leadership for continuous improvement of security controls. Implement and optimize security measures to reduce network risk and enhance visibility. Continuously improve security controls, policies, and procedures to address emerging threats. Manage and audit intrusion prevention systems, SIEM, antivirus, vulnerability management, and content filtering solutions. Oversee patch management for operating systems, applications, and hardware. Partner with technology and compliance teams to resolve security issues and implement strategic initiatives. Manage Data Security Posture Management (DSPM) and Data Loss Prevention (DLP) tools and associated governance controls. Education and/or Experience Bachelor's degree or equivalent experience 5+ years in Information Security or IT Audit, with demonstrated leadership in security strategy and risk management. CISSP required Skills and Abilities Ability to assess, prioritize, and mitigate risks across complex environments. Strong experience with audit processes, regulatory examinations, and vendor risk assessments. Skilled in translating technical data into actionable insights for leadership Ability to demonstrate the highest level of ethical behavior and confidentiality and maintain confidentiality with sensitive information. Respectful demeanor toward other associates and managers that promotes a positive and professional work environment. FirstBank does not accept unsolicited resumes from agencies and staffing firms. Recruitment agencies and consultants may not submit resumes directly to managers. FirstBank will not pay fees to any third-party agency or company that does not have a signed agreement as an approved vendor. FirstBank in an Equal Opportunity Employer, including disability.

DESE Research, Inc. is excited for the opportunity to add an Information Systems Security Officer to our existing team. If you feel like you have the skills and qualifications for this position, please apply now! Job Details: The successful candidate will oversee day-to-day information system security operations including auditing hardware, software implementations, and risk assessments. The candidate will upkeep, monitor, analyze, and respond to network and security events. The candidate will ensure configuration management for security relevant IS software, hardware, and firmware are maintained and documented. The candidate will implement Risk Management Framework (RMF) security controls utilizing DISA Security Technical Implementation Guides (STIGs). Required Qualifications: * An active DOD Secret clearance * 5-10 years of experience in cyber security engineering/analysis, supply chain risk management, logistics, product management, program protection planning, or system security engineering * Experience with IS auditing and investigations * Knowledgeable of operating system security requirements * Hands-on experience with industry-standard Information Assurance tools * Security+ Certification * CompTIA CySA+ certification Required Education Qualifications: Bachelor's Degree in Cyber Security, an Engineering Discipline, Logistics, or Supply Chain Desired Qualifications: * Overall knowledge of Information Systems Security and ISSO duties * Working knowledge of system administration and network administration * Working knowledge of classified defense contracts * DoD 8570 IAM Level II Certification Why employee's love working for DESE: At DESE, we are committed to creating a company that is known for its respect and care for employee's. We understand that happy employees are what keeps our business going and we strive to provide the best opportunities for each individual working on our team! Here are a few reasons you will love working here: * Competitive salaries * Annual performance bonuses * Robust 401k profit sharing plan * Competitive health, dental & vision insurance with affordable premiums * Flexible work schedules * Two different flexible spending account options * Company paid life insurance & Accidental Death & Dismemberment * Education reimbursement program * Personal leave for approved philanthropic activities * Vacation, Sick & Holiday leave * Opportunities for internal promotions * Employee referral incentive program * Rewards and gifts for service anniversaries Disability Accommodation for Applicants - DESE Research, Inc. is an Equal Employment Opportunity employer and provides reasonable accommodation for qualified individuals with disabilities and disabled veterans in its job application procedures. If you have any difficulty using our online system and you need an accommodation due to a disability, you may use the following alternative email address or phone number to contact us about your interest in employment with us: ********************** or ************x123.