Security engineer jobs in Springdale, AR - 619 jobs

Title: Sr Information Security Analyst Salary: $100K Job Summary: As a member of the Information Security team, responsibilities include manages and mitigates information security risk by identifying, evaluating, assessing, designing, monitoring, administering, reporting and implementing systems, policies and processes. Provides information security risk insight and guides management on information security risk issues and serves as advisor to peers, team members and management. Minimum Education: Bachelor's degree in Computer Science, MIS, Computer Engineering, Cyber Security or related discipline. Licensure, Registration and/or Certification: One or more of the following certifications are preferred: Certified Information Systems Security Professional (CISSP) Certified in Risk and Information Systems Control (CRISC) Certified Information Systems Auditor (CISA). Work Experience: 3 - 4 years related experience inclusive of two years working directly in an Information Services department and previous experience with HIPAA/PHI compliance programs, policies, procedures, risk assessments and audits. Knowledge, Skills and Abilities: In-depth knowledge of cyber security methodology and security practices. Knowledge of HIPAA, PCI, SOX, ISO and NIST cybersecurity frameworks. Knowledge of intrusion detection and intrusion prevention systems, penetration and vulnerability testing. Knowledge of data loss prevention, anti-virus and anti-malware software tools. Knowledge of computer networking, TCP/IP, routing and switching, network protocols and packet analysis tools. Knowledge of Windows, UNIX and Linux operating systems. Excellent problem solving and analytical skills. Excellent written and oral communication skills. Excellent organizational and interpersonal skills. Ability to work independently as well as in a team setting. Essential Functions and Responsibilities: Define, implement, and enforce information security policies, strategies, and procedures that align with healthcare laws and regulations, such as HIPAA. Conduct and/or support targeted risk assessment. Determine significant risk points and exercise process for risk assessment and risk acceptance. Review assessment results for vulnerabilities, gaps, control deficiencies, and work with key stakeholders to establish plans for sustainable resolution. Maintain an effective information security awareness program and educate internal teams on best practices. Ensures that business and clinical software applications include adequate information and security controls. Establish and maintain metrics based on the information security framework..

Leidos National Security Sector combines technology-enabled services and mission software capabilities in the areas of cyber, logistics, security operations, and decision analytics to support our defense and intel customers' mission to defend against evolving threats around the world. Our team's focus is to ensure our customers have the right tools, technologies, and tactics to keep pace with an ever-evolving security landscape and succeed in their pursuit to protect people and critical assets. The Intelligence Production Solutions Division (IPSD), part of the Decision Advantage Solutions Business Area, is currently seeking a Mid-Level Systems Engineer for the Chinook Program. As part of a highly skilled team, you will play a critical role in delivering geospatial intelligence (GEOINT) capabilities through innovative systems engineering practices, directly supporting the Customer's mission to provide timely, relevant, and accurate intelligence to national decision-makers and warfighters. Position may be performed in the following locations below. Please note Gaithersburg, MD is the program's primary work location. Gaithersburg, MD Alexandria, VA Chantilly, VA Aurora, CO St. Louis, MO Tucson, AZ Clearance Level Required: Top Secret with SCI eligibility and able to obtain a Polygraph. Primary Responsibilities: Support system architecture design, requirements development, integration planning, and configuration management. Provide engineering expertise for mission systems across the full system lifecycle from concept through deployment and sustainment. Collaborate with stakeholders across the Customer's and contractor teams to ensure interoperability, scalability, and mission alignment. Evaluate and recommend tools, techniques, and processes for system development and integration. Develop and maintain technical documentation, including system interface control documents (ICDs), and engineering reports. Participate in technical reviews, readiness assessments, and milestone events. Conduct analysis of system performance and provide recommendations for optimization. Basic Qualifications: US citizenship is required per contract. Bachelor's degree in Systems Engineering, Computer Science, or related field and 4-8 years of prior relevant experience or Master's with 2-6 years of prior relevant experience. Strong understanding of systems engineering principles, including requirements management, integration & test, and configuration control. Familiarity with Model-Based Systems Engineering (MBSE) tools and methodologies (e.g., Cameo, Sysml). Experience working in a DoD or Intelligence Community (IC) environment. Proficiency with Atlassian tools (JIRA, Confluence), Microsoft Office Suite, and collaboration platforms. Excellent written and verbal communication skills. Preferred Qualifications: Systems Engineering Professional (SEP), INCOSE, CISSP, Security+ certification, or similar credentials. Experience supporting the Customer's programs or working with the GEOINT lifecycle. Knowledge of cloud-based architectures (AWS, C2S) and DevSecOps environments. Familiarity with Agile and SAFe methodologies. Experience supporting GEOINT missions. At Leidos, we outthink, outbuild, and outpace the status quo - because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Original Posting: November 21, 2025 For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above. Pay Range: $87,100.00 - $157,450.00 The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law. About Leidos Leidos is an industry and technology leader serving government and commercial customers with smarter, more efficient digital and mission innovations. Headquartered in Reston, Virginia, with 47,000 global employees, Leidos reported annual revenues of approximately $16.7 billion for the fiscal year ended January 3, 2025. For more information, visit *************** Pay and Benefits Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available at ************************************ Securing Your Data Beware of fake employment opportunities using Leidos' name. Leidos will never ask you to provide payment-related information during any part of the employment application process (i.e., ask you for money), nor will Leidos ever advance money as part of the hiring process (i.e., send you a check or money order before doing any work). Further, Leidos will only communicate with you through emails that are generated by the Leidos.com automated system - never from free commercial services (e.g., Gmail, Yahoo, Hotmail) or via WhatsApp, Telegram, etc. If you received an email purporting to be from Leidos that asks for payment-related information or any other personal information (e.g., about you or your previous employer), and you are concerned about its legitimacy, please make us aware immediately by emailing us at *****************************. If you believe you are the victim of a scam, contact your local law enforcement and report the incident to the U.S. Federal Trade Commission. Commitment to Non-Discrimination All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws. #J-18808-Ljbffr

At Boeing, we innovate and collaborate to make the world a better place. We're committed to fostering an environment for every teammate that's welcoming, respectful and inclusive, with great opportunity for professional growth. Find your future with us. We are Boeing Global Services (BGS) Engineering team creating and implementing innovative technologies that make the impossible possible and enabling the future of aerospace. We provide engineering design and support, including aftermarket modifications, and are innovating to make product and services safety even stronger. Join us and put your passion, determination, and skill to work building the future! #TheFutureIsBuiltHere #ChangeTheWorld BGS is currently seeking to hire an Air Dominance Systems Engineer (Product Manager): F-15 USAF Government Training Engineering (GTE) Product Manager located in Berkeley, Missouri or Hazelwood, Missouri. The selected candidate will join the GTE F-15 USAF Office of the Chief Engineer (OCE) and will be responsible for the design, development, manufacture, integration, testing, delivery and maintenance of pilot and maintenance training devices for a program in the F-15 USAF portfolio. The Air Dominance Systems Engineer (Product Manager) is responsible for managing the entire product life cycle across all engineering teams required to produce the final product. Your role includes project management, technical leadership and a strong desire to get the job done. You will be collaborating with the engineering teams and program management to maintain a common vision and deliver winning products. Our teams are currently hiring for a broad range of experience levels including; Senior or ConsultantAir Dominance Systems Engineer (Product Manager). Special Program Access or other Government Access Requirements may be required for this position. Position Responsibilities: Primary point of contact for all engineering aspects of the product Collaborate with the technical leadership team consisting of Chief engineers, system architects and other product managers Manage product release schedules and release activities Define plans for risk mitigation and opportunity Play an integral role in the development of the Statement of Work (SOW) and estimates to meet the requirements of our customers Coordinate with program management and engineering teams to develop and maintain execution plans Track execution progress and provide guidance for adjustments where necessary Work with the supplier management team to monitor and track supplier performance Identify risks, issues, and opportunities, and develop mitigation or execution plans Ensure the product is complete prior to delivering to the customer Basic Qualifications (Required Skills/Experience): Bachelor of Science degree from an accredited course of study in engineering, engineering technology (includes manufacturing engineering technology), chemistry, physics, mathematics, data science, or computer science 9+ years of industry experience to include: 3+ years of experience leading teams in a formal and/or informal role and 5+ years of experience in engineering project management Experience developing and tracking program plans/schedules and budgets for technical projects Preferred Qualifications (Desired Skills/Experience): 14 or more years' related work experience or an equivalent combination of education and experience 5+ years of experience leading teams in a formal and/or informal role 7+ years of experience in engineering project management Cost account management and/or earned value management experience Risk management experience Proficient with Excel, Work, PowerPoint Experience with Microsoft Project Experience with Training Systems and/or Boeing military aircraft platforms Experience working within a SAFe Agile team Drug Free Workplace: Boeing is a Drug Free Workplace where post offer applicants and employees are subject to testing for marijuana, cocaine, opioids, amphetamines, PCP, and alcohol when criteria is met as outlined in our policies. Pay & Benefits: At Boeing, we strive to deliver a Total Rewards package that will attract, engage and retain the top talent. Elements of the Total Rewards package include competitive base pay and variable compensation opportunities. The Boeing Company also provides eligible employees with an opportunity to enroll in a variety of benefit programs, generally including health insurance, flexible spending accounts, health savings accounts, retirement savings plans, life and disability insurance programs, and a number of programs that provide for both paid and unpaid time away from work. The specific programs and options available to any given employee may vary depending on eligibility factors such as geographic location, date of hire, and the applicability of collective bargaining agreements. Pay is based upon candidate experience and qualifications, as well as market and business considerations. Summary pay range Senior (Level 4): $119,850 - $162,150 Summary pay range Consultant (Level 5): $147,050 - $198,950 Applications for this position will be accepted until Jan. 27, 2026 Export Control Requirements: This position must meet U.S. export control compliance requirements. To meet U.S. export control compliance requirements, a "U.S. Person" as defined by 22 C.F.R. §120.62 is required. "U.S. Person" includes U.S. Citizen, U.S. National, lawful permanent resident, refugee, or asylee. Export Control Details: US based job, US Person required Education Bachelor's Degree or Equivalent Required Relocation This position offers relocation based on candidate eligibility. Security Clearance This position requires the ability to obtain a U.S. Security Clearance for which the U.S. Government requires U.S. Citizenship. An interim and/or final U.S. Secret Clearance Post-Start is required. This position requires ability to obtain program access, for which the U.S. Government requires U.S. Citizenship only. Visa Sponsorship Employer will not sponsor applicants for employment visa status. Shift This position is for 1st shift Equal Opportunity Employer: Boeing is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, genetic factors, military/veteran status or other characteristics protected by law.

Oversees and coordinates all information security staff and activities to ensure the firm's overall information assets are adequately protected. Oversees the planning, coordinating and implementing of information security programs in order to maintain information integrity and protect against all cybersecurity threats. Interacts with other individuals in the firm in a problem-solving and team-building manner. Oversees, develops and maintains the Firm's ISO 27001 Program, and operation objectives. Manages the development and cost effective solutions to maintain the integrity of system information while allowing business operations to continue in the event of any type of business interruption. Assists in audits of the Information Security program as needed at the request of management. Uses leadership skills to train, motivate and direct assigned staff. Provides technical expertise in the selection, testing, implementation and deployment of information security systems. Provides technical guidance and direction in information security monitoring, assessment, auditing and testing. Defines, develops and implements the firm's Information Protection Program security policy. Works with the Director of Information Security and Risk Management to develop methods of improving department workflow, customer satisfaction and employee efficiency. Assists in determining department work procedures, plans, assigns and directs work as necessary. Monitors employee workflow and makes adjustments as necessary to ensure customers' needs are addressed in a timely and efficient manner. Monitors and audits analyst(s) work product, reviews and communicate results with employee and provides advice. Coordinates training of staff to ensure work meets/exceeds performance expectations within a reasonable time frame. Oversees department projects, ensuring that procedures are followed and objectives are accomplished according to schedule. Responsible for conducting, coordinating, testing, implementing, deploying, and operational maintenance of all information security systems, applications, appliances and devices throughout the firm. Responsible for assessing, recommending, developing, implementing and maintaining the firm's information security infrastructure and security standards. Lead for security risk assessments and penetration studies of networks. Recommends solutions for security vulnerabilities and takes corrective measures and/or applies security patches when appropriate. Installs, monitors, maintains and upgrades virus detection applications/tools to ensure computer codes, viruses, and worms are blocked or eradicated when detected. Analyzes problematic security log entries from security servers and routers, provides technical solutions to issues and security breaches. Is on call to respond to security incidents or disaster recovery and business continuity operations. Maintains advanced knowledge of the firm's Information Security posture, goals and objectives. Supervises the Information Security Engineers. Is responsible for the overall direction, coordination, and evaluation of designated employees in this category. Carries out supervisory responsibilities in accordance with the organization's policies and applicable laws. Responsibilities include interviewing, hiring, and training employees; planning, assigning, and directing work; appraising performance; rewarding, coaching, and disciplining employees; addressing complaints and resolving problems.

CompanyFederal Reserve Bank of Kansas CityWhen you join the Federal Reserve-the nation's central bank-you'll play a key role, collaborating with leading tech professionals to strengthen and protect our economic, financial and payments systems. We invest in contemporary and emerging technology each year to support the Federal Reserve and our economy, and we're building a dynamic and diverse team for our future. Important Information Open to US citizens, Green Card holders or Permanent Residents with at least 3 years of residency, with the intent to become a US citizen. No sponsorship is available. Candidates must have valid work authorization, without an end date, to be considered. This position requires working on-site, in Kansas City, Denver, Oklahoma City, or Omaha, with 5 days per month remote work flexibility. This position is not eligible to be remote and relocation assistance is not available. We are seeking cybersecurity professionals to join our Information Security team as a security specialist focused on operating our DevSecOps program according to standards and policies. This will be done through close partnership with peers in FRB Kansas City and other Reserve Banks across the System. It will also require healthy relationship building and tight integration with development teams. Additionally, you'll partner with business areas, vendors, and our diverse network of professionals to identify, implement, and support security across the organization. Candidates with strong understanding and experience in cloud environment deployments, information security, data management, low-code and no-code solutions, DevSecOps, and artificial intelligence will be ideal. Key Activities Interpret and evaluate policies in order to mature and implement the DevSecOps program. Assess maturity of development teams' DevSecOps practices against an existing framework. Proactively advocate for and drive enhancements into the program. Identify gaps/opportunities for enhancements to workflows and processes for enhancing the software development lifecycle (SDLC). Implement and consults on secure continuous integration and continuous delivery (CI/CD) pipelines, evaluating code and/or applications, or creating code to facilitate the process. Monitors information security policy compliance using security tooling. Evaluate and implement security products and/or processes to enhance productivity and effectiveness for various platforms and initiatives. Provide technical expertise and support to internal teams on security-related matters. Collaborate with cross-functional teams to integrate security measures into existing software applications and infrastructure. Stay current with emerging technologies, industry trends, and best practices in cybersecurity to enhance our security posture. Support leadership decision making through timely analysis and written communications. Qualifications Typically requires 3-6 years of relevant experience. Bachelor's Degree in Technology, Engineering, Computer Science, Information Systems, Cybersecurity or other related field or equivalent work experience. Strong competence in cloud technologies such as AWS, Azure, and other platforms. Expert understanding of DevSecOps practices, frameworks, and tools. Expertise with tool integration for the DevOps pipeline such as Git. Combines and organizes information into meaningful patterns; identifies underlying relationships, causes and effects; and combines pieces of information to form conclusions or general rules. Rapidly acquires new knowledge and learns new skills, and practices agile methodologies to planning and accomplishing work. Conveys complex and technical issues to diverse audiences. Demonstrated competencies with artificial intelligence are beneficial. Working knowledge of Terraform, Ansible, Cloud Formations, AWS Config, AWS Inspector, Guard Duty and others. Strong knowledge of software development languages, tools and techniques such as Python, JSON, YAML, and Java Technical expertise in security tools and knowledge of security practices and procedures. A learning mindset, proactiveness, collaboration, and strong attention to detail. Additional Information How We Work (HWW): On-site: 5 days per month remote work flexibility Locations: Kansas City, Denver, Oklahoma City, Omaha Remote Eligible: No Relocation Assistance: No Salary: $79,100 - $111,500 / Experienced Level $98,600 - $139,000 / Senior Level Final offers are determined by factors including the candidate's qualifications, internal alignment considerations, district assignment, and geographic location. Screening: US citizens, permanent residents with the intent to become a US citizen with at least three or more years of United States residency from the date of legal entry to the United States is required for this position. This position has additional screening requirements due to the information accessed while performing the job. These additional screenings would be initiated at the time of offer acceptance and can take up to a couple of months to be completed. You can begin work before the screening is completed; however, continued employment is contingent on acceptable screening results. The areas screened may include education/employment verification, criminal history, credit history, and reference checks. Sponsorship: The Federal Reserve Bank of Kansas City will not sponsor a new applicant for employment authorization for this position. Applicants must be currently authorized to work in the United States without the need for visa sponsorship now or in the future. About Us Total Rewards & Benefits Who We Are What We Do Follow us on LinkedIn , Instagram, X (formerly Twitter) , and YouTube #KCFedIT Full Time / Part TimeFull time Regular / TemporaryRegularJob Exempt (Yes / No) YesJob CategoryInformation Technology Family GroupWork ShiftFirst (United States of America) The Federal Reserve Banks are committed to equal employment opportunity for employees and job applicants in compliance with applicable law and to an environment where employees are valued for their differences. Always verify and apply to jobs on Federal Reserve System Careers (************************************* or through verified Federal Reserve Bank social media channels. Privacy Notice

The Cyber Security Operations Analyst is primarily responsible for monitoring the front lines of the company's cyber defense program, helping to protect critical systems and data from potential threats, responding to reported security violations, analyzing internet access, connectivity and threats (virus protection, spam, etc.) DUTIES AND RESPONSIBILITIES The following represents the majority of the duties performed by the position but is not meant to be all-inclusive nor prevent other duties from being assigned when necessary. 1. Complies with DOT and OSHA health, safety and environmental requirements and follows safety philosophy and procedures developed by the Company including: applicable environmental, health and safety rules, procedures, and accepted safe work practices, the use of appropriate personal protective equipment and safety systems, and the reporting of workplace hazards and injury or illness arising from workplace activities; observes the workplace to identify conditions or behaviors that should be corrected and takes appropriate action. 2. Monitors Security Information and Event Management (SIEM) alerts, firewall logs, intrusion detection systems, and network activity for suspicious behavior including public and private threat intelligence sources for emerging risks; analyzes internet access, connectivity logs, and alerts related to virus protection, spam, and suspicious behavior including user account activity providing reports on potential anomalies. 3. Conducts daily security log reviews and assists in identifying potential threats; summarizes and shares relevant alerts with the cybersecurity team. 4. Monitors incoming security tickets and alerts; documents and triages security incidents, escalating to senior analysts as needed; assists with evidence collection and incident tracking. 5. Performs scheduled vulnerability scans, analyzes findings, and maintains remediation tracking logs; assists with patch management processes including deployment, tracking, and reporting. 6. Assists with internal and external audits by collecting necessary documentation and evidence. 7. Maintains regulatory compliance documentation as required by TSA, DOT, O SHA, etc.; creates and updates procedural documents, runbooks, security playbooks, and knowledge base articles. 8. Documents all incidents, assessments, and routine checks to support audit readiness and knowledge transfer; manages project tracking logs. 9. Assists with the configuration and maintenance of endpoint protection, firewall settings, and other cybersecurity tools under guidance. 10. Reviews vendor solutions and compiles initial summaries for team consideration; maintains security-related inventories, software licenses, and access lists. 11. Assists with development and dissemination of basic cybersecurity awareness content for end users; tracks completion of required security training and assists with scheduling refresher sessions. 12. Participates in a scheduled on-call rotation for after-hours and weekend security support. REQUIREMENTS · Associate's degree or the equivalent in experience in Cyber Security, Information Technology or related field and a minimum of two (2) years of prior experience in cybersecurity, IT support, or SOC environment. Internship or hands-on training in networking, firewalls, or security systems preferred. Certification such as CompTIA Security+, CASP+, or CEH (preferred or in progress). Knowledge, Skills and Abilities · Ability to actively engage in safe behavior and understand and follow the principles and methods related to pipeline and workplace safety as established by the Company. · Knowledge of emergency and safety procedures, policies procedures, equipment operating parameters, and all applicable DOT, EPA, FERC, DHS, and OSHA requirements. · Knowledge of Active Directory, Exchange, SharePoint, CISCO routing and switching configuration. · Knowledge of firewall and network security and IDS (intrusion detection systems), and network management tools. · Knowledge of TSA security requirements and regulations. · Knowledge of identity management processes and procedures. · Skill in project management. · Ability to manage, track and analyze information. · Ability to effectively work and cooperate with supervisors, co-workers, and vendors. · Ability to follow corporate policies and the directions of supervisors. · Ability to refrain from causing or contributing to the disruption of the workplace.

Role: Ethical Hacker Duration: 6+ Months BGV will be done for the selected candidates. 1. Actively hack the sprint.com website with a fraudster mindset: 2. Perform url manipulation o Break process flow to bypass security/business checks o BruteForce attacks o Account Takeover o Data Breaches 3. Identify and Remediate currently exploited vulnerabilities: o Determine abuse tactics used by fraudsters o Put in quick remediation efforts by webserver blocks or code update o Re-test and validate long term fix 4. Request and evaluate application vulnerability scans: o Work directly with corp sec to initiate scans o Analyze the results and perform or provide recommended fix to impacted party o Provide data and reports to IT compliance/auditors 5. Support .com web application firewalls o Monitor/Manage/Configure security on .com webservers o Work with network team to configure and evaluate F5 security modules Perform coding changes in .com applications as needed Please respond with your word resume and requested details: Full Name : Work Authorization: Contact Number : Email ID : Skype ID: Current location: Willing to relocate : Rate/hr : Additional Information All your information will be kept confidential according to EEO guidelines.

Role: Ethical Hacker Duration: 6+ Months BGV will be done for the selected candidates. 1. Actively hack the sprint.com website with a fraudster mindset: 2. Perform url manipulation o Break process flow to bypass security/business checks o BruteForce attacks o Account Takeover o Data Breaches 3. Identify and Remediate currently exploited vulnerabilities: o Determine abuse tactics used by fraudsters o Put in quick remediation efforts by webserver blocks or code update o Re-test and validate long term fix 4. Request and evaluate application vulnerability scans: o Work directly with corp sec to initiate scans o Analyze the results and perform or provide recommended fix to impacted party o Provide data and reports to IT compliance/auditors 5. Support .com web application firewalls o Monitor/Manage/Configure security on .com webservers o Work with network team to configure and evaluate F5 security modules Perform coding changes in .com applications as needed Please respond with your word resume and requested details: Full Name : Work Authorization: Contact Number : Email ID : Skype ID: Current location: Willing to relocate : Rate/hr : Additional Information All your information will be kept confidential according to EEO guidelines.

**Job Opportunity is actually with a company called Western Farmers Electric Cooperative (WFEC)** Under the general supervision of the Supervisor, IT Infrastructure, the Cyber Threat Analyst performs monitoring and analysis of cyber threats to assist in the defense of WFEC cyber systems and operations. The incumbent will curate and triage intelligence from multiple cyber intelligence sources and will inform the security operations with timely and relevant TTPs, IOCs, and context. The incumbent will generate reports for upper management based on data, information, and intelligence. The incumbent must understand the MITRE ATT&CK framework and be able to integrate the framework in the reporting. The Cyber Threat Analyst will develop and document threat hunt activities based on intelligence, scenarios, and observations. The incumbent develops, maintains, and supports systems that provide collection capabilities and telemetry information to the organization. In addition, the incumbent performs troubleshooting, installation, and maintenance on equipment and software systems related to NERC CIP. The incumbent performs change management and configuration activities, security controls testing, system baseline activities, vulnerability testing and analysis, and network traffic analysis to ensure system reliability and security. The incumbent participates in in-house, regulatory, and industry teams, including working groups, committees, incident response teams, and business continuity teams as required. Also, the incumbent participates in exercises that test policies, procedures, and skills which are required by business and critical operations. The incumbent responds to anomalous events that will require analysis and will have to synthesize and correlate complex events to ensure operational security.

Kanshe Infotech is Consulting Firm Which Provides World online training. Online Training (Remote Training + Real-time exp) available. Our training is more than just hours of lecture, we believe in student engagement, motivation and knowledge sharing as tools for success and we do it with great dedication and precision. We offer online training that clearly stands out of the group, sign up for a demo session. Job Description Our Training Features: · You will receive top quality instruction that Kanshe Infotech is famous for Online IT training. · Trainees will receive immediate response to any training related queries, either technical or otherwise. We advise our trainees not to wait till the next class to seek answers to any technical issue. · Training sessions are conducted by real-time instructor with real-time examples. · Every training session is recorded and posted to the batch after each weekend class. · We are offering online training on Cyber Security. . Provide OPT Stem Ext.: Guidance and support for applying for the 24-month OPT STEM extension Help with OPT Employment letter: Help with drafting and obtaining OPT employment letters that meet USCIS requirements. · We provide training in technology of your choice. · Good online training virtual class room environment. · Highly qualified and experienced trainers. · Professional environment. · Special interview training · Training for skill enhancement. · Study material and Lab material provided. · E-Verified company. If you are interested or if you know anyone looking for a change, please feel free to call or email me for details or questions. I look forward to seeing resumes from you or your known and highly recommended candidates. Thanks Additional Information All your information will be kept confidential according to EEO guidelines.

Job Description Assignment Overview: The senior Contractor CI Cyber Threat Analyst will ensure all required reports are complete with minimal errors and that all processes, activities, and reports are conducted within established time frames. will also ensure analysts are trained in and follow current standard operating procedures. They will contribute to the following annual production requirements: Duties: Produce weekly actionable Technical CI (Cyber) status reports in collaboration with teammates, NGA partners and intelligence community peers, as necessary. Provide relevant input for the CI Cyber Branch to create 36 weekly cyber status reports, each report due NLT 0800 each Monday morning. Status reports will include (as applicable): Threat data collected and reported by NGA Technical CI team and network security personnel. Intelligence reported by the Intelligence Community. Fusion of all source threat analysis derived from multiple intelligence sources (INTs). Imagery when available. Information that can be used to inform security decisions. Produce monthly Technical CI threat reports in collaboration with teammates, NGA partners and Intelligence Community peers as necessary. Provide a monthly threat report for the months not falling on the quarterly report month or the annual report month. Provide relevant input for the CI Cyber Branch to create 8 monthly reports, each report due NLT 5th day of each applicable month. Threat reports should include: Compilation of data collected and reported in weekly products. Intelligence reported by the Intelligence Community. Fused All Source threat analysis derived from multiple INTs. Imagery when available. Depiction of Technical CI threat(s) to NGA to inform security decision makers. Produce quarterly Technical CI threat reports in collaboration with teammates, NGA partners and Intelligence Community peers as necessary. Provide relevant input for the CI Cyber Branch to create three quarterly reports, each report due NLT 5th day of January, April, and July. Threat reports should include: Compilation of data collected and reported in weekly and monthly products. Intelligence reported by the Intelligence Community. Fused All Source threat analysis derived from multiple INTs. Include imagery when available. Depiction of Technical CI threat(s) to NGA to inform security decisions. Produce relevant input to the CI Cyber Branch annual Cyber Threat Assessment in collaboration with teammates, NGA partners and Intelligence Community peers as necessary. The annual Cyber Threat Assessment is due NLT 1 1 December. Threat studies should include: Compilation of data collected and reported in Intelligence Information Reports (IIRs) and quarterly products. Raw and finished Intelligence reported by Intelligence Community. Fused All Source threat analysis derived from multiple INTs. Include imagery when available. Analytic judgments, intelligence gaps, and overall technical threat(s) to NGA. Produce IIRs from data collected and reported by either the Technical CI team, NGA cyber security personnel, or partner agencies. Provide a minimum of 9 IIRs within Fiscal year. Effective IIR writing requires: Coordination with teammates and stakeholders to ensure accuracy of reported information. Cross referencing local information reporting with Intelligence Community reporting. Clear and concise writing to briefly convey threat. Responsiveness to Intelligence Community priority collections requirements. Timeliness. Perform inquiries of anomalous activity using automated investigative tools (For example: M3, Palantir, TAC, ARCSIGHT, RSA Security Analytics, CCD, QLIX, TIDE, or Criss Cross). Provide Technical CI advise and expertise in support of CI inquiries, operations and issues. Develop leads by detecting anomalous activity, conducting open source and classified research, and liaison with internal and external partners. Conduct research, evaluate collection, and perform analysis on Technical CI intelligence topics of interest to leadership, analysts and customers. Demonstrate an ability to draw high-quality, appropriate and objective conclusions from information in a timely manner. Research, analyze, and synthesize All-Source data to identify patterns, commonalities, and linkages. Demonstrate current subject matter expertise on Technical CI issues, threats and trends. (For example: Cyber threats and Technical Surveillance threats). Demonstrate and master the ability to self-edit and produce clearly written, properly sourced and grammatically correct intelligence products that adhere to established style guide and template standards. Demonstrate proficiency in use of bottom-line-up-front (BLUF) writing. Display an ability to collaborate with internal NGA and external IC/Cyber community members. Coordinate CI Cyber activities originating from Enterprise Incident Response Events. Conduct liaison between CI Office, Insider Threat, Cyber Security Operations Center (CSOC), other NGA Offices, and IC/DoD partners as applicable to conducting the CI Cyber Mission. Perform threat analysis, threat forecasts, threat alerts, and recommend countermeasures. Skills and Experience Required: Shall possess a minimum of 11 years Threat Analysis experience, of which at least 5 of those years include Technical Threat Analysis experience or cyber investigations. Possess or obtain certification to comply with DoD 8570.01-M Information Assurance (IA) requirements within one calendar year of assignment at the sole expense of the vendor. Shall possess or obtain and maintain IA II certification. See DoD 8570.01-M for acceptable certifications for each IA level. Desired: Be a credentialed graduate of an accredited federal or DoD CI training academy. Possess a Bachelor's degree in Science, Technology, Engineering, or Mathematics disciplines. Possess post-graduate degree in Science, Technology, Engineering, or Mathematics disciplines. Possess knowledge and understanding of foreign adversaries' security and intelligence services, terrorist organizations, and threats posed to US Gov. Experience translating Government vision into understandable and achievable measures. Experience in using supervisory skills to coach teammates to achieve objectives. Monitor and track progress toward achievable measures.

The most security-conscious organizations trust Telos Corporation to protect their vital IT assets. The reputation of our company rests on the quality of our solutions and the integrity of our people. Explore what you can bring to our solutions in the areas of cyber, cloud and enterprise security. Be a part of the Telos culture and see what sets us apart! Telos offers an excellent compensation package with benefits that include generous paid time off, medical, dental, vision, tuition reimbursement, and 401k. Our employees enjoy more than just a great work environment! This position will be based at McConnell AFB, KS. Responsibilities: We are seeking a Subject Matter Expert (SME) to support the Air Force Information Network (AFIN), a multibillion-dollar global initiative ensuring secure, high-speed communications infrastructure for the Department of the Air Force (DAF). The SME will serve as the technical lead for the integration and deployment of Illumio solutions within the Air Force Network (AFNET) to support the Department of Defense (DoD) Zero Trust Architecture (ZTA). This role will focus on micro-segmentation, network mapping, and maintaining a secure environment through the Illumio Policy Compute Engine (PCE) and Virtual Enforcement Node (VEN) on NIPR and SIPR networks. The SME will provide subject matter expertise, assist with installation, provide tiered support, and ensure the system's cybersecurity posture is maintained and updated with the latest patches, upgrades, and security rules. Key Tasks & Responsibilities: • Install, reinstall, upgrade, or advise on configuring the Illumio Policy Compute Engine (PCE) and Virtual Enforcement Node (VEN) across NIPR and SIPR networks. • Provide guidance on traffic analysis, micro-segmentation, and write security rules to prevent adversary lateral movement and optimize application/workload security. • Oversee project management, providing advice to the Air Force management team on best practices for Illumio deployments. • Build and deploy Open Virtualization Appliances (OVA) and assist in maintaining the ITF (Integration Test Facility) environment to ensure system stability. • Maintain and sustain the cyber security posture of Illumio deployments. • Test and validate patches, upgrades, and security controls in lab environments prior to fielding. • Ensure the Authority to Operate (ATO) is continuously updated in accordance with STIG (Security Technical Implementation Guides) requirements and remediate vulnerabilities. • Provide in-person Type 1, over-the-shoulder training and hands-on experience for Air Force personnel using Illumio. • Offer local Tier 3 and Tier 4 support for ongoing operations, troubleshooting, monitoring, and management of Illumio installations. • Develop best practice operational procedures and runbooks for ongoing Illumio maintenance, including backup/restore, cold standby PCE, and system rebuilds. • Work on system integrations, including Syslog/SIEM and Single Sign-On (SSO). • Develop a labeling schema and deployment methodology using Air Force automation frameworks and Illumio best practices. • Provide Tier 3 support for the Illumio suite, ensuring rapid response and resolution of system issues. • Prepare and maintain detailed project documentation, reports, and metrics. • Author Illumio policy frameworks for core data center services, administrative access, and traffic management (egress, IP lists, multi-tenant workloads). • Develop Illumio-specific API scripts to optimize operational services. • Assist with technical reviews, change preparations, and customer framework integration. Requirements Desired Education & Experience: • Bachelor's degree in Systems Engineering, Computer Science, or a related field • 4+ years of hands-on experience in network engineering and firewall management • 4+ years of experience with cloud networking and virtualization technologies (e.g., VMware) • Expert skills to install/reinstall/upgrade or advise on the tasks required to place the Illumio Policy Compute Engine and Virtual Enforcement Nodes • Subject matter expertise on Illumio micro segmentation to provide consulting to customer throughout integration into its service set. • Expert skills in required to develop Illumio labeling and policy design Minimum Certification Requirements: • Information Assurance (IA) Technician (IAT) Level II (DODM 8140) Potentially Required Certification(s): • Illumio Core Expert, Certification • CompTIA Network+ Certification Security Clearance: • Valid DoD Secret clearance is required. Additionally, NATO Secret and/or DoD Top Secret/SSBI clearances, favorably adjudicated for SCI eligibility, are required at certain locations The successful candidate must meet eligibility requirements to access sensitive information, which requires US citizenship. Telos maintains a drug-free workplace and will conduct drug testing on all applicants who have accepted an offer of employment. Telos Corporation participates in the E-Verify program. Therefore, any employment with Telos will also be contingent upon confirmation from the Social Security Administration ("SSA") and/or the Department of Homeland Security ("DHS") of your authorization to work in the United States. Telos offers excellent compensation packages including salary commensurate with experience and benefits to meet your needs for today and the future. Telos Corporation and its subsidiaries are committed to equal opportunity for all, without regard to race, religion, color, national origin, citizenship, sex, sexual orientation, gender identity, age, veteran status, disability, genetic information, or any other protected characteristic. Telos Corporation will make reasonable accommodations for known physical or mental limitations of otherwise qualified employees and applicants with disabilities unless the accommodation would impose an undue hardship on the operation of our business. If you are interested in applying for an employment opportunity and feel you need a reasonable accommodation pursuant to the ADA, please contact us at **************. If you require relay service assistance, please click on the following link to review information on your state's relay service: ********************************** Telos Corporation is an EEO/AA employer.

Join our dynamic and thriving company as a Data Security Analyst in St. Louis, MO where you'll have the opportunity to make an impact and shape the future of our renowned brands. If you have a passion for fashion, eager to learn and have an eye for detail, this is the perfect role for you! As a member of our team, you'll be part of a company that values results, caring and learning. What You'll Be Doing Monitor security service performance and availability: Provide recommendations on security equipment, software, and services On-going investigation: Inspect information security alarms and events to determine vulnerability and impact Implement processes: Put forth structured risk assessment processes, conducting ongoing threat and vulnerability assessments, and evaluating controls and countermeasures to mitigate risk Participate in architecture reviews: Ensure adherence to information security architecture Develop processes: Create plans for preventing, detecting, identifying, analyzing and responding to information security incidents Design and deliver programs: Create education and training programs on information security and privacy matters The Timberline Group Phone: ************ PO Box 565, Sullivan, Mo 63080 ********************* ************************* "Delivering quality solutions through quality people"

The Security Risk and Compliance Analyst is a member of the information security team and works closely with the other members of the team, the business, and other IT staff to develop and manage security for one or more IT functional area (e.g., data, systems, network, and physical) across the enterprise. The candidate will be able to effectively understand standard risk methodologies and the implementation of security controls in an enterprise environment. Key Result Areas: Work as part of a team to maintain security and integrity of corporate data and IT systems through activities including: Develop and maintain enterprise security policies and procedures Assist in the coordination and completion of information security risk assessments and documentation Work with information security management to develop strategies and plans to enforce security requirements and address identified risks Report to management concerning residual risk, vulnerabilities, and other security exposures including misuse of information assets and noncompliance Work with IT department and members of the information security team to identify, select and implement technical controls Provide direct support to the business and IT staff for security related Maintain an awareness of security and control issues in emerging technologies Perform other duties as assigned Knowledge, skills, and experience required: Bachelor's degree in Computer Science, Information Systems, or other equivalent degree or experience Preferred Certifications (CISSP, CISA, CRISC, CRM, GSEC, etc.) Strong analytical and problem-solving skills to enable effective security incident and problem resolution Proven ability to work under stress with the flexibility to handle multiple high-pressure tasks simultaneously Ability to work well under minimal supervision Strong team-oriented skills with the ability to interface effectively with a broad range of people and roles, including vendors and enterprise personnel Strong written and verbal communication skills and attention to detail for board level committee and regulatory reporting Strong customer/client focus with the ability to manage expectations appropriately General understanding of risk management Knowledge of security methodology frameworks and regulatory requirements such as NIST, CIS, HIPAA, PCI, and FFIEC Microsoft Excel, Word, and Visio skillset for the creation, tracking and reporting of security metrics (e. graphs, formatting, basic formulas) Preferred Qualifications: Understanding of enterprise risk management systems and automation platforms Experience with Data Loss Prevention (DLP) and Vulnerability Management solutions *This position is on-site located in Oklahoma City, must reside within the area to be considered. *Position requires a minimum of 3 years of relevant US based experience. #LI-Onsite #LI-DNI

Collabera is ranked amongst the top 10 Information Technology (IT) staffing firms in the U.S., with more than $550 million in sales revenue and a global presence that represents approximately 12,000+ professionals across North America (U.S., Canada), Asia Pacific (India, Philippines, Singapore, Malaysia) and the United Kingdom. We support our clients with a strong recruitment model and a sincere commitment to their success, which is why more than 75% of our clients rank us amongst their top three staffing suppliers. Not only are we committed to meeting and exceeding our customer's needs, but also are committed to our employees' satisfaction as well. We believe our employees are the cornerstone of our success and we make every effort to ensure their satisfaction throughout their tenure with Collabera. As a result of these efforts, we have been recognized by Staffing Industry Analysts (SIA) as the “Best Staffing Firm to Work For” for five consecutive years since 2012. Collabera has over 40 offices across the globe with a presence in seven countries and provides staff augmentation, managed services and direct placement services to global 2000 corporations. For consultants and employees, Collabera offers an enriching experience that promotes career growth and lifelong learning. Visit ***************** to learn more about our latest job openings. Awards and Recognitions --Staffing Industry Analysts: Best Staffing Firm to Work For (2016, 2015, 2014, 2013, 2012) --Staffing Industry Analysts: Largest U.S. Staffing Firms (2016, 2015, 2014, 2013) --Staffing Industry Analysts: Largest Minority Owned IT Staffing Firm in the US. Job Description Responsibilities: Performs focused risks assessments of existing or new services and technologies (both internal and external) by utilizing questionnaires, surveys, interviews and observations and reviewing documentation to identify and evaluate risk scenarios. Communicates risk assessment findings to information security “customers,” or business partners.Provides consultative advice to information security customers that enables them to make informed risk management decisions.Identifies appropriate controls to effectively manage information risks as needed.Identifies opportunities to improve risk posture, developing solutions for remediating or mitigating risks and assessing the residual risk.Maintains strong working relationships with individuals and groups involved in managing information risks across the organization Qualifications Required Skills/Experience • 3+ years of work experience in information security, especially in an Information Risk Analysis, Enterprise Risk Management (ERM), and/or IT Audit role • Knowledge of quantitative and qualitative risk evaluation methods • An ability to identify and assesses the severity and potential impact of risks and communicate risk assessment findings to risk owners outside Information Security in a way that consistently drives objective, fact-based decisions about risk that optimize the trade-off between risk mitigation and business performance • Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one • An ability to effectively influence others to modify their opinions, plans, or behaviors • An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business • Excellent prioritization capabilities, with an aptitude for breaking down work into manageable parts, effectively assessing the priority and time required to complete each part • An ability to work on several tasks simultaneously and pay attention to sources of information from inside and outside one's network within an organization • Open and able to apply original and innovative thinking to produce new ideas and create innovative products in an environment that embraces continuous improvement Additional Information To set up an inerview for this position, feel free to contact: Imran Malek ************ *******************************

IAM Information Security Specialist Duration: 12 Months Overview of the Role: Our Client is currently seeking an Identity Access Management (IAM) Information Security Specialist that will have a strong emphasis on Cloud based IAM services. As a member of the team, your work will focus on IDaaS (Identity as a service) work using SaaS (Software as a Service) tools. As an IAM Information Security Specialist you will work with critical and sensitive information daily, and you will be relied upon to maintain critical security safeguards. Key Responsibilities: Develop and maintain comprehensive information security posture including rules, controls, and security safeguards. General activities such as Develop and maintain the information security posture (rules, controls, security safeguards, etc.) to protect information assets, and conducts reviews. Engineering activities such as facilitating and configuring application integrations, creation of IAM objects (users, groups, servicer accounts, API tokens, etc.), working incidents, following change management processes, and creating documentation. Required Skills & Qualifications: At least three years of related access control experience with a general understanding of provisioning within IDaaS and IAM systems preferred. Associate or Bachelors degree from an accredited college or university with specialization in an information technology field or equivalent combination of experience, education, and/or certification preferred. Intermediate understanding of computer applications such as Microsoft Office, internet navigation and email programs. Strong interpersonal, analytical and customer service skills and communication skills. Good business and organizational skills including the ability to prioritize, work within a team setting and manage work. Perks of Working with AP Recruiters & Associates: Competitive compensation (depending on experience) Comprehensive career development and professional growth opportunities Dedicated recruiter support throughout your contract journey Access to exclusive opportunities with Fortune 500 clients Flexible work arrangements and professional development resources About the Client: Our client is a leading energy company recognized as one of the largest electric utilities in the United States. They are committed to delivering clean, affordable, and reliable energy while driving innovation in sustainable power generation. The organization operates across multiple states, serving millions of customers and maintaining a strong focus on environmental stewardship, technological advancement, and community development. Their commitment to digital transformation and cybersecurity excellence makes this an exciting opportunity for security professionals.

Our Purpose Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we're helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential. Title and Summary Senior AI Security EngineerAs an Information Security Engineer specializing in AI Security and Data Science, you will be at the forefront of protecting our AI systems and the underlying data that powers them. Your role will combine deep technical expertise in security engineering with strong data science capabilities to analyze, interpret, and secure complex datasets used in AI models. You will design and implement advanced security measures to safeguard AI infrastructure and ensure the integrity, confidentiality, and availability of AI-driven solutions. Key Responsibilities: - Security Architecture Design: Architect and implement robust security frameworks for AI systems, including secure coding practices and design principles. -Data Analysis & Risk Modeling: Apply data science techniques to analyze AI system data, identify patterns, and assess potential security risks. Develop predictive models to anticipate vulnerabilities and threats. - Vulnerability Assessment: Implement and manage tooling for penetration testing on AI models and systems, leveraging statistical and data-driven approaches to prioritize remediation. - Secure AI Development: Collaborate with data scientists and software engineers to integrate security best practices into the AI development lifecycle, including secure model training, validation, and deployment. - Data Governance & Privacy: Ensure compliance with data protection standards (GDPR, NIST, ISO) and implement privacy-preserving techniques such as differential privacy and federated learning. - Research and Innovation: Stay abreast of advancements in AI security and data science, conduct research, and contribute to innovative security solutions. - Documentation and Reporting: Prepare detailed reports and dashboards using data visualization tools to communicate security posture and risk insights. - Advisory and Support: Provide guidance on secure data handling and AI security best practices to cross-functional teams. - Technical Training and Mentorship: Mentor team members on AI security principles and data science methodologies. - Experimentation and POCs: Design and execute experiments and proof-of-concepts to validate emerging threats and security solutions using data-driven approaches. Qualifications: Bachelor's or Master's degree in Computer Science, Information Security, Data Science, or related field. Relevant experience in information security with a strong focus on AI systems and data protection. Proficiency in data science tools and languages (Python, R, SQL) and experience with machine learning frameworks (TensorFlow, PyTorch). Strong understanding of statistical modeling, data visualization, and anomaly detection techniques. Expertise in designing and implementing security measures for AI systems, including encryption, access controls, and secure coding desired. Excellent analytical and problem-solving skills with ability to interpret complex datasets for security insights. Relevant certifications such as CISSP, CEH, OSCP, or data science certifications are highly desirable.Mastercard is a merit-based, inclusive, equal opportunity employer that considers applicants without regard to gender, gender identity, sexual orientation, race, ethnicity, disabled or veteran status, or any other characteristic protected by law. We hire the most qualified candidate for the role. In the US or Canada, if you require accommodations or assistance to complete the online application process or during the recruitment process, please contact reasonable_accommodation@mastercard.com and identify the type of accommodation or assistance you are requesting. Do not include any medical or health information in this email. The Reasonable Accommodations team will respond to your email promptly. Corporate Security Responsibility All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must: Abide by Mastercard's security policies and practices; Ensure the confidentiality and integrity of the information being accessed; Report any suspected information security violation or breach, and Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines. In line with Mastercard's total compensation philosophy and assuming that the job will be performed in the US, the successful candidate will be offered a competitive base salary and may be eligible for an annual bonus or commissions depending on the role. The base salary offered may vary depending on multiple factors, including but not limited to location, job-related knowledge, skills, and experience. Mastercard benefits for full time (and certain part time) employees generally include: insurance (including medical, prescription drug, dental, vision, disability, life insurance); flexible spending account and health savings account; paid leaves (including 16 weeks of new parent leave and up to 20 days of bereavement leave); 80 hours of Paid Sick and Safe Time, 25 days of vacation time and 5 personal days, pro-rated based on date of hire; 10 annual paid U.S. observed holidays; 401k with a best-in-class company match; deferred compensation for eligible roles; fitness reimbursement or on-site fitness facilities; eligibility for tuition reimbursement; and many more. Mastercard benefits for interns generally include: 56 hours of Paid Sick and Safe Time; jury duty leave; and on-site fitness facilities in some locations. Pay Ranges O'Fallon, Missouri: $115,000 - $184,000 USD

TENEX is an AI-native, automation-first, built-for-scale Managed Detection and Response (MDR) provider. We are a force multiplier for defenders, helping organizations enhance their cybersecurity posture through advanced threat detection, rapid response, and continuous protection. Our team is composed of industry experts with deep experience in cybersecurity, automation, and AI-driven solutions. Backed by leading investors, we are rapidly growing and seeking top talent to join our mission of revolutionizing the MDR landscape. We're a fast growing startup backed by industry experts and top tier investor Andreessen Horowitz. As an early employee, you'll play a meaningful role in defining and building our culture. Get in on the ground floor. We're a small but well-funded team that just raised a substantial round - joining now comes with limited risk and unlimited upside. Culture is one of the most important things at TENEX.AI-explore our culture deck at culture.tenex.ai to witness how we embody it, prioritizing the irreplaceable collaboration and community of in-person work. We are looking for a detail-oriented Information Security Analyst to spearhead our internal compliance efforts and manage our Third-Party Risk Management (TPRM) program. In this role, you won't just be checking boxes; you will be the architect of the controls that protect our customers' data involving AI and other cutting edge technologies. You will bridge the gap between technical security operations and formal audit requirements, ensuring we remain a gold standard in the industry. Location: This role will require onsite in our Overland Park, KS or Sarasota, FL location. Key Responsibilities 1. Internal SOC 1 & SOC 2 Compliance Audit Readiness: Lead the preparation for annual SOC 1 Type II and SOC 2 Type II audits. Control Monitoring: Perform continuous testing of technical and administrative controls (e.g., access reviews, change management, encryption standards). Evidence Collection: Coordinate with Engineering, HR, and DevOps teams to gather and organize audit evidence throughout the year. Remediation: Identify gaps in current processes and work with department heads to implement corrective actions. 2. Third-Party Risk Management (TPRM) Vendor Assessments: Conduct security assessments of new and existing vendors, reviewing their SOC reports, ISO certifications, and SIG questionnaires. Risk Scoring: Evaluate the risk profile of third-party tools and services, providing recommendations to leadership on whether to approve or mitigate risks. Contract Review: Partner with Legal to ensure security addendums (DSAs/BAsAs) meet our internal compliance requirements. 3. Policy & Governance Maintain and update the Information Security Management System (ISMS) documentation. Develop and deliver security awareness training tailored to compliance requirements. Act as the primary point of contact for client inquiries regarding our security posture. Required Qualifications & Skills: Experience: At least 2 years in Information Security, IT Audit, or Compliance (GRC). Frameworks: Deep understanding of AICPA Trust Services Criteria (SOC 2) and SSAE 18 (SOC 1) along with ISO 27001, NIST-800. Technical Knowledge: Familiarity with cloud environments (GCP/AWS/Azure), IAM, and vulnerability management. TPRM Tools: Experience with risk assessment platforms (e.g., OneTrust, Vanta, or Drata). Certifications: CISA, CRISC, or Security+ preferred (CPA-tracked experience is a plus). Ideal Candidate Profile: The "Translator": You can explain complex frameworks like ISO27001, NIST 800, and map them to internal controls in policy documentation to support compliance requirements. Meticulous: You audit the environment and policies for consistency and enforcement. Proactive: You don't wait for the audit window to open; you are constantly looking for ways to automate evidence collection. Education & Certifications: Bachelor's degree in Computer Science, Cybersecurity, Engineering, or a related field (or equivalent experience). Why Join Us? Opportunity to work with cutting-edge AI-driven cybersecurity technologies and Google SecOps solutions. Collaborate with a talented and innovative team focused on continuously improving security operations. Competitive salary and benefits package. A culture of growth and development, with opportunities to expand your knowledge in AI, cybersecurity, and emerging technologies.

Make a direct impact on protecting the Bank's people, systems, and customers! As an Information Security Analyst, you'll play a hands-on role in strengthening the Bank's security posture while working closely with Compliance, Risk Management, and IT Security. This position offers visibility across the organization, meaningful responsibility, and the opportunity to influence how security awareness and risk management are practiced every day. You'll be trusted to monitor critical system access, investigate and respond to real-world phishing threats, and lead the Bank's security awareness and social engineering programs. From training employees to advising leadership on security risks, your work will directly reduce risk and improve the organization's security culture. What You'll Do * Protect critical systems by monitoring access changes and advising on best practices * Investigate suspicious emails and manage phishing response and testing programs * Lead engaging security awareness training and new-hire education * Plan and report on phishing and social engineering exercises * Support key information security risk assessments and control reviews * Partner with IT and business leaders to identify and mitigate security risks What You Bring * 5+ years of experience in IT security, risk management, audit, or compliance CapFed is an equal opportunity employer.