Security engineer jobs in Tyler, TX

Akkodis is seeking a Application Security Engineer (Hybrid)) for a contract job in Location: Austin, TX Job Title: Application Security Engineer Duration: 6 months Pay range: Pay Range: $58/hr - $60/hr on W2 The rate may be negotiable based on experience, education, geographic location, and other factors. Perform manual web application and mobile penetration testing. Identify, validate, and prioritize vulnerabilities, delivering actionable remediation and migration recommendations. Conduct code assisted reviews, architecture assessments, and threat modeling exercises. Research emerging vulnerabilities, exploit techniques, and security technologies to proactively improve defenses. Develop and deliver clear, comprehensive reports and presentations for technical and non-technical audiences. Assess and secure applications and services that incorporate AI/ML models or LLM-based functionality. Evaluate AI system components (data inges4on, model APIs, inference endpoints) for security and privacy risks. Job Requirements: 6+ years of experience as an Application Security Engineer, Principal Security Consultant, or Senior Penetration Tester in an enterprise environment. Proven experience manually testing web applications and performing enterprise-level penetration testing. Strong understanding of Web and Mobile application security testing, methodologies, and common vulnerabilities. Proficiency in at least one scripting language (Python, Perl, Ruby, PHP) and one programming language (Java, Objective-C). Proficiency with Mac OS X or UNIX Linux systems. General understanding of secure network architecture and design, including segmentation, ACLs, and secure communication protocols. General knowledge of common web technology stacks (LAMP, LEMP, MEAN, etc.) and their associated security considerations. General understanding of AWS services (EC2, S3, KMS, RDS) and security best practices relevant to those services. Ability to explain basic networking concepts (routing, load balancing, SSLTLS, TCPIP) to support secure application architecture reviews. Ability to ascertain and clearly articulate the size and scope of security assessments and penetration testing engagements. Solid understanding of the OWASP Top 10 and CWE Top 25 vulnerabilities (e.g., XXE, XSS, SQLi, SSRF). Strong communication skills both written and verbal with the ability to convey complex technical issues to diverse audiences. Demonstrated passion for continuous learning, vulnerability research, and staying ahead of evolving threat landscapes

An exciting opportunity for an experienced Cloud Security Engineer to join a global SaaS company, in a hyper growth stage. This is a crucial customer-facing role where you will be instrumental in designing, implementing, and securing complex cloud environments for clients across Google Cloud Platform (GCP), Microsoft Azure, and Amazon Web Services (AWS). Key Responsibilities: Cloud Security Operations Perform penetration testing activities Network Security Expertise Firewall & WAF Management SaaS Security Best Practice SIEM Integration & Optimization Customer Engagement & Presentation Requirements: 8+ years of cybersecurity experience 4+ years cloud security engineering Strong expertise with Google Cloud Platform (GCP) Strong practical experience with Microsoft Azure and AWS Expertise in SaaS applications Demonstrable experience with firewall management and WAFs Hands-on experience with SIEM platforms CISSP Certified

About The Role The Sr. Security Researcher is responsible for leading and executing offensive security assessments (red teaming) against the organization's systems and networks. This role will leverage advanced penetration testing, social engineering, and other offensive security techniques to identify and exploit vulnerabilities, simulate real-world threats, and enhance the organization's overall security posture. Responsibilities Lead and execute red team engagements: Develop and execute comprehensive red team assessments, including reconnaissance, vulnerability scanning, exploitation, and post-exploitation activities. Lead and mentor junior red team members, providing guidance, training, and hands-on experience. Develop and maintain red team methodologies, tools, and infrastructure. Conduct threat modeling and risk assessments to identify potential attack vectors and prioritize targets. Develop and execute social engineering campaigns, including phishing, vishing, and physical penetration tests. Vulnerability research and exploitation: Stay abreast of the latest threat intelligence, vulnerabilities, and exploits. Research and develop new exploitation techniques and tools. Conduct in-depth analysis of vulnerabilities and their potential impact. Reporting and communication: Prepare detailed and concise reports documenting red team findings, including technical details, impact assessments, and remediation recommendations. Effectively communicate findings to technical and non-technical audiences, including senior management. Present findings and recommendations at security forums and conferences (optional). Security awareness and training: Develop and deliver security awareness training programs to employees on topics such as social engineering, phishing, and secure coding practices. Conduct security awareness campaigns to raise employee awareness of security threats and best practices. Collaboration: Collaborate with other security teams (e.g., blue team, incident response) to improve overall security posture. Work with development teams to identify and remediate security vulnerabilities in applications and systems. Build and maintain relationships with external security researchers and the cybersecurity community. Skills and Qualifications Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience). 5+ years of experience in cybersecurity, with 3+ years of hands-on experience in penetration testing, red teaming. Understanding of blended attacks. Proven experience leading and mentoring junior security professionals. Strong understanding of networking, systems administration, and programming concepts. Expertise in penetration testing methodologies and tools (e.g., Cobalt Strike, Outflank, Sliver, PowerShell Empire, Metasploit, Kali Linux, Nmap). Proficiency in scripting languages (e.g., Python, Ruby, PowerShell). Strong understanding of network protocols (e.g., TCP/IP, HTTP, DNS). Experience with vulnerability scanners, intrusion detection systems, and firewalls. Experience with cloud security (e.g., AWS, Azure, GCP) is a plus. Relevant security certifications (e.g., RTO I, RTO II, OSCP, OSCE, GPEN, CRTP) are highly desired. Excellent analytical and problem-solving skills. Strong communication and interpersonal skills. Ability to work independently and as part of a team. Strong attention to detail and accuracy. Ability to adapt to new technologies and challenges. Project Management.

AI Security Engineer (Generative AI Focused) Plano, Texas, United States Contract We're looking for an experienced AI Security Engineer to join us, someone skilled in both artificial intelligence (AI) and cybersecurity. This role focuses on ensuring the security and integrity of AI systems and applications. Requirements Qualifications to be Successful: Strong understanding of AI technologies and security vulnerabilities. Experience with machine learning, neural networks, and AI methodologies. Knowledge of cybersecurity principles, frameworks, and standards. Proficiency in Python or R, common languages used in AI. Minimum Qualifications: Bachelor's degree in computer science, information security, or related field (advanced degree preferred). 3+ years of cybersecurity experience, with a focus on securing AI systems. Strong understanding of machine learning techniques, algorithms, and AI frameworks. Familiarity with cybersecurity standards, regulations, and compliance requirements. Hands-on experience with security tools and technologies. Proficiency in programming languages used in AI development. Excellent analytical, communication, and interpersonal skills. Relevant certifications such as CISSP, CISM, CEH, or GIAC are beneficial. Experience with cloud computing and containerization technologies is desirable. Thanks, Vikas. ************************

We are seeking a highly skilled Security Engineer with hands-on experience working with Transmit Security's Mosaic SaaS Tool and Flex ID. The ideal candidate will be responsible for designing and implementing seamless and secure identity journeys, leveraging state-of-the-art Passwordless and frictionless authentication capabilities. Key Responsibilities Design and implement identity user journeys using Transmit Security's Mosaic SaaS Tool. Deploy and configure Flex ID to enable passwordless, frictionless identity experiences. Collaborate with security architects, developers, and product teams to integrate authentication flows into web and mobile applications. Ensure robust identity and access management (IAM) implementations using industry best practices. Leverage protocols and standards such as SSO, MFA, OAuth2, OpenID Connect, and SAML to orchestrate secure identity flows. Monitor, troubleshoot, and optimize identity workflows for performance and security. Document technical solutions and provide knowledge transfer to internal teams. Required Qualifications ✅ Proven experience building and optimizing authentication workflows with Transmit Security's Mosaic platform. ✅ Hands-on expertise with Flex ID for enabling passwordless and frictionless identity verification. ✅ Strong understanding of IAM concepts, including SSO, MFA, identity federation, and orchestration. ✅ Demonstrated ability to work in cross-functional teams, solving complex technical problems collaboratively. ✅ Experience with identity protocols: OAuth2, OIDC, SAML, etc. ✅ Strong communication and documentation skills. Preferred Qualifications Experience integrating identity services with CI/CD pipelines or DevOps environments. Familiarity with customer identity and access management (CIAM) and privacy regulations (e.g., GDPR, CCPA). Background in cybersecurity, software engineering, or cloud architecture.

Job Posting Title: Cloud Security Engineer - SRE We are seeking a skilled and motivated Cloud Security Engineer - SRE to join our dynamic team. The ideal candidate will possess a strong technical background in systems administration, cloud computing, and infrastructure as code, with a particular focus on solution engineering/site reliability. This role will involve collaborating with cross-functional teams to enhance our security posture and streamline processes through automation. Technical Skills • Programming and Scripting: Strong proficiency in languages like Python, Go, Bash, or Ruby. SREs often need to write automation scripts and build tooling. • Systems Administration: Deep understanding of operating systems (Linux/Unix), file systems, processes, and system configurations. • Infrastructure as Code (IaC): Experience with IaC tools like Terraform, Ansible, or Chef to manage infrastructure. • Cloud Computing: Knowledge of cloud platforms such as AWS, Azure, or Google Cloud Platform, including services like EC2, S3, Kubernetes, and serverless functions. • Containers and Orchestration: Expertise in containerization (Docker) and container orchestration (Kubernetes, OpenShift). • Networking: Understanding of networking concepts, including DNS, firewalls, load balancing, and VPNs. • Monitoring and Observability: Experience with monitoring and observability tools like Prometheus, Grafana, Datadog, or New Relic. Ability to set up and maintain monitoring dashboards, alerts, and logs. • Continuous Integration/Continuous Deployment (CI/CD): Familiarity with CI/CD tools like Jenkins, GitLab CI, GitHub Actions, or CircleCI. • A strong understanding of HashiCorp Vault and Terraform will make you stand out. 2. Problem-Solving and Troubleshooting • Incident Management: Ability to manage and respond to incidents, perform root cause analysis, and implement post-mortem reviews. • Automation: Focus on automating repetitive tasks to improve efficiency and reduce human error. • Performance Tuning: Skills in identifying and resolving performance bottlenecks in systems and applications. 3. Collaboration and Communication • Teamwork: Ability to work closely with cross-functional teams, including software engineers, product managers, and DevOps teams. • Documentation: Skill in creating clear and comprehensive documentation for systems, processes, and incident reports. • Communication: Effective communication skills for interacting with stakeholders and explaining technical concepts to non-technical audiences. 4. Reliability and Scalability • Service-Level Objectives (SLOs) and Service-Level Agreements (SLAs): Understanding of setting, monitoring, and maintaining SLOs and SLAs for system reliability. • Scalability: Knowledge of best practices for designing and scaling systems to handle increased loads and demands. • Redundancy and Resilience: Experience in designing systems with redundancy and fault tolerance to minimize downtime. 5. Security and Compliance • Security Best Practices: Understanding of security principles, such as access control, data encryption, and secure coding practices. • Compliance: Familiarity with compliance standards like GDPR, HIPAA, or PCI-DSS, depending on the industry. Minimum Job Qualifications: • Bachelor degree in business or equivalent work experience • 10 years of previous program leadership and/or relevant consulting experience • Knowledge of and demonstrated experience in program management framework, knowledge groups & life cycle • 5+ years' experience in driving large scale data center consolidation efforts • Minimum 5 years' experience with matrix management of cross-functional processes and teams • Proficient with Project Management tools

Cybersecurity Analyst - Level II / Senior (Deployment & Engineering Focus) Houston, TX Contract to Hire Sector: Oil & Gas We're hiring a seasoned, hands-on Cybersecurity Analyst (Level II or Senior) to drive the build-out and continuous improvement of our security tooling ecosystem. This is primarily an engineering and deployment role-not a SOC or pure incident-response position. You'll own the implementation, optimization, and maturation of critical security controls across the enterprise. What You'll Own Lead the deployment, configuration, tuning, and upgrade of core cybersecurity technologies Particular emphasis on Privileged Access Management (PAM) and Endpoint Detection & Response (EDR) platforms (experience here is highly valued) Identify gaps, propose solutions, and execute security infrastructure enhancements at a rapid pace Automate repetitive tasks, build integrations, and streamline processes wherever possible Partner with other security engineers, infrastructure teams, and application owners to embed security into the environment Provide occasional tier-3 escalation support for incidents when needed (not primary duty) What You Bring Proven track record deploying and managing enterprise security tools in real-world environments Deep hands-on experience with PAM and/or EDR solutions strongly preferred (e.g., CyberArk, BeyondTrust, Delinea, CrowdStrike, SentinelOne, Microsoft Defender, Carbon Black, etc.) Strong automation mindset-scripting (Python, PowerShell, Bash) and infrastructure-as-code experience is a big plus Ability to operate independently, prioritize ruthlessly, and deliver results in a fast-moving environment Adaptable and eager to work across a wide variety of security technologies SANS GIAC certifications (GSEC, GCIA, GNFA, GCIH, GMON, etc.) strongly preferred Degree not required-demonstrated capability is what matters If you live for building and hardening security controls, move fast, hate manual work, and want to see your deployments protect the enterprise in real time, we want to talk to you.

One of our key clients within the financial industry is looking for a Red Team Cyber Security Engineer for a full-time position. This position will be 2 days on-site in Chicago or Dallas and 3 days remote. Please note, only US citizens or Green-card holders are eligible for this position. Job Description: Perform cloud assessments, web application penetration testing and mobile application testing Carry out reviews of security, network, applications, and cloud environments Plan/Design security activities with automation as the primary driver to align with the security strategy Ensure alignment of security controls, supporting services and related policies with regulations and industry-standard best practices Assist management with the improvement of policy/procedure to support Cloud Security Engineering Participate in developing a security roadmap, adopt security best practices, and implement new ideas and innovations according to the industry trends Experience required: Penetration Testing experience within Network, Application, Web Application or Mobile Applications Experience cloud environments (AWS, Azure, IaaS/PaaS/SaaS). Good applicable knowledge of policy and procedure development, systems analysis, Information Assurance (IA) policy, vulnerability management, and risk management Good understanding of regulatory standards including CSF, NIST, PCI, SSAE 16, SAS 70, HIPPA, FIPS 199, COBIT 5 and others as needed. Strong experience with custom scripting (python, PowerShell, bash, etc.) and process automation. Strong experience with database security testing (MSSQL, DB2, MySQL, etc.). Strong proficiency with common penetration testing tools (Kali, Armitage, Metasploit, Cobalt Strike, Nmap, Qualys etc. Experience with Mainframes, Windows, Unix, MacOS, Cisco, platforms and controls. Experience with using ServiceNow is a plus. We look forward to receiving your application!

• DevSecOps' expertise in building and supporting security solutions for Windows, Linux, above mentioned platforms, including services such as Enterprise Vulnerability Management, data protection, privacy and compliance, network protection. • Building and deploying security solutions using technologies such as Docker, Kubernetes, and GIT Hub. • Experience in low code environments such as Appian and Microsoft Power Platforms is mandatory. • Experience with Alteryx ETL and Workflow Designer platform is plus. • Experience with Identity and Access, Endpoint, Vulnerability management and other cybersecurity automation workflows. • Experience writing Automation scripts in Python and deploying them leveraging APIs. • Experience with AI enabled automation workflows. • Experience with Agile methodology and Atlassian tools including JIRA and Confluence. • Communicating with various audiences, including business leaders, engineers, clients, and team members, with excellent ability to convey information that is relevant to the audience. • Written communication for excellent documentation and reporting. • Outstanding teamwork across multidiscipline plan-build-run teams. • Applying your understanding and expertise with systems automation platforms and technologies. • Automating security controls, data, and processes to provide metrics and operational support. • Employing cloud-based APIs when suitable to integrate and orchestrate across various systems in the automation workflow. • Developing and delivering solutions using Agile methodology. “Mindlance is an Equal Opportunity Employer and does not discriminate in employment on the basis of - Minority/Gender/Disability/Religion/LGBTQI/Age/Veterans.”

Data Security Analyst (GRC Analyst 2) - (Must be local to Austin, TX) Austin, TX | Hybrid (3 Days Onsite, 2 Days Remote) Monday-Friday, 8:00 AM-5:00 PM About the Role Client is seeking an experienced Data Security Analyst (GRC Analyst 2) to support advanced information security and compliance initiatives. This hybrid role requires strong governance, risk, and compliance (GRC) expertise-ideal for professionals who excel in regulatory frameworks, self-assessments, and stakeholder collaboration. Key Responsibilities Design, configure, and manage self-assessment projects within GRC tools (Diligent preferred). Build workflows, automated notifications, and task assignments for assessment activities. Interpret and apply regulatory and industry frameworks: Texas Cybersecurity Framework (TCF) NIST Cybersecurity Framework (CSF) 2.0 HIPAA Security Rule ISO 27001, CIS Controls, and other standards Partner with business and technical stakeholders to gather evidence, track remediation, and report on compliance posture. Support internal audits, risk assessments, and continuous process improvement. Maintain documentation and contribute to maturing GRC capabilities across the organization. Required Qualifications 3+ years in GRC, cybersecurity, or compliance roles Hands-on experience with GRC platforms (Diligent strongly preferred) Strong understanding of NIST CSF 2.0, HIPAA Security Rule, Texas Cybersecurity Framework Experience designing workflows, assessments, and notification processes in GRC tools Excellent communication and stakeholder-engagement abilities Preferred Qualifications Familiarity with risk management methodologies Relevant certifications (CISA, CRISC, CISSP, CGRC)

Hi All, *** Greetings from My3tech *** Role: Data Security Analyst 2 Duration: 6+ Months Minimum Qualifications Years Skills / Experience 3 Experience in a GRC, cybersecurity, or compliance role 3 Hands-on experience with GRC platforms (Diligent preferred) Strong understanding of NIST CSF 2.0, HIPAA, and state-level frameworks (Texas Cybersecurity Framework) Experience designing workflows and notifications within GRC tools Excellent communication and stakeholder engagement skills Preferred Qualifications Years Skills / Experience Familiarity with risk management methodologies Certifications such as CISA, CRISC, CISSP, or CGRC

Glocomms is partnered with an integral financial services corporation seeking a Security Engineer focused on Privileged Access & Automation to design and maintain secure authentication, authorization, and secrets management systems across on-prem and cloud environments. This role focuses on privileged access management, security architecture, and automation, leveraging AI-based capabilities to ensure operational integrity and compliance. Responsibilities Implement and manage privileged access systems (CyberArk, HashiCorp Vault) and secrets lifecycle management. Design and support authentication/authorization frameworks (Active Directory, oAuth 2.0, OIDC, AWS IAM, PKI, certificates). Maintain operational integrity through patching, version control, upgrades, troubleshooting, and break-fixes. Apply security as code principles using Terraform, Ansible, Jenkins pipelines, and CI/CD deployments. Develop automation scripts in Go, Bash, Python, PowerShell for secure integrations. Integrate AI-based security capabilities for detection, remediation, and automated workflows. Collaborate cross-functionally with engineering, cloud, and compliance teams; participate in 24x7 operational support. Qualifications 5+ years in security engineering, architecture, or operations within complex environments. Hands-on experience with CyberArk, HashiCorp Vault, PKI, and privileged access methodologies. Strong knowledge of Active Directory, Kerberos, LDAPS, oAuth 2.0, OIDC, and AWS IAM. Familiarity with Kubernetes security, HSMs, and cloud ecosystems. Proficiency in Go, Bash, Python, PowerShell; experience with Terraform, Ansible, Jenkins. Understanding of security architecture principles, confidentiality, integrity, availability, and compliance frameworks. Exposure to AI-enabled security tools and automation strategies preferred. This is a hybrid role requiring 3 days per week onsite in Dallas, TX. Candidates must be fully authorized to work in the United States. Unfortunately, visa sponsorship is not available for this role. Applications must include candidate's full name (first and last) and contact information in order to be considered.

Job Title: Azure Cloud Security Engineer - W2 only - we can provide sponsorship as well Duration: Long Term Top Skills: Azure Policy Exp Azure Security Services - Security Center, Key Vault, Log Analytics Identity and Access Management Exp Prior Software Engineering background, any language is fine but someone coming from a Sys Admin/Devops background won't be the right fit here. The Expertise and Skills You Bring 8+ years of experience in IT infrastructure, security, compliance A strong understanding of Azure services and security capabilities Solid hands-on experience with at least two of the following: Engineering/operational support of cloud account configuration in AWS or Azure Software Development, Linux Systems Administration, Data Networking Hands-on configuration of CI/CD pipelines for cloud-native deployments Very strong with scripting languages, including integration with CSP APIs; python preferred Azure Networking Identity and Access Management - RBAC Azure Policies Azure Security Services - Security Center, Key Vault, Log Analytics Azure ARM/PowerShell Ability to work with application and security teams to promote a secure posture in the cloud You can mentor and train other team members to work effectively in the cloud You are a self-starter who can independently by reading technical documentation Bonus skills Advanced Azure Certifications

The CISO will lead the development and execution of a comprehensive information and cybersecurity strategy aligned with WFSDallas' mission. This role will oversee the protection of digital and physical assets, data of job-seekers, employers and partners, and ensure secure, reliable operations across all service channels. The CISO will be a strategic advisor to senior leadership and the board, while managing day-to-day security operations, risk management, compliance and business continuity. ESSENTIAL DUTIES AND RESPONSIBILITIES: This is intended to identify the essential functions of a position and should not be interpreted as all-inclusive. The employee may be required to perform or assume additional job-related responsibilities other than those stated in this . Typical duties include: • Develop and implement enterprise-wide information cybersecurity strategy and governance framework including policies, procedures, and training to ensure compliance and security awareness organization-wide adhering to the National Institute of Standards and Technology (NIST) 800.53 Version 5 and Texas Cybersecurity Framework (TCF). • Lead risk assessment, regulatory compliance (federal/state grants, data privacy, workforce system regulations) and vendor/partner security oversight. • Oversee security operations: threat intelligence, vulnerability management, incident response, identity & access management, cloud/endpoint security. • Build and lead the information security team; cultivate a security-aware culture across workforce centers, staff and partner organizations. • Collaborate with IT, operations, legal, HR, training and executive leadership to embed security into all programs and services. • Evaluate and implement emerging security technologies and approaches to support digital transformation. Develops and implements agency policies for encryption of data transmissions and the erection of firewalls to conceal information as it is being transmitted and to eliminate tainted digital transfers. Serve as liaison to the Board of Directors and external stakeholders regarding security posture, incidents and audits. • Oversees cybersecurity budgets, contracts, and resource planning to ensure efficient and effective allocation of security resources. • Regularly reports cybersecurity posture, risk assessments, and incident outcomes to executive leadership and the Board. • Leads, mentors, and develops information technology and cybersecurity staff to build organizational capability and succession strength. RISK MANAGEMENT & COMPLIANCE • Identify, assess and manage information security risks across all WFSDallas' operations-digital systems, workforce centers, training portals, partner systems. • Ensure compliance with relevant laws, regulations and standards (including federal workforce grant requirements, data privacy, state/county regulations). • Monitors changes in state and federal legislation and advises leadership on potential impacts to agency cybersecurity posture. • Lead internal and external security audits, assessments and remedial actions. • Monitor and evaluate third-party vendor security and partner integrations. SECURITY OPERATIONS • Lead the architecture, deployment and operation of security infrastructure: network security, endpoint security, cloud security, identity & access management. • Oversee vulnerability management, threat intelligence, detection and response capabilities. • Develop and maintain incident response plan, coordinate response to security events, and lead investigations. • Collaborate with IT teams supporting WFSDallas' centers, online portals, job-seeker data systems, and employer portals. Develops performance metrics to measure effectiveness of cybersecurity controls and drives continuous improvement across all security domains. BUSINESS CONTINUITY & DATA PROTECTION • Develop and maintain disaster recovery and business continuity plans for mission-critical systems (career services platform, job-matching system, training portals, partner integrations). • Protect sensitive data (jobseeker information, employer information, partner data) with appropriate encryption, access controls, retention policies. • Lead the development of a data classification and handling program aligned to the organization's operations. SUPERVISORY RESPONSIBILITIES: This position is responsible to the President. Work is performed under general guidance and supervision and according to Workforce Solutions procedures and policies. MINIMUM QUALIFICATIONS: • Bachelor's degree in Computer Science, Information Security, Cybersecurity or similar (Master's preferred) or equivalent combination of education and relevant work experience • At least 10 years of progressive experience in information security/IT risk management; 5+ years in a senior leadership role. • Experience in a multi-site, multi-channel service delivery environment (preferred: public sector, non-profit, workforce systems). • Strong working knowledge of security frameworks (e.g., NIST CSF, ISO 27001, COBIT). • Proven ability to lead incident response and manage regulatory/compliance demands. PREFERRED QUALIFICATIONS: • Certifications such as CISSP, CISM, CISA. • Experience with managing third-party/vendor risk, cloud security, identity & access management in hybrid environments. • Excellent communication skills-capable of translating technical issues for executive/board audiences. • Demonstrated ability to align security initiatives with organizational mission and business objectives. LANGUAGE SKILLS: Ability to read and interpret documents such as safety rules, operating and maintenance instructions, and procedure manuals; ability to write routine reports and correspondence; and to effectively communicate with diverse audiences (colleagues, vendors, supplier, landlords, general public). REASONING ABILITY: Ability to solve practical problems and deal with a variety of concrete variables in situations where only limited standardization exists. Ability to interpret a variety of instructions furnished in written, oral, diagram, or schedule form. OTHER SKILLS and ABILITIES: Knowledge of general office administration; office protocol; regulations for acquisition and inventory control; use and maintenance of computer systems; organization and accurate record-keeping. Type 50-60 words per minute accurately; compose complex correspondence and documentation; operate a variety of office equipment; train others; interact with visitors, Board of Directors, and subcontractors in a professional manner. TRAVEL Due to nature of job, travel will be required approximately 30-40% of work time. Must possess own method of transportation. PHYSICAL DEMANDS: The physical demands described here are representative of those which must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. While performing the duties of this job, the employee is regularly required to sit; use hands to finger, handle, or feel; reach with hands and arms; and talk or hear. The employee is frequently required to stand; walk; and stoop, kneel, crouch, or crawl. The employee must regularly lift and/or move up to 10 pounds, frequently lift and/or move up to 25 pounds, and occasionally lift and/or move up to 25 pounds. Specific vision abilities required by this job include close vision, distance vision, and ability to adjust focus. WORK ENVIRONMENT: The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. While performing the duties of this job, the employee is occasionally exposed to moving mechanical parts, fumes or airborne particles, and outside weather conditions. The noise level in the work environment is usually moderate. This job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may be modified any time with or without notice or due to funding changes. Workforce Solutions Greater Dallas is an EEO/AA/Drug Free Workplace Employer and complies fully with the Americans with Disabilities Act (ADA). Auxiliary aids and services are available upon request to individuals with disabilities. This position is grant funded.

Chief Information Security Officer Chief Information Security Officer The Chief, Information Security Officer (CISO) is a senior-level leader responsible for establishing and maintaining the enterprise vision, strategy, and program to protect information assets and technologies vital in advancing the institution's commitment to transforming lives and communities through higher education. The CISO ensures the organization's academic and administrative resources are secured against breaches and are in full compliance with applicable regulations. This is an on-campus, in-person position. Required Knowledge, Skills, and Abilities Must demonstrate strong interpersonal and verbal communication skills, with the ability to communicate broadly across the organization and develop and maintain effective relationships with a wide range of constituencies. Must also demonstrate strong written communication skills. Ability to lead and motivate cross-functional, interdisciplinary teams to achieve tactical and strategic goals. Must possess strong problem-solving skills to effectively influence decision-making in key negotiations. Ability to perform hands-on, operational work when necessary. Ability to maintain the security or integrity of the critical infrastructure of the institution. Qualifications Minimum Qualifications Bachelor's degree and additional education in Information Security. Prior managerial experience in Information Technology and service context. Professional IT security management certification (e.g., CISSP, CISM). 10+ years' experience in information security and/or IT risk management, with focus on security, performance, and reliability. Experience running a security program in a complex environment. Strong understanding of security protocols and operations. Knowledge of current IT risks and experience implementing security solutions. Experience with NIST 800-53 Framework implementation and compliance, and familiarity with Texas public sector cybersecurity requirements, including TX-RAMP. EO Specific Language (IT specific) - Ability to maintain the security or integrity of the critical infrastructure of the organization. Bilingual or multilingual preferred. ***Will be subject to a criminal background check. Some positions may be subject to a fingerprint check.*** Key Responsibilities IT Leadership: Collaborate with peers and key constituents, contribute directly to the organization's mission, and set the IT and IT Security direction. IT Risk Management: Develop, implement, and monitor a comprehensive information security and IT risk management program for the integrity, confidentiality, and availability of organizational assets. Conduct architecture reviews, risk assessments, business impact analyses, and develop risk management plans to anticipate and neutralize threats. Policies and Procedures: Establish and maintain security policies, standards, and procedures in line with best practices and regulatory requirements, including the NIST 800-53 Framework (Texas Cybersecurity Framework). Security Architecture and Operations: Lead strategic security planning with IT leaders, contributing to infrastructure design, application development, and disaster recovery. Establish and operationalize a Security Operations Center (SOC) for 24/7 monitoring and threat detection. Advise and assist with network and endpoint security, cloud strategy, vulnerability scanning, and incident response. Compliance and Audit: Ensure compliance with FERPA, HIPAA, GLB, PCI, and other regulations. Respond to audits and oversee remediation efforts. Vendor and Relationship Management: Manage security aspects of vendor relationships, assist with vendor compliance, and build relationships with internal and external partners, professional organizations, and agencies. Training: Develop and implement security training for faculty and staff. Incident Response and Forensics: Oversee incident response planning and investigations and assist with disciplinary and legal matters related to breaches. Governance and Strategic Initiatives: Participate in governance committees and collaborate across departments to embed data security into organizational operations. Strategic Security Roadmap: Develop and maintain a security roadmap that balances protection and recovery strategies, ensuring business continuity and resilience. Insurance and Risk Transfer: Work with Risk Management to ensure cyber insurance procurement, maintenance, and claims response. Exercises full discretion and decision-making authority in the recruitment, selection, hiring, mentoring, coaching, development & termination of staff, ensuring alignment with organizational goals, budgetary constraints, and workforce planning strategies. Drive high performance by administering the performance management process timely, setting clear expectations, conducting performance evaluations, and implementing initiatives that enhance employee engagement, motivation, and retention. Completes required Professional Development training hours as well as 16 additional leadership development hours per academic year. The intent of this job description is to provide a representative summary of the major duties and responsibilities performed by incumbents of this job and shall not be construed as a declaration of the total of the specific duties and responsibilities of any particular position. Incumbents may be directed to perform job-related tasks other than those specifically presented in this description. Position requires regular and predictable attendance. Physical Requirements Normal physical job functions performed within a standard office environment. Reasonable accommodation may be made for individuals with physical challenges to perform the essential duties and responsibilities.

The IT Network/Security Analyst is responsible for safeguarding and supporting the organization's IT infrastructure by blending network operations expertise with cybersecurity best practices. This hybrid role ensures both the reliability of network services and the protection of data across enterprise systems and cloud services. The analyst will monitor, analyze, and respond to incidents while maintaining the performance, availability, and security of network systems in a dynamic threat landscape. Duties and Responsibilities: Network Operations & Monitoring Monitor and support daily network operations, ensuring uptime, availability, and performance across routers, switches, firewalls, VPN's, and other network components. Continuously monitor network traffic and performance metrics, using NMS (Network Management Systems), IDS/IPS, and SIEM tools to identify anomalies, outages, or threats. Collaborate with customers to optimize configurations and resolve connectivity issues impacting business operations. Travel as required (up to 25%) to support field locations. Incident Response & Troubleshooting Investigate, contain, and remediate cybersecurity incidents involving network components (e.g., DDoS attacks, unauthorized access, malware propagation). Perform root cause analysis on network-related issues and security events to reduce recurrence and improve resilience. Participate in on-call rotations for critical incident response. Network Security Administration Configure and maintain network devices i.e. firewalls, routers, switches, access points with an emphasis on security hardening and policy enforcement. Implement and support network segmentation, access controls, and VPN technologies to protect sensitive data. Oversee security patching and firmware upgrades across network infrastructure. Vulnerability & Compliance Management Conduct vulnerability assessments and penetration testing on network systems, tracking and remediating identified weaknesses. Support compliance with frameworks such as NIST or CIS as they apply to both network and security operations. Assist with periodic audits, reporting findings, and driving corrective actions. Threat Intelligence & Reporting Stay up to date on evolving attack vectors, especially those targeting enterprise networks. Leverage threat intelligence to proactively adjust network defenses. Produce operational dashboards and executive-level reports detailing network health, incidents, and security posture. Collaboration & Training Work closely with IT infrastructure, Security Architect, and Application teams to integrate security into network design and operations. Provide guidance and training to IT staff and end-users on secure network practices, phishing awareness, and incident reporting. Knowledge, skills, and abilities: Technical Knowledge Strong foundation in networking protocols (TCP/IP, BGP, OSPF, VLANs, DNS, DHCP) and enterprise network architectures. Hands-on experience with network monitoring and analysis tools (e.g., Wireshark, SolarWinds, Nmap, Nessus). Familiarity with security technologies such as SIEM (Splunk, ELK) a plus. Hands-on experience with enterprise network firewalls and network equipment. Experience with enterprise endpoint protection. Understanding of threat detection, DDoS mitigation, VPNs, and secure remote access. Familiarity of compliance requirements Sarbanes-Oxley Act of 2002 (SOX) as they apply to both network and security operations. Skills Proficiency in troubleshooting complex network and security issues in enterprise environments. Strong analytical mindset with the ability to distinguish between performance-related issues and security threats. Clear communication skills for cross-team collaboration and reporting to both technical and non-technical audiences. Effective multitasking and prioritization in 24/7 operations environments. Abilities Ability to balance proactive network performance management with rapid cyber threat response. Commitment to continuous learning in both network operations and cybersecurity trends. Adaptability to shifting operational demands and evolving attack landscapes. Strong teamwork skills with the discretion to handle sensitive information responsibly. Education and Experience Bachelor's degree in Information Technology, Computer Science, Cybersecurity, or related field (or equivalent practical experience) preferred. 3-5 years of combined experience in network operations and cybersecurity, with at least 2 years in a security-focused network role preferred. Relevant certifications highly desirable, such as: Network-focused: CCNA, CCNP, CompTIA Network+ Security-focused: CISSP, CompTIA Security+, CEH, GIAC (GCIA, GCIH) Equal Opportunity Employer Prospective employees will receive consideration without discrimination because of race, color, religion, marital status, sex (including pregnancy, gender identity, and sexual orientation), national origin, age, veteran status, disability, or genetic information.

S3/Strategic Staffing Solutions has a Network Security Engineering opportunity for a leading Financial Services client in Westlake, TX on a hybrid basis. Please read further if you are interested in joining a leading organization. Duration: 2 years W2 contract to hire (MUST BE USC OR GC HOLDER FOR THIS POSITION) Pay Rate: $40-50/hr. W2. Qualifications & Description: We are seeking a highly skilled and proactive Firewall Engineer with strong expertise in Network Security and hands-on experience with Palo Alto and Fortinet firewalls. The ideal candidate will possess excellent troubleshooting abilities, strong communication skills, and familiarity with DevOps practices and scripting languages such as Python. This role requires a self-driven professional who can work independently and collaboratively to ensure robust security infrastructure. Key Responsibilities Design, implement, and manage firewall solutions using Palo Alto and Fortinet platforms. Configure, maintain, and optimize firewall policies, VPNs, and security rules. Perform advanced troubleshooting of network security issues and provide timely resolutions. Collaborate with cross-functional teams to integrate firewalls into enterprise architecture. Conduct regular audits and compliance checks to ensure adherence to security standards. Automate firewall tasks and workflows using Python or similar scripting languages. Participate in change management processes and document configurations accurately. Stay updated on emerging threats and recommend proactive security measures. Required Skills & Qualifications 4+ years of experience in Network Security and firewall administration. Hands-on expertise with Palo Alto and Fortinet firewalls. Strong understanding of TCP/IP, routing, VPNs, and network protocols. Excellent troubleshooting and problem-solving skills. Familiarity with DevOps tools and automation practices. Proficiency in scripting languages such as Python for automation and integration. Strong communication skills and ability to work in a team environment. Proactive, detail-oriented, and capable of managing multiple priorities. Preferred Qualifications Relevant certifications such as PCNSE (Palo Alto Networks Certified Network Security Engineer) or Fortinet NSE. Experience with cloud security and firewall integration in hybrid environments.

About the Role We are seeking a highly strategic and business-minded Business Information Security Officer (BISO) to serve as the primary liaison between our enterprise security organization and key business units. As a Fortune 100 company operating at global scale, we manage complex distribution and supply chain environments that require world-class security, risk governance, and operational excellence. The BISO will help shape and execute a unified security strategy that aligns with business objectives, ensures regulatory compliance, and strengthens our cyber resilience across a diverse technology and operational footprint. Key Responsibilities Strategic Security Leadership Act as the trusted security advisor to senior business leadership, translating technical risks into clear business impacts. Drive alignment between corporate security strategy and business-unit initiatives, ensuring security enables-not hinders-innovation and growth. Represent business needs within enterprise cybersecurity governance forums. Risk Management & Compliance Identify, assess, and prioritize cybersecurity risks across business units, including emerging threats to distribution operations, supply chain systems, and large-scale logistics platforms. Ensure compliance with internal policies, industry standards, and regulatory frameworks (e.g., NIST CSF, ISO 27001, SOX, PCI, data privacy regulations). Oversee remediation plans and ensure timely closure of audit and assessment findings. Program & Policy Execution Support implementation of enterprise-wide security programs (IAM, data protection, vulnerability management, cloud security, OT/ICS security, incident response). Champion best practices for secure architecture, application development, and third-party vendor management. Coordinate with IT, OT, and business operations teams to drive adoption of security controls across complex distributed environments. Incident Response & Business Continuity Liaise between business leadership and Cyber Incident Response teams during major incidents or disruptions. Ensure business units are prepared with effective response plans, communication protocols, and recovery strategies. Stakeholder Engagement & Education Build strong partnerships with executives, technology leaders, and operational teams. Deliver targeted security awareness and training for business units. Communicate risk posture and security metrics to leadership through dashboards, reports, and briefings. Qualifications Required 8+ years of experience in cybersecurity, risk management, or information security leadership roles. Proven experience supporting large-scale, distributed enterprise environments (preferably in supply chain, logistics, distribution, or retail). Strong understanding of cybersecurity frameworks, governance, and risk methodologies. Ability to interact with C-suite executives, translate complex technical issues into business language, and influence decision-making. Experience coordinating cross-functional initiatives in complex, highly regulated organizations. Preferred Experience within a Fortune 100 or Fortune 500 corporate environment. Background working with OT/ICS, distribution center technologies, or supply-chain automation systems. Relevant certifications: CISSP, CISM, CRISC, CISA, CGEIT, or similar. Bachelor's degree in Cybersecurity, Information Systems, Business, or related field; Master's degree a plus. Competencies Executive communication and presentation skills Strategic thinking with strong business acumen Ability to drive change across matrixed organizations Strong analytical, risk evaluation, and problem-solving capabilities Collaborative leadership with a focus on partnership and enablement Why Join Us? Influence security strategy at a world-class, Fortune 100 distribution leader High-visibility role with direct impact on enterprise risk posture Opportunity to shape security across cutting-edge logistics, cloud, data, and automation platforms Competitive compensation, comprehensive benefits, and career growth at a global scale

The Senior InfoSec GRC Analyst is responsible for driving the development, implementation, communication, and maintenance of technology policies, standards, and procedures that are aligned to industry standards and regulatory requirements. This role ensures that technology processes adhere to regulatory requirements, manage risks effectively, and establish strong governance practices. The position also develops and implements controls, monitors compliance, and supports risk management activities. Responsibilities: Lead the development and implementation of comprehensive cybersecurity and IT policies, standards, and guidelines. Continuously evaluate and update cybersecurity and IT policies to ensure they remain current and effective. Ensure policies comply with relevant laws, regulations, and industry standards (e.g., NIST, FFIEC, GLBA, NYDFS, SOX, PCI-DSS). Collaborate with cross-functional teams, including IT, legal, compliance, and business stakeholders, to ensure cybersecurity policies align with organizational objectives. Translate complex information and documentation into clear and simple concepts for end-users. Provide specialized expertise to perform framework-oriented risk assessments, identify deficiencies, generate reports, and recommend actionable solutions to mitigate risks and strengthen overall security posture. Stay informed about the latest cybersecurity threats, trends, and best practices. Maintain accurate and up-to-date records of policy reviews, risk assessments, training activities, and incident responses. Benchmark policies against industry standards and best practices. Develop and implement governance frameworks for cybersecurity policy management. Monitor key performance indicators, conduct gap analyses and risk assessments, and implement frameworks as needed. Test and monitor the effectiveness of controls. Establish feedback loops and analyze metrics to continuously improve cybersecurity policies based on audit findings, incident reviews, and emerging threats. Lead and support internal and external audits and assessments of cybersecurity policies and practices. Ensure identified audit and assessment findings and actions are tracked to closure. Maintain comprehensive documentation of all cybersecurity policies, procedures, and related activities. Communicate policy requirements and updates to relevant stakeholders. Identify opportunities for innovation and improvement in cybersecurity policies and practices. Propose mitigation strategies and verify the effectiveness of remediation plans. Requirements: Bachelor's Degree in Information Security, Computer Science, Information Technology, or a related field (preferred). Minimum of six (6)+ years' experience working in Cybersecurity GRC, policy development, risk management, or a similar field. Experience with GRC tools (e.g., Archer, ServiceNow, OneTrust). Proficiency with data analysis and reporting tools (e.g., Excel, Power BI). Relevant certifications such as CISM and/or CISA (highly desirable). Strong knowledge of regulatory frameworks (NIST, FFIEC, GLBA, NYDFS, SOX, PCI-DSS). Understanding of risk management concepts, control frameworks, and compliance auditing. Ability to provide consultation and recommendations to management. Strong communication skills with the ability to present effectively to both technical and non-technical audiences.