NIST jobs near me - 759 jobs

CyberSheath Services International LLC is a rapidly growing Managed Services Provider primarily focused on providing Cybersecurity services to the Defense Industrial Base (DIB). We are excited to be expanding our staff due to our growth and are looking to add to our team! CyberSheath integrates compliance and threat mitigation efforts and eliminates redundant security practices that don't improve and, in fact, may weaken an organization's security posture. Our professionals tell clients where to stop spending, where to invest, and how to take what they are already doing and integrate it in a way that delivers improved security. Successful candidates for CyberSheath are self-motivated, think out of the box, work, and solve issues independently. Additionally, our most successful people are self-starters and willing to put on many hats in order to succeed. CyberSheath is fast-growing and seeks candidates who want to be part of our upward trajectory. Job Overview The Director of Security Operations will lead the operational security strategy, governance, and delivery functions for a managed service provider supporting a diverse client base. This role is accountable for overseeing the Security Operations Center (SOC), implementing incident detection and response capabilities, managing a security operations team, and ensuring compliance with client contractual obligations and industry regulations. The Director will collaborate with technology, compliance, and client-facing teams to align security operations with broader business objectives. Key Responsibilities Leadership & Strategy Develop and execute the overall vision for the Security Operations Center (SOC) in alignment with organizational goals and client requirements. Build, mentor, and lead a high-performing team of security analysts, engineers, and incident responders. Establish and maintain operational metrics, key performance indicators (KPIs), and service-level agreements (SLAs) to demonstrate effectiveness. Serve as the primary escalation point for severe security incidents across the client base. Operational Management Direct daily SOC activities including threat monitoring, incident detection, response, remediation, and forensic investigations. Oversee the development of runbooks, playbooks, and procedures for security incident handling. Coordinate with engineering teams on deployment and continuous improvement of security monitoring tools, SIEM, endpoint detection, and intrusion detection systems. Ensure consistent delivery of managed detection and response (MDR) and managed security services (MSS) to clients. Client & Stakeholder Engagement Act as the senior point of contact for clients on all security operations matters. Provide regular reporting, executive summaries, and recommendations on threat intelligence, vulnerabilities, and incident response posture. Support sales and account management by participating in prospective client meetings and articulating security capabilities. Ensure security deliverables and compliance obligations are met for each client contract. Risk & Compliance Oversee vulnerability management and coordinate with client IT teams on remediation efforts. Ensure alignment with frameworks like CMMC, NIST CSF, ISO 27001, CIS Controls, and relevant regulatory requirements (HIPAA, PCI DSS, GDPR, etc.). Partner with compliance and risk teams to ensure audit readiness and coordinate evidence collection. Continuously review and update security policies, procedures, and technologies to align with emerging threats. Innovation & Continuous Improvement Stay current on threat landscape trends and emerging technologies to ensure proactive defense posture. Introduce intelligence-driven improvements to incident response strategies and SOC operations. Champion automation and orchestration of operational workflows for efficiency and accuracy. Evaluate and recommend new security tools, services, and vendor solutions. Qualifications Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or related field (Master's preferred). 10+ years of progressive experience in cybersecurity, including at least 5 years in leadership roles. Proven experience managing security operations in a managed services or MSSP environment preferred. Strong understanding of SOC operations, SIEM platforms, endpoint protection, threat intelligence, and incident response workflows. Familiarity with cloud security operations (AWS, Azure, Google Cloud). Demonstrated success in building and leading diverse, distributed teams. Excellent communication skills with the ability to engage technical teams and executive stakeholders. Relevant certifications such as CISSP, CISM, GIAC, or equivalent. Key Competencies Strategic thinker with hands-on problem-solving abilities. Strong leadership and organizational skills. Ability to thrive in high-pressure, fast-paced environments. Exceptional client communication and relationship management. Continuous improvement mindset and passion for innovation. Work Environment A virtual work environment Please note that this role will be part of our SOC on-call rotation CyberSheath is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender identity, national origin, age, protected veteran status, among other things, or status as a qualified individual with a disability. Budgeted Pay Range$150,000-$180,000 USD

WELCOME TO COMPTECH Good people. Dedicated People. Hard-working people. CompTech is a service-oriented program management and technical company working to build lasting relationships with small and large companies, municipalities, and Government agencies. Headquartered in Dayton, OH, our clients nationwide are provided with services in client-focused practice areas resulting in solutions to organizational challenges. Job Description Job Title: Cloud IT Support Specialist Location: Remote Supporting: The Defense Logistics Agency (DLA) ** Must hold Active Top Secret Security Clearance** Overview CompTech is seeking a qualified, cleared, Critical Cloud & Infrastructure IT Support Specialist to support mission-critical cloud and infrastructure environments. This role is responsible for the planning, coordination, and delivery of IT support services, including system installation, configuration, troubleshooting, user assistance, and training, while ensuring high levels of system availability, performance, and security. The specialist supports operations in compliance with DoD cybersecurity policies, FedRAMP, and the Risk Management Framework (RMF), responds to incidents and service requests, and collaborates with engineering, cybersecurity, and operations teams to ensure secure, reliable, and compliant service delivery. Qualified candidates will have: Six (6) years of progressive experience in the field of Information Processing including hands - on experience supporting Department of Defense (DoD) IT hosting solutions. Years of experience should encompass: Three (3) of which are specialized in Information Processing and involve a range of hardware/software solutions. Two (2) of which are concentrated, hands-on experience in installing, diagnosing problems, and training customers in the use of software and hardware. Key responsibilities include: Diagnosing, analyzing and resolving technical issues in response to customer-reported incidents and service requests, ensuring timely resolution in accordance with established service levels. Performing planning and analysis of IT support workflows and operational processes to improve efficiency, effectiveness, and service quality. Researching, analyzing, and reporting on incident trends, recurring issues, and system performance patterns to support root cause analysis and continuous improvement initiatives. Developing and maintaining problem tracking databases and knowledge repositories to support incident management, reporting, and operational transparency. Creating technical documentation and training materials and conducting computing and information systems training sessions for end users and support staff. Installing, configuring, troubleshooting, and maintaining hardware, software, and peripheral devices in support of enterprise and mission-critical systems. Performing system backup, restoration, and recovery operations to ensure data integrity, system availability, and continuity of operations. Consulting with users and stakeholders to identify system requirements, operational needs, and functional gaps, providing recommendations for solutions. Conducting feasibility studies, alternatives analyses, and trade-off assessments to support technical decision-making and system enhancements. Preparing business cases, technical justifications, and supporting documentation for proposed system improvements or investments. Ensuring strict adherence to DoD and DLA information security and cybersecurity policies, including the application of security controls, risk management principles, and continuous monitoring practices. Supporting compliance with RMF, NIST, and applicable DoD cybersecurity standards, ensuring systems are operated and maintained in a secure and authorized state. Certification and Clearance Requirements: Required Certifications - A combination totaling at least three (3), one (1) from each listed below: IA Level: IAT-II: One (1) of the following: CCNA Security CySA+ GICSP GSEC Security+ CE CND SSCP CASP+ CE CCNP Security CISA CISSP (or Associate) GCED GCIH and one of the following: Google Associate Cloud Engineer Google Professional Cloud Architect and One of the following: AWS Certified Cloud Practitioner AWS Certified Security - Specialty AWS Certified Solutions Architect - Associate AWS Certified Solutions Architect - Professional AWS Certified SysOps Administrator Microsoft Certified: Azure Administrator Associate Microsoft Certified: Azure Solutions Architect Expert Microsoft Certified Azure Security Engineer Associate Oracle Cloud Infrastructure Cloud Operations Red Hat Certified Engineer Security Clearance Requirements: Secret ** Must have ACTIVE Top Secret Security Clearance to be considered for this role** Salary: $75k - $85k Benefits + 401k + matching Equal Employment Opportunity CompTech is committed to building a diverse and inclusive environment in which we recognize and value each other's differences as well as fostering a culture that promotes its core values: Commitment, Innovation, and Customer Satisfaction. As an equal opportunity employer, all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, genetic information, national origin, age, disability, or status as a protected veteran. If you require assistance or an accommodation due to a disability, please call Human Resources at ************** or email *****************************. A CompTech associate will respond to your message as soon as reasonably possible.

LogicGate is a global leader in Governance, Risk, and Compliance (GRC) solutions, with a mission to deliver the software and capabilities enterprises and their people need to understand and manage their risks and transform them into strategic opportunities. Built by experts, our award-winning Risk Cloud delivers over 40 purpose-driven solutions on a unified, modern cloud platform for connected, holistic risk and compliance management to scale with and meet the evolving risk landscape and organizational needs. At LogicGate, our people are the foundation of everything we do. We are committed to delivering an exceptional experience for our employees and our customers by empowering and enabling our people to take ownership, make an impact, and deliver their best work. About the Role LogicGate is seeking a GRC Content & Strategy Sr. Associate to join our dedicated team. In this role, you'll be instrumental in designing, developing, and maintaining the GRC content and pre-built solutions within our Risk Cloud platform. You'll directly empower our customers to effectively manage risk and compliance by providing them with best-in-class resources. This is a unique opportunity to become a subject matter expert, collaborate across the company, and shape the product content strategy that drives customer success. How you'll spend your time: Content Development & Maintenance: Design, build, and maintain practical Risk Cloud solutions content (e.g., application templates, workflows, control sets) and supporting documentation for various GRC use cases (like ERM, Third-Party Risk, Controls Compliance, etc.). Own and manage the Risk Cloud control framework library, ensuring accuracy, relevance, and alignment with current regulations and standards. Develop clear, concise technical documentation, best practice guides, training materials, and d courses for both customer and internal audiences. Platform & Subject Matter Expertise: Develop deep expertise in the Risk Cloud platform's capabilities and application building. Serve as a GRC subject matter expert for internal teams (Product, Customer Success, Marketing, Sales) and provide ongoing advice to help customers mature their GRC programs using Risk Cloud. Research & Strategy: Conduct ongoing research on GRC trends, regulatory changes (e.g., Privacy, AI, Banking, Resliance), evolving frameworks (NIST, ISO, SOC 2 etc.), and best practices to inform content strategy. Identify opportunities for new content development and contribute to strategic initiatives related to GRC solutions. Communication & Collaboration: Effectively socialize new and updated content through various channels (webinars, training sessions, release notes, internal updates). Collaborate closely with cross-functional teams to gather feedback, align content with product roadmaps, and support sales and marketing efforts. Requirements: Minimum of 3 years of hands-on experience in a relevant GRC field (e.g., Risk Management, IT Risk, Compliance, Internal/External Audit, GRC Consulting). Demonstrated understanding of, and preferably experience implementing or auditing against, common cybersecurity and risk management frameworks (e.g., NIST CSF, NIST 800-53, ISO 27001/2, SOC 2, COSO). Proven technical writing skills: Ability to translate complex GRC concepts into clear, actionable guidance and documentation for diverse audiences. Strong analytical skills, including proficiency in data analysis and manipulation (experience with Excel/Sheets is essential). Exceptional organizational and time management skills, with the ability to manage multiple projects simultaneously in an agile environment. Excellent attention to detail and a strong work ethic. Proven ability to collaborate effectively with customers and cross-functional teams (e.g., Product, Sales, Marketing, Customer Success). A bachelor's degree in a related field (e.g., Information Systems, Business, Cybersecurity, Risk Management) or equivalent practical experience. The anticipated base salary range for the role is $70,000 - $89,000 per year + variable + equity + benefits. Actual salaries may vary and will be based on factors, such as the candidate's qualifications, skills, competencies, and proficiency for the role. Internal candidates who have current pay within or above the hiring range are still encouraged to apply if interested. LogicGate's Hybrid Workplace Our hybrid workplace allows for flexibility aligned to role responsibilities and exceptional customer delivery. Location requirements for this role can be found above. Total Rewards We are proud to offer a variety of competitive, inclusive, and comprehensive total rewards that are designed to support the unique needs of our employees both inside and outside of the workplace. In addition to offering competitive salary and variable compensation plans, equity options, and flexible health and wellness benefits, we are proud to offer generous PTO, Annual Company Holidays, Health Days, and Summer Fridays. Employees' growth and development are supported throughout their career journey through informal and formal programs and activities, including access to LinkedIn Learning, regular People Leader training, and our internal Mentorship Program. Our Culture At LogicGate, our culture and employee experience are grounded in our core values of Be as One, Do the Right Thing, Embrace Curiosity, Own It, Empower Customers, and Raise the Bar, which guide how we show up - for each other, our customers, and all we interact with. We believe that the strongest teams are made up of individuals who bring their different identities, experiences, and perspectives to the table. We are committed to fostering an inclusive work environment where all employees' differences are celebrated and everyone is encouraged to bring their authentic selves to work. We encourage everyone to join one of our Employee Resource Groups (AAPI @ LogicGate, Pride at LogicGate, and Women in LogicGate) to participate in and contribute to conversations that foster an inclusive culture. LogicGate also believes strongly in giving back to the communities in which we live and work. To enable our teams to give back, we offer paid volunteer hours and company-wide charitable activities supporting a variety of organizations and causes. We are proud to have been recognized as a top workplace by Built In, Crain's Chicago Business, the Chicago Tribune, and more. Visit our website to learn about our latest recognition. Learn more about our culture here. Excited about LogicGate but not familiar with GRC? GRC stands for Governance, Risk, and Compliance GRC professionals help their companies manage uncertainty, act with integrity, and stay on the right side of the law. The GRC market is rapidly expanding with continuous growth opportunities. The current market size was valued at $50.5 billion in 2024 and is projected to reach $104.5 billion by 2031.

! Founded in 2009, ZenGRC is a leading provider of governance, risk, and compliance (GRC) SaaS solutions, offering a robust product: ZenGRC. Recognized for its in-house GRC expertise, ZenGRC delivers Simply Powerful GRC solutions that guide organizations through compliance with ease and efficiency. ZenGRC stands out by offering a single price for comprehensive access to all modules and frameworks, ensuring users benefit from a seamless and cost-effective experience. Dedicated to simplifying GRC processes, ZenGRC continues to innovate and support organizations in achieving compliance and managing risk effectively. The Role As a Customer Success Manager (CSM), you'll be the primary relationship owner and advocate for a portfolio of 30+ mid-market and enterprise customers. You'll ensure long-term satisfaction, retention, and value realization across their lifecycle with ZenGRC. This is a strategic and consultative role-not an implementation role. You'll collaborate closely with our Onboarding team to ensure a seamless handoff into steady-state management, then work to maximize customer success through proactive engagement, insights, and technical guidance. Because ZenGRC is a technical, data-driven product, success in this role requires strong technical acumen-you'll need to understand how customers configure, integrate, and operationalize the platform to achieve their GRC goals. What You'll Do Act as the trusted advisor and primary contact for a portfolio of 30+ customers. Build deep relationships with compliance, risk, security, and audit leaders. Partner with the Onboarding team to ensure successful customer transition and long-term adoption. Develop a strong understanding of each customer's goals, workflows, and product setup to deliver measurable value. Monitor customer health, usage, and sentiment to identify risks early and proactively improve satisfaction and retention. Conduct executive business reviews (EBRs/QBRs) that highlight ROI, adoption trends, and future alignment. Collaborate cross-functionally with Product, Support, and Sales to advocate for customer needs and resolve challenges quickly. Drive renewals through trusted relationships, transparent communication, and demonstrated customer outcomes. Maintain detailed documentation, account plans, and customer insights within internal systems (CRM + CS platform). Contribute to evolving Customer Success playbooks, metrics, and retention strategies. What You Bring 2+ years in Customer Success, Account Management, or Client Services in a SaaS or technical product environment. Proven ability to manage 30+ customer relationships simultaneously, with strong retention results. Demonstrated technical aptitude-comfortable navigating data-driven platforms, integrations, and workflow logic. Understanding of GRC frameworks (e.g., SOC 2, ISO 27001, NIST, HIPAA) and the ability to translate compliance concepts into actionable customer outcomes. Excellent communication and presentation skills; can influence both technical users and executive stakeholders. Analytical and problem-solving mindset; able to turn data into insight and action. Strong cross-functional collaboration skills (Product, Onboarding, Support, Sales). Bachelor's degree required; CISA, CRISC, or CISSP certifications a plus. Candidates who have a deep understanding of our platform, ZenGRC, will be given strong preference. You'll Thrive Here If You Are Empathetic, consultative, and customer-obsessed. Technically curious-you enjoy learning how complex tools solve real business problems. Organized, accountable, and skilled at balancing multiple priorities. Process-oriented with a bias toward continuous improvement. Motivated by helping customers achieve long-term success-not just short-term renewals. Why ZenGRC Join a mission-driven SaaS company reshaping how organizations approach GRC. Work directly with the VP of Customer Success and a high-performing team that strives for excellence in retention and customer outcomes. Collaborate on a technical, enterprise-grade platform that's trusted by some of the world's most recognized brands. Competitive pay, benefits, and opportunities for growth in a company that values autonomy and results. #LI-REMOTE Benefits (US-Based Employees) We are committed to the health and safety of our people. Our people are mostly working remotely, collaborating online, and connecting over video, as they continue to deliver high-quality technology solutions Competitive salary and equity (we want everyone to be a stakeholder) Full benefits (medical, dental, vision, wellness offerings, etc.) Unlimited PTO, paid sick days, 11 holidays Collaborating with smart coworkers who put customers first Equal Employment Opportunity Statement We value a diverse environment. ZenGRC provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, citizenship or immigration status, disability status, genetics, protected veteran, sexual orientation, gender identity or expression, or any characteristic protected by federal, state or local laws. Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records. The statements herein are intended to describe the general nature and level of work being performed by employees assigned to this classification. They are not intended to be construed as an exhaustive list of all responsibilities, duties, and skills required for personnel so classified. ZenGRC will comply with all local data protection laws, including GDPR when it comes to the handling and processing of personal data. All resumes submitted to ZenGRC will be retained for 6 months (12 months with your consent) after submission for recruitment purposes. Should you wish for us to remove your personal data from our recruitment database, please email us directly at *****************.

Achieving our goals starts with supporting yours. Grow your career, access top-tier health and wellness benefits, build lasting connections with your team and our customers, and travel the world using our extensive route network. Come join us to create what's next. Let's define tomorrow, together. **Description** Connecting People. Uniting the World. There's never been a more exciting time to join United Airlines! As a global company that operates in hundreds of locations around the world - with millions of customers and tens of thousands of employees - we have a unique responsibility to uplift and provide opportunities in the places where we work, live and fly. We're on a path to becoming the best airline in aviation history. Join our Cybersecurity and Digital Risk (CDR) team to help lead the industry in cyber safety, security and resilience. United's CDR team plays a critical role in protecting our operations by enabling secure and resilient systems, managing threats and vulnerabilities, and ensuring swift response and recovery. Our mission is to seamlessly embed cybersecurity and digital risk management into every aspect of our business. We help drive progress and growth through trusted digital solutions, safeguarding assets and empowering our team, all while promoting a cyber-safe and secure environment that supports resilient airline operations. United offers a competitive benefits package aimed at keeping you happy, healthy, and well-traveled. From employee-run "Business Resource Group" communities to world-class benefits like parental leave, 401(k), and privileges like space-available travel, United is truly a one-of-a-kind place to work. Are you ready to travel the world and help us keep our airline cyber safe? Apply today! **Job overview and responsibilities** The Senior Architect - Application Cybersecurity helps validate that our services, applications, and websites are designed and implemented in accordance with United's secure development standards. The Senior Architect works closely with development teams, product teams, and other teams across the organization to integrate security into the product lifecycle from design through deployment. The Senior Architect will work with security architects, design and develop applications or technical solutions for the validation and enforcement of security requirements, performing application security assessments, and providing developers with remediation guidance and advice. + Analyze security requirements, design and develop applications to automate security review, compliance validation, and security operations, leveraging application security testing and monitoring solutions. + Improve the accessibility of security through automation, continuous integration pipelines, and other means. + Research, define and drive for security best practices and standards and ensure products development teams understand them; Create technical documentation and Standard Operating Procedures (SOPs) as needed. + Support security architecture design and analysis and improve our products. Perform code analysis of applications, manually and using SAST, DAST, and SCA scanning solutions as well as conducting manual vulnerability analysis. + Technical point of contact for product teams as it relates to automation, CI/CD, and remediation guidance. **Qualifications** **What's needed to succeed (Minimum Qualifications):** + Bachelor's degree required, STEM field highly preferred + Minimum of 3 years of experience in a related field + Proficiency with application development programming with Python + Proficiency with various software architectures including API, microservices + Proficiency with scripting + Understanding of OWASP Top 10 and/or CWE 25 + Basic understanding of threat modeling + Proficiency with DevSecOps technology (i.e., CI/CD, AWS, Harness, TeamCity, GitHub, Artifactory, CHEF, CloudWatch) + Proficiency with application security tools and testing (i.e., SAST, DAST, MAST, RAST, IAST) + Proficiency with risk management processes + Knowledge of common vulnerabilities and attack vectors, ubiquitous encryption technologies, and/or common authentication protocols + Basic knowledge of cloud security infrastructure technologies (i.e., K8s, service mesh, micro-services) + Proficiency with vulnerability management processes and providing remediation guidance + Basic understanding of compliance frameworks (e.g., NIST 800-53) and processes + Ability to work independently and self-motivate + Excellent problem solving, critical thinking, interpersonal, collaboration, written and verbal communication skills + Must be legally authorized to work in the United States for any employer without sponsorship + Successful completion of interview required to meet job qualification + Reliable, punctual attendance is an essential function of the position **What will help you propel from the pack (Preferred Qualifications):** + Certifications like CASE, AWS CSAA, CEH, GSEC, CISM, Security+, CISSP, CISA, SSCP, CASP+, OSCP + Experience with any combination of the following: threat modeling, secure coding, identity management and authentication, software development, cryptography, system administration and network security, cloud computing + Proficiency with various software architectures including API, microservices + Basic understanding of networks and network security (i.e., WAF, Micro-segmentation) + Application penetration testing to demonstrate and test exploitability of vulnerabilities + Understand infrastructure as code (CDK, CloudFormation, Terraform, etc.) + Proficiency with cryptography + Proficiency with technical understanding of IAM (i.e., authentication and authorization) Job Post Expiration: 2/28/2026 The base pay range for this role is $112,480.00 to $146,540.00. The base salary range/hourly rate listed is dependent on job-related, factors such as experience, education, and skills. This position is also eligible for bonus and/or long-term incentive compensation awards. You may be eligible for the following competitive benefits: medical, dental, vision, life, accident & disability, parental leave, employee assistance program, commuter, paid holidays, paid time off, 401(k) and flight privileges. United Airlines is an equal opportunity employer. United Airlines recruits, employs, trains, compensates and promotes regardless of race, religion, color, national origin, gender identity, sexual orientation, physical ability, age, veteran status and other protected status as required by applicable law. Equal Opportunity Employer - Minorities/Women/Veterans/Disabled/LGBT. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform crucial job functions. Please contact JobAccommodations@united.com to request accommodation.

What Application Development & Maintenance contributes to Cardinal Health Information Technology oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. Application Development & Maintenance performs configuration or coding to develop, enhance and sustain the organization's software systems in a cross-functional team environment through adherence to established design control processes and good engineering practices. This job family programs and configures end user applications, systems, databases and websites to achieve the organization's internal needs and externally-facing business needs. Application Development & Maintenance partners with business leaders, investigates user needs and conducts regular assessments, maintenance and enhancements of existing applications. Job Summary The job will be supporting mostly the WaveMark™ Supply Management & Workflow Solutions which is a SaaS solution enabling healthcare providers and manufacturers to effectively manage supplies with market-leading innovative technology. WaveMark leverages a portfolio of advanced hardware (e.g., RFID) and cloud-based software including an analytics platform providing full visibility and control of all supplies from low-cost commodities to high-cost devices and implants. Our global footprint and continuous innovation deliver the most cost effective and workflow efficient patient care possible. The IT Analyst plays a critical role in protecting the organization's digital assets by working cross-functionally to design, implement, monitor, and enforce security processes and procedures. This position collaborates with software and hardware engineering, compliance, and other business units to ensure robust security practices are integrated across applications and operations. The analyst is responsible for developing and implementing mitigation strategies and maintaining compliance with industry standards and regulations. Responsibilities: Application Portfolio Management (APM): Manage and maintain APM records (Wavemark, MarginAnalysis), ensuring data accuracy. Track APM resiliency deadlines and update relevant systems (worksheets, ServiceNow). Monitor Archer dashboards for upcoming deadlines and past-due remediations. Facilitate status calls with stakeholders regarding application resiliency, exemptions, and remediation. Collaborate with IT and business teams for APM record updates and reporting. Application Security & Compliance: Analyze security threats, vulnerabilities, and audit findings to prioritize remediation. Collaborate with product management and development teams to plan and schedule security fixes that align with business objectives. Support the integration of application logs into the SIEM and develop monitoring and alerting systems to detect potential application attacks and resiliency issues. Develop and implement testing/validation processes for security system effectiveness. Ensure adherence to enterprise security processes, business, regulatory, and legal requirements. Assist in security incident response using SIEM and other detection platforms. Review policies, procedures, system designs, and security controls against frameworks (e.g., NIST Cybersecurity Framework). Support implementation and configuration of application security tools. Monitor and ensure compliance with established application security standards. Assist the Incident Response team with application security investigations. Develop custom tools to help software teams embed security into their development processes when off-the-shelf solutions are unavailable. Qualifications 2-4 years of experience, preferred Bachelor's degree in related field, or equivalent work experience, preferred Knowledge of SDLC and DevSecOps concepts such as CI/CD pipelines preferred Experience with common application security controls including WAF preferred Understanding of standard security control frameworks, including NIST Cybersecurity Framework (800-53) preferred Strong analytic, troubleshooting skills; can problem solve, organize, and manage multiple tasks and projects in a health information system environment preferred Able to stay objective and independent when completing assignments and consistently demonstrate the ability to hold information in confidence preferred Ability to learn new software and hardware packages and adapt to changes in technology preferred. Strong technical, process, and interpersonal skills to effectively analyze information systems, research and validate risks preferred. Knowledge of common patterns for AuthN and AuthZ preferred Experience in understanding SCA/SAST scan results and working with development teams to establish remediation plans preferred Experience in creating dashboards in Splunk, Rapid7 or other equivalent tools to measure and guide application security work preferred Experience with Veracode preferred One or more Information Security Certifications preferred: CISSP, CISM, CCSP, CISA preferred What is expected of you and others at this level Applies working knowledge in the application of concepts, principles and technical capabilities to perform varied tasks Works on projects of moderate scope and complexity Identifies possible solutions to a variety of technical problems and takes action to resolve Applies judgment within defined parameters Receives general guidance and may receive more detailed instruction on new projects Work reviewed for sound reasoning and accuracy Anticipated salary range: $80,500 - $103,410 Bonus eligible: No Benefits: Cardinal Health offers a wide variety of benefits and programs to support health and well-being. Medical, dental and vision coverage Paid time off plan Health savings account (HSA) 401k savings plan Access to wages before pay day with my FlexPay Flexible spending accounts (FSAs) Short- and long-term disability coverage Work-Life resources Paid parental leave Healthy lifestyle programs Application window anticipated to close: 01/24/2026 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply. Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law. To read and review this privacy notice click here

RYZ Labs is hiring for a Data Center Security Manager to develop and enforce physical security policies, protect facilities from threats, and lead access control, surveillance, and incident response. On-call rotation required. Responsibilities:Develop and maintain security policies, SOPs, and incident response plans.Manage access control, badging, visitor management, and key/lock programs.Oversee CCTV/VMS, alarms/IDS, and monitoring; ensure timely response and reporting.Lead incident handling and investigations; perform RCA and corrective actions.Conduct risk assessments, audits, and drills; track metrics and compliance.Manage guard force and security vendors; coordinate with DC ops, EHS, and legal.Plan lifecycle upgrades and maintenance for security systems and infrastructure. Qualifications:Bachelor's in Security, Criminal Justice, or related field, or equivalent experience.5+ years in physical security for data centers or critical facilities.Hands-on with PACS (e.g., Lenel/Genetec), VMS, alarms/IDS; basic integration with IT/SIEM a plus.Knowledge of security and compliance frameworks (ISO 27001, SOC 2, NIST, TIA-942, PCI).Experience with incident response, investigations, audits, and vendor management.Certifications preferred: CPP, PSP (ASIS), or equivalent. About RYZ Labs:RYZ Labs is a startup studio built in 2021 by two lifelong entrepreneurs. The founders of RYZ have worked at some of the world's largest tech companies and some of the most iconic consumer brands. They have lived and worked in Argentina for many years and have decades of experience in Latam. What brought them together is the passion for the early phases of company creation and the idea of attracting the brightest talents in order to build industry-defining companies in a post-pandemic world. Our teams are remote and distributed throughout the US and Latam. They use the latest cutting-edge technologies in cloud computing to create applications that are scalable and resilient. We aim to provide diverse product solutions for different industries, planning to build a large number of startups in the upcoming years. At RYZ, you will find yourself working with autonomy and efficiency, owning every step of your development. We provide an environment of opportunities, learning, growth, expansion, and challenging projects. You will deepen your experience while sharing and learning from a team of great professionals and specialists. Our values and what to expect:- Customer First Mentality - every decision we make should be made through the lens of the customer.- Bias for Action - urgency is critical, expect that the timeline to get something done is accelerated.- Ownership - step up if you see an opportunity to help, even if not your core responsibility. Humility and Respect - be willing to learn, be vulnerable, and treat everyone who interacts with RYZ with respect.- Frugality - being frugal and cost-conscious helps us do more with less.- Deliver Impact - get things done in the most efficient way. - Raise our Standards - always be looking to improve our processes, our team, and our expectations. The status quo is not good enough and never should be.

This is a temporary position for 10-15 weeks in which a student in a technical program (CS, IT, Infosec, etc.) will devise a GenAI-based solution for automating our receipt, processing, and response to customer audit questionnaires.Job Description Develop a program for leveraging AI tools, agents, LLMs, etc. in support of a Third-Party Risk Management (TPRM) Program, specifically focused on handling responses to customer audits of us. Specifically, the solution should be able to parse incoming queries (which may take many forms, spreadsheets being the simplest), locate answers from existing documentation which includes previous responses to similar questions, and populate the response information into the appropriate platform or document. Additionally, and as time allows: Support the security and IT teams with various efforts, projects, and programs Manage projects and tasks as assigned Help ensure overall compliance with governance and security models (e.g. NIST Cybersecurity framework controls, Interactions policies, standards, and procedures) Respond to requests for assistance from business units and other internal customers Keep the Security Manager apprised of activities, issues, commitments, etc. Summarize technical details into high-level requirements for presentation to CISO and other management Job Requirements Active pursuit of bachelor's degree in Computer Science, Computer Security, Information Technology or other relevant field Experience with Generative AI tools, trends, and uses Ability to take initiative and work both independently and as part of a team. Good verbal communications skills and concise written communication skills Good organization and multi-tasking skills. Familiarity with the business impact of security tools, technologies and policies Familiarity with current security trends and threats Working knowledge of operating systems, networks, TCP/IP, and related concepts Why Work at Interactions? We've created a culture of people who are dedicated to helping each other and the company succeed. We take time to celebrate wins and recognize accomplishments. Whether it's a seasonal event or friendly competition, we're always thinking of new ways to have fun. Our team's health and well-being is important to us. In addition to a full suite of benefits, we offer 5 weeks of time off with pay, 401k matching, paid parental leave and flexible work schedules. We are all committed to the company's success by being valued shareowners and are incentivized through individual performance and company results. Come join us! Interactions is an equal opportunity employer and does not discriminate on the basis of race, color, religion, sex (including pregnancy, sexual orientation, and gender identity), national origin, marital status, age, disability or protected veteran status, or any other characteristic protected by law.

Responsibilities & Qualifications RESPONSIBILITIES Platform Strategy & Architecture Define and maintain the overall ServiceNow platform roadmap in alignment with agency strategic objectives. Architect end-to-end ServiceNow solutions across modules (e.g., ITSM, ITOM, ITAM, HRSD, CSM, SecOps, IRM/GRC). Establish and enforce technical standards, patterns, and best practices for ServiceNow configuration and customization. Ensure platform designs meet federal security, compliance, and performance requirements. Team Leadership - Development & Administration Lead, mentor, and manage a cross-functional ServiceNow development and administration team (developers, admins, O&M staff). Assign and prioritize work across platform administration, configuration, custom application development, and sustainment. Conduct regular backlog reviews, performance check-ins, and skills development planning for team members. Foster a culture of quality, accountability, and continuous improvement within the ServiceNow team. Platform Administration & Operations Oversee day-to-day administration of the ServiceNow platform, including user and role management, configuration, and instance health. Ensure adherence to change management, configuration management, and release management processes. Coordinate and approve platform upgrades, patches, and hotfixes, including regression testing and communication. Monitor platform performance, availability, and capacity; drive remediation and optimization activities. Custom Application Development & O&M Lead the full application lifecycle for custom ServiceNow applications, from concept and design through development, testing, deployment, and O&M. Ensure custom applications follow coding standards, security guidelines, and platform best practices. Oversee defect management, enhancements, and technical debt remediation for custom apps. Coordinate with business owners to prioritize enhancements, manage releases, and ensure ongoing application support and maintainability. Project & Program Management Lead ServiceNow implementation and enhancement projects from initiation through close-out. Develop and manage project plans, schedules, scope, budget, risks, and dependencies. Coordinate cross-functional teams (developers, administrators, security, network, data, business owners). Prepare and deliver status reports, briefings, and dashboards for leadership and stakeholders. Manage vendors and integrators; oversee contract deliverables, milestones, and SLAs. Requirements & Stakeholder Management Engage with business and technical stakeholders to gather, analyze, and prioritize requirements. Translate business needs into clear user stories, acceptance criteria, and technical designs for both platform capabilities and custom applications. Facilitate workshops, design sessions, and backlog grooming with agency stakeholders. Serve as the primary point of contact for ServiceNow-related inquiries and decision-making. Governance, Compliance & Security Ensure ServiceNow solutions adhere to federal security and privacy controls (e.g., FISMA, FedRAMP, NIST 800-53). Support ATO-related documentation, assessments, and continuous monitoring activities. Implement and enforce data governance, role-based access control (RBAC), and segregation of duties. Support policy, process, and SOP development for platform usage and change management. Delivery & Quality Assurance Oversee solution design reviews, code reviews, and configuration reviews for both out-of-the-box and custom solutions. Ensure adherence to ITIL/ITSM processes and agency-specific governance frameworks. Establish and monitor KPIs, SLAs, and OLAs for platform performance, support, and application health. Drive continuous improvement, backlog prioritization, and release planning. Operations & Platform Management Coordinate upgrade planning, regression testing, and release management for the ServiceNow platform. Work closely with operations teams to ensure platform stability, availability, and scalability. Troubleshoot complex platform issues, facilitating root cause analysis and long-term fixes. Maintain documentation including architecture diagrams, data flows, and configuration standards. REQUIRED QUALIFICATIONS Bachelor's degree in Information Technology, Computer Science, Engineering, or related field (or equivalent experience). 10+ years of experience in IT project management and/or solution delivery. 6+ years of hands-on experience working with ServiceNow in an enterprise environment. 4+ years in a technical architecture or lead role on the ServiceNow platform. 4+ years of experience leading development and/or administration teams supporting ServiceNow or similar platforms. Technical Skills Strong understanding of ServiceNow architecture, data model, and core platform capabilities. Experience with major ServiceNow modules (e.g., ITSM plus at least one of ITOM, ITAM, HRSD, CSM, SecOps, IRM/GRC). Proficiency in ServiceNow configuration, workflows, business rules, catalog items, and integrations (REST/SOAP, MID Server). Experience managing custom ServiceNow application development and O&M, including scripting (e.g., JavaScript, Glide). Experience with CI/CD pipelines, update sets, and ServiceNow release management. Familiarity with modern integration patterns (APIs, web services, message queues) and common federal infrastructure environments. Project Management & Methodologies Demonstrated experience leading medium-to-large IT projects or programs in a structured PM environment. Working knowledge of Agile (Scrum/Kanban) and hybrid delivery models. Experience defining scope, managing risks/issues, and delivering within schedule and budget constraints. Federal & Compliance Experience working in a U.S. federal government or public sector environment. Familiarity with federal security frameworks and controls (e.g., FISMA, FedRAMP, NIST 800-53). Ability to work within change control, configuration management, and governance board PREFERRED QUALIFICATIONS Certifications - ServiceNow & Technical ServiceNow Certified System Administrator (CSA). One or more advanced ServiceNow certifications, such as: Certified Implementation Specialist (CIS) in ITSM, ITOM, HRSD, CSM, SecOps, or IRM. Certified Technical Architect or equivalent advanced certifications. ITIL Foundation or higher (ITIL 4 preferred). PMP, PRINCE2, or Agile certifications (e.g., Scrum Master, SAFe). Deeper Federal & Security Experience Experience supporting systems through the federal ATO process. Familiarity with CMMC, TIC, Zero Trust architectures, and other federal cybersecurity initiatives. Experience in multi-tenant or shared services environments serving multiple bureaus/offices. Advanced Platform & Integration Skills Experience with ServiceNow CMDB strategy and discovery in complex, distributed environments. Background in implementing Event Management, Service Mapping, and/or Automation (Orchestration/Flow Designer). Experience with reporting/dashboards, performance analytics, and data visualization for leadership. Exposure to related technologies (e.g., Splunk, AWS/Azure, identity and access management tools). Leadership & Business Experience leading cross-functional teams including federal staff, contractors, and vendor resources. Background in business case development, ROI analysis, and roadmap prioritization. Prior experience standing up or maturing a ServiceNow Center of Excellence (CoE) or platform governance body. Overview We are seeking a highly motivated and experienced ServiceNow Team Project Manager/Architect to join our team supporting the NOAA SBITS Contract in Silver Spring, MD. Through the SBITS contract, TekSynap provides a Service Desk, Infrastructure Management, Security Support Services, IT Inventory Services, SharePoint Support, Service Now Development and United Messaging Services. The ServiceNow Platform Project Manager / Architect is responsible for leading the planning, design, delivery, and governance of the ServiceNow platform in a federal environment. This role combines hands-on technical architecture with end-to-end project/program management and team leadership. The manager will lead a blended development and administration team, responsible for administering the platform and delivering full lifecycle development, operations, and maintenance (O&M) for custom ServiceNow applications. The position ensures that ServiceNow solutions are secure, compliant, scalable, and aligned with federal agency mission and IT strategy. TekSynap is a fast growing high-tech company that understands both the pace of technology today and the need to have a comprehensive well planned information management environment. “Technology moving at the speed of thought” embodies these principles - the need to nimbly utilize the best that information technology offers to meet the business needs of our Federal Government customers. We offer our full-time employees a competitive benefits package to include health, dental, vision, 401K, life insurance, short-term and long-term disability plans, vacation time and holidays. Visit us at ***************** Apply now to explore jobs with us! The safety and health of our employees is of the utmost importance. Employees are required to comply with any vaccination requirements mandated by contract, applicable law or regulation. By applying to a role at TekSynap you are providing consent to receive text messages regarding your interview and employment status. If at any time you would like to opt out of text messaging, respond "STOP". As part of the application process, you agree that TekSynap Corporation may retain and use your name, e-mail, and contact information for purposes related to employment consideration. Additional Job Information WORK ENVIRONMENT AND PHYSICAL DEMANDS The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of the job. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions. Location: Candidates must reside in one of our approved hiring states within the United States. Type of environment: Remote Noise level: (Low, Medium, High) Work schedule: Schedule is day shift Monday - Friday. Candidate must work EST hours. May be requested to work evenings and weekends to meet program and contract needs. Amount of Travel: Less than 10% List of Approved States: AL, AK, AZ, AR, CT, DE, FL, GA, ID, IN, IO, KS, KY, LA, ME, MI, MS, MO, MT, NE, NV, NH, NM, NC, ND, OH, OK, OR, PA, RI, SC, SD, TN, TX, UT, VA, D.C, WV, WI, WY. PHYSICAL DEMANDS The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. While performing the duties of this job, the employee is regularly required to use hands to handle, feel, touch; reach with hands and arms; talk and hear. The employee is regularly required to stand; walk; sit; climb or balance; and stoop, kneel, crouch, or crawl. The employee is regularly required to lift up to 10 pounds. The employee is frequently required to lift up to 25 pounds; and up to 50 pounds. The vision requirements include close vision, distance vision, peripheral vision, depth perception, and ability to adjust focus. WORK AUTHORIZATION/SECURITY CLEARANCE US Citizenship NOAA Public Trust Eligible WAGE INFORMATION Target salary range: $103,000-$135,000 yearly . The salary range displayed is an estimate and will be determined on several factors regarding the individual's particular combination of education, knowledge, skills, competencies and experience, as well as contract parameters and organizational requirements. The displayed salary is one component of the total compensation package for employees. OTHER INFORMATION Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice. TekSynap is a drug-free workplace. We reserve the right to conduct drug testing in accordance with federal, state, and local laws. All employees and candidates may be subject to drug screening if deemed necessary to ensure a safe and compliant working environment. EQUAL EMPLOYMENT OPPORTUNITY In order to provide equal employment and advancement opportunities to all individuals, employment decisions will be based on merit, qualifications, and abilities. TekSynap does not discriminate against any person because of race, color, creed, religion, sex, sexual orientation, gender identity, protected veteran status, national origin, disability, age, genetic information or any other characteristic protected by law (referred to as “protected status”). This nondiscrimination policy extends to all terms, conditions, and privileges of employment as well as the use of all company facilities, participation in all company-sponsored activities, and all employment actions such as promotions, compensation, benefits, and termination of employment. TekSynap is committed to ensuring that our online application process provides an equal employment opportunity to all job seekers, including individuals with disabilities. If you believe you need a reasonable accommodation in order to search for a job opening or to submit an application, please contact *************** for assistance.remote #telework #linkedin #LI-Remote (turn font to white)

Why Socure? Socure is building the identity trust infrastructure for the digital economy - verifying 100% of good identities in real time and stopping fraud before it starts. The mission is big, the problems are complex, and the impact is felt by businesses, governments, and millions of people every day. We hire people who want that level of responsibility. People who move fast, think critically, act like owners, and care deeply about solving customer problems with precision. If you want predictability or narrow scope, this won't be your place. If you want to help build the future of identity with a team that holds a high bar for itself - keep reading. About the Role Socure is expanding its federal government affairs footprint in Washington, D.C., and we're seeking an experienced, highly strategic Government Affairs Manager to drive our advocacy and strengthen Socure's voice across Congress, federal agencies, and key industry coalitions. In this role, you'll partner closely with legal, product, communications, and go-to-market teams to shape a policy and regulatory environment that advances Socure's mission to verify 100% of good identities in real time. While Socure is a fully remote organization, this role requires frequent in-person engagement across the D.C. ecosystem, including Capitol Hill, federal agencies, think tanks, and industry events. What You'll Do Lead Socure's federal advocacy strategy, cultivating and maintaining influential relationships on Capitol Hill, within federal agencies, and across the broader federal policy community. Serve as a trusted advisor on public policy issues spanning identity, cybersecurity, AI, financial services, digital authentication, and federal procurement. Drive direct lobbying efforts with lawmakers, regulators, and trade associations to advance Socure's priorities and shape legislative and regulatory outcomes. Track, analyze, and synthesize complex legislative and regulatory developments, delivering actionable insights and strategic recommendations. Collaborate across internal teams to align policy objectives with product development, compliance strategy, and commercial initiatives. Develop compelling briefing materials, talking points, policy memos, and stakeholder communications for executive leadership and external audiences. Represent Socure in meetings, hearings, roundtables, and industry convenings, often as the company's primary external voice on federal policy issues. What You Bring 5-8+ years of experience in government affairs, public policy, or legislative advocacy, including direct lobbying experience. Strong preference for candidates with experience in financial services, banking, or fast-paced fintech environments-particularly in highly regulated or compliance-driven domains. Deep working knowledge of federal legislative and regulatory processes, particularly those related to financial services, identity, technology, cybersecurity, AI, or privacy. Exceptional communication, political judgment, and relationship-building skills, with a track record of developing bipartisan credibility. Proven ability to translate complex technical and regulatory issues into clear, actionable guidance for internal and external stakeholders. A proactive, self-directed approach and comfort operating in a fast-moving, high-growth environment with cross-functional teams. Bonus Points Experience with federal procurement, AML/KYC requirements, or NIST standards and frameworks. Background in identity verification, digital trust, fraud prevention, or AI governance. Socure is an equal opportunity employer that values diversity in all its forms within our company. We do not discriminate based on race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. If you need an accommodation during any stage of the application or hiring process-including interview or onboarding support-please reach out to your Socure recruiting partner directly. Follow Us! YouTube | LinkedIn | X (Twitter) | Facebook

IT Audit Intern (2600009E) Organization: Budget and ManagementAgency Contact Name and Information: Janine Burnside **************************** Unposting Date: Feb 16, 2026, 4:59:00 AMWork Location: James A Rhodes Office Tower 35 30 East Broad Street 35th Floor Columbus 43215Primary Location: United States of America-OHIO-Franklin County-Columbus Compensation: $20.00Schedule: Part-time Work Hours: Varies, at least 10 hours per week Classified Indicator: UnclassifiedUnion: Exempt from Union Primary Job Skill: InternshipTechnical Skills: Data Analytics, Risk Management, Accounting and Finance, Auditing, Information Technology, Internship, CybersecurityProfessional Skills: Active Learning, Analyzation, Attention to Detail, Collaboration, Verbal Communication, Written Communication Agency OverviewWhat We Do:The Ohio Office of Budget and Management (OBM) is the fiscal backbone of the State of Ohio enterprise. OBM works with the Governor and every state agency in providing policy analysis, fiscal research, and financial management services. We help state agencies shape Ohio's future by ensuring the proper and responsible use of state resources!Job DescriptionWhat You'll Do:The IT Audit Intern position is a learning-focused opportunity designed to provide hands-on experience in operational and information technology audits, internal control assessments, and audit analytics within a statewide environment. Under close supervision, you will assist the Office of Internal Audit (OIA) teams with planning, fieldwork, documentation, and follow-up related to risks and controls across multiple agencies. Key responsibilities include:Supporting IT audit planning and fieldwork (e.g., gathering artifacts, performing control walkthroughs, documenting test procedures and results) for engagements related to IT risks and controls such as identity/access management, configuration management, and system change control.Preparing and updating audit workpapers and issue logs; contributing to remediation tracking and follow-up activities in OIA tools.Assisting with control testing (e.g., user provisioning/deprovisioning samples, periodic access recertifications), including data collection and exception tracking.Attending and preparing meeting notes and status summaries; participating in team meetings and stakeholder interviews; following up on assigned tasks.Contributing to report drafting by synthesizing evidence, observations, and recommendations aligned to OIA methodology and standards.Shadowing experienced auditors to learn about enterprise technology governance, operations, and risk management within the State of Ohio environment.This is a 6-month to 1-year internship opportunity, starting no earlier than June 2026. Interns may work up to 40 hours per week in our downtown Columbus office; we can work with your schedule.Why Work for the State of OhioAt the State of Ohio, we take care of the team that cares for Ohioans. We provide a variety of quality, competitive benefits to eligible full-time and part-time employees*. For a list of all the State of Ohio Benefits, visit our Total Rewards website! Our benefits package includes: Medical Coverage Free Dental, Vision and Basic Life Insurance premiums after completion of eligibility period. Paid time off, including vacation, personal, sick leave and 11 paid holidays per year Childbirth, Adoption, and Foster Care leave Education and Development Opportunities (Employee Development Funds, Public Service Loan Forgiveness, and more) Public Retirement Systems (such as OPERS, STRS, SERS, and HPRS) & Optional Deferred Compensation (Ohio Deferred Compensation) *Benefits eligibility is dependent on a number of factors. The Agency Contact listed above will be able to provide specific benefits information for this position.QualificationsWhat We're Looking For:Education: Currently enrolled (or recently completed) in an undergraduate program in Information Systems/Technology, Cybersecurity, Data Analytics, Accounting/Information Systems, or related field.Relevant Coursework: Audit, IT security, cybersecurity, data analysis, or information risk management. Familiarity with security frameworks (e.g., NIST 800-53, CSF 2.0), identity and access concepts, or IT Service Management tools (e.g., ServiceNow) helpful but not required.Strong written and verbal communication skills for success in a collaborative team environment.Excellent organizational skills and attention to detail.Ability to work independently with guidance.Interest in audit, risk, and controls.Supplemental InformationAdditional Information: When completing your application, be sure to clearly describe how you meet the minimum qualifications outlined in this job posting. If you require reasonable accommodation for the application process, please email the Human Resources contact on this posting so arrangements can be made. The Director of OBM, or their designee, will interview all final candidates for this position. The final candidate selected for this position will be required to undergo a criminal background check. Criminal convictions do not necessarily preclude an applicant from consideration for a position. An individual assessment of an applicant's prior criminal convictions will be made before excluding an applicant from consideration. ADA StatementOhio is a Disability Inclusion State and strives to be a model employer of individuals with disabilities. The State of Ohio is committed to providing access and inclusion and reasonable accommodation in its services, activities, programs, and employment opportunities in accordance with the Americans with Disabilities Act (ADA) and other applicable laws.Drug-Free WorkplaceThe State of Ohio is a drug free workplace which prohibits the use of marijuana (recreational marijuana/non-medical cannabis). Please note, this position may be subject to additional restrictions pursuant to the State of Ohio Drug-Free Workplace Policy (HR-39), and as outlined in the posting.

USRC's greatest strength in being a leader in the dialysis industry is our ability to recognize and celebrate the differences in our diverse workforce. We strongly believe in recruiting top talent and creating a diverse and inclusive work climate and culture at all levels of our organization. SUMMARY As a key leader within the Information Security organization, the Security Operations Manager is responsible for overseeing day‑to‑day security operations and ensuring the effective detection, investigation, containment, and remediation of cyber threats impacting the enterprise. This role manages a team of analysts, drives operational readiness, and strengthens the organization's security posture through continuous improvement, technical leadership, and cross‑department collaboration. The Security Operations Manager must be capable of operating independently, demonstrating advanced critical‑thinking skills, strong analytical capabilities, sound judgment under pressure, and the ability to comprehend and address complex technical and organizational challenges without relying solely on predefined checklists or prescriptive workflows. Responsibilities listed below represent the minimum expectations for this role. Additional duties may be assigned as necessary to support business, regulatory, or operational objectives. Essential Duties and Responsibilities include the following. Other duties and tasks may be assigned. Security Operations Leadership Oversee day‑to‑day SOC operations across cloud, on‑premises, endpoint, and application environments. Provide technical direction and operational leadership to SOC analysts. Ensure all security events and incidents are managed consistently, accurately, and in alignment with organizational priorities. Team Management & Development Lead, mentor, and coach SOC analysts to support skill development, analytical capability, and operational maturity. Assist in performance evaluations, guide career progression, and foster a culture of accountability and high performance. Establish expectations for independent analysis, strong reasoning, and effective decision‑making by team members. Incident Response Ownership Direct and coordinate incident response activities, including investigation, containment, and remediation. Provide real‑time guidance to analysts during high‑severity incidents and ensure timely, well‑documented resolution. Serve as an escalation point for complex investigations or ambiguous threat scenarios requiring executive decision‑ Threat Detection, Monitoring & Analysis Evaluate and enhance detection coverage, analytic depth, and SOC visibility. Partner with threat intelligence, engineering, and architecture teams to refine detection logic and improve response capability. Ensure SOC maintains awareness of emerging threats and incorporates relevant intelligence into operations. Cross‑Functional Collaboration Coordinate with IT Infrastructure, Networking, Application, Clinical, and Cybersecurity Architecture teams to support remediation activities. Collaborate closely with Compliance and HR during internal investigations requiring log analysis, evidence gathering, or technical validation. Support audit engagements, including SOC2 and regulatory requirements (e.g., HIPAA, NIST CSF), by providing evidence, insights, and technical expertise. Process, Playbooks & Documentation Develop, maintain, and continuously improve SOC playbooks, incident response procedures, and operational documentation. Identify and eliminate operational bottlenecks, introducing process efficiencies based on experience and analytical insight. Technology Ownership & Optimization Oversee SOC technologies including SIEM, EDR/XDR, SOAR, threat intelligence platforms, and related detection or investigation tooling. Ensure platform configurations, alerting logic, and integrations remain optimized for accuracy, visibility, and speed. Analytics, Reporting & Metrics Track SOC KPIs and operational metrics to effectively communicate security posture, incident volume, and response effectiveness. Deliver concise, executive‑ready reporting on incidents, trends, risks, and opportunities for improvement. AI‑Enablement & Automation Integration Identify opportunities to leverage AI and automation to improve SOC efficiency, reduce manual workload, and strengthen response capability. Explicit leadership of AI‑driven security solutions and responsible AI governance (frameworks, adoption, alignment with ERM/compliance). Partner with engineering teams to integrate automation into investigation and response workflows. On‑Call Requirement & After‑Hours Support Participation in the on‑call rotation as needed by operational needs. Incident response and CSIRT activation may require engagement during evenings, nights, weekends, or holidays. Maintain readiness to support critical and high‑severity incidents requiring immediate leadership involvement. Participation and engagement in tabletop exercises and risk assessments Penetration testing participation (internal/external; cloud/mobile/app) with third-party vendors Cloud security strategy definition and execution (posture management, tenant onboarding, compliance alignment). Authoring enablement documentation for assessments and platform integrations. Additional responsibilities may be assigned as necessary based on evolving technologies, threats, business needs, or regulatory requirements. Upholds management goals of corporation by leading staff in team concepts and promoting a team effort. Maintains effective personnel management and employee relations, including evaluating the performance of all personnel; approving and submitting all hours worked and counseling and disciplining employees. Recruits, trains, develops, and supervises personnel. Effectively communicates expectations; accepts accountability and holds others accountable for performance. Regular and reliable attendance is required for the job.

True Zero Technologies, a veteran-owned small business, was founded on the principle that the purposeful enablement of people and technology in an organization directly ties to the quality of its outcomes. True Zero recognizes that said outcomes begin and end with our people, and that is what we have built, a community of like-minded, driven, and passionate individuals and innovators who are aligned in a common goal of delivering top tier services to our customers. In 2023, True Zero was recognized as a “Best Places to Work” in two categories ("Prosperous and Thriving" ($5MM - $50MM in gross revenue) and "Mid-Atlantic Region" (DC, DE, MD, NC, VA, WV)) and in 2022, was recognized as one of Inc. Magazine's Top 5000 Fastest Growing Companies. True Zero Technologies is looking for qualified candidates to fulfill the role of an AI Security SME Qualifications Looking to identify an AI security and Crowdstrike SME with a cyber focused background and be able to utilize Crowdstrike SOAR playbooks and Crowdstrike Agentic AI. Collaborate with AI developers to embed security at every stage of the AI development lifecycle, from design to deployment, to build secure-by-default solutions Ensuring AI systems and data usage adhere to regulatory and internal security standards Deep understanding of how AI and ML models work, including their unique vulnerabilities and attack vectors 3-5 years of implementing, managing, and expanding Crowdstrike and related use cases for customers in a variety of public sector and commercial customers. A deep understanding of cybersecurity principles, frameworks (e.g., NIST, CIS), and secure development life cycles (SSDLC) Bachelor's degree in Computer Science, Information Technology, Computer Engineering, or related discipline, and 5 years of experience performing IT deployments or in an end user/customer environment Deep understanding of software deployment technologies, and understanding of security operations, practices, and methodologies Highly knowledgeable on Windows, Mac, and Linux platforms Working knowledge of Microsoft Office applications, Word, Excel, Access, PowerPoint, etc. Good communication and collaboration skills Solid analytical/problem solving skills with capability to identify solutions to unusual and complex problems High level of motivation; self-starter; results driven Ability to travel as needed on-site to customers Additional skills and experience that are highly valued: Entrepreneurial Mindset & Business Acumen Demonstrated ability to identify market opportunities, build business cases, and drive new initiatives from concept to execution. Strong desire to eventually build and lead a company, with the ability to operate in high-ambiguity, fast-moving environments. Innovation Leadership & Emerging Tech Evangelism Passion for exploring and applying the latest advancements in AI, machine learning, and automation to solve the most pressing Cybersecurity challenges facing the United States. Track record of rapid experimentation, prototyping, and delivering proofs-of-concept using cutting-edge technologies and frameworks. Serve as primary engineering resource responsible for end-to-end integration and operational optimization. Strong background in Crowdstrike Falcon, EDR, ITP, and various other related modules Directly support and mature SOC capibilities Experience deploying and operating prominent enterprise EDR platforms such as Tanium, FireEye HX, Cylance, Carbon Black, Microsoft Defender, and SentinelOne in large and complex environments Knowledge of cloud platforms and technologies, such as Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP) Ability to gain secret clearance if needed Responsibilities Provide technical implementation, configuration, and troubleshooting assistance with the deployment of the CrowdStrike platform and associated applications Install CrowdStrike software both remotely and physically Investigate and understand emerging threats to AI systems, such as adversarial attacks (e.g., prompt injection), model poisoning, and data manipulation Utilize and engineer native and 3rd party software deployment technologies Develop scripts and processes around software deployment Strong understanding of how AI and Machine Learning models work, including their underlying algorithms and architecture Conduct adversarial testing and red teaming to simulate attacks on AI/LLM systems and evaluate their defenses Plan and report software deployment status Work closely and collaboratively with customer information technology teams Leveraging CrowdStrike applications (for example, but not limited to, Spotlight and Discover) provide support to customers in vulnerability and asset management Assist customers with the integration of CrowdStrike into existing tools Troubleshoot customer deployment issues across small to large enterprises Establish roadmap and iterative improvement of endpoint detection capabilities and tooling integrations and use of Crowdstrike with maturity model approach Identify opportunities to expand Crowdstrike and other tools to reduce security related enterprise risk Create, enhance, and continuously update documentation and knowledge base (e.g., user guides, quick starts, documentation, demos) Interview additional candidates applying to True Zero Technologies We're actively searching for talented security and technology practitioners who are ready to experience the True Zero difference. As a True Zero team member, you'll enjoy: - Competitive salary, paid twice per month- Best in class medical coverage- 100% of medical premiums covered by True Zero- Company wide new business incentive programs- Contribution Incentives (i.e. white papers, blog posts, internal webinars, etc.)- 3 weeks of PTO starting + 11 Paid Holidays Annually- 401k Program with 100% company match on the first 4%- Monthly reimbursement of Cell Phone and Home Internet costs- Paternity/Maternity Leave- Investment in training and certifications to broaden and deepen your technical skills

Why PlayStation? PlayStation isn't just the Best Place to Play - it's also the Best Place to Work. Today, we're recognized as a global leader in entertainment producing The PlayStation family of products and services including PlayStation 5, PlayStation 4, PlayStation VR, PlayStation Plus, acclaimed PlayStation software titles from PlayStation Studios, and more. PlayStation also strives to create an inclusive environment that empowers employees and embraces diversity. We welcome and encourage everyone who has a passion and curiosity for innovation, technology, and play to explore our open positions and join our growing global team. The PlayStation brand falls under Sony Interactive Entertainment, a wholly-owned subsidiary of Sony Group Corporation. Sony Interactive Entertainment LLC seeks a Staff Information Security Analyst in San Mateo, CA to define strategic GRC (Governance, Risk and Compliance) input in global initiatives, including Artificial Intelligence (AI) and Machine Learning (ML) adoption, cloud security, and enterprise wide policies, ensuring resilience while balancing business and regulatory needs. Requires a Master's degree in Cybersecurity, Information Security, or related field or equivalent, and four (4) years of experience conducting risk assessments on critical information systems to maintain and manage risk registers; facilitating the Security Risk Assessment methodology, policy, strategy and process; writing security assessment reports following security breaches and detailing the associated impact; monitoring and reviewing IT Security controls to identify operational effectiveness; mapping security controls to policies, standards, procedures and processes to ensure compliance with security measures; managing security remediation efforts and tracking status of security deficiencies; translating security risk mitigation plans into actionable items to mitigate risk in coordination with technical and business teams; developing and implementing policy frameworks for emerging technologies, including AI/ML and cloud security, with governance and legal stakeholders; applying industry standards including NIST, ISO 27001, and PCI DSS in support of organizational security objectives; supporting the evaluation of third-party vendor security through documentation review and risk assessment; contributing to the enhancement of vendor onboarding and compliance workflows; and, in executing duties, utilizing Archer GRC, ServiceNow, Splunk, JIRA, Confluence, SharePoint, Palo Alto Prisma Cloud and AWS. Telecommuting and/or working from home may be permissible pursuant to company policies. Sony is an EOE. Salary range: $185,639.00 - $261,000.00/year Equal Opportunity Statement: Sony is an Equal Opportunity Employer. All persons will receive consideration for employment without regard to gender (including gender identity, gender expression and gender reassignment), race (including colour, nationality, ethnic or national origin), religion or belief, marital or civil partnership status, disability, age, sexual orientation, pregnancy, maternity or parental status, trade union membership or membership in any other legally protected category. We strive to create an inclusive environment, empower employees and embrace diversity. We encourage everyone to respond. PlayStation is a Fair Chance employer and qualified applicants with arrest and conviction records will be considered for employment.

Who is Trace3? Trace3 is a leading Transformative IT Authority, providing unique technology solutions and consulting services to our clients. Equipped with elite engineering and dynamic innovation, we empower IT executives and their organizations to achieve competitive advantage through a process of Integrate, Automate, Innovate. Our culture at Trace3 embodies the spirit of a startup with the advantage of a scalable business. Employees can grow their career and have fun while doing it! Trace3 is headquartered in Irvine, California. We employ more than 1,200 people all over the United States. Our major field office locations include Denver, Indianapolis, Grand Rapids, Lexington, Los Angeles, Louisville, Texas, San Francisco. Ready to discover the possibilities that live in technology? Come Join Us! Street-Smart - Thriving in Dynamic Times We are flexible and resilient in a fast-changing environment. We continuously innovate and drive constructive change while keeping a focus on the “big picture.” We exercise sound business judgment in making high-quality decisions in a timely and cost-effective manner. We are highly creative and can dig deep within ourselves to find positive solutions to different problems. Juice - The “Stuff” it takes to be a Needle Mover We get things done and drive results. We lead without a title, empowering others through a can-do attitude. We look forward to the goal, mentally mapping out every checkpoint on the pathway to success, and visualizing what the final destination looks and feels like. Teamwork - Humble, Hungry and Smart We are humble individuals who understand how our job impacts the company's mission. We treat others with respect, admit mistakes, give credit where it's due and demonstrate transparency. We “bring the weather” by exhibiting positive leadership and solution-focused thinking. We hug people in their trials, struggles, and failures - not just their success. We appreciate the individuality of the people around us. JOB SUMMARY: Do you have a dynamic personality? Are you passionate about cybersecurity and want to support a wide variety of opportunities and initiatives related to security consulting? Do you have excellent active listening skills and can apply critical thinking quickly and effectively? If so, you may be a great fit for the Security Governance, Risk, and Compliance (GRC) team! As part of the Trace3xperience Program, the Governance, Risk, and Compliance Tracer (Intern) will support all aspects of the GRC team and market offerings. Activities will include learning to align information security with client business goals using a risk-based approach in the core areas of IT security, including Identity and Access Management, Data Security, Applications Security, Network Security and Engineering, Security Program Strategy, and Operations. You will also attend client and sales calls to shadow and learn about Trace3 consulting and delivery. Tracers in this program will receive accelerated professional development, exposure to all technical functions of an IT consulting organization, world-class mentoring, and unique networking opportunities across the organization. WHAT YOU CAN EXPECT TO LEARN AND DO: You will learn: About security consulting and how to approach the market How the role of Governance, Risk, and Compliance is integrated within a security organization How to implement industry security frameworks (e.g., NIST, CSF) and translate these into tailored, prescriptive control environments to guide security program investments in people, processes, and technology How to develop security program strategies and recommendations How to develop deliverables and presentations for an organization's leadership You will: Attend discovery, strategy, or sales/scoping calls Assist with the development of client deliverables (e.g., risk assessments, policy and procedures, or technology roadmaps) Support the build or enhancements of GRC offerings and more activities, as identified, defined, and prioritized by the GRC team ELIGIBILITY AND PREFERRED SKILLS: Enrollment in the Junior or Senior year of an undergraduate program or in a masters program, at an accredited college or university Candidates should be pursuing a field of study applicable to information technology, cybersecurity, or computer security with a focus or interest in assurance/governance / risk/compliance Cumulative grade point average (GPA) of 3.0 or better; People and Organizational Health may require a copy of the applicant's transcript Academic or professional/internship experience working in a professional setting is a plus but not required Ability to work independently on assigned tasks and accepts direction on given assignments Self-motivated individuals with a customer mindset and desire to help people Enthusiasm for technical problem solving with attention to detail and strong communication skills Ability to learn and research in a dynamic and engaging environment Availability to work 40 hours per week throughout the internship Actual salary will be based on a variety of factors, including location, experience, skill set, performance, licensure and certification, and business needs. The range for this position in other geographic locations may differ. Certain positions may also be eligible for variable incentive compensation, such as bonuses or commissions, that is not included in the base salary.Estimated Pay Range$20-$26 USD The Perks Comprehensive medical, dental and vision plans for you and your dependents 401(k) Retirement Plan with Employer Match, 529 College Savings Plan, Health Savings Account, Life Insurance, and Long-Term Disability Competitive Compensation Training and development programs Major offices stocked with snacks and beverages Collaborative and cool culture Work-life balance and generous paid time off Our Commitment At the core of Trace3's DNA is our people. We are a diverse group of talented individuals who understand the importance of teamwork and demonstrating leadership, character, and passion in all that we do. We're committed to fostering an inclusive workplace where everyone feels respected, valued, and empowered to grow. We recognize that embracing diversity drives innovation, improves outcomes, fosters collaboration, boosts teammate satisfaction, and builds a more inclusive culture. As an equal opportunity employer, Trace3 bases all employment decisions based on individual qualifications, merit, and business requirements. We do not engage in discrimination on the basis of race, color, religion, sex (including gender identity, sexual orientation, and pregnancy), national origin, age (40 or older), disability, genetic information, or any other characteristic protected by federal, state, or local law. Any demographic information provided is strictly voluntary, kept confidential in accordance with Equal Employment Opportunity (EEO) regulations, and will not be used in employment decisions, including hiring, promotions, or mentorship programs. We are committed to providing equal employment opportunities for all. If you require a reasonable accommodation to complete the application process or participate in an interview, please email *********************. ***To all recruitment agencies: Trace3 does not accept unsolicited agency resumes/CVs. Please do not forward resumes/CVs to our careers email addresses, Trace3 employees or any other company location. Trace3 is not responsible for any fees related to unsolicited resumes/CVs.

Our team members are at the heart of everything we do. At Cencora, we are united in our responsibility to create healthier futures, and every person here is essential to us being able to deliver on that purpose. If you want to make a difference at the center of health, come join our innovative company and help us improve the lives of people and animals everywhere. Apply today! Job Details Summary: Seeking an experienced Security Product Manager who possesses a blend of cybersecurity expertise, strong product management skills, and strategic vision. The ideal candidate will help define and execute the product strategic vision and multi-year roadmap for one or more cybersecurity domains (e.g., Identity and Access Management, Risk and Compliance, Cyber Defense, etc.). You will partner closely with domain leadership and bring deep subject matter expertise across the cybersecurity domain you support. The candidate will have the ability to work effectively with cross-functional teams including architecture, engineering, IT delivery teams, project management, organizational change management, and other stakeholders. You will also be a strong communicator who is able to convey and summarize complex concepts at an executive level. Primary Responsibilities: Partner with domain leadership to set product vision and strategy in alignment with organizational goals Develop and execute multi-year domain roadmaps aligned to organizational strategy and objectives Ensure roadmap visibility and alignment across all cross-functional stakeholders Define key performance indicators (KPIs) to measure product success and drive data-informed decisions Manage, lead, and facilitate cross-functional collaboration with leaders, stakeholders, partners, customers, and peers Deliver and present executive-level health and progress reporting of product performance, outcomes, risks, and strategic insights to various stakeholders Promote agile best practices and continuous improvement Assess, monitor, and mitigate risks and issues; adjust strategies and plans as necessary based on new information or changes in circumstances Guides, coaches, and mentors others on product management processes, best practices, and encourage a culture of collaboration and open communication Qualifications: Education: Bachelor's Degree in Computer Science, Information Technology or any other related discipline or equivalent related experience. Preferred Certifications: Industry security certification (e.g., CISSP, CISM, CompTIA Security+, etc.) Industry Agile certification (e.g., SAFe Agilist, SAFe LPM, etc.) Industry project management certification (e.g., PMP, etc.) Change management certification (e.g., Prosci, etc.) Work Experience: 8+ years of directly-related or relevant experience, preferably in information security. Behavioral Skills: Guides, coaches, and mentors others on product management processes, best practices, and encourage a culture of collaboration and open communication Strategic Communication: able to simplify the complex with proven experience presenting to top level leaders Analytical Skills: Strong analytical and problem-solving skills, with a focus on data-driven decision making. Change Leadership: demonstrated success promoting change by helping others to change and remove barriers. Consulting and Influencing: strong ability to assess customer needs, provide expert advice, and develop solutions that enhance workforce and talent performance in alignment with organizational objectives. Adaptability: Ability to adjust approach in response to changing or evolving organizational conditions or priorities. Collaboration: strong inclination to work effectively with different teams, foster a spirit of cooperation, and break down silos Technical Skills: Cybersecurity: In-depth knowledge of one or more cybersecurity domains and cyber principles, frameworks, technologies, and standards (SOX, ISO 27001/27002, COBIT, ITIL, NIST, PCI, etc.) Agile Methodologies: Familiarity with Agile principles and frameworks to facilitate iterative development, manage backlogs, and ensure timely delivery of product outcomes What Cencora offers We provide compensation, benefits, and resources that enable a highly inclusive culture and support our team members' ability to live with purpose every day. In addition to traditional offerings like medical, dental, and vision care, we also provide a comprehensive suite of benefits that focus on the physical, emotional, financial, and social aspects of wellness. This encompasses support for working families, which may include backup dependent care, adoption assistance, infertility coverage, family building support, behavioral health solutions, paid parental leave, and paid caregiver leave. To encourage your personal growth, we also offer a variety of training programs, professional development resources, and opportunities to participate in mentorship programs, employee resource groups, volunteer activities, and much more. For details, visit ************************************** Full time Salary Range*$124,000 - 190,850 *This Salary Range reflects a National Average for this job. The actual range may vary based on your locale. Ranges in Colorado/California/Washington/New York/Hawaii/Vermont/Minnesota/Massachusetts/Illinois State-specific locations may be up to 10% lower than the minimum salary range, and 12% higher than the maximum salary range. Equal Employment Opportunity Cencora is committed to providing equal employment opportunity without regard to race, color, religion, sex, sexual orientation, gender identity, genetic information, national origin, age, disability, veteran status or membership in any other class protected by federal, state or local law. The company's continued success depends on the full and effective utilization of qualified individuals. Therefore, harassment is prohibited and all matters related to recruiting, training, compensation, benefits, promotions and transfers comply with equal opportunity principles and are non-discriminatory. Cencora is committed to providing reasonable accommodations to individuals with disabilities during the employment process which are consistent with legal requirements. If you wish to request an accommodation while seeking employment, please call ************ or email ****************. We will make accommodation determinations on a request-by-request basis. Messages and emails regarding anything other than accommodations requests will not be returned . Affiliated Companies:Affiliated Companies: AmerisourceBergen Services Corporation

SYSTEMS ENGINEER REMOTE ARC Group has an immediate opportunity for a Systems Engineer with experience with systems compliance/audits! This position is 100% remote. This is starting out as a contract position running through June 2026 with strong potential to extend longer or possibly convert to FTE. This is a fantastic opportunity to join an established and well-respected organization offering tremendous career growth potential. At ARC Group, we are committed to fostering a diverse and inclusive workplace where everyone feels valued and respected. We believe that diverse perspectives lead to better innovation and problem-solving. As an organization, we embrace diversity in all its forms and encourage individuals from underrepresented groups to apply. 100% REMOTE! Candidates must have permanent work authorization and work for any employer without sponsorship now or in the future. Third party candidates are not eligible for this role. Job Description: Project: This position is responsible for monitoring enterprise compliance programs for Infrastructure Services. This includes overseeing and evaluating government and commercial product and program regulations and requirements to promote and sustain organization integrity. The position is also responsible for identifying, defining, communicating, and managing the compliance program requirements and key performance indicators for government and commercial business. Description IT Systems Compliance Analysts are responsible for maturing the Compliance Program. Resource will interface with various audit and security personnel, providing policies, procedures, and device evidence required for specific platforms. Collaboration with technology owners on application of policies, procedures and audit requirements Interpret policies and procedures for accuracy and technical sensibility. Manage documentation and evidence repositories for access during audit events (Automated Scans, Manual Scripting, etc.). Develop policies and procedures and ensure that the current procedures are updated with current information and available for review for compliance with CMS, ARS, HITRUS, SOC2, DISA policies, procedures, and standards. Ability to navigate the DOD DISA public-facing site to include the STIGS Document Library & the STIG Viewer application (xccdf). Participate in discussions with all levels of leadership to articulate current state of the program. Advise on mitigation and remediation strategies for any variances or ensure they are documented in a Corrective Action Plan (CAP). Perform hardware and software evaluations to maintain established baseline integrity. Provide evidence to assist with internal and external audits. Ensure self-inspection checklists are completed against policies, procedures, and evidence for compliance audits. Ensure self-inspection checklists are completed against defined infrastructure platform baselines. Gather evidentiary documentation to support audit findings from compliance audits periodically throughout the year. Ability to navigate a SQL relational database: clauses, expressions, predicates, queries, and statements. Working experience with excel Other duties as assigned. Additional Required Qualifications: Four or more years demonstrated proficiency and experience in design, implementation, administration, monitoring and troubleshooting technology. Knowledge of information security principles, including risk assessment and management, threat and vulnerability management, incident response and identity and access management Competent working in one or more environments highly integrated with an operating system. Extensive experience implementing and administering/managing technical solutions in major, large-scale system implementations. Proficient working with various audit infrastructure tools/technologies such as Nessus, ACAS, and Nexpose. Knowledge of audit and assessment activities and processes such as configuration management Strong team-oriented interpersonal skills with the ability to interface with a broad range of people and roles Top Three Required Skills: 1. Experience implementing and supporting the following Security Frameworks: NIST 800-53, DISA Security requirements, CIS, HITRUST, PCI for a major operating system or component such as FW, RHEL, Windows, DB, WEB in a large enterprise environment. Must be able to create/produce evidence for documentation purposes and provide analysis (not just data collection). 2. Familiarity with basic enterprise audits, including SOC2, FISMA, MAC ARS, DOD 3. Experience interfacing with internal and external auditors. Required Experience: 3-5 years of related work experience or equivalent combination of transferable experience demonstrating proficiency and experience in design, implementation, monitoring and troubleshooting technology Required Education: Related Bachelor's degree in an IT related field or relevant work experience Preferred: 1. Experience as a primary liaison between Infrastructure Service organizations, Audit and Security organizations. 2. Managed requirements within simultaneous two-three audits. 3. This position has some accountability to consult independently with operational areas and senior leadership across the Enterprise. 4. Identifying, defining, communicating, and managing the compliance audit program requirements and performance indicators. such as security controls from NIST800-53 and DISA STIGs 5. Certifications: Comptia Security Plus or CISSP ARC Group is a Forbes-ranked a top 20 recruiting and executive search firm working with clients nationwide to recruit the highest quality technical resources. We have achieved this by understanding both our candidate's and client's needs and goals and serving both with integrity and a shared desire to succeed. At ARC Group, we are committed to providing equal employment opportunities and fostering an inclusive work environment. We encourage applications from all qualified individuals regardless of race, ethnicity, religion, gender identity, sexual orientation, age, disability, or any other protected status. If you require accommodations during the recruitment process, please let us know. No fee to candidate.

CRA is a leading global consulting firm that provides independent economic and financial analysis behind litigation matters, guides businesses through critical strategy and operational issues to become more profitable, and advises governments on the economic impact of policies and regulations. Our two main services - economic and management consulting - are delivered by practice groups that focus on specific areas of expertise or industries. Click here to learn how CRA can help you launch your career. Position Overview CRA's Forensic Services practice supports companies' commitment to integrity by assisting them and their counsel in independently responding to allegations of fraud, waste, abuse, misconduct, and non-compliance. We are noted for deploying cross-trained teams of forensic professionals to assist our clients in gaining deeper insights and greater value more quickly. We provide accounting and forensic services as well as cybercrime investigation services. The opportunities to contribute to the team in this Senior Associate role may include (but are not limited to): Executing security and privacy investigations for CRA clients, in preparation of, and in response to, data security matters, which may include ongoing theft of trade secret investigations, cyber breach detection, threat analysis, incident response and malware analysis; Performing forensic analysis of digital information using standard computer forensics and evidence handling techniques and computer forensics tools; Improving the ability of the digital forensic and incident response team to react to incidents by evaluating and implementing new tools and processes; Contributing to the creation and maintenance of effective relationships with local, state and federal law enforcement agencies to assist in criminal matters; Preparing client communications for project milestones and senior leadership; Managing risk by implementing quality control measures and documentation; Participating in team recruiting and retention efforts and managing team morale; Manage the growth and professional development of junior staff members; Providing management support to engagement teams led by senior personnel; Participating in project team execution, analysis, and work product; Managing and supervising teams as appropriate; Experience performing “pixel tracking” investigations; Experience in software development lifecycle, full-stack development and performing source code review; Providing technical assessment/audit and guidance to clients on the adequacy of cyber security controls in accordance with cybersecurity frameworks that are included in one or more of the following - NIST CSF 2.0, HIPAA, ISO 27001 and 27002, SOC2, NERC-CIP; Interfacing with client personnel; Assisting in business development efforts by drafting proposals and coordinating with other practice areas within the firm. Desired Qualifications 5-7 years of experience in digital forensics, cyber intrusion investigation or incident response analysis. Must hold a Bachelor's or Master's degree in a related field. Ability to effectively prioritize multiple projects and meet timely deadlines. Experience in a hands-on technical role functioning as a digital forensic examiner, incident responder, network forensic analyst or malware analyst. Experience with data analytics engagements and contributing to the execution of technology-based best practices. Working knowledge of computer hardware components, operating systems, file systems, computer networks, e-mail systems, mobile devices, IT security or incident response. Deep knowledge of networking (TCP/IP, design, traffic flow, protocols, sessions), operating systems (Windows / *nix) and web technologies. To Apply To be considered for a position in the United States, we require the following: Resume - please include current address, personal email and telephone number; If you are interested in applying for one of our international locations, please visit our Careers site to view and apply for available jobs. Career Growth and Benefits CRA's robust skills development programs, including a commitment to offering 100 hours of training annually through formal and informal programs, encourage you to thrive as an individual and team member. Beginning with research and analysis skill building, training continues with technical training, presentation skills, internal seminars, and career mentoring and performance coaching from an assigned senior colleague. Additional leadership and collaboration opportunities exist through internal firm development activities. We offer a comprehensive total rewards program including a superior benefits package, wellness programming to support physical, mental, emotional and financial well-being, and in-house immigration support for foreign nationals and international business travelers. Work Location Flexibility CRA creates a work environment that enables our colleagues to benefit from being together in the office to best deliver on our promise of career growth, mentorship and inclusivity. At the same time, we recognize that individuals realize a range of benefits when working from home periodically. We currently expect that individuals spend at least 3 to 4 days a week working in the office (which may include traveling to another CRA office or to client meetings), with specific days determined in coordination with your practice or team. Our Commitment to Equal Employment Opportunity Charles River Associates is an equal opportunity employer (EOE). All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, disability, status as a protected veteran, or any other protected characteristic under applicable law. Salary and other compensation A good-faith estimate of the annual base salary range for this position is $130,000 - $152,500. Stating pay within this range may vary based on factors such as education level, experience, skills, geographic location, market conditions, and other qualifications of the successful candidate. This position may be eligible for additional bonus incentive compensation. CRA offers a comprehensive benefits package, subject to eligibility requirements, which may include: medical, dental, and vision insurance; 401(k) retirement plan with employer match; life and disability insurance; paid time off (vacation, sick leave, holidays); paid parental leave; wellness programs and employee assistance resources; and commuter benefits.

JobID: 210637768 JobSchedule: Full time JobShift: : Bring your expertise to JPMorgan Chase. As part of Risk Management and Compliance, you are at the center of keeping JPMorgan Chase strong and resilient. You help the firm grow its business in a responsible way by anticipating new and emerging risks and using your expert judgement to solve real-world challenges that impact our company, customers and communities. Our culture in Risk Management and Compliance is all about thinking outside the box, challenging the status quo and striving to be best-in-class. As a Cybersecurity Operational Lead within the Compliance, Conduct, and Operational Risk (CCOR) team, you will collaborate with the 1st, 2nd, and 3rd Lines of Defense (LOD) to assess and evaluate global cybersecurity risks to the JP Morgan Chase technology estate. You will utilize your hands-on experience in operating or implementing security controls and tools, along with your expertise in managing security risks at strategic, operational, and tactical levels. Your responsibilities include leading risk assessments, conducting significant event reviews, and monitoring controls across the Security Configuration and Security Operation domains. Success in this role requires a strong understanding of technical controls, excellent communication skills, and the ability to work effectively with senior leaders and stakeholders to assess large environments. Job Responsibilities * Engage with technology and cybersecurity technologists to evaluate processes and risks * Assess risk impacts at the line of business and enterprise level * Work with technology areas to identify risk concentrations globally and understand how security controls mitigate them or identify residual risks * Write and present assessments highlighting control efforts or risks to Executive Directors, Managing Directors, and members of the Risk Operating Council * Exhibit strong organizational management skills necessary to collaborate with peers and deliver results * Maintain a high level of professionalism and expertise to be recognized as an expert in an assigned security control domain * Keep abreast of current cyber trends, vulnerabilities and emerging technologies * Perform independent assessments of operational risks though operational risk monitoring programs (e.g., significant event reviews, deep dive reviews, risk metrics, operational risk appetite, independent risk management assessments) Required qualifications, capabilities, and skills * 5+ years of experience as a technologist with experience in cybersecurity / technology development, engineering, or technical architecture within financial services organizations * Strong understanding of risk management at the enterprise level * Knowledge and experience in cybersecurity organization practices in some of the following: vulnerability management, penetration testing, incident response, endpoint protection, data loss prevention, email security, SIEM, DDoS, public cloud security configuration best practices, etc. * Ability to understand complex technical systems, the business processes they support, assess the inherent risks, and recommend mitigating security controls * Highly disciplined and able to work with limited supervision to execute long running projects with results * Exceptional verbal and written communication skills * Knowledge of common frameworks such as NIST CSF, FFIEC etc. Preferred qualifications, capabilities, and skills * Proven experience translating on-premises security configurations and operational processes into multi cloud environments * Understanding of how cloud and on-premises security controls support federal and international regulatory compliance requirements * One or more information security or cloud certifications (e.g. CISSP, CISM, GIAC, CCNA Security, AWS Security Specialty, Azure Security Engineer)