Information Systems Security Officer jobs at The Johns Hopkins University Applied Physics Laboratory

Are you a creative engineer with natural curiosity who wants to understand how things work? Do you love finding vulnerabilities and teaming with outstanding reverse engineers? Are you passionate about national security cyber challenges? If so, we want you to join our team at APL! Our team of world-class reverse engineers is growing! We are looking for motivated and enthusiastic engineers who want to learn and love to hack anything. Our team specializes in software and hardware reverse engineering, vulnerability research, and developing proof-of-concept offensive cyber capabilities with a focus on embedded systems. We have custom facilities tailored to specific classes of systems including vehicles, telecommunications/network infrastructure, and industrial systems as well as general reverse engineering labs. As a member of our group, you will… * Reverse engineer embedded systems * Develop exploits and build mission-aligned proof-of-concept capabilities * Explore novel techniques for automating reverse engineering and exploit development * Stretch your reverse engineering skills by working with top experts * Propose new ideas for internal and external funding opportunities * Share knowledge by clearly articulating ideas through papers and presentations to team members, APL management, and government decision makers Qualifications You meet our minimum qualifications for the job if you... * Have a Bachelor's degree in Computer Engineering, Computer Science, Electrical Engineering, or another field relevant to the duties as described above * Have at least 1 year of relevant experience * Are experienced with software debuggers and static analysis tools * Are proficient with one or more programming languages * Are familiar with assembly * Understand Unix/Linux operating systems * Love solving puzzles and have experience persevering through technical challenges * Are able to obtain a Top Secret level security clearance by your start date and can ultimately obtain TS/SCI+poly level clearance. If selected, you will be subject to a government security clearance investigation and must meet the requirements for access to classified information. Eligibility requirements include U.S. citizenship. You'll go above and beyond our minimum requirements if you... * Have demonstrated leadership experience * Have knowledge of advanced vulnerability discovery tools * Understand embedded systems development toolchains * Have experience with hardware debugging interfaces, code security mechanisms and their weaknesses, hardware diagnostic tools, and signal/protocol analysis * Possess an active TS/SCI clearance with polygraph About Us Why Work at APL? The Johns Hopkins University Applied Physics Laboratory (APL) brings world-class expertise to our nation's most critical defense, security, space and science challenges. While we are dedicated to solving complex challenges and pioneering new technologies, what makes us truly outstanding is our culture. We offer a vibrant, welcoming atmosphere where you can bring your authentic self to work, continue to grow, and build strong connections with inspiring teammates. At APL, we celebrate our differences of perspectives and encourage creativity and bold, new ideas. Our employees enjoy generous benefits, including a robust education assistance program, unparalleled retirement contributions, and a healthy work/life balance. APL's campus is located in the Baltimore-Washington metro area. Learn more about our career opportunities at ****************************** All qualified applicants will receive consideration for employment without regard to race, creed, color, religion, sex, gender identity or expression, sexual orientation, national origin, age, physical or mental disability, genetic information, veteran status, occupation, marital or familial status, political opinion, personal appearance, or any other characteristic protected by applicable law. APL is committed to providing reasonable accommodation to individuals of all abilities, including those with disabilities. If you require a reasonable accommodation to participate in any part of the hiring process, please contact Accommodations@jhuapl.edu. The referenced pay range is based on JHU APL's good faith belief at the time of posting. Actual compensation may vary based on factors such as geographic location, work experience, market conditions, education/training and skill level with consideration for internal parity. For salaried employees scheduled to work less than 40 hours per week, annual salary will be prorated based on the number of hours worked. APL may offer bonuses or other forms of compensation per internal policy and/or contractual designation. Additional compensation may be provided in the form of a sign-on bonus, relocation benefits, locality allowance or discretionary payments for exceptional performance. APL provides eligible staff with a comprehensive benefits package including retirement plans, paid time off, medical, dental, vision, life insurance, short-term disability, long-term disability, flexible spending accounts, education assistance, and training and development. Applications are accepted on a rolling basis. Minimum Rate $100,000 Annually Maximum Rate $227,500 Annually

Primary Purpose The Information Security Analyst I provides support for the operational and consultative functions of the University of the Pacific Information Security department in collaboration with the Pacific Technology division and stakeholders across the University. The Information Security Analyst I helps design, implement, manage, and monitor technical, administrative, and physical controls used to protect the confidentiality, integrity, and availability of the University's information assets. Essential Functions Configure/operate/audit various information security controls such as antivirus/antimalware, firewall, etc. to ensure control effectiveness and report/present results to management and technical staff. Analyze findings from security monitoring systems, such as Data Loss Prevention, Firewall, and Security Information Event Management consoles, to identify and respond to security incidents. Conduct vulnerability scans and penetration tests to identify security risks and report findings to system owners and advise on remediation as needed. Participate in security incident response by conducting forensic investigations, isolating malware, identifying attack vectors, and providing guidance on containment and remediation. Participate in organization's disaster recovery and business continuity planning, testing, and execution. Respond to service requests received from end users or other teams (e.g. for investigation of security events, reviewing change requests on systems impacting security, or addressing user access requests). Assist in delivering security awareness training for the organization's staff and students as needed. Maintain knowledge and advise staff and students on organization's policies, standards, and procedures relating to information security. Participate in campus-wide information security events and programs to ensure alignment and knowledge sharing between departments. 24×7 on-call support rotation may be required. Performs other related duties as assigned. University of the Pacific recognizes that diversity, equity, and inclusion is foundational to the success of our valued students and employees. We prioritize policy and decision-making that demonstrates awareness of, and responsiveness to, the ways socio-cultural forces related to race, gender, ability, sexuality, socio-economic status, etc. impede or propel students, faculty, and staff. Minimum Qualifications Associate's Degree in computer science, technology, or related field. Three (3) years of increasingly responsible experience in developing, designing, auditing, installing, delivering, operating, or maintaining information security systems in a higher education or enterprise environment. Preferred Qualifications Education/Experience/Certifications: Bachelor's Degree in computer science or related field. Entry level information security certification such as Security+, GSEC , or SSCP . Skills/Knowledge and Expertise: Ability to configure operating systems commonly used in servers, desktops, and mobile devices. Knowledge of networking equipment and practices used in an enterprise IT environment. Demonstrated troubleshooting and problem-solving skills. Ability to analyze data using spreadsheets, databases, scripts, etc. Ability to work in a team environment and take direction and guidance. Ability to research and learn outside of formal training. Time management, organizational skills and ability to complete tasks as assigned. Experience and sensitivity in working with people of diverse backgrounds and cultures. Demonstrated experience in advancing social justice, equity, and inclusion in a university setting. Ability to engage and integrate culturally responsive practices and knowledge in their work.

Close All The Office of Information Technology encourages applications for a Director of Research IT Security! This role is a collaborative, strategic leader who will engage directly with our research community to reinforce standard practices, bridge organizational silos, and champion a culture of secure, compliant, and risk-aware research innovation. This position reflects CU Boulder's commitment to integrating cybersecurity, research administration, and compliance culture under a unified, researcher-centric vision. CU Boulder's $700M+ research portfolio with global impact spans areas including AI, quantum science, aerospace, energy, and climate research. The Director of Research IT Security will play a pivotal role in positioning CU Boulder as a national leader in trusted research by building unity, clarity, and sustainable processes to manage cybersecurity risks around secure and compliant research practices in sophisticated, challenging environments where standard security practices do not suffice. The successful candidate will bring extensive experience working with sponsored research. Reporting to the Information Security Officer (CISO) within the Office of Information Technology, the Director will serve as a strategic integrator-bridging the Information Security Office, Research Computing, Research & Innovation Office, Export Controls, and Ethics & Compliance around shared priorities for secure research enablement. The role is designed to unify CU Boulder's approach to research security and compliance, fostering a culture of collaboration and clarity across research, security, and compliance domains. The Director will engage directly with researchers to understand their goals and challenges, ensuring the university provides secure, compliant, and enabling solutions that advance discovery and innovation. By aligning campus expertise and facilitating consensus on which secure research opportunities CU Boulder is best positioned to pursue, the Director will help ensure that the technical, policy, procedural, and cultural foundations are in place for the university to make coordinated, risk-informed decisions that empower world-class, responsible research. CU is an Equal Opportunity Employer and complies with all applicable federal, state, and local laws governing nondiscrimination in employment. We are committed to creating a workplace where all individuals are treated with respect and dignity, and we encourage individuals from all backgrounds to apply, including protected veterans and individuals with disabilities. Who We Are Vision: * OIT will be valued by campus as a strategic, inclusive and innovative partner in advancing learning and discovery in order to enable CU Boulder to be an outstanding public university. Mission: * OIT enables campus priorities by providing high-value IT services and solutions. Values: * Trust, as a foundation for how we engage with one another and with campus partners, along with * Curiosity in how to better support the campus and our partner's while * Encouraging empowerment and authentic engagement among ourselves and * Celebrating a culture that promotes a sense of belonging while acknowledging that each person is unique and valued. Strategy: * OIT will advance learning and discovery by delivering high-value reliable IT services and solutions that: * Provide a fluid and adaptable academic and student experience * Enable research competitiveness and * Deliver core infrastructure and enterprise IT services for business efficiency. What Your Key Responsibilities Will Be Strategic Research Enablement & Integration: * Serve as a strategic integrator between researchers, compliance offices, and technical implementers, ensuring mutual understanding and alignment, effectuating cross-unit decision making and to help educate on the current infrastructure to guide future grant and research opportunities. * Lead efforts to adopt and extend the Trusted CI Framework, grounding CU Boulder's practices in evidence-based, researcher-driven cybersecurity solutions. * Provide information security subject matter expertise informing planning efforts around classified environments. * Through an IT Security lens, serve as a trusted partner, problem-solver, and proactive strategic advisor to faculty and research teams, championing adoption and communication, ensuring researchers, faculty and staff understand the tools, frameworks, and expectations for secure research. * Promote a culture of compliance that values clarity, accountability, and thoughtful, leadership-supported risk management. * Provide information security guidance for CU Boulder's grant and contract review process to guide and facilitate alignment of supporting systems and platforms with business needs and security requirements. Coordinate Systems and Service Evolution: * Work in partnership with OIT and Research Computing service owners (e.g., CMMC compliant enclave, supercomputer, peta-scale storage, and secure computing environments) to identify gaps, prioritize enhancements, and promote adoption. * Bring a technical understanding of system architecture and ITIL principles to translate compliance needs into actionable service roadmaps, without direct operational ownership. Advance Research Cybersecurity and Risk Mitigation: * Work proactively and collaboratively with Export Control, Ethics & Compliance, Contracts & Grants, and peers within the Office of Information Technology Security to sustain and enhance compliance with NIST 800-171, CMMC, DFARS, and other federal mandates impacting university researchers. What You Should Know * Visa sponsorship is not available for this position. * This position is in a hybrid work situation. This role will work on-campus to meet with researchers, provide consultation in labs, and assist with business needs, and will have the opportunity for some remote work as well. * Due to the requirement to access export-controlled data and information, only U.S. citizens, lawful permanent residents (green cards), or other protected individuals (i.e., persons designated as an asylee, refugee, or a temporary resident under amnesty provisions) may apply. What We Can Offer The annual salary for this full-time position is $110,000 - $130,000. Benefits At the University of Colorado Boulder, we are committed to supporting the holistic health and well-being of our employees. Our comprehensive benefits package includes medical, dental, and retirement plans; generous paid time off; tuition assistance for you and your dependents; and an ECO Pass for local transit. As one of Boulder County's largest employers, CU Boulder offers an inspiring academic community and access to world-class outdoor recreation. Explore additional perks and programs through the CU Advantage program. Be Statements Be ambitious. Be inspired. Be Boulder. What We Require * Bachelor's degree (or equivalent experience) from an accredited institution in information technology, computer science, law or related field. A combination of education and/or experience as described below can be substituted for the degree on a year for year basis. * 5+ years of experience in cybersecurity, research compliance, or risk management within higher education, government, or research settings. * Demonstrated ability to collaborate across technical, administrative, and academic communities. * Deep understanding of research data lifecycles, cybersecurity frameworks, and compliance standards. What You Will Need * Ability to be a visibly involved leader with strong relationship skills, a reputation for visibility, integrity, and high ethical standards, who will rigorously uphold quality standards earning the trust of individuals within and outside the university. * An open-minded and multi-dimensional approach to problem-solving. * Ability to comprehend complex technical information in research proposals and agreements. * Ability to organize work effectively, conceptualize and prioritize objectives, and exercise independent judgment based on an understanding of university policies and activities. * Proficient interpersonal and communication skills demonstrated by effective interactions and clear articulation of organizational goals. * Track record of establishing relationships quickly and effectively across a broad constituency; a high degree of ease, sensitivity, and flexibility in working with partners across organizational lines. * Ability to bring parties with disparate views toward mutually beneficial outcomes. * Demonstrated proficiency in communicating complex regulations and policies. * Experience analyzing dynamic contracts, legal documents, and policies, including intellectual property. * Ability to evaluate internal controls and understand organizational risk, implementing appropriate policies or procedures to ensure compliance. * Passion for service excellence, including research and operational integrity. * Ability to collect and analyze data, develop performance indicators and benchmarks, identify trends, and implement changes to achieve operational effectiveness. * Solid understanding of higher education or research organization policies, practices and procedures, including reporting standard methodologies. What We Would Like You to Have * PHD (or equivalent experience) in information technology, computer science, or a related subject area. * Experience with federal research compliance regimes (e.g., Export Controls, FISMA, CMMC, IRB). * Familiarity with ITIL and enterprise system architecture. * Familiarity with the Trusted CI Framework. * Demonstrated national-level presence within the research communities. * Ability to acquire a US Government security clearance. Special Instructions To apply, please submit the following materials: * A current resume. * A cover letter that specifically tells us how your background and experience align with the requirements, qualifications, and responsibilities of the position. We may request references at a later time. Please apply by December 14, 2025 for consideration. Note: Application materials will not be accepted via email. For consideration, please apply through CU Boulder Jobs. In compliance with the Colorado Job Application Fairness Act, in any materials you submit, you may redact or remove age-identifying information such as age, date of birth, or dates of school attendance or graduation. You will not be penalized for redacting or removing this information. Posting Contact Information Posting Contact Name: Boulder Campus Human Resources Posting Contact Email: ***********************

Johns Hopkins Public Safety is seeking an Electronic Communications Safety and Security (ECSS) Systems Engineer to support the Electronic Communications Safety and Security (ECSS) Systems primarily focused around the Johns Hopkins Police Department and Johns Hopkins Public Safety. This position will be responsible for the operation, configuration, and management of public safety information technology and ECSS Systems. The Electronic Communications Safety and Security (ECSS) Systems Engineer will be responsible for administration, programming, maintenance, performance, implementation, security and support of various departmental and enterprise-wide platforms, including the installation and testing of new software, operating systems, related utilities/services, and hardware products as well as the integration of new products and/or software release upgrades into the current environment. ECSS systems include, but are not limited to, two-way radio systems and infrastructure, telecommunications systems, emergency communications center technologies, police vehicle technology hardware and software, integrated security hardware and software solutions, enterprise software applications, ID Badging, access control, door hardware, video surveillance, security detection, alarm monitoring, information management display, mass notification, life safety, and fire detection alarm. Specific Duties and Responsibilities * Responsible for meeting with technical staff from many Johns Hopkins IT entities to determine customer needs for ECSS software and infrastructure deployments. * Responsible for meeting with stakeholders from Johns Hopkins Police Department (JHPD), Johns Hopkins Public Safety (JHPS), Baltimore Police Department (BPD) and Baltimore City (BCIT) regarding functionality and operation of various ECSS systems. * Collaborate with application support teams, infrastructure groups and departmental IT staff to test, deliver, and maintain ECSS software and infrastructure. * Assist with the ongoing maintenance and administration of Windows desktop management within the organization. * Conducts systems performance evaluations, monitoring, patch management and security evaluations. * Analyzes user needs in various computer environments (including but not limited to mainframe, Windows, and mid-range) and makes recommendations for products and services. * Ensures that all systems environments are maintained in an efficient and cost-effective manner. * Develop solutions based on extensive technical knowledge, skills and experience; influence clients towards innovative/integrated solutions. * Responsible for full life-cycle of medium to large sized complex projects. * Design complex business, clinical, education, or infrastructure solutions. Provide written documentation and diagrams of findings. * Design complex solutions that conform to institutional policies, standards, and guidelines, and infrastructure environment and to vendor and industry best practices. * Select infrastructure applications that reside between end user applications and hardware operating systems working with vendors, customers, and other sources (i.e., opensource or Internet2 initiatives) to provide configurable tools. * Develop new methods to improve service processes, performance, and functionality by examining existing systems management tools and processes. * Research, recommend, and implement new technologies based on the value to the institutions. * Work with vendor processes and product to improve the quality and fit for the institutions. * Install and configure complex server hardware and operating systems. * Install and configure infrastructure applications. * Implement a schedule of system backups and archive operations to ensure data/media recoverability. * Provide complex server level administration (manage HW/SW, maintenance, upgrades and patches, account maintenance, backups and recoveries and assist users). * Develop complex scripts and solutions by using departmental standards to automate systems management. * Perform complex system software upgrades including planning and scheduling, testing, and coordination. * Design and/or integrate security authorization and access control. Audit and maintain user access and authorization to provide for system security. * Generate and maintain complex periodic and ongoing system specific reports to assess system performance, integrity and capacity. * Follow and maintain IT security awareness and best practices by understanding security principles as they pertain to environments supported. * Utilize system management and monitoring tools and incident tracking systems to detect incidents, take corrective actions, and determine root cause. * Implement changes while adhering to the change management policies and procedures. Communicate to all parties the nature, significance, and risk factors. * With assistance of the project team, develop RFP's from requirements gathered by following institutional and purchasing guidelines in order to present well documented requirements to potential vendors for proposed solutions. * Evaluate vendor proposals. * Assist vendors, consultants, and inside Enterprise groups in developing applications. * Participate in scheduled project team meetings. * Author and maintain documentation to serve as technical and/or end user reference. * Other duties as assigned. The responsibilities listed above are typical examples of the work performed by this position. Not all duties assigned to this position are included, nor is it expected that everyone in this position will be assigned every job responsibility. Skills and Abilities * Strong technical writing skills. * Strong ability to understand complex business processes. * Must demonstrate strong critical thinking and analytical reasoning skills. * Ability to work on multiple priorities effectively. * Ability to prioritize conflicting demands. * Ability to execute assigned project tasks within established schedule. * Ability to work collaboratively in a team environment. * Writes and communicates clearly and concisely. * Possesses sound documentation skills. * Ability to maintain confidentiality. * Must demonstrate exemplary customer service skills. * Attention to details. * Strong desire to explore new ideas and continually learn. * Self-starter who will act independently. * Proficient/Certified in C-CURE 9000 Access Control and ID Badging Systems, MAS/SAS architecture and administration. * Proficient/Certified in Avigilon CCTV Systems. * Proficient/Certified in American Dynamics Victor Unified VMS. * Proficient/Certified in Magic Monitor CCTV Systems. * Knowledge of FLIR CCTV Systems. * Knowledge of Vendor and Visitor Management Systems. Minimum Qualifications * Bachelor's Degree. * Five (5) years related experience in the areas to include design; project management; system initialization and training for electronic access control; CCTV and alarm monitoring systems; or engineering experience in the field of electronic communications which must have included working with multi-site radio and/or microwave networks. * Must be able to successfully pass a background investigation including fingerprinting. * Additional education may substitute for required experience and additional related experience may substitute for required education beyond HS Diploma/Graduation Equivalent, to the extent permitted by the JHU equivalency formula. Preferred Qualifications * Three (3) years of related experience in a law enforcement environment in areas to include design, project management, system initialization and training for electronic access control, CCTV and alarm monitoring systems; OR if the experience is in engineering it must have included working with multi-site radio and/or microwave networks. Classified Title: Systems Engineer Job Posting Title (Working Title): Electronic Communications Safety and Security (ECSS) Systems Engineer Role/Level/Range: ATP/04/PE Starting Salary Range: $73,300 - $128,300 Annually (Commensurate w/exp.) Employee group: Full Time Schedule: M-F 8 am - 4 pm FLSA Status: Exempt Location: Hybrid/Eastern High Campus Department name: VP for Public Safety Office of Personnel area: University Administration

Lead Information Security Analyst - (250002LU) Description We are seeking a Lead Information Security Analyst to serve as our Incident Response/SOC SME, ideally with prior experience as a Security Incident Response Leader (SIRL). This role will lead incident response strategy and execution, with hands-on expertise in operational Splunk Enterprise Security (SIEM), Microsoft Defender security suite (including Endpoint, Identity, and Servers), and SOAR playbook automation. The successful candidate will be responsible for leading complex incident investigations, coordinating responses across IT and clinical teams, and driving ongoing improvements in security operations. You will also mentor SOC analysts, enhance detection capabilities, and ensure that lessons learned are integrated into practices. Incident Response Leadership (SIRL) Act as the Security Incident Response Leader during high-severity events, directing containment, remediation, and recovery efforts. Serve as the escalation point for SOC analysts and ensure timely, coordinated response actions. Develop and maintain incident response frameworks, including runbooks, playbooks, and post-incident reviews. Partner with executive leadership, clinical staff, and external stakeholders (law enforcement, MSSPs) to manage incident communications. Splunk Enterprise Security SMEMaintain and optimize Splunk ES detections, correlation rules, dashboards, and reporting. Guide SOC analysts on triage, alert enrichment, and threat-hunting practices. SOAR & AutomationBuild and manage security orchestration and automated response playbooks. Orchestrate integrations across SIEM, EDR, vulnerability management, and identity systems. . . etc. Documentation & ReportingProduce accurate documentation for incidents, including executive-level summaries and technical after-action reports. Ensure incident response processes and playbooks are continuously updated. Preparedness & TrainingLead tabletop exercises, red/blue team simulations, and cyber range events. Mentor and coach SOC analysts to elevate detection and response maturity. Qualifications Minimum EducationBachelor's degree in a computer science, math, engineering, or another relevant discipline or equivalent training and work experience (Required) Minimum Work Experience10+ years of experience in cybersecurity with a focus on vulnerability management, cybersecurity operations, analysis, forensics and/or investigations (Required) Required Skills/KnowledgeExperience leading in the application of key cybersecurity practices, controls, and frameworks Excellent written and verbal communication and presentation skills; interpersonal and collaborative skills; and the ability to communicate information risk-related concepts to technical as well as nontechnical audiences Experience leading cybersecurity auditing, compliance, and policy Experience leading cybersecurity risk assessments, vulnerability management, penetration testing, and threat identification. Experience leading the management of access controls including identity, active directory, privileged account management, and authentication Experience leading cybersecurity incident response, risk remediation, business continuity, disaster recovery, and cyber operations. Functional AccountabilitiesCybersecurity AnalysisOversees the Identification, documentation, and reporting of cybersecurity risks Leads the development of Information Security policies, standards, and procedures. Leads engagement with senior leaders of CNH business units to ensure security of assets, applications, and data Leads the application of procedures and systems associated with managing access to CNH systems, data, and other assets Leads the execution of responses associated with cybersecurity incidents, as required Primary Location: Maryland-Silver SpringWork Locations: Inventa Towers 1 Inventa Place Silver Spring 20910Job: Information TechnologyOrganization: OperationsPosition Status: R (Regular) - FT - Full-TimeShift: DayWork Schedule: 8-5Job Posting: Sep 15, 2025, 6:57:58 PMFull-Time Salary Range: 128452 - 214087

Bookmark this Posting Print Preview | Apply for this Job Details Information About Us Howard Community College (HCC) is an exciting place to work, learn, and grow! We are proud to have received the Great Colleges to Work For honor for 12 consecutive years, 2009-2020. Howard Community College values diversity among its faculty, staff and student population. We are an innovative institution that is committed to responding to the ever-changing needs and interests of a diverse and dynamic community. No matter where you want to go in your career, you can get there from here! Health Insurance * Multiple medical options with no annual deductible and low co‑pays; prescription drugs covered through mail‑order or retail pharmacies. * Vision coverage includes an annual eye exam and a generous frame allowance. * Dental plans offer low deductibles and reasonable annual maximums. Paid Time Off & Leave * 20 days of vacation per year for full‑time staff (capped at 30 days), with additional accrual tiers for other employee groups. * Spring break and winter break each add one extra week of paid vacation. * 4 days of personal leave per year (rolls into sick leave if unused). * 12 days of sick leave per year, unlimited carry‑forward. * Additional leave options include bereavement, organ‑donor, sabbatical (faculty & staff), and an emergency‑leave bank. Tuition Waiver * Full‑time budgeted employees receive a tuition waiver for Howard Community College courses taken during non‑working hours (subject to space availability and prior approval). On‑Site Amenities * Fitness center accessible to all staff. * Library with research resources and bestseller collection. Café offering a variety of food options and a quick‑service kiosk and parking is free for faculty and staff. Position Title Information Security Manager FLSA Exempt FT/PT Full Time Hours Per Week 37.5 Work Schedule Monday-Friday Grade 18 Compensation Range $84,559 Summary We are seeking a highly skilled and experienced Information Security Manager to lead our IT security team. The successful candidate will be responsible for developing and implementing comprehensive security strategies to protect our organization's information assets from cyber threats. Essential Role Responsibilities Security Strategy Development: * Develop and implement a robust information security strategy aligned with organizational goals. * Conduct regular risk assessments and security audits to identify and mitigate potential threats. Policy and Procedure Management: * Establish, enforce, and update security policies, procedures, and guidelines. * Ensure compliance with industry standards, regulations, and best practices. Team Leadership: * Manage and mentor a team of IT security professionals, providing guidance and support in their daily activities. * Foster a culture of security awareness and continuous improvement within the organization. Security Technology Management: * Oversee the implementation and maintenance of security technologies, including firewalls, intrusion detection/prevention systems (IDS/IPS), and antivirus software. * Stay current with emerging security technologies and trends to ensure the organization remains protected against new threats. Collaboration and Communication: * Collaborate with other departments to ensure security measures are integrated into all aspects of the organization's operations. * Communicate security risks and strategies to senior management and other stakeholders. Minimum Education Required Bachelor's degree Experience Required 5 Preferred Experience Education: * Bachelor's degree in Information Technology, Cybersecurity, Computer Science, or a related field. A master's degree is preferred. Certifications: * Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified Information Systems Auditor (CISA). Experience: * Minimum of five (5) years of experience in information security, with at least three (3) years in a managerial role. * Proven track record of developing and implementing successful security programs. Technical Skills: * In-depth knowledge of security frameworks (e.g., CIS) and best practices. * Proficiency with security technologies and tools, including firewalls, IDS/IPS, SIEM systems, and encryption methods. * Strong understanding of network protocols, operating systems, and application security. OTHER SKILLS * Excellent leadership and team management abilities. * Strong analytical and problem-solving skills. * Effective communication and interpersonal skills. Physical Demand Summary * This position may require occasional on-call duties and availability for emergency response. * Ability to work in a fast-paced, dynamic environment. Supervisory Position? Yes Division Information Technology Department Information Security Posting Detail Information Posting Number B556P Number of Vacancies 1 Best Consideration Date 11/14/2025 Job Open Date 10/29/2025 Job Close Date Continuous Recruitment? No Job Category Staff Benefits Summary Howard Community College offers competitive salaries, excellent medical and dental selections, tuition reimbursement and paid leave programs. As a participating member of the Maryland Retirement and Pension System, HCC offers two retirement options: The Pension, which requires a 7% employee contribution and The ORP, a 403(b) with a 7.25% employer contribution only. Employees in positions that do not require a bachelor's degree must participate in The Pension. Employees that possess a bachelor's degree and hold professional positions that require a bachelor's degree may choose to participate in either The Pension or The ORP. Applicant Instructions * Pre-employment criminal background investigation is a condition of employment. HCC is interested in all qualified applicants who are eligible to work in the United States. However, HCC will generally not sponsor applicants for work visas. Due to HCC policy, only employees living in states contiguous to Maryland are eligible for work at HCC and include Virginia, West Virginia, Washington DC, Pennsylvania. Candidates must live in the commutable area or willing to relocate at their own expense if offered the position because HCC does not offer relocation benefits. Please complete the entire HCC Employment Application (Candidates will be evaluated on completing the college's application in full). Quick Link for Internal Postings ********************************************** EEO Statement Howard Community College (HCC) is an Equal Employment Opportunity & Affirmative Action employer & values diversity within its faculty, staff & student population. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, gender, sexual orientation, gender identity, genetic information, disability or protected veteran status. HCC understands that persons with specific disabilities may need assistance with the job application process and/or with the interview process. For confidential assistance with the job application process, please contact the Office of Human Resources at ************. Reference Collection References Minimum Requests 3 Maximum Requests 3 Cut-off Date Special Instructions to Reference Provider Supplemental Questions Required fields are indicated with an asterisk (*). * * Do you have a bachelor's degree or higher? * Yes * No * * Do you have at least 5 years of related work experience, as defined in the position posting? * Yes * No Documents Needed to Apply Required Documents * Resume * Cover Letter Optional Documents

Clever is on a mission to connect every student, worldwide, to a world of learning. With our identity platform for education, we serve 77% of U.S. schools and over 1 million K12 students internationally. As a trusted partner for schools and educators, we provide secure, seamless access to digital learning tools that empower students everywhere. Clever, a Kahoot! Company, is headquartered in San Francisco, CA, but our impact extends far beyond. Learn more about us at *************** As a security engineer at Clever, you'll be part of a small highly collaborative team that leads the efforts to secure our service, infrastructure, organization and protect our customers' data. We are looking for someone who understands how to scale application security efforts at a growing organization. A DAY IN THE LIFE: By joining the Security team, you will become part of an integral part of our products by securing customer data and improving security posture by working on projects like: Security reviews, where you provide risk-based security subject matter expertise to our product and engineering teams Vulnerability detection, remediation, and preventing - find and fix vulnerabilities in our application code Collaborate with engineering teams in designing and developing security-sensitive code, including identity and authentication protocol code Review third party tools used by the company to ensure that these tools are compliant with our security practices for the data they will host and process Ensuring that engineering systems are compliant with appropriate privacy laws and collaborating with legal team to establish privacy practice Infrastructure tooling to automate security for Clever services Triage and own remediations to submission to our bug bounty program Representing Clever in the security community to stay updated on vulnerabilities and threats Training engineers about secure coding practices and promote security in the company Responsible for helping stay compliant with all of our relevant compliance regimes like GDPR, CCPA, FERPA, COPPA. Along with support efforts to be SOC2 Type 2 compliant We are focused on making sure we create systems and processes that allow all of Clever to create great products for teachers, students, guardians and district administrators ensuring that the data that we are custodians of are well protected. We use many AWS services (AWS WAF, IAM, Dynamo, Systems Manager Parameter Store, Route53, Cloudfront). We write frontend code in Node.js, TypeScript, and React and use Go for backend. These are some of the tools you will learn working in the security team and not something you need to know to join us. WHAT WE'RE LOOKING FOR: 4+ years of experience as a security engineer or software engineer with demonstrable security experience Solid foundation in software engineering principles and proven experience in building applications In-depth knowledge of common security vulnerabilities, standard security libraries, and security controls for web applications within a public cloud environment Experience collaborating with engineering teams to conduct code reviews, architecture assessments, and design evaluations to identify and mitigate security risks Excellent communication skills and influential leadership skills The desire and ability to mentor and support engineers at all levels of experience Commitment to inclusion and belonging: Clever believes that the classrooms we serve and our company's halls should be spaces that are diverse and inclusive. We seek opportunities and celebrate actions that further allow us to build diverse teams, include every voice, and create a safe space for everyone to bring their authentic selves into the workplace CLEVER BENEFITS AND PERKS: A competitive salary Flexible Paid Time Off Paid Parental Leave Top-notch healthcare, vision, and dental coverage for you and your family Best-in-class mental healthcare service that supports employees' mental and emotional wellness A generous personal development yearly budget which can be used for courses, conferences, trainings, books, and more A comprehensive Learning & Development program that enables employees to enhance their skills, knowledge, and functional expertise Annual company and team events to connect with fun, bright coworkers SALARY TRANSPARENCY: The range of our base salary cash compensation for this role for candidates living in the United States, besides NYC and San Francisco, CA, is between $144,500 - $205,000. For candidates living in NYC and San Francisco, CA is between $159,000 - $225,500. All final offers are determined using multiple factors including experience and level of expertise. Clever does not conduct interviews via text or Telegram. We will never ask for your financial information or reimbursement of equipment of any kind. If you receive any communications regarding employment with Clever that you think might be a scam, please email *************************. If you are a resident of Colorado, please note you have the right to redact your age-related information like age, birth date, or dates of schooling.

**Requisition Number:** 68867 **Employment Type:** University Staff **Schedule:** Full Time The Office of Information Technology encourages applications for a Director of Research IT Security! This role is a collaborative, strategic leader who will engage directly with our research community to reinforce standard practices, bridge organizational silos, and champion a culture of secure, compliant, and risk-aware research innovation. This position reflects CU Boulder's commitment to integrating cybersecurity, research administration, and compliance culture under a unified, researcher-centric vision. CU Boulder's $700M+ research portfolio with global impact spans areas including AI, quantum science, aerospace, energy, and climate research. The Director of Research IT Security will play a pivotal role in positioning CU Boulder as a national leader in trusted research by building unity, clarity, and sustainable processes to manage cybersecurity risks around secure and compliant research practices in sophisticated, challenging environments where standard security practices do not suffice. The successful candidate will bring extensive experience working with sponsored research. Reporting to the Information Security Officer (CISO) within the Office of Information Technology, the Director will serve as a strategic integrator-bridging the Information Security Office, Research Computing, Research & Innovation Office, Export Controls, and Ethics & Compliance around shared priorities for secure research enablement. The role is designed to unify CU Boulder's approach to research security and compliance, fostering a culture of collaboration and clarity across research, security, and compliance domains. The Director will engage directly with researchers to understand their goals and challenges, ensuring the university provides secure, compliant, and enabling solutions that advance discovery and innovation. By aligning campus expertise and facilitating consensus on which secure research opportunities CU Boulder is best positioned to pursue, the Director will help ensure that the technical, policy, procedural, and cultural foundations are in place for the university to make coordinated, risk-informed decisions that empower world-class, responsible research. CU is an Equal Opportunity Employer and complies with all applicable federal, state, and local laws governing nondiscrimination in employment. We are committed to creating a workplace where all individuals are treated with respect and dignity, and we encourage individuals from all backgrounds to apply, including protected veterans and individuals with disabilities. **Who We Are** **Vision:** + OIT will be valued by campus as a strategic, inclusive and innovative partner in advancing learning and discovery in order to enable CU Boulder to be an outstanding public university. **Mission:** + OIT enables campus priorities by providing high-value IT services and solutions. **Values:** + Trust, as a foundation for how we engage with one another and with campus partners, along with + Curiosity in how to better support the campus and our partner's while + Encouraging empowerment and authentic engagement among ourselves and + Celebrating a culture that promotes a sense of belonging while acknowledging that each person is unique and valued. **Strategy:** + OIT will advance learning and discovery by delivering high-value reliable IT services and solutions that: + Provide a fluid and adaptable academic and student experience + Enable research competitiveness and + Deliver core infrastructure and enterprise IT services for business efficiency. **What Your Key Responsibilities Will Be** **Strategic Research Enablement & Integration:** + Serve as a strategic integrator between researchers, compliance offices, and technical implementers, ensuring mutual understanding and alignment, effectuating cross-unit decision making and to help educate on the current infrastructure to guide future grant and research opportunities. + Lead efforts to adopt and extend the Trusted CI Framework, grounding CU Boulder's practices in evidence-based, researcher-driven cybersecurity solutions. + Provide information security subject matter expertise informing planning efforts around classified environments. + Through an IT Security lens, serve as a trusted partner, problem-solver, and proactive strategic advisor to faculty and research teams, championing adoption and communication, ensuring researchers, faculty and staff understand the tools, frameworks, and expectations for secure research. + Promote a culture of compliance that values clarity, accountability, and thoughtful, leadership-supported risk management. + Provide information security guidance for CU Boulder's grant and contract review process to guide and facilitate alignment of supporting systems and platforms with business needs and security requirements. **Coordinate Systems and Service Evolution:** + Work in partnership with OIT and Research Computing service owners (e.g., CMMC compliant enclave, supercomputer, peta-scale storage, and secure computing environments) to identify gaps, prioritize enhancements, and promote adoption. + Bring a technical understanding of system architecture and ITIL principles to translate compliance needs into actionable service roadmaps, without direct operational ownership. **Advance Research Cybersecurity and Risk Mitigation:** + Work proactively and collaboratively with Export Control, Ethics & Compliance, Contracts & Grants, and peers within the Office of Information Technology Security to sustain and enhance compliance with NIST 800-171, CMMC, DFARS, and other federal mandates impacting university researchers. **What You Should Know** + Visa sponsorship is not available for this position. + This position is in a hybrid work situation. This role will work on-campus to meet with researchers, provide consultation in labs, and assist with business needs, and will have the opportunity for some remote work as well. + Due to the requirement to access export-controlled data and information, only U.S. citizens, lawful permanent residents (green cards), or other protected individuals (i.e., persons designated as an asylee, refugee, or a temporary resident under amnesty provisions) may apply. **What We Can Offer** The annual salary for this full-time position is $110,000 - $130,000. **Benefits** At the University of Colorado Boulder (************************** , we are committed to supporting the holistic health and well-being of our employees. Our comprehensive benefits package (*************************************** includes medical, dental, and retirement plans; generous paid time off; tuition assistance for you and your dependents; and an ECO Pass for local transit. As one of Boulder County's largest employers, CU Boulder offers an inspiring academic community and access to world-class outdoor recreation. Explore additional perks and programs through the CU Advantage (******************************************* program. **Be Statements** Be ambitious. Be inspired. Be Boulder. **What We Require** + Bachelor's degree (or equivalent experience) from an accredited institution in information technology, computer science, law or related field. A combination of education and/or experience as described below can be substituted for the degree on a year for year basis. + 5+ years of experience in cybersecurity, research compliance, or risk management within higher education, government, or research settings. + Demonstrated ability to collaborate across technical, administrative, and academic communities. + Deep understanding of research data lifecycles, cybersecurity frameworks, and compliance standards. **What You Will Need** + Ability to be a visibly involved leader with strong relationship skills, a reputation for visibility, integrity, and high ethical standards, who will rigorously uphold quality standards earning the trust of individuals within and outside the university. + An open-minded and multi-dimensional approach to problem-solving. + Ability to comprehend complex technical information in research proposals and agreements. + Ability to organize work effectively, conceptualize and prioritize objectives, and exercise independent judgment based on an understanding of university policies and activities. + Proficient interpersonal and communication skills demonstrated by effective interactions and clear articulation of organizational goals. + Track record of establishing relationships quickly and effectively across a broad constituency; a high degree of ease, sensitivity, and flexibility in working with partners across organizational lines. + Ability to bring parties with disparate views toward mutually beneficial outcomes. + Demonstrated proficiency in communicating complex regulations and policies. + Experience analyzing dynamic contracts, legal documents, and policies, including intellectual property. + Ability to evaluate internal controls and understand organizational risk, implementing appropriate policies or procedures to ensure compliance. + Passion for service excellence, including research and operational integrity. + Ability to collect and analyze data, develop performance indicators and benchmarks, identify trends, and implement changes to achieve operational effectiveness. + Solid understanding of higher education or research organization policies, practices and procedures, including reporting standard methodologies. **Special Instructions** To apply, please submit the following materials: 1. A current resume. 2. A cover letter that specifically tells us how your background and experience align with the requirements, qualifications, and responsibilities of the position. We may request references at a later time. Please apply by **December 14, 2025** for consideration. Note: Application materials will not be accepted via email. For consideration, please apply through CU Boulder Jobs. (************************** In compliance with the Colorado Job Application Fairness Act, in any materials you submit, you may redact or remove age-identifying information such as age, date of birth, or dates of school attendance or graduation. You will not be penalized for redacting or removing this information. **To apply, visit ******************************************************************************* (****************************** Copyright 2025 Jobelephant.com Inc. All rights reserved. Posted by the FREE value-added recruitment advertising agency (***************************** jeid-59de415ca7c8d1479825f924a85a5331 The University of Colorado does not discriminate on the basis of race, color, national origin, sex, age, pregnancy, disability, creed, religion, sexual orientation, gender identity, gender expression, veteran status, political affiliation, or political philosophy. All qualified individuals are encouraged to apply.

Posting Details Information Position Number 012583 Functional Title Information Security Professional Position Type Staff Position Eclass EP - EHRA 12 mo leave earning University Information Located in North Carolina's third largest city, UNC Greensboro is among the most diverse, learner-centered public research universities in the state, with 18,000 students in eight colleges and schools pursuing more than 150 areas of undergraduate and over 200 areas of graduate study. UNCG continues to be recognized nationally for academic excellence, access, and affordability. UNCG is ranked No. 1 most affordable institution in North Carolina for net cost by the N.Y. Times and No. 1 in North Carolina for social mobility by The Wall Street Journal - helping first-generation and lower-income students find paths to prosperity. Designated an Innovation and Economic Prosperity University by the Association of Public and Land-grant Universities, UNCG is a community-engaged research institution with a portfolio of more than $67M in research and creative activity. The University's 2,600 staff help create an annual economic impact for the Piedmont Triad region in excess of $1B. Primary Purpose of the Organizational Unit The Information Security Office is a subset within the Division of Information Technology Services (ITS). The Information Security Office is charged with providing active information security & risk management services, incident management, information security controls, education, and guidance for the protection of UNCG's information assets and information technology environment. The overall objective is to provide confidentiality, integrity and availability services for teaching and learning, research, service, and the conduct of university business and also supporting university's compliance with regulatory requirements. Position Summary We are seeking a highly skilled Security Architect with 5 to 7+ years of experience and expertise in cloud security, vulnerability management, BC/DR and AI governance. The ideal candidate will drive innovation while ensuring operational resilience, compliance, and effective risk mitigation across on-prem and hybrid cloud environments. This Information Security Professional position contributes to the division's role of ensuring university compliance with federal and state laws and regulation, serving as the advisory and support resource for HIPAA Security Rule, FERPA and DMCA compliance, records management, and compliance with restricted data laws and policies - such as PII, ePHI, and educational information. Minimum Qualifications * A Bachelor's or Master's degree in a technical field with at least 5 to 7 years of relevant experience, or equivalent combination of education/experience * Certifications such as CISSP, CRISC, CCSP, Microsoft Certified: Security, Compliance, and Identity Fundamentals, or equivalent. * Azure/AWS/AI Certifications * Proven experience in security architecture and AI governance. * Expertise in Microsoft security tools (Azure Security, Defender Suite, Purview, Sentinel). * Proficient in scripting languages for automation (PowerShell, Python, Bash). * Familiarity with compliance frameworks like NIST, ISO 27001/2, HIPAA, and AI governance standards. * Strong analytical, communication, and collaboration skills. Additional Required Certifications, Licensures, and Certificates Preferred Qualifications Special Instructions to Applicants Recruitment Range Salary commensurate with experience Org #-Department Info Technology Services - 23101 Job Open Date 08/26/2025 For Best Consideration Date Job Close Date Open Until Filled Yes FTE 1.000 Type of Appointment Permanent If time-limited, please specify end date for appointment. Number of Months per Year 12 FLSA Exempt Key Responsibilities ________________________________________________________________________________________________________________________ Percentage Of Time 30% Key Responsibility Security Architect Essential Tasks * Conduct security architecture reviews, risk assessments, threat modeling, and cloud configuration audits (Azure & AWS). * Collaborate with AI/ML teams to identify and mitigate risks related to AI, including data privacy, model security, and adversarial threats. * Develop and implement robust security frameworks, focusing on IAM & Data Security, Cloud & Network Security. Percentage Of Time 20% Key Responsibility Cloud and AI Security Essential Tasks * Monitor and optimize security posture using Microsoft Azure tools (Defender for Cloud, Sentinel, Azure AD) and the Microsoft Defender Suite (Endpoint, Identity, Office 365, Cloud Apps). * Secure AI/ML models and data pipelines while addressing governance risks. Percentage Of Time 20% Key Responsibility Data Protection and Governance Essential Tasks * Design and implement advanced DLP policies via Microsoft Purview. * Ensure compliance with NIST and ISO frameworks, CIS controls, HIPAA, AI governance standards (ISO 42001/23894) and data protection regulations. Percentage Of Time 10% Key Responsibility Incident Response & Threat Detection Essential Tasks * Experienced in incident response using SIEM/SOAR platforms with automation where applicable. * Perform vulnerability assessments across hybrid environments and ensure timely remediation and patch management coordination. Percentage Of Time 10% Key Responsibility Operational Resilience Essential Tasks * Develop and maintain comprehensive BC/DR plans, conducting annual exercises for continuous process improvement. * Conduct business impact analyses to prioritize remediation strategies. Percentage Of Time 5% Key Responsibility Automation & Reporting Essential Tasks * Build dashboards and custom security reports using Splunk, Power BI, Microsoft Sentinel, or equivalent. * Automate repetitive security tasks using scripting languages (PowerShell, Python, Bash). Percentage Of Time 5% Key Responsibility Training & Awareness Essential Tasks * Conduct DLP policy enforcement, AI security education, and annual security awareness training. * Stay ahead of emerging threats and regulatory developments in cloud, data, and AI security domains. ADA Checklist ADA Checklist R for Rare (0-30%), O for Occasional (30-60%), F for Frequent (60-90%), C for Constant (90-100%). Physical Effort Hand Movement-Repetitive Motions - F, Finger Dexterity - f, Reading - f, Writing - F, Hearing - f, Talking - f, Sitting - f Work Environment Inside - c Applicant Documents Required Documents * Resume/CV * Cover Letter * List of References Optional Documents * Reference Letter 1 * Reference Letter 2 * Reference Letter 3 Supplemental Questions Required fields are indicated with an asterisk (*). * * Please indicate how you learned of the vacant position for which you are applying: * SpartanTalent Website * Piedmont Triad Area Newspaper * The Chronicle of Higher Education * Inside Higher Ed * Other professional journal / website * NCWorks.gov * UNC School System Job Board * Personal Networking * Facebook * Twitter * Indeed.com * NorthCarolinaDiversity.com * Other * * If you selected "Other", please provide the name of the resource here. (Open Ended Question) * * Are you eligible to work in the United States without sponsorship? * Yes * No

The Lockwood Group The Lockwood Group is a Global Professional Services Provider established with a purpose to deliver Mission Readiness service and solution to the Department of Defense and Federal Government. Our culture is built upon a Mission Readiness vision and our six core values. We believe in customer centric service delivery with intent to uncover, understand, and solve the underlying problems of the true end customers for our services - the military (the soldier, airman, seaman and Marine) and federal service professionals. Take the first step to "Mission Readiness" by viewing our Mission Readiness Capability video which articulates our Core Purpose: The Lockwood Group Launches Mission-Ready Capabilities Video Overview: The Lockwood Group is currently pending award on a contract providing tactical network support to the Project Manager Network Modernization program (PdM NetMod). We are seeking a Cyber Analyst to support the PdM NetMod program by assessing and enhancing the security posture of network and IT systems, identifying vulnerabilities, and ensuring compliance with DoD cybersecurity regulations. Responsibilities: Conduct security assessments, penetration testing, and vulnerability analysis. Monitor, detect, and respond to cyber threats and incidents. Implement security controls and policies in line with DoD cybersecurity frameworks. Perform risk assessments and ensure compliance with RMF and NIST standards. Develop security reports and recommendations for leadership. Qualifications: Bachelor's degree in Cybersecurity, Information Security, or related field. Experience in security operations, threat intelligence, and incident response. Proficiency in security tools such as SIEMs, IDS/IPS, and vulnerability scanners. Security+ or CISSP certification required. Active DoD Secret or higher clearance required. Salary: 90k to 120k The Lockwood Group offers a competitive benefits package, including Paid Time Off, medical, dental, and vision insurance, health and wellness, various optional add-on benefits, and a retirement 401(k) plan with Company match. Lockwood Credo, Core Values and Culture The Lockwood mission is to create an organization focused on service. We serve - each other, the soldier, our customers, our employees, our partners, our vendors, and our community. Service is at the center of our Core Values and Culture. Our customers come first. Being responsive, professional and reliable is why we are hired. We aim to deliver on all promises, exceeding customer expectations and making certain all business decisions are made with the customer in mind. Our employees are the face of our service. They are at the front lines working with our customers daily, and it is Lockwood's duty to serve our employees. This means designing a culture centered around core values that inspire, retain and grow the best talent. Our partners are fuel for our engine. Our great vendors, consultants and teaming partners combine to fuel Lockwood, ensuring we successfully deliver always. We work alongside our partners as one cohesive team. Service to the community is important to us. We seek to volunteer, engage and support our communities through investment of time and resources. This service mindset is what inspired company founders to embark on the journey to deliver on the promise to Lead the Way to Mission Readiness for all people we serve. The following 6 Core Values are the foundation by which we serve: •Ethics and Integrity •Customer Commitment •Team and Family Environment •Service •Leadership •Positivity If these Core Values resonate with you, we would love to have you join our team! The Lockwood Group is an Equal Opportunity Employer All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. The Lockwood Group will consider qualified applicants with criminal histories for employment in accordance with relevant laws.

Loyola Marymount University (LMU) is seeking an experienced leader to serve as Director of Information Security & Compliance within our Information Technology Services (ITS) team. This role offers a strategic opportunity to shape and safeguard the university's digital environment, drive proactive risk management, and embed a culture of security across the organization. Reporting directly to the CIO/VP of IT, the Director will architect and manage a best-in-class information security and compliance program that supports LMU's mission of learning, holistic education, service, and justice. Under the general direction of the CIO/Vice President for Information Technology, the Director of Information Security and Compliance will serve as the University's Cybersecurity leader. The Director will create a modern and effective Information Security and Compliance Program that will drive the university's efforts to protect its information assets and ensure compliance with relevant regulations and standards. This role is pivotal in creating a secure and compliant digital environment that supports LMU's mission, values, and goals. The Director will leverage partnerships and collaboration to lead initiatives that result in measurable improvements in information security and compliance, fostering a culture of security awareness and proactive risk management. The Director will serve as the process owner of the appropriate second-line assurance activities not only related to confidentiality, integrity and availability, but also to the safety, privacy and recovery of information owned or processed by LMU in compliance with regulatory and university requirements. The Director will oversee the university's compliance with applicable laws, regulations, and policies related to information security and privacy. Position Specific Responsibilities/Accountabilities * Enhance Security Posture: Develop and implement a comprehensive cybersecurity program that significantly reduces risks and vulnerabilities across the university's digital landscape. * Ensure Regulatory Compliance: Achieve and maintain compliance with relevant regulations and standards, ensuring that LMU meets all legal and regulatory requirements. * Collaborative Protection: Work closely with various campus partners, external stakeholders, and community partners to ensure that information assets and associated technologies are protected, resulting in a cohesive, unified, and well understood approach to information security and compliance. * Risk Management: Conduct thorough risk assessments and implement effective mitigation strategies, leading to a demonstrable reduction in potential threats. * Incident Response: Oversee and improve incident response and recovery efforts, ensuring swift and effective investigation and resolution of security incidents. * Policy Development: Create and enforce robust policies and procedures that safeguard information assets, leading to a well-documented and easily accessible framework for cybersecurity. * Training and Awareness: Provide comprehensive training and guidance to staff on cybersecurity best practices, resulting in a well-informed and vigilant workforce. * Monitoring and Reporting: Continuously monitor and report on the effectiveness of the cybersecurity program, providing clear metrics and insights that demonstrate progress and areas for improvement. * Leadership and Strategy: Plan and manage the strategy, people, processes, tools, services, and resources necessary to effectively support the program and meet strategic goals. * Business Continuity and Disaster Recovery: Orchestrate a secure, robust, and highly reliable approach to providing ITS services, during and after a disaster or disruption, to minimize negative impacts to business operations and maintain essential services. * Data Governance: Oversee the university's data governance efforts, ensuring that data is managed securely and in compliance with university policies and legal requirements. * Perform other related duties. Loyola Marymount University Expectations Exhibit behavior that supports the mission, vision, and values of the university. Communicate and employ interpersonal actions that model high standards of professional, responsible, accountable, and ethical conduct. Demonstrate a commitment to outstanding customer service. Requisite Qualifications * Typically a Bachelor's Degree from an accredited four-year institution in Computer Science, Information Technology, or Cybersecurity. * Seven years of experience in information security, with at least three years in a management role. * Experience in developing and implementing technology policy, especially in a University environment is desirable. * Professional certifications such as CISSP, CISM, or CISA are highly desirable. * Experience in developing and implementing technology policy, preferably in a University environment.\ * Strong knowledge of frameworks, standards, and best practices relating to Information Security, Privacy, Data Governance, and Business Continuity and Disaster Recovery Experience with regulatory compliance requirements (e.g., i.e. FERPA, HIPAA, GDPR, CCPA, and PCI-DSS). * Demonstrated excellent verbal and written communication skills, as well as presentation skills. Writing samples may be required. * Excellent analytical, problem-solving, and decision-making skills. * Strong communication and interpersonal skills, with the ability to effectively collaborate with diverse stakeholders. * Demonstrated ability to lead and manage a team of security professionals. The above statements are intended to describe the general nature and level of work being performed. They are not intended to be construed as an exhaustive list of all responsibilities, duties and skills required of this position. #HERC# #HEJ# Staff Regular Salary range $146,800.00 - $205,500.00 Salary commensurate with education and experience. Please note that this position is not eligible for visa sponsorship now or in the future. Loyola Marymount University, a Carnegie classified R2 institution in the mainstream of American Catholic higher education, seeks outstanding applicants who value its mission and share its commitment to inclusive excellence, the education of the whole person, and the building of a just society. LMU is an equal opportunity employer committed to providing an environment free from discrimination and harassment as defined by federal, state and local law. We invite all persons in the full diversity of their being, life experience, and beliefs to apply. (Visit *********** for more information.)

Do you love solving problems while enabling impactful research to operate securely? Are you passionate about making meaningful contributions to national security cyber missions? Do you like collaborating with a team with varied strengths to tackle complex problems which enable research across space exploration, cybersecurity, national defense, and cutting edge technologies? If so, we're looking for someone like you to join our team at APL. We are ranked as one of Computerworld 's Top Places to Work in IT for 6 years running and seeking motivated cybersecurity professionals to help us develop system security plans, handle cyber risk decisions, and enable our mission partners to innovate in a secure environment. As a member of our team, you'll contribute to the security and oversight of our classified information systems in support of real world, mission focused tasks. Our team of hardworking technical specialists are motivated by one common goal - securing our systems to enable national security missions. We strive to foster an environment of collaboration where the best idea prevails. As an Information System Security Manager... * Your primary responsibility will be to ensure classified systems follow government and APL regulations while still meeting program demands and operating in an accredited state. * You will lead all aspects of SSP development, maintenance, accreditation/re-accreditation, and oversight, including conducting periodic reviews to ensure compliance. * You will function as lead contact for IS security inspections, tests, and reviews by oversight authorities. * You will support the Chief Information Security Officer (CISO) and the Chief of Classified IT Compliance in carrying out the Laboratory's Classified Information Security Program. Qualifications You meet our minimum qualifications for the job if you... * Have acquired a BS in Computer Science, Cyber Security, or a related field, 8+years of relevant cybersecurity experience, and a current DoD 8140 Level III certification. * Have 5+ years working with the RMF, DAAPM, NISPOM, JSIG or other equivalent security frameworks. * Are an outstanding communicator in both written and verbal forms. * Hold an active Top Secret security clearance with a current SSBI. If selected, you will be subject to a government security clearance investigation and must meet the requirements for access to classified information. Eligibility requirements include U.S. citizenship. You'll go above and beyond our minimum requirements if you... * Have worked as an Auditor, ISSO, ISSM, ISSE, Security Architect or Cyber Risk Manager for 5+ years. * Held cybersecurity positions in classified DoD or IC environment for 8+ years. * Currently have active TS/SCI, or TS/SCI+poly security clearance #LI-AG1 About Us Why Work at APL? The Johns Hopkins University Applied Physics Laboratory (APL) brings world-class expertise to our nation's most critical defense, security, space and science challenges. While we are dedicated to solving complex challenges and pioneering new technologies, what makes us truly outstanding is our culture. We offer a vibrant, welcoming atmosphere where you can bring your authentic self to work, continue to grow, and build strong connections with inspiring teammates. At APL, we celebrate our differences of perspectives and encourage creativity and bold, new ideas. Our employees enjoy generous benefits, including a robust education assistance program, unparalleled retirement contributions, and a healthy work/life balance. APL's campus is located in the Baltimore-Washington metro area. Learn more about our career opportunities at ****************************** All qualified applicants will receive consideration for employment without regard to race, creed, color, religion, sex, gender identity or expression, sexual orientation, national origin, age, physical or mental disability, genetic information, veteran status, occupation, marital or familial status, political opinion, personal appearance, or any other characteristic protected by applicable law. APL is committed to providing reasonable accommodation to individuals of all abilities, including those with disabilities. If you require a reasonable accommodation to participate in any part of the hiring process, please contact Accommodations@jhuapl.edu. The referenced pay range is based on JHU APL's good faith belief at the time of posting. Actual compensation may vary based on factors such as geographic location, work experience, market conditions, education/training and skill level with consideration for internal parity. For salaried employees scheduled to work less than 40 hours per week, annual salary will be prorated based on the number of hours worked. APL may offer bonuses or other forms of compensation per internal policy and/or contractual designation. Additional compensation may be provided in the form of a sign-on bonus, relocation benefits, locality allowance or discretionary payments for exceptional performance. APL provides eligible staff with a comprehensive benefits package including retirement plans, paid time off, medical, dental, vision, life insurance, short-term disability, long-term disability, flexible spending accounts, education assistance, and training and development. Applications are accepted on a rolling basis. Minimum Rate $102,500 Annually Maximum Rate $290,000 Annually

Unigen, headquartered in Newark, California, is a trusted partner for businesses seeking to power their next generation of products. Founded in 1991, we've grown into a leading provider of electronics manufacturing services (EMS), offering a comprehensive suite of solutions from design and manufacturing to supply chain management. From advanced memory modules to high-density storage devices, our solutions are engineered to meet the demanding needs of today's technology landscape. Our commitment to quality and innovation ensures that our partners have the tools they need to succeed. At Unigen, you'll have the opportunity to work on cutting-edge projects and make a real difference. Working at Unigen means you'll be surrounded by other innovative companies, have access to top talent, and be close to world-class resources. We offer competitive compensation and a comprehensive benefits package, including 401(k) matching. This location, combined with our benefits, provides a unique advantage for those looking to thrive in the semiconductor industry. Job Title: Security Engineer Department: IT Reports to: IT Manager Job Overview: The Security Engineer is responsible for designing, implementing, and managing the security infrastructure that protects our applications, data, and networks. This role plays a critical part in threat detection, risk mitigation, and the development of secure architectures while ensuring compliance with industry standards and regulatory requirements. Primary Responsibilities: Design, deploy, and manage security tools and technologies (e.g., firewalls, SIEM, IDS/IPS, endpoint protection). Monitor systems and networks for security events, investigate incidents, and lead remediation efforts. Perform threat modeling, risk assessments, and application security reviews. Conduct vulnerability assessments and penetration tests to identify and address security gaps. Develop, implement, and maintain security policies, standards, and procedures aligned with frameworks such as NIST, ISO 27001, SOC 2, and GDPR. Build and maintain secure cloud and infrastructure configurations (e.g., GCP, Oracle Cloud). Conduct code and architecture reviews with a focus on security best practices. Partner with DevOps, IT, and engineering teams to integrate security across the software development lifecycle (DevSecOps). Stay informed about emerging threats, vulnerabilities, and regulatory updates (e.g., ISO 27001, ITAR, CMMC 2.0). Deliver security awareness training to internal teams. Collaborate with compliance, legal, and business stakeholders to support audits and regulatory obligations. Qualifications: Bachelor's degree in Computer Science, Cybersecurity, or a related field. 5+ years of hands-on cybersecurity experience. Strong knowledge of security frameworks and protocols (e.g., NIST, ISO 27001, SOC 2, CIS). Expertise in network security, system hardening, and secure coding practices. Practical experience with SIEM, IDS/IPS, EDR, firewalls, and vulnerability management tools. Preferred: Industry certifications such as CISSP, OSCP, or GIAC. Experience with security audits, penetration testing, or participation in red/blue team exercises. Strong communication skills with the ability to articulate complex security concepts to both technical and non-technical audiences. Experience in an Electronics Manufacturing environment is a plus.

Johns Hopkins Public Safety is seeking an IT Security Engineer who will be responsible for log management, host security, cloud security, asset discovery, vulnerability management, incident response, threat intelligence, Security Orchestration and Automated Response (SOAR), Network Access Control, network security and oversight of either a Managed Security Service Provider (MSSP) or Security Incident and Event Management (SIEM) tool. Candidates must have a good understanding of firewall technologies, including next-generation firewall capabilities and be able to implement in an evolving network. Experience with multiple Firewall vendors is helpful. This position will work with the network team to assist managing firewall security and implementation. The Engineer will be responsible for running penetration and vulnerability scans externally, internally, and producing reports and providing support in resolving those issues to the technical team responsible for the health of those systems. Experience with SaaS based SIEM technologies and the ability to coordinate with the enterprise IT team on security concerns leading and resolve any issue is required. Position will also write and deliver department security documentation and processes, review with peers, and be responsible for coordinating internal reviews, reviews with enterprise security team and participate in audits. Job Scope/Complexity Security efforts at Johns Hopkins Public Safety are complex due to our Academic and Healthcare missions and the complexity of supporting security projects. Incidents and projects are complex and varied in nature and also require the ability to balance the demands of multiple projects. Specific Duties & Responsibilities * The responsibilities below illustrate work performed by this position * . Not all duties assigned to this position are included, nor is it expected that everyone in this position will be assigned every job responsibility. Security Monitoring * Respond to all user, system, and network security incidents. * Troubleshoot problems associated with security tools. * Stay abreast of emerging security threats, vulnerabilities, and controls. * Filter and analyze large datasets from security logging and telemetry sources and build tools to integrate data into operational controls. * Automate security controls, data, and processes to provide improved metrics and operational support. * Filter and analyze large datasets from security logging and telemetry sources and build tools to integrate data into operational controls - SIEM, Log Aggregation Tools. * Apply adept understanding and experience with systems automation platforms and technologies. * Knowledge of the latest trends and awareness of current hacking techniques and cybercrime. * Working knowledge of either Cisco or Palo Alto firewall technologies. Familiarity with firewall rules and advanced threat protection capabilities in next-generation firewall technologies is a plus. Host and Cloud Security * Design, implement and administer automated security update technologies for client and server systems. * Design, implement and administer advanced endpoint protection technologies. * Test and identify network and system vulnerabilities and work to address them with the appropriate owners. * Help shape the organization's security policies and standards for use in on-premises and cloud environments. * Create technical documents on the use of security technologies. * Apply system security engineering principles to deliver real world solutions to enhance our organization security posture. * Familiarity with network scanners such as Nessus, Tenable or Qualys and ability to interpret reporting and communicate remediation steps to others in the department. Data Security and Compliance * Direct and influence multi-disciplinary teams in implementing and operating information security controls. * Provide subject matter expertise on information security architecture and systems engineering to other IT and business teams. * Interpret security and technical requirements into business requirements and communicate security risks to relevant stakeholders. * Familiarity with NIST, CJIS or CIS frameworks and understanding of how to implement one or more of these standards in a working environment. * Perform other related duties as requested. Minimum Qualifications * Bachelor's Degree. * Six years of related work experience with computer systems, applications and cybersecurity technologies. * Additional education may substitute for required experience and additional related experience may substitute for required education beyond a high school diploma/graduation equivalent, to the extent permitted by the JHU equivalency formula. Preferred Qualifications * Knowledge in the assigned technical areas this position is responsible for. * A CISSP certification is desirable. Classified Title: IT Security Engineer Role/Level/Range: ATP/04/PF Starting Salary Range: $85,500 - $149,800 Annually (Commensurate w/exp.) Employee group: Full Time Schedule: M-F 8 am - 4 pm FLSA Status: Exempt Location: Hybrid/Eastern High Campus Department name: VP for Public Safety Office of Personnel area: University Administration

Johns Hopkins Public Safety is seeking an **_IT Security Engineer_** who will be responsible for log management, host security, cloud security, asset discovery, vulnerability management, incident response, threat intelligence, Security Orchestration and Automated Response (SOAR), Network Access Control, network security and oversight of either a Managed Security Service Provider (MSSP) or Security Incident and Event Management (SIEM) tool. Candidates must have a good understanding of firewall technologies, including next-generation firewall capabilities and be able to implement in an evolving network. Experience with multiple Firewall vendors is helpful. This position will work with the network team to assist managing firewall security and implementation. The Engineer will be responsible for running penetration and vulnerability scans externally, internally, and producing reports and providing support in resolving those issues to the technical team responsible for the health of those systems. Experience with SaaS based SIEM technologies and the ability to coordinate with the enterprise IT team on security concerns leading and resolve any issue is required. Position will also write and deliver department security documentation and processes, review with peers, and be responsible for coordinating internal reviews, reviews with enterprise security team and participate in audits. **Job Scope/Complexity** Security efforts at Johns Hopkins Public Safety are complex due to our Academic and Healthcare missions and the complexity of supporting security projects. Incidents and projects are complex and varied in nature and also require the ability to balance the demands of multiple projects. **Specific Duties & Responsibilities** + The responsibilities below illustrate work performed by this position + . Not all duties assigned to this position are included, nor is it expected that everyone in this position will be assigned every job responsibility. _Security Monitoring_ + Respond to all user, system, and network security incidents. + Troubleshoot problems associated with security tools. + Stay abreast of emerging security threats, vulnerabilities, and controls. + Filter and analyze large datasets from security logging and telemetry sources and build tools to integrate data into operational controls. + Automate security controls, data, and processes to provide improved metrics and operational support. + Filter and analyze large datasets from security logging and telemetry sources and build tools to integrate data into operational controls - SIEM, Log Aggregation Tools. + Apply adept understanding and experience with systems automation platforms and technologies. + Knowledge of the latest trends and awareness of current hacking techniques and cybercrime. + Working knowledge of either Cisco or Palo Alto firewall technologies. Familiarity with firewall rules and advanced threat protection capabilities in next-generation firewall technologies is a plus. _Host and Cloud Security_ + Design, implement and administer automated security update technologies for client and server systems. + Design, implement and administer advanced endpoint protection technologies. + Test and identify network and system vulnerabilities and work to address them with the appropriate owners. + Help shape the organization's security policies and standards for use in on-premises and cloud environments. + Create technical documents on the use of security technologies. + Apply system security engineering principles to deliver real world solutions to enhance our organization security posture. + Familiarity with network scanners such as Nessus, Tenable or Qualys and ability to interpret reporting and communicate remediation steps to others in the department. _Data Security and Compliance_ + Direct and influence multi-disciplinary teams in implementing and operating information security controls. + Provide subject matter expertise on information security architecture and systems engineering to other IT and business teams. + Interpret security and technical requirements into business requirements and communicate security risks to relevant stakeholders. + Familiarity with NIST, CJIS or CIS frameworks and understanding of how to implement one or more of these standards in a working environment. + Perform other related duties as requested. **Minimum Qualifications** + Bachelor's Degree. + Six years of related work experience with computer systems, applications and cybersecurity technologies. + Additional education may substitute for required experience and additional related experience may substitute for required education beyond a high school diploma/graduation equivalent, to the extent permitted by the JHU equivalency formula. **Preferred Qualifications** + Knowledge in the assigned technical areas this position is responsible for. + A CISSP certification is desirable. Classified Title: IT Security Engineer Role/Level/Range: ATP/04/PF Starting Salary Range: $85,500 - $149,800 Annually (Commensurate w/exp.) Employee group: Full Time Schedule: M-F 8 am - 4 pm FLSA Status: Exempt Location: Hybrid/Eastern High Campus Department name: VP for Public Safety Office of Personnel area: University Administration Equal Opportunity Employer All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.