Information Security Engineer jobs at Zyston - 174 jobs

A well-respected law firm in Washington, DC is seeking an experienced Information Security Engineer to enhance its security operations. This role offers the flexibility to work entirely remote or on-site. The ideal candidate will have a strong background in information security, excellent communication skills, and the ability to collaborate remotely. Competitive salary range is $122,000 to $160,000 annually, with additional benefits available. #J-18808-Ljbffr

Senior Security Engineer (Must have 3-5 years exp, Google SecOps & Security Command Center Enterprise) About Ladder We saw a problem within the life insurance industry: getting covered took too long, involved too much paperwork, and required too many in-person meetings with sales agents. Having lost his father at a young age, our CEO, Jamie, was determined to make it easier for people to get the coverage they needed to provide for their families. So, we got to work. We developed a method of real-time underwriting leveraging AI and, in doing so, reduced the months-long process of applying for life insurance to minutes. Our digital experience is quick (instant decisions!), loved by users (check out our Trustpilot or Google reviews) and prolific ($74 billion+ in coverage provided). About the role We're looking for a Senior Security Engineer to help us build out our monitoring and detection capabilities. Please note, this can be a hybrid role based in our Palo Alto headquarters or a remote role based role in one of the 23 States Ladder is currently hiring in - AZ, CA, CO, CT, FL, GA, IA, KS, MA, MD, MN, NC, NH, NJ, NV, NY, OH, OR, PA, TX, VA, WA, WI. Please note, Ladder is not currently sponsoring or transferring OPT or H1-B visa's. What You'll Do Improve ongoing monitoring and detection capabilities by adding data sources, creating detections, and building workflows in Google SecOps and Security Command Center Enterprise Ensure we are protected against the latest threat by staying current on emerging security threats and actively monitoring various threat intelligence sources for latest trends, campaigns, and adversary TTPs Collaborate with our Engineering and Product teams via threat modeling and design reviews Help secure our Googlebased corporate and production environments Assist IT in manage our SaaS applications and make sure people have access to what they should and not more Iterate on cloud, network, application, personnel, and device security Assess and secure internal and external applications, APIs, and CI/CD processes Assist with SOC2 and compliance program control implementation Triage alerts and respond to security incidents Collaborate with peers and stakeholders across the company to ensure our customers are protected as best as possible at all times Who You Are 3-5 years of experience in information security, with a strong focus on application security and/or detection engineering 1-2 years of experience in information technology Working knowledge of secure coding practices, application security frameworks, and common vulnerabilities OSCP, HTB-CPTS, PNPT, eCPPTv2, or equivalent training/certs Apple workstation security experience Familiarity with Google Cloud Platform, Datadog, Google SecOps (Chronicle), JAMF Protect, etc Passion for building security tooling to enhance and automate security processes Contributions to open-source projects or communities Experience in securing AI/ML models and pipelines What We Offer Whether you work in our beautiful office in Palo Alto or remotely, Ladder is highly collaborative and fun. To support you in your role, we offer fantastic perks and benefits that reflect our mission of care and support, including: Excellent medical, dental, and vision coverage | We offer competitive healthcare and dental plans for you and your family. Flexible paid time off | Take the time that you need to rest and recharge, including our week-long winter holiday closure. Stock options | We offer competitive stock option packages to participate in the success of building Ladder. A rewarding 401k match program | We'll match up to 4% of your contributions as you save for your retirement goals. Commuter benefits | When you work from the office, you will receive pre-tax benefits for your commute and free parking. A stocked, beautiful new office | Located in downtown Palo Alto, our office was specifically designed to accommodate all working styles. We've invested in technology to support our hybrid team, plus we provide office snacks and catered lunches so that team members can work well and have fun together. Paid parental leave | We think it's crucial that new parents have time to adjust to their new lives without worrying about work, so we provide all parents inclusive of birthing, adoption, or fostering ten weeks of paid baby bonding. Work-from-home flexibility and support | We recognize that everyone's homelife is different and support remote and hybrid work. Upon joining, we provide a one‑time $500 remote office stipend for all team members and then a monthly $150 stipend to cover WFH costs such as the internet. Fun company-wide events | Whether we work locally or remotely, we genuinely enjoy spending time together. That's why we plan fun virtual and in‑person events to let loose and laugh. The base pay range targeted for this position is $140,000.00 - $184,000.00 per year. Base pay is determined by market location and may vary depending on job‑related knowledge, skills, and experience. This role is eligible for equity and benefits as shared above. Voluntary Self-Identification For government reporting purposes, we ask candidates to respond to the below self‑identification survey. Completion of the form is entirely voluntary. Whatever your decision, it will not be considered in the hiring process or thereafter. Any information that you do provide will be recorded and maintained in a confidential file. Voluntary Self-Identification of Disability Form CC-305 Page 1 of 1 OMB Control Number 1250-0005 Expires 04/30/2026 Why are you being asked to complete this form? We are a federal contractor or subcontractor. The law requires us to provide equal employment opportunity to qualified people with disabilities. We have a goal of having at least 7% of our workers as people with disabilities. The law says we must measure our progress towards this goal. To do this, we must ask applicants and employees if they have a disability or have ever had one. People can become disabled, so we need to ask this question at least every five years. Completing this form is voluntary, and we hope that you will choose to do so. Your answer is confidential. No one who makes hiring decisions will see it. Your decision to complete the form and your answer will not harm you in any way. If you want to learn more about the law or this form, visit the U.S. Department of Labor's Office of Federal Contract Compliance Programs (OFCCP) website at ****************** How do you know if you have a disability? A disability is a condition that substantially limits one or more of your “major life activities.” If you have or have ever had such a condition, you are a person with a disability. Disabilities include, but are not limited to: Alcohol or other substance use disorder (not currently using drugs illegally) Autoimmune disorder, for example, lupus, fibromyalgia, rheumatoid arthritis, HIV/AIDS Blind or low vision Cancer (past or present) Cardiovascular or heart disease Celiac disease Cerebral palsy Deaf or serious difficulty hearing Diabetes Disfigurement, for example, disfigurement caused by burns, wounds, accidents, or congenital disorders Epilepsy or other seizure disorder Gastrointestinal disorders, for example, Crohn's Disease, irritable bowel syndrome Intellectual or developmental disability Mental health conditions, for example, depression, bipolar disorder, anxiety disorder, schizophrenia, PTSD Missing limbs or partially missing limbs Mobility impairment, benefiting from the use of a wheelchair, scooter, walker, leg brace(s) and/or other supports Nervous system condition, for example, migraine headaches, Parkinson's disease, multiple sclerosis (MS) Neurodivergence, for example, attention‑deficit/hyperactivity disorder (ADHD), autism spectrum disorder, dyslexia, dyspraxia, other learning disabilities Partial or complete paralysis (any cause) Pulmonary or respiratory conditions, for example, tuberculosis, asthma, emphysema Short stature (dwarfism) Traumatic brain injury Public burden statement: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete. EEO Statement Ladder is building a diverse team of talented and enthusiastic people. We are an equal opportunity workplace. At Ladder, differences are celebrated and supported to benefit our people, products, and community. Let us know why you're interested in this position and what unique contributions you can make to the Ladder team. We look forward to hearing from you. Interested in building your career at Ladder? Get future opportunities sent straight to your email. #J-18808-Ljbffr

Government IT Division REMOTE MKS2 Technologies, LLC, an award-winning high growth small business, creates innovative and customer‑centric technology solutions in the areas of Cyber Security, Instructional Design and Training, Software Engineering and IT Support Services to improve the security and well‑being of our clients. Our commitment to excellence and our “Mission First” orientation has resulted in steady growth and an expanding client base across government agencies. We have employees nationwide and for the past three consecutive years were named one of the fastest growing Veteran‑owned companies in the nation. Please take a moment to browse through our website and learn more about what it means to serve with MKS2. Senior Information System Security Engineer / Solutions Architect Location: Remote - must be within US and able to obtain Public Trust Clearance - US Citizen Pay: $100,000 - $120,000 annually (based on qualifications). Full Government benefits (W‑2) Job type: Contract We are seeking a hands‑on Senior Information System Security Engineer / Solutions Architect who will also serve as the Information System Security Engineer (ISSE) for key cybersecurity systems supporting the Department of Veterans Affairs (VA). This role is ideal for someone with deep technical engineering skills, cloud and DevSecOps experience. This individual will also lead teams to develop and implement technical solutions to remediate vulnerabilities and other complex cybersecurity challenges. Candidates will have a solutions‑oriented mindset to help the VA problem‑solve complex cybersecurity and IT challenges. The candidates should also be well‑versed with facilitating working sessions and have the ability to distill complex concepts into non‑technical/common language. The role will focus on analyzing and recommending system security architectures, vulnerability mitigation, policy‑driven compliance implementation, and full‑lifecycle support for the Department of Veteran's Affairs systems. Key Responsibilities Cybersecurity Engineering & Architecture (Primary) Analyze complex technical findings and determine necessary resources needed to solve problem‑sets across multiple cybersecurity and technical domains Partner with technical teams to develop and implement technical solutions Design, build, and deploy secure cloud‑native architectures and infrastructure components for VA information systems Develop and maintain CI/CD pipelines with integrated security scanning, policy enforcement, and remediation tools Implement secure infrastructure as code/policy as code using tools such as Terraform/CloudFormation, including writing and implementing PaC scripts Align security architectures with Federal Zero Trust strategy, VA directives, and OMB policies Enable automation of system telemetry and analytics pipelines for cyber situational awareness ISSEResponsibilities Provide engineering and technical analysis on behalf of Agency Authorizing Officials (AOs) for System Security Plans (SSPs), Risk Assessments, Security Controls Traceability Matrices (SCTMs), and POA&Ms Support system authorization and compliance activities including continuous monitoring and system audits Conduct regular and ad‑hoc analysis of security control findings and develop and implement remediation strategies Minimum Qualifications Bachelor's degree in computer science, engineering, or technical equivalent with 10 years of technical experience or a total of 18 years in lieu of education 8+ years of security engineering, DevSecOps, or cloud architecture experience Expertise in securing platforms hosted in AWS GovCloud and Azure Government Strong experience with NIST RMF, FISMA, FedRAMP, and Zero Trust architecture implementation Hands‑on skills in IaC tools like Terraform and CI/CD tools such as GitLab/Jenkins, with ability to adopt new technologies if procured by the agency Experience with network isolation tools such as Palo Alto Next Generation Firewalls (NGFW) and Juniper Mist Network Access Control (NAC) solutions or comparable Demonstrated experience securing modern applications, APIs, and automated infrastructure Excellent written and oral communication skills; ability to explain complex, technical information in easily understood terms; ability to brief Senior VA leadership regularly U.S. Citizenship and ability to obtain Public Trust clearance Preferred Qualifications Prior VA experience supporting VA OIS or major cybersecurity initiatives Experience authoring and maintaining ATO documentation in VA or HHS environments Experience with IoT/IoMT security solutions is a plus Knowledge of federal cybersecurity standards Equal Employment Opportunity Diversity creates a healthier atmosphere: MKS2 Technologies is proud to be an Equal Employment Opportunity / Affinitive Action employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, protected veteran status, disability status, sexual orientation, gender identity or expression, marital status, genetic information, or any other characteristic protected by law. As set forth in MKS2 Technologies's Equal Employment Opportunity policy, we do not discriminate on the basis of any protected group status under any applicable law. Voluntary Self‑Identification For government reporting purposes, we ask candidates to respond to the below self‑identification survey. Completion of the form is entirely voluntary. Whatever your decision, it will not be considered in the hiring process or thereafter. Any information that you do provide will be recorded and maintained in a confidential file. #J-18808-Ljbffr

A technology solutions provider seeks a Senior Backend/Middleware Engineer to develop secure, high-performance API and middleware solutions. This remote role requires expertise in Java and Spring Boot, with responsibilities including designing RESTful APIs and implementing security protocols. Ideal candidates will have experience with OAuth 2.0, OpenID Connect, and authorization principles. Benefits include health insurance, 401(k), and paid time off. #J-18808-Ljbffr

Why you should join our At-Bay Security team: At-Bay is a fast-growth InsurSec company (Insurance x Cybersecurity) on a mission to bring innovative products to the market that help protect small businesses from digital risks. As an InsurSec provider, we uniquely combine insurance with mission-critical security technologies, threat intelligence, and human expertise, to bridge the critical security capability gap that exists among SMBs in the community. We believe InsurSec is an $80B market opportunity and we are excited to expand our DFIR team in order to help expand our reach and influence in the business and security community, of which we serve 35,000 customers. The Role: Cybersecurity Analysts focused on Digital Forensics and Incident Response (DFIR) deliver incident investigation and response services to At-Bay insureds via: Forensically sound collection, transmission, and storage of digital evidence Analysis of digital evidence to identify indicators of compromise and adversary activity Development of incident timelines and theories of compromise Identification of incident root causes Participation in threat actor negotiations as necessary (e.g., ransom negotiations, etc.) Participation in incident recovery (e.g., restoration of data from backups, reimaging workstations and servers, rebuilding network infrastructure, etc.) activities as necessary Development and delivery of incident reports to document key incident details for engagement stakeholders including executive leaders for insureds, breach coach attorneys, and At-Bay claims management staff as necessary Development and delivery of recommendations to mitigate the risk of future incidents for impacted insureds Development and delivery of incident response training and simulations for targeted insureds Key skills: Previous digital forensics and incident response experience Strong oral and written communication skills Previous hands-on experience performing digital forensics and incident response, including several of the following: Business Email Compromise Ransomware Digital evidence collection and analysis Development and analysis of cyber threat intelligence Leadership of or participation in investigations involving digital evidence Intrusion detection / cyber threat hunting Malware analysis Incident recovery activities such as restoration of data from backups, operation of decryptor tools, etc. Previous hands-on experience working in information technology operations (e.g., Network Operations Center, Security Operations Center, Incident Response Team, etc.) Minimum requirements: Bachelor's degree or equivalent Minimum of 2 years of experience in cybersecurity operations, incident response, incident recovery, or another security discipline Willingness to travel as needed to perform job functions Preferred requirements: Significant undergraduate or graduate coursework in computer science, computer engineering, information systems, or cybersecurity Previous background in law enforcement or government/military with experience leading complex technical investigations Knowledge of cloud environments, including knowledge of cloud security products and services offered by major cloud service providers (e.g., AWS, Azure, Google) Experience in a top-10 cyber consulting firm or leading DFIR provider preferred One or more industry cybersecurity certifications (e.g., GCIH, Security+, CISSP, etc.) Work location: USA, Nationwide Fully Remote Our estimated base pay range for this role is $80,000-$115,000 per year. Base salary is determined by a variety of factors including but not limited to market data, location, internal equitability, domain knowledge, experiences and skills. In general, if the position sparks your interest we encourage you to apply - our team prioritizes talent. #LI-CK1

Job Description CyberSheath Services International LLC is a rapidly growing Security and IT Managed Services Provider primarily focused on providing Cybersecurity services to the Defense Industrial Base (DIB). We are excited to be expanding our staff due to our growth and are looking to add a Cyber Security Analyst to our Security Operations team! CyberSheath integrates compliance and threat mitigation efforts and eliminates redundant security practices that don't improve and, in fact, may weaken an organization's security posture. Our professionals tell clients where to stop spending, where to invest, and how to take what they are already doing and integrate it in a way that delivers improved security. Successful candidates for CyberSheath are self-motivated, think out of the box, work, and solve issues independently. Additionally, our most successful people are self-starters and willing to put on many hats in order to succeed. CyberSheath is fast-growing and seeks candidates who want to be part of our upward trajectory. Job Overview The Cyber Security Analyst II is responsible for advanced security incident triage, investigation, and response across Microsoft 365, Azure, and on-premises infrastructure. Serves as the escalation point for complex security incidents while implementing containment and remediation procedures in hybrid environments. Key Responsibilities Investigate and respond to escalated security incidents across Microsoft cloud and on-premises environments Perform advanced incident analysis using Microsoft Defender suite and Azure Sentinel Conduct security assessment of Azure/Microsoft 365 configurations and implement hardening recommendations Analyze and respond to advanced Active Directory attacks (Kerberoasting, Pass-the-Hash, Golden Ticket) Monitor and investigate Exchange Server logs, email flow patterns, and phishing campaigns Analyze federation security including ADFS token-based attacks and SAML token manipulation Configure and tune WAF/firewall rule sets and investigate related security incidents Develop network segmentation strategies and identify lateral movement attempts Develop and maintain incident response playbooks for various attack scenarios Coordinate incident response activities with cross-functional teams Required Qualifications 3-5 years in cybersecurity with 2+ years SOC experience Deep knowledge of hybrid Microsoft environments (Microsoft 365, Azure, on-premises AD) Experience with SIEM platforms and security monitoring tools Scripting proficiency (PowerShell, Python) Strong analytical and communication skills Microsoft Certified: Security Operations Analyst (SC-200) One additional security certification: EC-Council CSA, CompTIA Security+, or similar Preferred Qualifications Microsoft Certified: Azure Security Engineer (AZ-500) Microsoft Certified: Identity and Access Administrator (SC-300) CrowdStrike Certified Falcon Responder (CCFR) or equivalent EDR certification CISSP, SSCP, CCSP Skills & Expertise Strong Proficiency with Microsoft Defender suite (Endpoint, Office 365, Identity, Cloud Apps) Azure Sentinel KQL query development and alert configuration Azure AD/Entra ID security configuration and attack path analysis Active Directory security assessment including GPOs, trust relationships, and delegation Email security and phishing detection/response Cloud security posture management Incident handling and digital forensics Threat intelligence analysis and implementation Work Environment CyberSheath is a fully remote organization, and this will be a work-from-home position The schedule for this role is: Week One: Friday - Sunday 8:00 AM - 8:00 PM Week Two: Friday - Monday 8:00 AM - 8:00 PM Travel requirements: 0-5% yearly. Please note that this role will be part of our SOC on-call rotation CyberSheath is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender identity, national origin, age, protected veteran status, among other things, or status as a qualified individual with a disability. Budgeted Pay Range$70,000-$100,000 USD

Junior Cybersecurity Analyst (Remote) About the Role Our client is seeking a motivated Junior Cybersecurity Analyst to join our Information Security team. This is a remote opportunity for an early-career cybersecurity professional who wants hands-on experience protecting sensitive financial systems and member data in a highly regulated environment. This role is ideal for someone who is curious, highly trainable, and eager to grow within cybersecurity while working alongside experienced security professionals. Key Responsibilities Monitor and analyze security alerts through SIEM, EDR, and endpoint protection tools Investigate and escalate potential security incidents Assist with vulnerability scanning and remediation tracking Support phishing detection and security awareness initiatives Help maintain and update security policies, procedures, and documentation Assist with access reviews and identity management processes Support audits and compliance efforts for regulatory frameworks (NCUA, FFIEC, SOC, etc.) Required Qualifications Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field (or equivalent experience) 1-2 years of experience in cybersecurity, IT security, or related technical roles Understanding of: Network security fundamentals Malware, ransomware, and phishing threats Windows and Linux operating systems Strong analytical, problem-solving, and communication skills Willingness to learn, be trained, and grow within a structured security environment Preferred Qualifications Experience in banking, credit unions, healthcare, or other highly regulated industries strongly preferred Industry certifications highly preferred: CompTIA Security+ CISSP (or in progress) Other relevant cybersecurity certifications Familiarity with: GRC (Governance, Risk, and Compliance) platforms Rapid7 vulnerability management tools Qualys (assumed “Quantitate”) or similar platforms Microsoft Defender security tools Experience working with SIEM, EDR, or vulnerability scanning tools Kavaliro provides Equal Employment Opportunities to all employees and applicants. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws. Kavaliro is committed to the full inclusion of all qualified individuals. In keeping with our commitment, Kavaliro will take the steps to assure that people with disabilities are provided reasonable accommodations. Accordingly, if reasonable accommodation is required to fully participate in the job application or interview process, to perform the essential functions of the position, and/or to receive all other benefits and privileges of employment, please respond to this posting to connect with a company representative.

Our healthcare system is the leading cause of personal bankruptcy in the U.S. Every year, over 50 million Americans suffer adverse financial consequences as a result of seeking care, from lower credit scores to garnished wages. The challenge is only getting worse, as high deductible health plans are the fastest growing plan design in the U.S. Cedar's mission is to leverage data science, smart product design and personalization to make healthcare more affordable and accessible. Today, healthcare providers still engage with its consumers in a “one-size-fits-all” approach; and Cedar is excited to leverage consumer best practices to deliver a superior experience. The Role: Security at Cedar isn't about saying "no"-it's about building the "yes." We are looking for a Product Security Engineer who is a developer at heart. You won't run scans and file tickets; you will write code, build infrastructure, and ship internal products that make the secure path the easiest path for our developers. You will act as a pragmatic partner to our Maker teams, helping them ship high-value features safely without sacrificing velocity. You will solve for high-risk, high-value workflows across product, infrastructure, and integrations. What You'll Solve: here is an example of a project that a current Product Security Engineer in this role recently shipped: Problem: Developers needed to troubleshoot a workflow and could only reproduce the problem if the logs were updated to include otherwise access-restricted, sensitive data. Putting sensitive data into logs is risky, and the status quo involved tracing identifiers through multiple systems until the sensitive data could be safely retrieved. This was labor intensive and slow, while patients felt the pain of our delays. Solution: Instead of saying 'no', we built a reusable, custom logger that could safely accommodate sensitive data. It can be temporarily enabled and stored and analyzed safely. Impact: They partnered with a product team as an early beta tester to solve a concrete friction point. The system increased developer velocity and improved our security posture by removing the temptation for developers to log sensitive information. What You'll Do Build Security Tooling: Shift into a development role to architect robust tools in Terraform, Bash, Go, or Python. You'll use gRPC, GraphQL, and HTTP to build automation that eliminates manual security toil and developer pain. Architect for Scale: Grab pairing time with product engineers to co-design features across Cedar. You will help bake security in at the design phase, not bolt it on at the end. Pave the Road: Review Infrastructure-as-Code (Terraform) and IAM roles, not just to find flaws, but to offer code-ready improvements that educate developers and streamline future deployments. Advise, Don't Block: Serve as a trusted advisor. When you find a vulnerability, you don't just report it-you help scope the fix based on a pragmatic understanding of the risk and the business context. About You You are a developer first: You have substantial experience in software development and are comfortable writing production-ready code (we use Python and Go, but we welcome all backgrounds). You are pragmatic: You understand that "perfect" security doesn't exist. You can weigh security risks against business goals and communicate trade-offs effectively to non-security stakeholders. You are proactive: You don't wait for a ticket. You look for patterns in vulnerabilities and build systemic fixes or libraries to prevent entire classes of bugs. You know the cloud: You have deep familiarity with AWS infrastructure best practices, IAM, and containerization. You are a teacher: Your default setting is collaborative, not combative: You're excited about enabling software developers. Bonus Points Experience creating developer-focused security libraries or CLI tools. Familiarity with HIPAA, PCI, or securing fintech/payment data. Participation in CTFs, bug bounties, or open-source security contributions. Applicants must be currently authorized to work in the United States on a full-time basis. Compensation Range and Benefits Salary/Hourly Rate Range*: $157,250 - $185,000 This role is equity eligible This role offers a competitive benefits and wellness package *Subject to location, experience, and education #LI-CR1 What do we offer to the ideal candidate? A chance to improve the U.S. healthcare system at a high-growth company! Our leading healthcare financial platform is scaling rapidly, helping millions of patients per year Unless stated otherwise, most roles have flexibility to work from home or in the office, depending on what works best for you For exempt employees: Unlimited PTO for vacation, sick and mental health days-we encourage everyone to take at least 20 days of vacation per year to ensure dedicated time to spend with loved ones, explore, rest and recharge 16 weeks paid parental leave with health benefits for all parents, plus flexible re-entry schedules for returning to work Diversity initiatives that encourage Cedarians to bring their whole selves to work, including three employee resource groups: be@cedar (for BIPOC-identifying Cedarians and their allies), Pridecones (for LGBTQIA+ Cedarians and their allies) and Cedar Women+ (for female-identifying Cedarians) Competitive pay, equity (for qualifying roles), and health benefits, including fertility & adoption assistance, that start on the first of the month following your start date (or on your start date if your start date coincides with the first of the month) Cedar matches 100% of your 401(k) contributions, up to 3% of your annual compensation Access to hands-on mentorship, employee and management coaching, and a team discretionary budget for learning and development resources to help you grow both professionally and personally About us Cedar was co-founded by Florian Otto and Arel Lidow in 2016 after a negative medical billing experience inspired them to help improve our healthcare system. With a commitment to solving billing and patient experience issues, Cedar has become a leading healthcare technology company fueled by remarkable growth. "Over the past several years, we've raised more than $350 million in funding & have the active support of Thrive and Andreessen Horowitz (a16z). As of November 2024, Cedar is engaging with 26 million patients annually and is on target to process $3.5 billion in patient payments annually. Cedar partners with more than 55 leading healthcare providers and payers including Highmark Inc., Allegheny Health Network, Novant Health, Allina Health and Providence.

Phoenix, Arizona **100% Remote** Contract $50/hr - $55/hr **Security Systems Implementation Analyst** **Duration:** 12 Months + (Contract to Hire) We are looking for Physical Security Systems Implementation and Configuration Analyst with commercial security (Access Control & IP Video) design, installation, and programming experience. The right resource will have extensive Physical Controls and Security experience in large enterprise corporate, facility, campus, environments. Lenel Certification or one or more of the following Access Control Manufacturers: SW House, Genetec, S2, AMAG, or Prowatch. **Primary Responsibilities:** + Assist in the implementation of Lenel and Milestone Physical Security solutions within construction projects at different facilities across the United States. + Responsible for infield device configuration to enable connectivity of cameras, access control, controller boards, etc. + Will perform a combination of startup/commissioning and programming at small and large healthcare facilities nationally. + Responsible for integrations, conversions, and upgrades to new systems. **Required Experience:** + Previous experience working for a security integrator (Convergint, Siemens, Johnson Controls, etc.). + Proficiency in understanding Lenel, Milestone, or similar security applications. + Previous experience with software package deployments. + Previous experience and/or understanding of low voltage requirements. + Previous experience and/or understanding of Network configuration needs. + Familiar with ISO Model Standards Related to Networking. + Previous experience working as an onsite security system technician (preferred). + Lenel Certification (Preferred) or one or more of the following Access Control Manufacturers: SW House, Genetec, S2, AMAG, or Prowatch. + Strong communication and customer service focus. **Additional Role Details:** + Virtual Panel interview with behavioral and technical driven questions. + 100% Remote Role (No Travel Required). + Contract to Hire potential. **You will receive the following benefits:** + Medical Insurance - Four medical plans to choose from for you and your family + Dental & Orthodontia Benefits + Vision Benefits + Health Savings Account (HSA) + Health and Dependent Care Flexible Spending Accounts + Voluntary Life Insurance, Long-Term & Short-Term Disability Insurance + Hospital Indemnity Insurance + 401(k) including match with pre and post-tax options + Paid Sick Time Leave + Legal and Identity Protection Plans + Pre-tax Commuter Benefit + 529 College Saver Plan Motion Recruitment Partners (MRP) is an Equal Opportunity Employer. All applicants must be currently authorized to work on a full-time basis in the country for which they are applying, and no sponsorship is currently available. Employment is subject to the successful completion of a pre-employment screening. Accommodation will be provided in all parts of the hiring process as required under MRP's Employment Accommodation policy. Applicants need to make their needs known in advance. **Posted by:** Justin Harless **Specialization:** + Security Operations

At Anexinet you will be part of a team who from strategy through execution, delivers award-winning digital applications and the infrastructure to run them on, engaging front-end design, rapid development and a rock-solid back-end, all informed by data-driven insights and powered by partnerships with top tech vendors. Plus, we keep it all running with our managed services and DevOps teams. Recognized for 10 consecutive years with a Best Place to Work award from the Philadelphia Business Journal, our people come and stay at Blue Bell, PA based Anexinet because we are a technology focused, team oriented with a culture that is second to none. Job Description For twenty years Anexinet, based in Blue Bell, PA has specialized in helping businesses transform in the digital world. We empower our clients to grow their customer base and improve workforce efficiency by envisioning, developing, delivering and operating next generation technology solutions. Our core expertise is in digital applications, analytics, managed operations and hybrid IT, enabling businesses to rapidly transform. Clients partner with Anexinet to support the full lifecycle of their next generation digital business. We are looking to add several Security Operations Center (SOC) Analysts to our Managed Operations team. Initially work can be performed remotely however, qualified candidates should be able to work out of our SOC in Blue Bell, PA eventually and from time to time. Job Qualifications: · This position requires 1-3 years of Security Operations Center (SOC) experience or equivalent schooling with a focus in Cybersecurity/Information Assurance. · The following certifications are strongly desired: · GIAC Certified Incident Handler (GCIH), GIAC Certified Intrusion Analyst (GCIA) · or GIAC Security Certifications including GSEC, GPPA, CMON, GCED. · Cisco CCNA Cyber Ops, CompTIA Network+, Security+, and/or Linux+ · Fundamental understanding of TCP/IP component layers to identify normal and abnormal traffic · Basic working knowledge of Wireshark, tshark, tcpdump or other information security tools · Some on-call and afterhours work may be required · Must be US Citizen · Position Responsibilities: · Provide first and second level technical resolution for security alerts and SOC service requests. · Use open-source traffic analysis tools to identify signs of an intrusion. · Maintains records of security monitoring and incident response activities, utilizing case management and ticketing technologies. · Monitors and analyzes Security Information and Event Management (SIEM) to identify security issues for remediation. · Knowledge of creating Security Information Event Management (SIEM) tool rules. · Analyze network traffic, log analysis, prioritize and differentiate between potential intrusion attempts and false alarms. · Keep current with the threat landscape, identify vulnerabilities, and risk while supporting real-time security monitoring operations. · Proactively monitor and look for potential flaws in client infrastructure pertaining to the services provided and make recommendations to reduce the risk/impact of similar future problems. · Manage, escalate and drive satisfactory resolution of customer's technical support, service and infrastructure teams to address issues. · Demonstrate problem solving skills that contribute towards the resolution of any issues that arise. · Document solutions, process, or procedures and present in written document, verbally on the phone, or in person. · Ideal Candidates will have: · Associate's degree or Certification in Computer Science, Cybersecurity, Communications, Psychology, or other tech-related discipline. · 24x7 SOC experience and/or experience working with or for a MSSP. · Programming/shell scripting experience highly desirable (PERL, Python, Java, shell scripts, PowerShell, etc.) · Deep packet and log analysis, cyber threat, intelligence gathering and analysis · Prior computer forensics experience strongly and Malware Analysis strongly desired · Prior experience in either system or network administrator role · Knowledge of Windows, Linux and Cisco operating systems and information security · Knowledge of Intrusion Detection Systems (IDS) and SIEM technologies; SumoLogic, Snort, McAfee ePO, Carbon Black, Splunk, Endpoint AntiVirus (Symantec, McAfee, SentinelOne, AMP), Firewalls, open source security tools preferred · Strong analytical, problem solving skills, good organization, decision making, verbal and written communication skills · Ability to work with little direct supervision and think outside of the box when the need arises · Industry-adopted security certifications such as, but not limited to: Offensive Security Certified Professional (OSCP), EC-ECIH, EC-CEH, Cisco CCNA/CCNP Security or any of the GIAC Security Certifications including GSEC, GCIH, GCIA, GPPA, CMON, GCED, Microsoft MCSE Additional Information All your information will be kept confidential according to EEO guidelines.

At Anexinet you will be part of a team who from strategy through execution, delivers award-winning digital applications and the infrastructure to run them on, engaging front-end design, rapid development and a rock-solid back-end, all informed by data-driven insights and powered by partnerships with top tech vendors. Plus, we keep it all running with our managed services and DevOps teams. Recognized for 10 consecutive years with a Best Place to Work award from the Philadelphia Business Journal, our people come and stay at Blue Bell, PA based Anexinet because we are a technology focused, team oriented with a culture that is second to none. Job Description For twenty years Anexinet, based in Blue Bell, PA has specialized in helping businesses transform in the digital world. We empower our clients to grow their customer base and improve workforce efficiency by envisioning, developing, delivering and operating next generation technology solutions. Our core expertise is in digital applications, analytics, managed operations and hybrid IT, enabling businesses to rapidly transform. Clients partner with Anexinet to support the full lifecycle of their next generation digital business. We are looking to add several Security Operations Center (SOC) Analysts to our Managed Operations team. Initially work can be performed remotely however, qualified candidates should be able to work out of our SOC in Blue Bell, PA eventually and from time to time. Job Qualifications: · This position requires 1-3 years of Security Operations Center (SOC) experience or equivalent schooling with a focus in Cybersecurity/Information Assurance. · The following certifications are strongly desired: · GIAC Certified Incident Handler (GCIH), GIAC Certified Intrusion Analyst (GCIA) · or GIAC Security Certifications including GSEC, GPPA, CMON, GCED. · Cisco CCNA Cyber Ops, CompTIA Network+, Security+, and/or Linux+ · Fundamental understanding of TCP/IP component layers to identify normal and abnormal traffic · Basic working knowledge of Wireshark, tshark, tcpdump or other information security tools · Some on-call and afterhours work may be required · Must be US Citizen · Position Responsibilities: · Provide first and second level technical resolution for security alerts and SOC service requests. · Use open-source traffic analysis tools to identify signs of an intrusion. · Maintains records of security monitoring and incident response activities, utilizing case management and ticketing technologies. · Monitors and analyzes Security Information and Event Management (SIEM) to identify security issues for remediation. · Knowledge of creating Security Information Event Management (SIEM) tool rules. · Analyze network traffic, log analysis, prioritize and differentiate between potential intrusion attempts and false alarms. · Keep current with the threat landscape, identify vulnerabilities, and risk while supporting real-time security monitoring operations. · Proactively monitor and look for potential flaws in client infrastructure pertaining to the services provided and make recommendations to reduce the risk/impact of similar future problems. · Manage, escalate and drive satisfactory resolution of customer's technical support, service and infrastructure teams to address issues. · Demonstrate problem solving skills that contribute towards the resolution of any issues that arise. · Document solutions, process, or procedures and present in written document, verbally on the phone, or in person. · Ideal Candidates will have: · Associate's degree or Certification in Computer Science, Cybersecurity, Communications, Psychology, or other tech-related discipline. · 24x7 SOC experience and/or experience working with or for a MSSP. · Programming/shell scripting experience highly desirable (PERL, Python, Java, shell scripts, PowerShell, etc.) · Deep packet and log analysis, cyber threat, intelligence gathering and analysis · Prior computer forensics experience strongly and Malware Analysis strongly desired · Prior experience in either system or network administrator role · Knowledge of Windows, Linux and Cisco operating systems and information security · Knowledge of Intrusion Detection Systems (IDS) and SIEM technologies; SumoLogic, Snort, McAfee ePO, Carbon Black, Splunk, Endpoint AntiVirus (Symantec, McAfee, SentinelOne, AMP), Firewalls, open source security tools preferred · Strong analytical, problem solving skills, good organization, decision making, verbal and written communication skills · Ability to work with little direct supervision and think outside of the box when the need arises · Industry-adopted security certifications such as, but not limited to: Offensive Security Certified Professional (OSCP), EC-ECIH, EC-CEH, Cisco CCNA/CCNP Security or any of the GIAC Security Certifications including GSEC, GCIH, GCIA, GPPA, CMON, GCED, Microsoft MCSE Additional Information All your information will be kept confidential according to EEO guidelines.

Seeking a Cyber Security Engineering contractor for: -Planning, implementing, managing, monitoring & upgrading security measures for the protection of client data, systems & networks. -Responding to all system &/or network security breaches. -Testing & identifying network & system vulnerabilities. -Evaluating the organization's security needs & establishing best practices & standards accordingly. -Taking appropriate security measures to ensure that the client's infrastructure & existing data are kept safe. -Perform scheduled & ad-hoc vulnerability scan across networks, servers & endpoints. -Analyze scan results, validate findings & prioritize remediation based on risk & exploitability. -Partner with IT team & application teams to coordinate remediation & verify fixes. -Tune scans and reduce false positives to improve data accuracy. -Develop vulnerability metrics, dashboards, and executive-level reports. -Conducting testing and scans to identify any vulnerabilities in the network and system. Skill required/desired/amount of experience -Network Security and threat detection-Required-10yrs -Incident response and vulnerability management-Required-10yrs -Administering Qualys-Required-10yrs -Remediation documentation & patch management processes-Required-10yrs -4yr. college degree-Highly desired -CISP Certification-Highly desired

CentralReach is a leading provider of autism and IDD care software for Applied Behavior Analysis (ABA), multidisciplinary therapy, and special education. Trusted by more than 200,000 users, we enable therapy providers, educators, and employers to scale the way they deliver ABA and related therapies with innovative technology, market-leading industry expertise, and world-class customer satisfaction. We're seeking a Senior Corporate Security Engineer to strengthen the security posture of our internal IT environment and ensure our vendors meet the same high standards. This role focuses on hardening corporate Information Technology (IT) systems, managing third-party risk, and driving security improvements across the enterprise. This role will report to the Chief Information Security Officer and work closely with the broader Information Security team, as well as Legal/Compliance, Business Operations (BizOps), and IT teams. Key Accountabilities: · Lead the hardening and continuous improvement of corporate IT systems, endpoints, and third-party SaaS applications. · Implement and maintain security controls for identity, endpoint, and network protection within corporate environments (e.g., SSO, MDM, email security, DLP). · Conduct in-depth vendor security assessments, including technical and process evaluations of third-party products and services. · In partnership with the compliance, BizOps, and IT teams, manage and mature the third-party risk management (TPRM) program - from onboarding assessments to continuous monitoring and remediation tracking. · Collaborate with IT, procurement, legal, and compliance teams to ensure consistent enforcement of vendor security requirements. · Develop and maintain security baselines, configurations, and policies for corporate technologies. · Support internal audits, compliance reviews, and security awareness initiatives. Desired Skills and Experience: · Strong understanding of endpoint, identity, and SaaS security best practices. · Experience with third-party risk management processes and conducting in-depth vendor security reviews. · Familiarity with corporate IT platforms (e.g., M365, Intune, Kandji, CrowdStrike, ZScaler, Proofpoint, etc.). · Ability to assess cloud/SaaS vendors against frameworks such as SOC 2, HIPAA, ISO 27001, and CIS. · Excellent communication and collaboration skills - comfortable working across technical and business teams. #LI-Remote Base Salary Range$145,000-$165,000 USD Backed by Roper Technologies, Inc. (Nasdaq: ROP), and led by award-winning CEO Chris Sullens, CentralReach is entering an exciting phase of growth, innovation, and scale. Recognized as one of the best places to work over 10 times by organizations such as Inc, Built In, and NJBIZ, our culture is centered around impact, inclusion, and flexibility. As a hybrid company with collaborative offices in Ft. Lauderdale, FL; Holmdel, NJ; and Verona, Italy, we foster a workplace where top talent can thrive and make a real difference in the lives of those we serve. We offer competitive compensation, comprehensive health benefits, generous PTO, 401(k) matching, and paid parental leave. Our team members also enjoy hybrid work schedules, career development support, wellness programs, and opportunities to give back through CR Cares™, our community engagement initiative. Be part of a market leader driving the future of care. Explore opportunities at centralreach.com/careers.

Job Description Peerless is searching for candidates that perform Information Systems Security Manager/Information Systems Security Officer (ISSM/ISSO) functions necessary to maintain mission effectiveness within the Systems Technology Office (STO), located at Wright-Patterson AFB, OH. The work includes developing and maintain security and accreditation packages for standalone systems, classified networks; implementing information system security requirements, system security plans, and ensure all auditing requirements are completed; ensuring all system security procedures are followed including updates to system security software (patches), using tools like SPLUNK and ACAS, updates to antivirus definition files, and ensuring audit files are maintained and reviewed; researching, advising on, and generating documentation as required for requesting permission to waive any cybersecurity requirements that are determined by the government customer to inhibit the foreign materiel exploitation mission to an unacceptable level. Key Responsibilities: Must be able to maintain accredited ATO/ATC packages for various networks/standalone systems Monitor and report auditing of computers/networks using tools such as SPLUNK, Windows Security Logs Complete and maintain required user documentation for various computer accounts, and roles Maintain and enforce policy such as controls, standards, and directives for assets Skills: Positive customer service and communication skills Excel at Microsoft applications (excel, word, etc) Attention to detail Experience with SAP environments Understanding with various tools such as SPLUNK, ACAS Qualifications: DoD 8140 Qualification (Security + or higher IAM/IAT level) 5+ years of Cyber security experience

At Centrus Energy, we take security seriously - and we need an engineer who can do the same while still having a little fun doing it. As a Security Systems Engineer, you'll be the technical mastermind behind the complex network of systems that safeguard one of America's most advanced energy facilities. You'll blend your expertise in access control, intrusion detection, and surveillance systems with creative problem-solving to keep our operations running securely and smoothly. Think of it as protecting the future of clean energy - one firewall, camera feed, and encrypted gate at a time. What You Will Do: You'll design, maintain, and troubleshoot our access control, intrusion detection, and video surveillance systems while keeping them aligned with NRC compliance and site security plans. You'll serve as a technical bridge between engineering, IT, and security - ensuring our systems are reliable, efficient, and ahead of potential vulnerabilities. Whether you're guiding maintenance crews, reviewing plant modifications, or helping Security Management make data-driven improvements, your work ensures that our defenses stay sharp and our systems stay operational. We'd Love to Hear from People With: * A Bachelor's degree in Engineering from an ABET-accredited institution or an equivalent combination of education and experience. * 3-5 years of relevant engineering experience, ideally in physical or security systems. * Strong communication skills and the ability to work effectively with cross-functional teams. * Experience with access control, video surveillance, intrusion detection, and related plant security systems. * Knowledge of operating systems, databases, and application software commonly used in security or control environments. * Eligibility to obtain and maintain a "Q" level security clearance. A Successful Candidate Brings: * An active "Q" level security clearance. * Experience supporting or leading Design Team Approval Matrix (DTAM) activities for physical security systems. * Familiarity with NRC regulatory requirements and compliance processes. * A passion for using technology to strengthen national security and protect high-value infrastructure. In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification form upon hire. This position will require a pre-employment background check and a pre-employment drug test. Centrus Energy and all subsidiaries shall abide by the applicable legal requirements. We prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities and prohibit discrimination against all individuals based on their race, color, religion, sex, sexual orientation, gender identity or national origin. This position requires the successful candidate to obtain and maintain a Q security clearance. Candidates for positions requiring a security clearance are required to be tested for the absence of any illegal drug as defined in 10 CFR 707.4 prior to an offer of employment being made. In addition, once employe, employees will become part of a random drug testing program and may also be tested in the event of any incident causing injury or causing damage to property, or if it is determined that there is a reasonable suspicion the employee is under the influence of drugs or alcohol. This position will require preemployment background check on the part of the Company and in order to receive a Q security clearance, a background investigation by the Federal government. Subsequent Federal government reinvestigations may be required. Centrus Energy Corp. is an Equal Opportunity Employer.

At Centrus Energy, we take security seriously - and we need an engineer who can do the same while still having a little fun doing it. As a Security Systems Engineer, you'll be the technical mastermind behind the complex network of systems that safeguard one of America's most advanced energy facilities. You'll blend your expertise in access control, intrusion detection, and surveillance systems with creative problem-solving to keep our operations running securely and smoothly. Think of it as protecting the future of clean energy - one firewall, camera feed, and encrypted gate at a time. What You Will Do: You'll design, maintain, and troubleshoot our access control, intrusion detection, and video surveillance systems while keeping them aligned with NRC compliance and site security plans. You'll serve as a technical bridge between engineering, IT, and security - ensuring our systems are reliable, efficient, and ahead of potential vulnerabilities. Whether you're guiding maintenance crews, reviewing plant modifications, or helping Security Management make data-driven improvements, your work ensures that our defenses stay sharp and our systems stay operational. We'd Love to Hear from People With: A Bachelor's degree in Engineering from an ABET-accredited institution or an equivalent combination of education and experience. 3-5 years of relevant engineering experience, ideally in physical or security systems. Strong communication skills and the ability to work effectively with cross-functional teams. Experience with access control, video surveillance, intrusion detection, and related plant security systems. Knowledge of operating systems, databases, and application software commonly used in security or control environments. Eligibility to obtain and maintain a “Q” level security clearance. A Successful Candidate Brings: An active “Q” level security clearance. Experience supporting or leading Design Team Approval Matrix (DTAM) activities for physical security systems. Familiarity with NRC regulatory requirements and compliance processes. A passion for using technology to strengthen national security and protect high-value infrastructure. In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification form upon hire. This position will require a pre -employment background check and a pre-employment drug test. Centrus Energy and all subsidiaries shall abide by the applicable legal requirements. We prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities and prohibit discrimination against all individuals based on their race, color, religion, sex, sexual orientation, gender identity or national origin. This position requires the successful candidate to obtain and maintain a Q security clearance. Candidates for positions requiring a security clearance are required to be tested for the absence of any illegal drug as defined in 10 CFR 707.4 prior to an offer of employment being made. In addition, once employe, employees will become part of a random drug testing program and may also be tested in the event of any incident causing injury or causing damage to property, or if it is determined that there is a reasonable suspicion the employee is under the influence of drugs or alcohol. This position will require preemployment background check on the part of the Company and in order to receive a Q security clearance, a background investigation by the Federal government. Subsequent Federal government reinvestigations may be required. Centrus Energy Corp. is an Equal Opportunity Employer.

Job Description ComResource is looking for an Information Security Analyst. We need someone to assist in safeguarding sensitive data, neutralizing threats, and ensuring a strong cybersecurity posture through proactive monitoring, investigation, and governance. Responsibilities: Develop, implement, and enforce cybersecurity policies and procedures. Conduct risk assessments, internal audits, and ensure compliance with frameworks like NIST and ISO 27001. Lead threat detection, incident response, and vulnerability management initiatives. Oversee security architecture, tools, and endpoint protection solutions. Drive cybersecurity awareness and training across the organization. Collaborate with IT, leadership, and cross-functional teams to improve the company's security posture. Manage vendor and third-party security compliance. Essentials: Bachelor's degree in Cybersecurity, IT, or related field. 3+ years of hands-on experience in cybersecurity or a related discipline. Working knowledge of security frameworks (NIST, ISO 27001). Experience with SIEM, EDR, and vulnerability management tools. Strong analytical, communication, and collaboration skills. Experience supporting governance, risk, and compliance (GRC) functions. Desired: Experience with Artic Wolf, CMMC, and NIST compliance. Familiarity with enterprise platforms such as ERP or CRM systems. Calm, strategic approach to incident response and crisis management. Req ID: RB8910701020

This role is primarily responsible for executing the tactical and strategic initiatives of the Information Security team to include programs such as risk and vulnerability management, incident response, security architecture, cloud security and third-party vendor management. Work is typically assigned by the Information Security Manager, although the Information Security Analyst is expected to operate with minimal oversight and be able to identify areas of opportunity to get involved with information security tasks and initiatives. The ideal candidate is comfortable working in a fast-paced environment, communicating to technical and non-technical staff, and capable of switching between tasks as situations and criticality arise and be passionate about learning and continuous education. ESSENTIAL DUTIES AND RESPONSIBILITIES include the following. Other duties may be assigned. Execute on security strategy as defined by the Information Security Manager. Participation in the Firm's Vulnerability Management Program, working with cross-functional teams to identify, manage and mitigate security vulnerabilities across the Firm. Assist with the administration of the Firm's Vendor Risk Management process, including analyzing and responding to third-party risk assessments. Monitor and respond to information security alerts and notifications (IDS/IPS, SIEM, AV/EDR, etc.). Design, review and administer Azure cloud security controls and architecture, including auditing Azure cloud environments. Utilize scripting languages such as PowerShell and Python to automate tasks and improve security operations. Collaborate and advise on IT projects to ensure security issues are addressed throughout the project life cycle. Assist other IT teams in developing and employing security solutions across various applications and product platforms. Administer and utilize various endpoint and network security tools, such as CrowdStrike, SIEM tools, Fortinet or other comparable advanced detection and response tools. Administer and utilize vulnerability scanning, packet analysis and exploitation tools such as Nessus, nmap, Wireshark, tcpdump, Metasploit or similar technologies. Design, review and aid with implementation of secure networks and system architecture (ex. network topology reviews, firewall ruleset reviews, minimum security baselines, etc.). Apply appropriate controls referenced in various security frameworks and standards, such as the NIST CSF 2.0 Framework, NIST 800-53, CIS Controls, etc. Monitor and secure Microsoft client and server systems, along with Fortinet and Cisco (or comparable) network devices. Assist with the management and maintenance of user security policy education, training and awareness programs. Conduct security research to stay abreast of latest security issues, including laws and regulations which may affect the Firm. Other duties as requested and assigned. QUALIFICATION REQUIREMENTS: To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. EDUCATION/EXPERIENCE: Bachelor's Degree in Computer Science, Management Information Systems or related field with a minimum of 5-7 years of experience in Information Technology, or equivalent combination of education and experience. This must include 3-5 years of experience in Information Security with two or more of the following domains: Windows Systems Administration, UNIX/Linux Systems Administration, Networking, Access Control, Incident Response, and Information & Data Security. Preferred Certifications: Certified Information Systems Security Professional (CISSP) GIAC GSEC, GCIH, GCIA, GCWN, or equivalent certification CompTIA Security+, CySA+, Network+, CASP or equivalent certification Microsoft Azure Security Certifications (i.e. AZ-500, SC-100 to SC-400) TECHNICAL SKILLS: Demonstrated proficiency in Microsoft Office Suite including Word, Outlook, Excel, and PowerPoint. Proven aptitude to learn new software applications. LANGUAGE SKILLS: Very strong communication skills, both written and oral. Excellent interpersonal communication skills necessary to maintain effective relationships with staff, trusted third-party partners, attorneys and clients. Establish credibility with staff and attorney base through quality work and communications that bring to bear the right mix of confidence, tact, persistence and reliability. Written communications must be concise, professional and accurate. MATHEMATICAL SKILLS: Ability to add, subtract, multiply, and divide in all units of measure, using whole numbers, common fractions, and decimals. REASONING ABILITY: Ability to apply common sense understanding to carry out instructions furnished in written, oral, or diagram form. Ability to deal with problems involving several concrete variables in standardized situations. Ability to define problems, collect data, establish facts and draw valid conclusions. Ability to interpret an extensive variety of instructions and deal with several abstract and concrete variables. Exhibit independent thinking and decision making. Ability to interpret an extensive variety of instructions in mathematical or diagram form and deal with several abstract and concrete variables. Ability to think strategically, develop tactics and execute pragmatically. OTHER SKILLS and ABILITIES: Excellent organizational and planning skills with ability to prioritize multiple tasks and projects to meet deadlines. Ability to work under pressure in a fast-paced environment with demanding individuals. Strong analytical and organizational skills with a tolerance for uncertainty and an ability to prioritize and complete simultaneous projects with minimal supervision. Outstanding creativity; flexibility and persistence; motivation and energy with the ability to work with little supervision and collaborate with other members of the team. Ability to work overtime when needed. Work occasionally requires more than 40 hours per week to perform the essential duties of the position. A tolerance for uncertainty and an ability to prioritize and complete simultaneous projects with minimal supervision. Thorough understanding of technologies that can be applied to firm operations and enhance working efficiency. Ability to exercise discretion with confidential and sensitive information. PHYSICAL DEMANDS: The physical demands described here are representative of those that should be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. While performing the duties of this job, the employee is regularly required to sit; use hands to finger, handle, or feel objects, documents, books, pen/pencil, paper, controls and manipulate a keyboard, and input data into a PC; and talk or hear. The employee is frequently required to walk. The employee is occasionally required to use hands to prepare correspondence and reports on a personal computer. The employee is occasionally required to stand and reach with hands and arms. And stoop, kneel, bend, crouch or crawl. Ability to operate a variety of standard office equipment including a computer, copy and facsimile machines. The employee must occasionally lift and/or move up to 25 pounds. Specific vision abilities required by this job include close vision, distance vision, peripheral vision, depth perception and the ability to adjust focus. WORK ENVIRONMENT: The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. The noise level in the work environment is usually moderate. The salary offered in any location will be determined by a wide range of factors, including, but not limited to, experience level, education/training, geographic region, and relevant skills. Associates also participate in a performance- and hours-based bonus program. The expected annual salary for this position ranges from $100,000- $115,000 Baker & Hostetler LLP is an Equal Opportunity Employer. #LI-Remote

Job Description ComResource is looking for an Information Security Analyst. We need someone to assist in safeguarding sensitive data, neutralizing threats, and ensuring a strong cybersecurity posture through proactive monitoring, investigation, and governance. Responsibilities: Develop, implement, and enforce cybersecurity policies and procedures. Conduct risk assessments, internal audits, and ensure compliance with frameworks like NIST and ISO 27001. Lead threat detection, incident response, and vulnerability management initiatives. Oversee security architecture, tools, and endpoint protection solutions. Drive cybersecurity awareness and training across the organization. Collaborate with IT, leadership, and cross-functional teams to improve the company's security posture. Manage vendor and third-party security compliance. Essentials: Bachelor's degree in Cybersecurity, IT, or related field. 3+ years of hands-on experience in cybersecurity or a related discipline. Working knowledge of security frameworks (NIST, ISO 27001). Experience with SIEM, EDR, and vulnerability management tools. Strong analytical, communication, and collaboration skills. Experience supporting governance, risk, and compliance (GRC) functions. Desired: Experience with Artic Wolf, CMMC, and NIST compliance. Familiarity with enterprise platforms such as ERP or CRM systems. Calm, strategic approach to incident response and crisis management. Req ID: RB8910701020