Securities Analyst work from home jobs

Job Description CyberSheath Services International LLC is a rapidly growing Security and IT Managed Services Provider primarily focused on providing Cybersecurity services to the Defense Industrial Base (DIB). We are excited to be expanding our staff due to our growth and are looking to add a Cyber Security Analyst to our Security Operations team! CyberSheath integrates compliance and threat mitigation efforts and eliminates redundant security practices that don't improve and, in fact, may weaken an organization's security posture. Our professionals tell clients where to stop spending, where to invest, and how to take what they are already doing and integrate it in a way that delivers improved security. Successful candidates for CyberSheath are self-motivated, think out of the box, work, and solve issues independently. Additionally, our most successful people are self-starters and willing to put on many hats in order to succeed. CyberSheath is fast-growing and seeks candidates who want to be part of our upward trajectory. Job Overview The Cyber Security Analyst (Tier 2) is responsible for advanced security incident triage, investigation, and response across Microsoft 365, Azure, and on-premises infrastructure. Serves as the escalation point for complex security incidents while implementing containment and remediation procedures in hybrid environments. Key Responsibilities Investigate and respond to escalated security incidents across Microsoft cloud and on-premises environments Perform advanced incident analysis using Microsoft Defender suite and Azure Sentinel Conduct security assessment of Azure/Microsoft 365 configurations and implement hardening recommendations Analyze and respond to advanced Active Directory attacks (Kerberoasting, Pass-the-Hash, Golden Ticket) Monitor and investigate Exchange Server logs, email flow patterns, and phishing campaigns Analyze federation security including ADFS token-based attacks and SAML token manipulation Configure and tune WAF/firewall rule sets and investigate related security incidents Develop network segmentation strategies and identify lateral movement attempts Develop and maintain incident response playbooks for various attack scenarios Coordinate incident response activities with cross-functional teams Required Qualifications 3-5 years in cybersecurity with 2+ years SOC experience Deep knowledge of hybrid Microsoft environments (Microsoft 365, Azure, on-premises AD) Experience with SIEM platforms and security monitoring tools Scripting proficiency (PowerShell, Python) Strong analytical and communication skills Microsoft Certified: Security Operations Analyst (SC-200) One additional security certification: EC-Council CSA, CompTIA Security+, or similar Preferred Qualifications Microsoft Certified: Azure Security Engineer (AZ-500) Microsoft Certified: Identity and Access Administrator (SC-300) CrowdStrike Certified Falcon Responder (CCFR) or equivalent EDR certification CISSP, SSCP, CCSP Skills & Expertise Strong Proficiency with Microsoft Defender suite (Endpoint, Office 365, Identity, Cloud Apps) Azure Sentinel KQL query development and alert configuration Azure AD/Entra ID security configuration and attack path analysis Active Directory security assessment including GPOs, trust relationships, and delegation Email security and phishing detection/response Cloud security posture management Incident handling and digital forensics Threat intelligence analysis and implementation Work Environment CyberSheath is a fully remote organization, and this will be a work-from-home position Travel requirements: 0-5% yearly. CyberSheath is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender identity, national origin, age, protected veteran status, among other things, or status as a qualified individual with a disability. Budgeted Pay Range$70,000—$100,000 USD

Shift5 is redefining the future of onboard operational technology (OT). As a fast-growing scale-up, we specialize in cutting-edge cybersecurity, predictive maintenance, and compliance for OT systems across defense, aerospace, and rail. We are a team of passionate, innovative professionals who thrive in a collaborative environment, driven by a shared mission to revolutionize how fleets operate. By unlocking and democratizing the vast potential of onboard OT data, we help our customers' fleets run smarter, safer, and more efficiently. Ready to be part of the next frontier in transportation and critical infrastructure? Come join us. Our Values : * Embrace Truth and Integrity: Base decisions on data, foster open dialogue, and uphold unwavering integrity. * User-Centric Focus: Prioritize user needs to guide our actions and resource allocation. * Collaborative & Adaptable: Collaborate for excellence, learning from failures and driving iterative improvements, recognizing every decision's significance. Shift5 is seeking a seeking a full-time Cyber Analyst to join our growing team. The Cyber Analyst will leverage their expertise in data analysis techniques, cyber threats, and OT network traffic to enhance the security posture of military aircraft. This role demands a proactive approach to threat detection, in-depth analysis of complex data sets, and the ability to translate technical findings into actionable insights for both technical and non-technical audiences. This role will embed in a military customer's security operations center and will serve as a focal point to integrate weapons systems data into cyber threat detection and response. This role will operate in a team-based environment with Field Engineers, Data Engineers, Cyber Threat Engineers, Product Managers, Program Managers, Mission Success, and military cyber operators. Responsibilities: * Dive deep into the inner workings of weapon systems, mastering their architecture and communication pathways. * Become fluent in the language of cyber threats, using frameworks like MITRE ATT&CK to identify and analyze vulnerabilities. * Decipher complex technical documentation, extracting critical insights to fuel your data analysis. * Leverage your expertise in real-time embedded systems to understand system behavior and predict potential attack vectors. * Unlock the secrets of wireless communication protocols, including GPS, Link16, and SATCOM, to safeguard critical systems. * Experience wrangling and interpreting RF and OT protocol datasets. * Analyze aircraft data to identify patterns indicative of cyber threats. * Develop and implement anomaly detection rules and signatures. * Conduct root cause analysis of anomalous behavior, faults, and maintenance defects. * Prepare comprehensive reports summarizing findings, methodologies, and recommendations. * Share knowledge / document formal and informal training around expertise in cyberdata analysis and interpretation with military and civilian customer personnel. Qualifications: * Analytics: Demonstrated expertise in data analytics using tools similar to Databricks. * Vulnerability Research: Familiarity with vulnerability research or reverse engineering of embedded systems, RF protocols, Operational Technology (OT) systems or weapons systems.. * Data Handling: Proficiency in working with and analyzing large data sets. * Technical Acumen: Ability to develop technical processes and experience integrating API-based commercial software products * Customer Engagement: Ability to engage with customers, understand their requirements, and tailor solutions (including building and offering formal and informal training) accordingly * Communication: Astute written and verbal communication skills, with the ability to consistently and cogently address our customers' needs. * Cyber Frameworks: Familiarity with common cyber, IT, and OT frameworks (e.g., MITRE ATTACK, Perdue Model, OSI Model) and adaptability to new use cases. * Pattern Recognition: Capability to capture and translate patterns into alerts and detection methodologies. * Executive Briefings: Experience in creating and delivering executive briefings and updates. * Shift5 Culture: Ability to thrive in a team-oriented culture, delivering a significant individual contribution while collaborating with and strengthening teammates * Travel: Must be able to work with remotely distributed teams and should expect up to 30% travel to attend customer on-site visits, internal team travel, and one-off events. * Citizenship and Clearance: US Citizenship with an active (or ability to hold/obtain) US Government Top Secret security clearance Compensation & Benefits: * Base Salary: $120,000-$160,000 * Bonus program and equity in a fast-growing startup * Competitive medical, dental, and vision coverage for employees and their families * Health Savings Account with annual employer contributions * Employer-paid Life and Disability Insurance * Uncapped paid time off policy * Flexible work & remote work policy * Tax-deferred public transit benefits with Metro SmartBenefits (DC/MD/VA) We are committed to building an inclusive culture of belonging that embraces the diversity of our people and represents the communities in which we work and the customers we serve. We know the happiest and highest performing teams include people with diverse perspectives and ways of solving problems. We strive to attract and retain talent from all backgrounds and create workplaces where everyone feels empowered to bring their full, authentic selves to work. Shift5 is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sexual orientation, gender identify, national origin, disability, age, marital status, ancestry, projected veteran status, or any other protected group or class. Privacy Policy and Notice for Shift5, Inc. Job Applicants, Employees & Contractors

Shift5 is redefining the future of onboard operational technology (OT). As a fast-growing scale-up, we specialize in cutting-edge cybersecurity, predictive maintenance, and compliance for OT systems across defense, aerospace, and rail. We are a team of passionate, innovative professionals who thrive in a collaborative environment, driven by a shared mission to revolutionize how fleets operate. By unlocking and democratizing the vast potential of onboard OT data, we help our customers' fleets run smarter, safer, and more efficiently. Ready to be part of the next frontier in transportation and critical infrastructure? Come join us. Our Values : Embrace Truth and Integrity: Base decisions on data, foster open dialogue, and uphold unwavering integrity. User-Centric Focus: Prioritize user needs to guide our actions and resource allocation. Collaborative & Adaptable: Collaborate for excellence, learning from failures and driving iterative improvements, recognizing every decision's significance. Shift5 is seeking a seeking a full-time Cyber Analyst to join our growing team. The Cyber Analyst will leverage their expertise in data analysis techniques, cyber threats, and OT network traffic to enhance the security posture of military aircraft. This role demands a proactive approach to threat detection, in-depth analysis of complex data sets, and the ability to translate technical findings into actionable insights for both technical and non-technical audiences. This role will embed in a military customer's security operations center and will serve as a focal point to integrate weapons systems data into cyber threat detection and response. This role will operate in a team-based environment with Field Engineers, Data Engineers, Cyber Threat Engineers, Product Managers, Program Managers, Mission Success, and military cyber operators. Responsibilities: Dive deep into the inner workings of weapon systems, mastering their architecture and communication pathways. Become fluent in the language of cyber threats, using frameworks like MITRE ATT&CK to identify and analyze vulnerabilities. Decipher complex technical documentation, extracting critical insights to fuel your data analysis. Leverage your expertise in real-time embedded systems to understand system behavior and predict potential attack vectors. Unlock the secrets of wireless communication protocols, including GPS, Link16, and SATCOM, to safeguard critical systems. Experience wrangling and interpreting RF and OT protocol datasets. Analyze aircraft data to identify patterns indicative of cyber threats. Develop and implement anomaly detection rules and signatures. Conduct root cause analysis of anomalous behavior, faults, and maintenance defects. Prepare comprehensive reports summarizing findings, methodologies, and recommendations. Share knowledge / document formal and informal training around expertise in cyberdata analysis and interpretation with military and civilian customer personnel. Qualifications: Analytics: Demonstrated expertise in data analytics using tools similar to Databricks. Vulnerability Research: Familiarity with vulnerability research or reverse engineering of embedded systems, RF protocols, Operational Technology (OT) systems or weapons systems.. Data Handling: Proficiency in working with and analyzing large data sets. Technical Acumen: Ability to develop technical processes and experience integrating API-based commercial software products Customer Engagement: Ability to engage with customers, understand their requirements, and tailor solutions (including building and offering formal and informal training) accordingly Communication: Astute written and verbal communication skills, with the ability to consistently and cogently address our customers' needs. Cyber Frameworks: Familiarity with common cyber, IT, and OT frameworks (e.g., MITRE ATTACK, Perdue Model, OSI Model) and adaptability to new use cases. Pattern Recognition: Capability to capture and translate patterns into alerts and detection methodologies. Executive Briefings: Experience in creating and delivering executive briefings and updates. Shift5 Culture: Ability to thrive in a team-oriented culture, delivering a significant individual contribution while collaborating with and strengthening teammates Travel: Must be able to work with remotely distributed teams and should expect up to 30% travel to attend customer on-site visits, internal team travel, and one-off events. Citizenship and Clearance: US Citizenship with an active (or ability to hold/obtain) US Government Top Secret security clearance Compensation & Benefits: Base Salary: $120,000-$160,000 Bonus program and equity in a fast-growing startup Competitive medical, dental, and vision coverage for employees and their families Health Savings Account with annual employer contributions Employer-paid Life and Disability Insurance Uncapped paid time off policy Flexible work & remote work policy Tax-deferred public transit benefits with Metro SmartBenefits (DC/MD/VA) We are committed to building an inclusive culture of belonging that embraces the diversity of our people and represents the communities in which we work and the customers we serve. We know the happiest and highest performing teams include people with diverse perspectives and ways of solving problems. We strive to attract and retain talent from all backgrounds and create workplaces where everyone feels empowered to bring their full, authentic selves to work. Shift5 is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sexual orientation, gender identify, national origin, disability, age, marital status, ancestry, projected veteran status, or any other protected group or class. Privacy Policy and Notice for Shift5, Inc. Job Applicants, Employees & Contractors

Type of Requisition: Regular Clearance Level Must Currently Possess: Top Secret Clearance Level Must Be Able to Obtain: Top Secret/SCI Public Trust/Other Required: None Job Family: Cyber Security Job Qualifications: Skills: Assured Compliance Assessment Solution (ACAS), Enterprise Mission Assurance Support Service (eMASS), Risk Management Framework Certifications: None Experience: 7 + years of related experience US Citizenship Required: Yes Job Description: Transform technology into opportunity as a Cyber Security Analyst with GDIT. A career in enterprise IT means connecting and enhancing the systems that matter most. At GDIT you'll be at the forefront of innovation and play a meaningful part in improving how agencies operate. Our work depends on Cyber Security Analyst joining our IT Technology Development division within the NCIS ITD organization in Quantico, VA. The Naval Criminal Investigative Service (NCIS) is an organization of over 2,200 personnel of which 700 serve at HQ and the remaining staff serve at offices worldwide. NCIS is the Department of Navy (DON) component with primary responsibility for criminal investigation, law enforcement (LE), counter-terrorism (CT), counterintelligence (CI), and cyber matters. NCIS not only has primary responsibility for all criminal investigative, CI, CT, and cyber matters within the DON, but it also has exclusive investigative jurisdiction in non-combat matters involving actual, potential, or suspected criminal, terrorism, sabotage, espionage, and subversive activities. HOW OUR CYBER SECURITY ANALYST WILL MAKE AN IMPACT: Supports all authorization package ACAS related tasks assigned to ISSEs and NQVs. The goal is to provide the required artifacts IAW the Navy Testing Guidance and Risk Management Framework (RMF) Process Guide required for the submission of an RMF Authorization package. Performs 90 Day Baseline Scans for each Authorization package in accordance with Navy requirements; provide Detailed Vulnerability List (DVL) Reports for use in the eMASS record; provide ACAS Summary Reports in accordance with the Navy Testing Guidance. Conducts weekly and “As Needed” ACAS scans in support of RMF STEP 3/STEP 4 processes, vulnerability assessments and queries specifically targeting authorization package assets; support continuous monitoring for authorized packages and report vulnerability status of all active Enterprise Security packages; create asset lists using provided hardware lists. Performs risk analyses of computer systems and applications during all phases of the system development life cycle using the Assured Compliance Assessment Solution (ACAS) tool. Initiates Enterprise Mission Assurance Support Service (eMASS) registrations, prepares, processes, updates and monitors RMF Assessment and Authorization (A&A) packages; ensures A&A packages are evaluated and maintained in a compliant status; implements and validates A&A packages to ensure security controls and vulnerabilities meet DON RMF authorization compliance requirements. WHAT YOU'LL NEED TO SUCCEED (Required): Security Clearance Level: Active Top Secret clearance Required Experience: Minimum 7 years of experience working in the IT/Engineering field and must meet or exceed OPNAVINST 5239 requirements to be certified as a Navy Qualified Validator or must be certified within 6 months of start date. Must meet or exceed OPNAVINST 5239 requirements to be certified as a Navy Qualified Validator or must be certified within 6 months of start date. Experience in the development of RMF Assessment and Authorization (A&A) Security Plans (SP), System Level Continuous Monitoring (SLCM), Ports, Protocols and Services Management (PPSM), Host Based Security Systems (HBSS), Assured Compliance Assessment Solution (ACAS) vulnerability scanning. Experience with Enterprise Mission Assurance Support Service (eMASS) tools. Experience preparing, processing, assessing, validating, and maintaining RMF A&A packages using eMASS and XACTA tools. Experience with using public key-based technologies for applications. Required Certifications: Security+ CE Degree -NOT REQUIRED Location: Hybrid at Quantico, VA WHAT WE'D LOVE FOR YOU TO HAVE: Completed Navy RMF training Formal ACAS training Formal eMASS training GDIT IS YOUR PLACE: 401K with company match Comprehensive health and wellness packages Internal mobility team dedicated to helping you own your career Professional growth opportunities including paid education and certifications Cutting-edge technology you can learn from Rest and recharge with paid vacation and holidays #NCIScareers #GDITPriority The likely salary range for this position is $79,747 - $105,800. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range. Scheduled Weekly Hours: 40 Travel Required: None Telecommuting Options: Hybrid Work Location: USA VA Quantico Additional Work Locations: Total Rewards at GDIT: Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 50 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.Join our Talent Community to stay up to date on our career opportunities and events at gdit.com/tc. Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans

The client is looking for a Cyber Threat Fusion Analyst. This position will support the Joint Service Provider (JSP) Defensive Cyber Operations (DCO) organization with Cyber Threat Intelligence products and network security monitoring and will perform as the analyst in area of cyber threat intelligence. This role will be based onsite at the Mark Center in Alexandria, VA. Some remote work will be allowed. An active TS/SCI security clearance is required prior to start. Essential Job Functions Implement the core Threat Intelligence concepts (ex. Cyber Kill Chain, MITRE ATT&CK, DoDCAR). Produce reporting for new or emerging threats and threat vectors. Utilize SIEM technologies to correlate security events and logs and identify threats Incorporate threat intelligence into countermeasures to detect and prevent intrusions and malware infections Implement the core Threat Intelligence concepts (ex. Cyber Kill Chain, MITRE ATT&CK, DoDCAR). Produce reporting for new or emerging threats and threat vectors. Utilize SIEM technologies to correlate security events and logs and identify threats. Incorporate threat intelligence into countermeasures to detect and prevent intrusions and malware infections. Identify threat actor tactics, techniques and procedures and based on indicators develops custom signatures and blocks. Understand concepts of log and packet analysis Navigate the command line using specific expressions to manipulate data Handle and organize disparate data about detections, attacks, and attackers Employ discovery techniques and vetting of new intelligence. Create Situational Awareness Reports and Threat Briefs. Minimum Required Qualifications Due to the nature of this position and the information that employees will be required to access, U.S. Citizenship is required. Bachelor's Degree in Computer Science, Computer Engineering or related field and 8+ years of prior relevant experience; additional years of experience may be substituted in lieu of a degree. Computer defense technologies spanning endpoint, network, and open source. Required Security Clearance: TS/SCI. 8570 IAT II certification is required prior to start. It is preferred you will already possess an 8570 CSSP-Analyst certification. If not, it will be required for this to be obtained within 6 months of your start date.

Responsibilities: Investigate security incidents and escalate when necessary Work Incident Response and Administrative tickets Perform and develop data mining queries using Splunk/Splunk ES Communicate in a clear and concise manner with Leadership, Customers and Peers Monitor and respond to multiple shared Mailbox inquiries Provide vulnerability, threat, and risk mitigation support Monitor Security Operations Dashboards for alerts Support daily Operations briefings Monitor and answer the SOC phone hotline Support customer defined metrics reports Support government data calls This opportunity offers remote work! Candidates must be willing to work in a SOC environment and demonstrate strong problem-solving skills Must be able to work well both on their own (in an individual setting) as well as with others (in a team setting) Must possess strong self-initiative, curiosity, and diligence - must be willing to engage with the team, in the capacity of both learning and sharing information

Top Secret Clearance Jobs is dedicated to helping those with the most exclusive security clearance find their next career opportunity and get interviews within 48 hours. KDS Job ID 2425245 KGS is seeking qualified candidates for our open positions, but we will only extend an offer of employment after a candidate applies through the link in our job posting. If you receive a job offer via email only and have not been interviewed by the KGS hiring manager, feel free to contact *************************** to verify its validity. Koniag Data Solutions LLC, a Koniag Government Services company, is seeking a Systems Security Analyst 1 with a Top- Secret clearance to support a KDS and our government customer. This is a Remote opportunity. We offer competitive compensation and an extraordinary benefits package including health, dental and vision insurance, 401K with company matching, flexible spending accounts, paid holidays, three weeks of paid time off, and more. Essential Functions, Responsibilities & Duties may include, but are not limited to: Provide security remediation support to address systems that are not compliant with security best practices, policies, and standards. Collaborate with teammates to address security requirement gaps throughout the lifecycle of both non-compliant and new systems. Advise application owners on mitigating security issues, document progress, and report on remediation activities. Provide guidance on security for on-premises and cloud environments, including SaaS, PaaS, and IaaS, with a focus on compliance with FedRAMP and HHS security requirements. Offer security guidance related to different architecture models: microservices, traditional applications, data lakes, data warehouses, and APIs. Address security concerns related to insider threats and zero-trust architectures at the network, infrastructure, and application levels. Advise on efficient security integration with various technologies and methodologies to accelerate project timelines. Engage system owners and program managers to understand and address security gaps and needs. Work Experience, Knowledge, Skills & Abilities: Bachelor's degree (preferably in Information Technology, Cybersecurity, or a related field) (or equivalent experience). Minimum 2 years of relevant experience. Must possess a Security+ Certification. Familiarity with federal laws, regulations, and policies, including: FISMA (2002) NIST Standards HHS Information Security and Privacy Policies Federal Information System Controls Audit Manual (FISCAM) FedRAMP Continuous Diagnostics and Mitigation (CDM) HIPAA Top Secret Security Clearance required Working Environment & Conditions This job operates in a professional office environment and has a noise level of mostly low to moderate. This role routinely uses standard office equipment such as computers, phones, photocopiers, filing cabinets and fax machines. This position is primarily indoors, consistent with a standard office position and has a noise level of mostly low to moderate. The incumbent is required to stand, walk; sit; use hands to finger, handle, or feel objects, tools, or controls; reach with hands and arms; talk and hear. The workload may require the incumbent to sit for extended periods of time. The incumbent must be able to read, do simple math calculations and withstand moderate amounts of stress. The incumbent must occasionally lift and/or move up to 25 lbs. Specific vision abilities required by the job include close vision, distance vision, color vision, depth perception, and the ability to adjust focus. Our Equal Employment Opportunity Policy The company is an equal opportunity employer. The company shall not discriminate against any employee or applicant because of race, color, religion, creed, sex, sexual orientation, gender, or gender identity (except where gender is a bona fide occupational qualification), national origin, age, disability, military/veteran status, marital status, genetic information, or any other factor protected by law. We are committed to equal employment opportunity in all decisions related to employment, promotion, wages, benefits and all other privileges, terms, and conditions of employment. The company is dedicated to seeking all qualified applicants. If you require accommodation to navigate or to apply for a position on our website, please contact Heaven Wood via e-mail at accommodations@koniag-gs.com or by calling ************ to request accommodation. Koniag Government Services (KGS) is an Alaska Native Owned corporation supporting the values and traditions of our native communities through an agile employee and corporate culture that delivers Enterprise Solutions, Professional Services and Operational Management to Federal Government Agencies. As a wholly owned subsidiary of Koniag, we apply our proven commercial solutions to a deep knowledge of Defense and Civilian missions to provide forward leaning technical, professional, and operational solutions. KGS enables successful mission outcomes for our customers through solution-oriented business partnerships and a commitment to exceptional service delivery. We ensure long-term success with a continuous improvement approach while balancing the collective interests of our customers, employees, and native communities. For more information, please visit ****************** Equal Opportunity Employer/Veterans/Disabled. Shareholder Preference in accordance with Public Law 88-352 Medical Insurance Vision Insurance Dental Insurance 401k Disability Maternity Tuition Assistance

The Information Security GRC Analyst IV manages day to day, short and long term information security risk and compliance programs. They also ensure activities are within risk tolerance and in compliance with approved policies, procedures and standards. Essential Functions: Collaborate with key stakeholders and customers in the execution of the processes and controls related to information security risk and compliance to protect business interests and achieve business goals Responsible for the measurement, monitoring, communicating, and reporting of cybersecurity risk, security metrics, risk mitigation plans, and status of execution of strategic and tactical plans Regularly assess and report to management any exceptions to information risk management policies, procedures, and standards Engage staff and/or vendors to develop information security risk mitigation plans to address risks identified Design, review, mature, and manage a framework of internal IT controls sufficient to effectively protect the confidentiality, integrity, and availability of information assets critical to the business, maintaining robust evidence of controls and representing these records to internal and external auditors and regulators Will serve as the primary point of contact and liaison between any internal or external auditors and regulators for the purpose of facilitating IT audits and assessments, minimizing the impact and disruption to IT personnel Work with the department leadership in establishing security strategy, goals, and objectives Facilitate overall analysis, design, artifacts, and technical requirements validation for strategic initiatives Acts as an expert in functional domain Build employee knowledge and skills in specific areas of expertise Oversee and provide guidance of all aspects associated with enhancement or project work Demonstrate business and technical acumen proficiency Deliver engaging, informative, and well-organized presentations Effectively execute and communicate change management Perform any other job-related instructions as requested Education and Experience: Bachelor's degree or equivalent years of relevant work experience required Master's degree is preferred Minimum of ten (10) years of IT, IT Risk, or Security experience is required Minimum of five (5) years of Security Risk or Program Management experience preferred Competencies, Knowledge and Skills: Ability to effectively prioritize and execute tasks while working both independently and in a team-oriented, collaborative environment Strong interpersonal skills including excellent written and verbal communication skills; listening and critical thinking; presentation skills, facilitation skills Strong organizational skills to help prioritize and manage workload Ability to establish effective working relationships with stakeholders at all different levels Flexibility during organizational and/or business changes Ability to manage multiple projects while demonstrating a sense of urgency Effective problem-solving skills with attention to detail Effectively disseminates information to appropriate audiences verbally and in writing Ability to actively foster appropriate level of participation within teams and gather essential input to enable decision-making Working technical knowledge/experience of the following: IT Audit/Compliance/Risk Security Management Project/Program Management Licensure and Certification: Certifications in Information Security, such as CISSP, CRISC, SSCP, CISA, CISM preferred Project Management Professional (PMP) preferred Working Conditions: General office environment; may be required to sit or stand for extended periods of time Compensation Range: $110,800.00 - $193,800.00 CareSource takes into consideration a combination of a candidate's education, training, and experience as well as the position's scope and complexity, the discretion and latitude required for the role, and other external and internal data when establishing a salary level. In addition to base compensation, you may qualify for a bonus tied to company and individual performance. We are highly invested in every employee's total well-being and offer a substantial and comprehensive total rewards package. Compensation Type (hourly/salary): Salary Organization Level Competencies Create an Inclusive Environment Cultivate Partnerships Develop Self and Others Drive Execution Influence Others Pursue Personal Excellence Understand the Business This is not all inclusive. CareSource reserves the right to amend this job description at any time. CareSource is an Equal Opportunity Employer. We are dedicated to fostering an inclusive environment that welcomes and supports individuals of all backgrounds.#LI-GB1

Alma is on a mission to simplify access to high-quality, affordable mental health care. We do this by making it easy and financially rewarding for therapists to accept insurance and offer in-network care. When a provider joins Alma, they gain access to a suite of tools that not only help them better run their business, but also grow it sustainably and develop as a provider. Alma is available in all 50 states, with over 20,000 therapists in our growing network. Anyone looking for a therapist can browse Alma's free directory. Alma has raised $220.5M in funding from Insight Partners, Optum Ventures, Tusk Venture Partners, Primary Venture Partners, First Round Capital, Sound Ventures, BoxGroup, Cigna Ventures, and Rainfall Ventures. Alma was also named one of Inc's Best Workplaces in 2022 and 2023. Website Job Board Values Candidate Interview GuideSenior Security Governance Risk & Compliance (GRC) Analyst Alma is seeking a mission-driven Senior Security Governance Risk and Compliance (GRC) Analyst to join our team. We are dedicated to building secure and compliant tools and services that help providers more easily manage and grow their practice. Acting as a principal aide to the VP of Security and IT, this role will play a critical role in enabling a culture of security at Alma, making security a product differentiator that builds confidence and trust with our providers, and preparing Alma for annual audits and certifications (such as SOC 2 and HITRUST). In this role you will perform risk assessments, create and maintain our security policies, educate our staff by developing a security awareness program, respond to security assessments, and review our vendor's security. What you'll do: Perform risk assessments and reports on Alma's risk management program Collaborate with stakeholders to identify and facilitate the implementation of mitigating controls Streamline and maintain Alma's security policies and standards Prepare the organization and facilitate annual audits and certifications (SOC 2, PCI) Educate Alma's staff by creating and managing an effective security awareness program Develop our vendor risk program, ensuring our vendors meet Alma security standards Develop Alma's Trust program, preparing materials and responses to security assessments, and making security a product differentiator that builds confidence and instills trust in our providers Develop and measure key metrics, and coordinate activities in support of cybersecurity priorities Who you are: You have 5+ years of work experience in Information Security, especially in a GRC analysis role You have experience working in health tech or other highly regulated industries (banking, insurance, etc) You have experience leading SOC 2 audits and/or HITRUST certifications with minimal findings You have experience deploying GRC solutions (Drata or equivalent), putting in place a unified control framework enabling evidence collection automation and continuous compliance You strongly understand security best practices and controls frameworks (NIST CSF, NIST 800-53, AICPA Trust Services Criteria, HITRUST CSF, PCI DSS, HIPAA Security Rule, and Breach Notification) You have experience implementing security controls and policies that align with AWS security best practices You have experience driving security awareness programs, including phishing simulation tools (KnowBe4 or equivalent) You have experience performing risk assessments, with an understanding of quantitative risk analysis frameworks (FAIR) You have experience writing customer-facing materials in partnership with with product and marketing teams You have strong written and verbal communication skills and can convey complex technical topics to non-technical stakeholders clearly and concisely You feel a passion for Alma's mission - to improve the experience of therapy for providers and their clients and simplify access to care Benefits: We're a remote-first company Health insurance plans through Aetna (medical and dental) and MetLife (vision), including FSA and HSA plans 401K plan (ADP) Monthly therapy and wellness stipends Monthly co-working space membership stipend Monthly work-from-home stipend Financial wellness benefits through Northstar Pet discount program through United Pet Care Financial perks and rewards through BenefitHub EAP access through Aetna One-time home office stipend to set up your home office Comprehensive parental leave plans 11 paid holidays, 1 Alma Mental Health Day, and 1 Alma Volunteering Day Flexible PTO Salary Band: $145,000 - $174,000 Alma's compensation philosophy is driven by our company value of building equity. To best ensure pay equity, we typically bring in new hires near the middle of our listed salary bands and we do not negotiate our compensation (i.e. all people hired at the same level & role are brought in at the same salary, equity, and benefits). The recruiter you work with can provide more details on our philosophy. All Alma jobs are listed on our careers page. We do not use outside applications or automated text messaging in our recruiting process. We will not ask for any sensitive financial or identification information throughout the recruiting process. Any communication during the recruitment process, including interview requests or job offers, will come directly from a recruiting team member with a helloalma.com email address. Learn more about how Alma handles applicant data by reading Alma's Applicant Privacy Notice.

RDTS is seeking a Cleared Systems Security Analyst to support the Bureau of Overseas Building Operations (OBO) at the U.S. Dept of State in Washington, D.C. We are seeking a technically adept and detail-oriented Systems Security Analyst to support the OBO in managing communication security and infrastructure protection initiatives. This role provides direct support to the Department's Cryptographic Services and Information Assurance missions, ensuring that sensitive communication systems and equipment meet the highest standards for security, accountability, and compliance. This is a primarily remote position; however, candidates must reside in the Washington, DC metro area and be prepared to work onsite full-time if requested under evolving Return-to-Office policies. All classified activities will be conducted onsite in secure government facilities. The Systems Security Analyst will conduct risk and compliance reviews, manage cryptographic inventories, respond to security anomalies, and maintain accurate documentation for inspections and audits. This role supports both daily operational security and long-term systems assurance activities. KEY RESPONSIBILITIES: System and Communications Security Monitoring: Monitor the performance and security of COMSEC systems and communication equipment. Identify and resolve anomalies using system logs, audit trails, and incident response procedures. COMSEC Inventory and Accountability: Maintain accurate records of all cryptographic devices, keys, and secure communications equipment using platforms such as iApp. Conduct daily device inspections and participate in semi-annual inventory processes in accordance with DOS CSB guidelines. Policy Compliance and Auditing: Ensure compliance with Department of State regulations including 5 FAH-6 and 12 FAM by performing internal reviews and assisting with third-party audits. Prepare documentation and artifacts for CSB's annual compliance assessments and maintain 99.9% accountability standards. Security Configuration and Engineering Support: Evaluate the security posture of existing systems and recommend configuration changes to mitigate risk. Assist in planning for firmware and software updates on secure telephones, INEs, and related infrastructure. Training and User Support: Provide briefings, policy updates, and technical support for users across domestic and international OBO locations. Assist in the development of user-friendly procedures for the secure handling of cryptographic materials and secure devices. Operational Coordination: Work closely with ISSOs, engineers, and program managers to ensure security alignment across OBO's infrastructure and operations. Support incident response efforts involving cryptographic components or systems under compliance oversight. Requirements Active Security Clearance Bachelor's degree in Information Security, Systems Administration, or a related field (or equivalent experience). Minimum of 4 years of experience in system security, communication security (COMSEC), or IT operations. Familiarity with NIST 800-53 controls, auditing practices, and federal security standards. Strong attention to detail in system monitoring, inventory management, and documentation practices. Excellent written and verbal communication skills for both technical and non-technical audiences. Preferred Qualifications: Experience supporting Department of State or other federal civilian COMSEC programs. Familiarity with iApp or similar inventory and accountability systems. Working knowledge of secure communications infrastructure and cryptographic equipment. Certifications such as Security+, CAP, or relevant DoD 8570 compliant credentials. Experience participating in federal audits and inspections for classified systems. All qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity, religion, national origin, disability, veteran status, age, marital status, pregnancy, genetic information, or other legally protected status.

Founded in 2001, WaveStrong is an industry leader in enterprise and cloud information security consulting services. We pride ourselves on our best of breed security solutions and services that span a myriad of government, education and business verticals. Our staff is comprised of both certified technical and business professionals who can help you successfully navigate complexities of planning, design, implementation and management of securing data. Our approach is vendor agnostic giving our customers the freedom to choose the best customized security model for their business. Requirements We are looking for a Remote Imperva Data Security SME experienced with Imperva solutions to protect sensitive data across platforms. Key responsibilities include configuring and monitoring Imperva Data Security Fabric, managing data security controls, and collaborating to address vulnerabilities. Qualifications: Experience with Imperva Data Security Fabric (DSF), WAF and/or DAM Knowledge of data protection regulations (e.g., GDPR, CCPA) Proficiency in database security practices and security incident response. Strong problem-solving and communication skills Travel up to 50%

Job Description Founded in 2001, WaveStrong is an industry leader in enterprise and cloud information security consulting services. We pride ourselves on our best of breed security solutions and services that span a myriad of government, education and business verticals. Our staff is comprised of both certified technical and business professionals who can help you successfully navigate complexities of planning, design, implementation and management of securing data. Our approach is vendor agnostic giving our customers the freedom to choose the best customized security model for their business. Requirements We are looking for a Remote Imperva Data Security SME experienced with Imperva solutions to protect sensitive data across platforms. Key responsibilities include configuring and monitoring Imperva Data Security Fabric, managing data security controls, and collaborating to address vulnerabilities. Qualifications: Experience with Imperva Data Security Fabric (DSF), WAF and/or DAM Knowledge of data protection regulations (e.g., GDPR, CCPA) Proficiency in database security practices and security incident response. Strong problem-solving and communication skills Travel up to 50%

The Cyber Information Assurance Analyst SME provides IT support services for the Marine Corps Logistics Base by independently conducting complex security analyses of classified and unclassified systems for compliance with security requirements. Performs Command Cyber Readiness Inspections, vulnerability evaluations, and utilizing various security technologies and tools to assess the security posture of intricate computer systems and networks. Responsibilities include conducting vulnerability and risk analyses, participation in penetration studies, and defining security requirements for a range of computing systems. Recommends solutions to enhance security, gathers technical information to align with organizational goals, and offers technical analysis and advice to client executive management on system improvements, focusing on areas like information systems architecture, networking, and communication protocols. This position is on-site in the Albany, GA area. Chickasaw Nation Industries, Inc. serves as a holding company with multiple subsidiaries engaged in several lines of business (Technology, Infrastructure & Engineering, Health, Manufacturing, Public Safety, Consulting, and Transportation) for the federal government and commercial enterprises. A portion of our profits is used to support Chickasaw citizens. We are proud to support the economic development and long-term viability of the Chickasaw Nation and its people. CNI offers premium benefits eligible on the first day of hire to full time employees; (Medical - Dental - Vision), Company Life Insurance, Short-Term and Long-Term Disability Insurance, 401(K) Immediate Vesting, Professional Development Assistance, Legal Aid Assistance Program, Family Planning / Fertility Assistance, Personal Time Off, and Observance of Federal Holidays. As a federal contractor, CNI is a drug-free workplace and adheres to the Federal Controlled Substance Act. ESSENTIAL REQUIREMENTS Secret Clearance is required and must be maintained for employment. Must be eligible for an IT-II upon assignment. Tenable Certified NESSUS Auditor required and must maintain CSSP Auditor Certification. IAM III and IAT II level certification is required. Proven proficiency performing CCRI / vulnerability assessment / penetration testing on networks, databases, computer applications and IT frameworks Seven (7) years IT experience Five (5) years IA experience Two (2) years of experience with DOD Vulnerability Management System Command Cyber Readiness Inspection certification in at least one of the following areas: Retina scan analysis o Operating Systems (Windows, Unix) Boundary defense (network policy, router, firewall) Internal defense (L2 switch, L3 switch) DNS (policy, BIND/Windows) HBSS (remote console, AV, ABM, PA, HIPS, ePO) Traditional security (Common, Basic, NCV, SCV) Wireless communications (BES, handhelds) Strong analytical and problem solving skills for resolving security issues Strong skills implementing and configuring networks and network components Knowledge and understanding of DOD security regulations, DISA Security Technical Implementation Guides Understanding of SCAP Knowledge of and proficiency with: VULNERATOR; USCYBERCOM CTO Compliance Program; Wireless vulnerability assessment; Web Services (IIS, Apache, Proxy); Database (SQL Server, Oracle); Email Services (Exchange); Vulnerability Scans (NESSUS, SCCM); Knowledge of Phishing exercises; USB Detect; Physical Security. Nice to have: DISA FSO certified CCRI Team Lead and have a certification in penetration testing, such as: Licensed Penetration Tester (LPT); Certified Expert Penetration Tester (CEPT); Certified Ethical Hacker (CEH); Global Information Assurance Certification Penetration Tester (GPEN); Familiarity with AUTOCHECKLIST Tool. KEY DUTIES AND RESPONSIBILITIES Essential Duties and responsibilities include the following. Other duties may be assigned. Independently performs complex security analysis of classified and unclassified applications, systems and enclaves for compliance with security requirements. Performs Command Cyber Readiness Inspections and cybersecurity vulnerability evaluations. Uses a variety of security techniques, technologies, and tools to evaluate security posture in highly complex computer systems and networks. Performs vulnerability and risk analysis, and participate in a variety of computer security penetration studies. Analyzes and defines security requirements for computer and networking systems, to include mainframes, workstations, and personal computers. Recommends solutions to meet security requirements. Gathers and organizes technical information about an organization's mission goals and needs, and makes recommendations to improve existing security posture. Provide enterprise-wide technical analysis and direction for problem definition, analysis and remediation for complex systems and enclaves. Provides workable recommendations and advice to client executive management on system improvements, optimization and maintenance in the following areas: Information Systems Architecture, Automation, Telecommunications, Networking, Communication Protocols, Application Software, Electronic Email, VOIP and VTC. Competent to work at the highest level of all phases of information systems auditing. EDUCATION AND EXPERIENCE Seven (7) years of experience, or an equivalent combination of education/experience. PHYSICAL DEMANDS Work is primarily performed in an office environment. Regularly required to sit. Regularly required use hands to finger, handle, or feel, reach with hands and arms to handle objects and operate tools, computer, and/or controls. Required to speak and hear. Occasionally required to stand, walk and stoop, kneel, crouch, or crawl. Must frequently lift and/or move up to 10 pounds and occasionally lift and/or move up to 25 pounds. Specific vision abilities required by this job include close vision, distance vision, depth perception, and ability to adjust focus. Exposed to general office noise with computers printers and light traffic. The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of this job. EOE including Disability/Vet CNI offers a comprehensive benefits package that includes: Medical Dental Vision 401(k) Family Planning/Fertility Assistance STD/LTD/Basic Life/AD&D Legal-Aid Program Employee Assistance Program (EAP) Paid Time Off (PTO) - (11) Federal Holidays Training and Development Opportunities Your application submission will be considered for all potential employment opportunities with Chickasaw Nation Industries (CNI).

Location: Texas_Remote_Worker, United States of AmericaThales people architect identity management and data protection solutions at the heart of digital security. Business and governments rely on us to bring trust to the billons of digital interactions they have with people. Our technologies and services help banks exchange funds, people cross borders, energy become smarter and much more. More than 30,000 organizations already rely on us to verify the identities of people and things, grant access to digital services, analyze vast quantities of information and encrypt data to make the connected world more secure. Remote- United States Thales is hiring an Senior Security Analyst is tasked with tackling and solving our most complex field issues for enterprise customers in combating automated threats targeting their web applications, API's, and mobile applications. As a Security Analyst, you will be analyzing large amounts of traffic to websites to find global correlations and patterns. Based on the conclusions drawn from the analysis, the analyst collaborates with the customer and internal teams to implement mitigation strategies to stop automated website attacks. An important component of the position is to work with clients, investigate anomalies, and provide easily consumable but detailed evidence for all actions taken. Key Areas of Responsibility Become an Imperva Expert--you will know everything there is to know about how Imperva's Bot Detection platform works, as well as how bots and bot operators attack websites Work with Imperva customers to fully understand the issues automated attacks cause to their business and devise strategies to mitigate or eliminate the issues Serve as a security expert analyzing customer's network traffic, application designs, applications and provide recommendations to mitigate Bot attacks and as an escalation point for internal team members. Regularly work with the customers on their specific security-related engagements per their billable hours. Participate in presentations with customers on a regular basis. Work with Imperva's internal threat research, data science, and product teams by delivering actionable intelligence that will inform future product enhancements Provide guidance and mentorship to Security Analysts, sharing best practices & helping develop them. Develop and contribute to various projects (including efficiency of analysis) Lead complex security engagements and solve sophisticated bots across strategic & enterprise accounts Minimum Requirements Required Bachelor's degree in Computer Science, Information Management, or a relevant technical degree Minimum of 7 years of experience in Cybersecurity or 5 years of experience in the Bot Management space Experience with, or an appetite to learn, data visualization tools like Tableau and Looker Intermediate to advanced SQL skills Experience with basic scripts in one or more languages, such as Python, Bash, or Go You have a knack for automating redundant tasks, streamlining repetitive processes, and are always looking for opportunities to scale operations If you're excited about working with Thales, but not meeting the requirements for this position, we encourage you to join our Talent Community! ************************************************************** You can upload your CV and our recruiters can get in touch with any new opportunities that may be of interest to you. Why Join Us? Say HI and learn more about working at Thales click here #LI-MM1 #LI-Remote This position will require successfully completing a post-offer background check. Qualified candidates with criminal history will be considered and are not automatically disqualified, consistent with applicable federal law, state law (the California Fair Chance Act), and local ordinances (San Francisco Fair Chance Ordinance, City of Los Angeles' Fair Chance Initiative for Hiring Ordinance, and Los Angeles County's Fair Chance Ordinance for Employers). We are an equal opportunity employer, including disability and veteran status. All qualified applicants will receive consideration for employment without regard to sex, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law. If you need an accommodation or assistance in order to apply for a position with Thales, please contact us at ************************************. The reference Total Target Compensation(TTC) market range for this position, inclusive of annual base salary and the variable compensation target, is between Total Target Cash (TTC): 88,749.02 - 126,784.32 - 179,179.52 USD Annual This reflects how companies in a similar industry and geographic region generally pay for similar jobs. This range helps the Company make pay decisions as one data point among many. Where a position falls within this range is also dependent on other factors including - but not limited to - the employee's career path history, competencies, skills and performance, as well as the company's annual salary budget, the customer's program requirements, and the company's internal equity. Thales may offer additional benefits and other compensation, depending on circumstances not related to an applicant's status protected by local, state, or federal law. (For Internal candidate, if you need more information, please reach out to your HR Shared Service, 1st Point) Thales provides an extensive benefits program for all full-time employees working 30 or more hours per week and their eligible dependents, including the following: •Elective Health, Dental, Vision, FSA/HSA, Voluntary Life and AD&D, Whole Group Life w/LTC, Critical Illness, Hospital Indemnity, Accident Insurance, Legal Plan, Identity Theft, and Pet Insurance •Retirement Savings Plan after 30 days of employment with a company contribution and a match, and with no vesting period •Company paid holidays and Paid Time Off •Company provided Life Insurance, AD&D, Disability, Employee Assistance Plan, and Well-being Program

This is a full-time, direct hire position: Monday - Friday, 8:00 AM - 5:00 PM (ET) Accepting applicants in the following states: FL, GA, NC, NE, NH, PA, SC, TX, UT, VA Remote/WFH employees must have a reliable internet connection and must work in an environment free of noise and distraction. The Company: Make an Impact & Unleash Your Potential: * We empower businesses to thrive in a connected world by providing innovative, secure, and reliable IT solutions and cyber security services. Immerse yourself in cutting-edge technologies, collaborate with highly talented individuals, and elevate your future. We Live Up to Our Values: * Take initiative, professional growth is what you make of it. * Teamwork, collaboration, sharing of knowledge; it's what we do. * Be heard, be respected, be supported; leadership is in it for you. * We accomplish extraordinary results through determination and commitment. * Customer satisfaction is at the center of what we do; we only succeed when our customers succeed. Benefits for a Balanced You (US Employees): * Insurance Coverage You Can Depend On (Health, Dental, Vision, Life/AD&D, Short-Term Disability, Long-Term Disability) * Generous Time Off * 401k Retirement Plan with Company Match * Peer-to-Peer Recognition * Learning and Development * Pet Insurance * Fun On and Off-Site Events * Referral Bonus Program * Employee Assistance Program * Critical Illness Insurance * Accident Insurance * Hospital Indemnity Insurance * Legal and Identity Protection Services The Opportunity: The Information Security Analyst will support day-to-day security operations, event/incident investigation, security control assessment, data analysis and reporting, and other infosec-related activities. The analyst will work with the Project team as well as Helpdesk Support team to communicate risks and vulnerabilities, recommended changes which will remediate issues and/or improve security and create documentation or reports regarding infosec activity and incidents. Essential Duties and Responsibilities * Create policies to ensure our customers' infrastructure and information assets are protected with BCS security offerings: including Sophos Anti-virus and Malware Protection, Sophos Intercept-X, and Encryption. * Audit, analyze, plan, execute, and manage multi-faceted projects related to the BCS security offerings for our customers including onboarding. * Review customers IT Systems platforms to determine the current role of the system and seek out vulnerabilities * Responsible for ensuring BCS Security offering has the necessary monitoring of the computing environment required to alert Helpdesk Support through the ticketing system. * Consistently conduct in-depth test of customer's systems of the current and newly implemented infrastructure for IT Security to ensure policies and settings are applied correctly. * Analyze system generated information and trends in the data and develop improvements to increase a system's performance. * Assess the customers IT system for perceived or actual threats and respond to any issues that are presented and/or escalate where necessary. * Enforce security policies and procedures, they monitor data security profiles on all platforms by reviewing security violation reports and investigating security exceptions. * Responsible for reviewing and improving/developing response plans to any potential threat opportunities until the problem is mitigated completely. * Develops and generates reports for management, customers, and other departments around the managed BCS security service/tools offerings. * This role will monitor compliance with security policies, standards, guidelines and procedures while ensuring security compliance with legal and regulatory standards. * Follows up on deficiencies identified in monitoring reviews, self-assessments, automated assessments, and internal and external audits to ensure that appropriate remediation measures have been taken. * Responds to security incidents (Helpdesk Support), conducts forensic investigations and targets reviews of suspect areas as well as develop action plans to address root causes of security-related problems. * Collaborates on projects to ensure that security issues are addressed throughout the project life cycle. * Reports to management concerning residual risk, vulnerabilities and other security exposures, including misuse of information assets and noncompliance. * Provides responsive support for problems found during normal working hours as well as outside normal working hours as needed. Competencies, Skills, and Qualifications * 4-5 years of security experience working with Endpoint Security, Intrusion Prevention, and Firewall security * Proven work experience as a system security engineer or information security engineer * Experience in building and maintaining security systems * Detailed technical knowledge of database and operating system security * Hands on experience in security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc * Experience with network security and networking technologies and with system, security, and network monitoring tools * Thorough understanding of the latest security principles, techniques, and protocols * Problem solving skills and ability to work under pressure Development Expectations * Ethical Hacker - Preferred / Development Plan * Associate of (ISC)² - Preferred / Development Plan * CISSP (Certified Information Systems Security Professional) - Preferred / Development Plan * CCNP Security - Preferred / Development Plan BCS365 is an Equal Opportunity Employer. We consider applicants for all positions without discrimination based on race, color, religion, creed, gender, national origin, sexual orientation, age marital or veteran status, disability, or any other legally protected status. Please Note: BCS365 participates in E-Verify and will provide the federal government with your Form I-9 information to confirm that you are authorized to work in the U.S.

Title: Network Security Analyst Solicitation: 5112425NSA2 Duration: On-going, no ending date Visa: Must be US Citizen, Green Card, EAD. No H1B Telework Policy: The primary work location(s) will be at 100% Remote Required/Preferred Skills: 4 years, Required -Bachelor's degree in computer-related field and four years' experience as a systems administrator or eight years' experience as a systems administrator. 4 years, Required -Supporting patching and configuring Windows and Linux operating systems and third-party applications 4 years, Required -Advanced system administration skills in Linux/UNIX Servers. 4 years, Required -Microsoft Windows server implementation and administration to include Active Directory 4 years, Required -Network firewall, wireless network, routing, and switch network design, implementation, and administration. 4 years, Required -Evaluating and interpreting NESSUS vulnerability reports, building deployment packages using Microsoft Endpoint Configuration Manager, Microsoft Intune, Microsoft System Center Configuration Manager, and Windows server and workstation administration. 4 years, Required -Microsoft Windows Certifications including MCSA Windows Server 4 years, Required -Microsoft Windows Exams related to Windows Server, Security, and Networking 4 years, Required -Microsoft O365 Tenant level administration and security 4 years, Required -Strong written and verbal communication skills to serve as a technical consultant to peers, clearly and accurately document relevant issues, and prepare accurate, concise, reliable reports. 4 years, Required -Advanced skill in solving problems; in scheduling, testing, installing, and implementing programs; and in trouble shooting computer software systems 4 years, Required -Ability to handle multiple priorities while meeting strict deadlines. Scope/Description of Services The Worker(s) will provide the following services: Perform Network Security Analyst work as a member of the Infrastructure Services team, participate in one or more projects concurrently. Ensure that information systems and computer networks are secure. Protect against hackers and cyber‐attacks, as well as monitoring network traffic and server logs for activity that seems unusual. Responsible for finding vulnerabilities in the computer networks and creating recommendations for how to minimize these vulnerabilities. Investigates security breaches, develops strategies for any security issues that arise and utilizes the help of firewalls and antivirus software to maintain security. Perform other duties as assigned to maintain operations. Work Hours and Location Services shall be provided during normal business hours unless otherwise coordinated through TWC. Normal business hours are Monday through Friday from 8:00 AM to 5:00 PM, excluding State holidays when the agency is closed. If the Vendor is headquartered in Texas, this position is eligible for telecommuting from within the Continental United States. Conversely, if the Vendor is not headquartered in Texas, this position is eligible for telecommuting from within Texas only. Vendor employees must obtain approval in writing from their TWC supervisor to take TWC issued equipment to another continental State. Vendor employees are prohibited from taking TWC issued equipment outside of the continental United States. Such action may lead to immediate release from TWC employment. Any and all travel, per diem, parking, and/or living expenses shall be at the Worker's expense. The Worker(s) may be required to work outside the normal business hours on weekends, evenings, and holidays, as requested. Payment for overtime work (required work hours exceeding the standard forty (40) hours per Business Week) will be at the quoted hourly rate and must be coordinated and pre-approved through TWC. This is a remote position. Ideal candidates must have a secure, dedicated workspace with Internet service, ability to maintain a reliable consistent work schedule, and be available for weekly meetings and group collaboration via Microsoft Teams and other applications during regular business hours. Position may require team members to come into the office for scheduled meetings, and there may be unscheduled requests with seventy-two (72) hour notice for any TWC business need. If applicable, the work location will be at 101 E. 15th Street, Austin, Texas 78778 Services are expected to start as soon as possible and are expected to be completed by August 31, 2025, or when 1040 total hours estimated on Purchase Order have been depleted, whichever occurs first. Total estimated Worker hours for the services shall not exceed 2,000 hours per Worker per Term unless otherwise amended, renewed, and/or extended by TWC via Purchase Order Change Notice. Unused hours may be rolled over from one fiscal year to the next, as necessary. Rates are fixed throughout each Term of the Contract. TWC anticipates that the Term of the Contract will be one (1) year with four (4) optional one-year renewals to be exercised by TWC at its sole discretion. Debbie Pedigo CEO / Senior Staffing Consultant DebbieP@PedigoStaffing.com 830.433.4604 210.401.4501 Pedigo Staffing Services PedigoStaffing.com https://www.linkedin.com/company/2735943 Awarded Cooperative Contracts: DIR ITSAC (Department of Information), IT Staffing #DIR-CPO-5738 TIPS (Texas Interlocal Purchasing System), Staffing #230703 TIPS (Texas Interlocal Purchasing System), Technology Services #240101 BuyBoard, Temporary Staffing #774-25 State of Louisiana, IT Staffing #4400029273CW8873 State of Oklahoma, IT Staffing #SW1025 State of Oklahoma, Staffing #0132

Together, We Enhance Innovation and Growth i2G specializes in advanced physical electronic security and life safety solutions. I2G has proven experience in surveillance, access control, and intrusion detection systems, biometrics, fence sensors, radars, ground sensors, anti-drone technologies, and more. We excel in design, project management, commissioning, and enterprise technology integrations. i2G's mission is to provide the products and services that meet our customers' needs to give them a vital advantage in today's market, helping to protect what matters most. This position will provide engineering design and support for security solutions for new and existing clients while working alongside internal teams, external teams, clients, and subcontractors to ensure project success. Responsibilities * Possess a thorough understanding of standard Electronic Security technology (ACS, IDS, FDS, CCTV) and supporting equipment such as computer software/hardware, databases, and networking infrastructure. * Ability to review architectural, electrical, telecommunication, security engineering floor plans, riser drawings, device schedules, and detail drawings. * Design, develop, and implement solutions for system installations, upgrades, repairs, and conversions. * Review of Field Site Survey documentation and provide technical assistance with RFI/RFP responses. * Create solution design documentation (drawings, BOMs, solution design summaries). * Provide technical support for in-office and on-site team members. * Support management in the process of creating documentation for implementing new technology with new and existing customers. * Maintain familiarity with current and emerging electronic security technologies such as access control, video surveillance, intrusion detection, biometrics, etc. and industry leading vendors. Qualifications * A minimum of 3-7 years previous experience in the industry. * Associate or bachelor's degree in relevant field preferred or applicable amount of experience in the appropriate field may be substituted for the educational background. * Experience in the design and planning of access control and video systems. * Professional Electronic Security Certifications or training (Lenel, Genetec, C-Cure. Avigilon, Axis, Bosch, Milestone, etc.) preferred. Company Overview This is a Security Systems Engineer career opportunity with i2G Systems. Learn more about i2G: *************************************** "Kastle Systems Makes Strategic Investment in i2G Systems, Strengthening Leadership in Serving High-Security Industries and High-Value, Large Scale Facilities" Read More About the Partnership Here: *********************************************************************************************************************************************************************************** Equal Opportunity Statement We are an Equal Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, age, protected veteran status, marital status, pregnancy or any other basis protected by applicable federal or state laws.

About the role As a Information Security Analyst at VTEX you will partner with compliance, legal, customer experience and sales teams to meet and maintain InfoSec Compliance requirements for frameworks like SOC 2, SOX, PCI-DSS and ISO 27k. In this role, you will: Research and evaluate emerging InfoSec Compliance automation tools, implement and manage them. Define how to scale our ability to communicate our InfoSec posture to our current and potential customers. Be responsible for creating and updating the InfoSec policies and procedures. Research or conduct internal fact-finding of our current controls. Assist with the creation, maintenance and delivery of InfoSec awareness training for colleagues Generate reports for both technical and non-technical staff and stakeholders Maintain an information security risk register and assist with internal and external audits relating to information security This is also an excellent opportunity to help shape the future of Security and Privacy for enterprise digital commerce platforms. About the team You will be part of our Security & Privacy organization, which provides expertise, tools, and frameworks that enable all teams at VTEX to build secure and reliable systems. You will work on engineering projects with high impact and measurable results that affect the whole company, preventing and eliminating whole classes of threats at once, as opposed to one at a time. Who you are Have strong communication skills in English and Portuguese (Spanish would be a bonus) and can convey security and compliance topics to non-technical people unfamiliar with specifics of security. Capable of summarizing and demonstrating security & compliance capabilities driving discussions with senior leaders in the industry regarding trade-offs, best practices, and risk mitigation. Known for collaborating effectively and coordinating work across multiple organizations such as product, engineering, customer experience, and sales. Familiar with at least two of the audit frameworks mentioned above. Eager to understand at a high level how our enterprise digital commerce platform works. #LI-Remote About VTEX VTEX (NYSE: VTEX) is the composable and complete commerce platform that delivers more efficiency and less maintenance to organizations seeking to make smarter IT investments and modernize their tech stack. Through our pragmatic composability approach, we empower brands, distributors, and retailers with unparalleled flexibility and comprehensive solutions, enabling them to invest solely in what provides a clear business advantage and boosts profitability. VTEX is trusted by 2,400 global B2C and B2B customers, including Carrefour, Colgate, Motorola, Sony, Stanley Black & Decker, and Whirlpool, having 3,400 active online stores across 43 countries (as of FY ended on December 31, 2024). Founded in the year 2000, VTEX has a history of being unstoppable. Completely against the odds, VTEX is leading a high-tech industry and positioned above market giants. We are building an extraordinary future with more than 1,300 employees scattered across 25 locations in 16 countries in Latin America, North America, Europe, and Asia. For more information, visit ************* At VTEX, you will work in a challenge-driven environment and collaborate with amazing peers. If you are powerful individually, join us, and we will be unstoppable together. BENEFITS Annual profit-sharing program and equity eligibility; Health, dental, and life insurance with national coverage provided by VTEX; Annual budget for professional development in Tech; Language development incentive program (English, Spanish, Portuguese); Flexible meal allowance; Extended parental leaves; Child-care assistance; Flexible work schedule and remote-first culture; Financial assistance to build your work-from-home setup; Wellness program; Free shipping on 1000+ VTEX stores

This position serves as the lead for analyzing and monitoring information systems and applications, and recommends, develops and implements measures to protect Genesco Inc. information against unauthorized access, modification and loss. This position is also responsible for administering and maintaining technology specific to the protection of Genesco information technology resources. This position is responsible for handling highly confidential information. Job Responsibilities * Serve as Subject Matter Expert (SME) on IT Security and Compliance owned projects. Provide security and compliance expertise on all other IT projects. * Security advisor on all leading-edge technologies for the enterprise. * Ensures that all system platforms are functional and secure. Manages and guides the maintenance of systems to protect data from unauthorized users. * Works with management to determine acceptable level of risk for enterprise computing platforms. * Utilize security event correlation tools to detect and respond to security incidents in a timely fashion. Investigate and manage security incidents across the enterprise. Develop and implement counter measures for security incidents. Conduct forensic investigations in support of the legal and or risk assurance departments within the enterprise. * Manage enterprise-wide endpoint protection suite and coordinate network infrastructure team and application teams during any security incident response. * Other duties as required. Job Requirements * Bachelor's degree in Computer Science, MIS, or related field and 10 years of professional IT experience. Or 10 years experience specifically in security or network administration. * 10 years + of combined IT and application, operating system or database security work experience with a broad range of exposure to systems analysis, configuration, diagnostics and administration of Windows, Linux and Unix servers. * Must have familiarity with Identity Access Management, Vulnerability Scanning, change management, computer forensics and security incident response. #LI-LC1 #Remote