Information Security Analyst Jobs in Lexington, KY

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we're counting on your unique voice and perspective to help EY become even better. Join us and build an exceptional experience for yourself, and a better working world for all. The exceptional EY experience. It's yours to build. EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. In an ever-evolving IT landscape, EY stands as a beacon of trust for clients across diverse industries seeking reliable solutions to address their intricate risks and vulnerabilities. As a vital member of our Secure Design Pattern team, you will play a vital role in achieving this objective by empowering clients to comprehend, navigate, and secure all applicable layers of business applications. This is an opportunity to leverage both your technical prowess and business acumen to drive our mission and make a significant impact on global cybersecurity. **The opportunity** We currently offer an exciting career opportunity for a Secure Design Pattern Analyst responsible for establishing blueprints to standardize implementation of security controls across layers of business applications and architectures. At our core, our Secure Design Pattern services play a pivotal role in assisting our clients to implement business applications securely and in line with industry best practices and client policies and standards. The ideal candidate will be responsible for documenting secure design patterns, interfacing with application owners, architects, and subject matter resources, as well as discuss and apply secure patterns, guidelines, and principles. **Your Key Responsibilities** + Create and maintain design patterns documentation and playbooks + Coordinate and streamline the processes to create, update, manage, and control design patterns. at clients. + Engage with security architects, product owners, engineers, and subject matter resources to support new design patterns and updates to design patterns. + Promote security best practices within discussions. + Review and process design pattern service requests, ensuring timely resolution. + Track and report the status of secure design pattern requests, provide regular updates on progress and outcomes. **Skills and Attributes for Success** + Proven experience writing technical documentation, standard operating procedures, policies, standards supporting the implementation of security controls and architecture patterns. + Understanding and apply secure design concepts. + Strong communication skills, with the ability to convey technical information in discussions and documentation. + Knowledge of industry security frameworks and compliance standards and regulations (e.g., CMMC, NIST, ISO 27001, CIS, OWASP, TOGAF, SABSA, etc.) + Familiarity with cloud security platforms (e.g., AWS, Azure) and cloud-native security controls. + Basic understanding of authentication (OAuth, SAML, OpenID), authorization (RBAC, ABAC), and Zero Trust + Understanding of encryption algorithms, key management, digital signatures, and PKI. + Familiarity with SIEM, SOAR, XDR, log management, and anomaly detection. + Familiarity with secure coding practices, DevSecOps, SAST/DAST tools, and software security design. + Familiarity with firewalls, VPNs, TLS, micro-segmentation, and intrusion detection. + Excellent problem-solving skills and the ability to manage multiple tasks effectively. + Strong communication skills to collaborate with team members and stakeholders (e.g., business, information technology, product owners, cybersecurity. + A track record of delivering high-quality client services and work products within expected timeframes. + Ability to managing and maintain inventories of documentation **To qualify for the role you must have** + Understanding of security principles + Bachelor's degree in computer science, information technology, cybersecurity, technical writing, or a related field + Proven experience in technical writing + Hands on experience managing or working on a security architecture and/or GRC team + Basic knowledge of cloud platforms (AWS, Azure) and their security features + Knowledge of common industry security frameworks and regulations (e.g., CMMC, NIST, ISO 27001, CIS, OWASP, etc.) + Knowledge of general security concepts and methods, such as security policy creation, enterprise security strategies, architectures, governance, vulnerability assessments, privacy assessments, intrusion detection, and incident response + Experience in leading process definition, workflow design, and process mapping + Experience in ServiceNow managing tickets and generating basic reports. **Ideally, you'd also have** + Professional certifications in cybersecurity, such as CISSP, CISM, or specific vendor certifications like from AWS, Azure, and Google Cloud. + Hands on experience in cloud-based security solutions + Prior experience as a security architect + Experience in assessing compliance to regulations and standards + Strong interpersonal and communication skills, with the ability to collaborate effectively with clients and cross-functional teams to present solution designs, options, and innovations. **What we look for** We are interested in intellectually curious people with a genuine passion for cybersecurity. With your broad exposure across security architecture and enterprise applications, we will turn to you to speak up with innovative new ideas that could make a lasting difference not only to us - but also to the industry at large. If you have the confidence in both your writing, presentation, and technical abilities to grow into a leading expert here, this is the role for you. **What we offer** We offer a comprehensive compensation and benefits package where you'll be rewarded based on your performance and recognized for the value you bring to the business. The base salary range for this job in all geographic locations in the US is $57,700 to $94,800. The salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is $69,000 to $107,100. Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options. Join us in our team-led and leader-enabled hybrid model. Our expectation is for most people in external, client serving roles to work together in person 40-60% of the time over the course of an engagement, project or year. Under our flexible vacation policy, you'll decide how much vacation time you need based on your own personal circumstances. You'll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being. + **Continuous learning:** You'll develop the mindset and skills to navigate whatever comes next. + **Success as defined by you:** We'll provide the tools and flexibility, so you can make a meaningful impact, your way. + **Transformative leadership:** We'll give you the insights, coaching and confidence to be the leader the world needs. + **Diverse and inclusive culture:** You'll be embraced for who you are and empowered to use your voice to help others find theirs. EY accepts applications for this position on an on-going basis. **If you can demonstrate that you meet the criteria above, please contact us as soon as possible.** EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. For those living in California, please click here (********************************************************************************************************************************************************************** for additional information. EY is an equal opportunity, affirmative action employer providing equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status, or any other legally protected basis, including arrest and conviction records, in accordance with applicable law. EY is committed to providing reasonable accommodation to qualified individuals with disabilities including veterans with disabilities. If you have a disability and either need assistance applying online or need to request an accommodation during any part of the application process, please call 1-800-EY-HELP3, select Option 2 for candidate related inquiries, then select Option 1 for candidate queries and finally select Option 2 for candidates with an inquiry which will route you to EY's Talent Shared Services Team (TSS) or email the TSS at **************************

****Candidate must be able to work in the PST timezones. ***** This position will execute the Information and Cybersecurity Risk Management programs, concentrating on internal and third-party risk assessments and audits. Assessment and compliance activities include validating controls in the IT department, managing risk findings, and verifying their remediation. Must have excellent written and verbal communication skills and a strong understanding of IT risks, cloud security, application systems security, and third-party security. Must be results-oriented with the ability to collaborate with multiple process owners and stakeholders simultaneously. **ESSENTIAL FUNCTIONS** **Duties and Responsibilities** + Lead, plan, and conduct periodic cyber and information security risk assessments and audits of third parties enterprise-wide. + Identify, assess, and document cybersecurity risks for Molina and its suppliers. + Partner with internal and external auditors to facilitate compliance audits and mitigate findings. + Manage documentation (e.g., requesting, reviewing, preparing) for regulatory and compliance audits & assessments. + Ensure compliance with applicable regulations (e.g., HIPAA, NYS DFS) and industry standards (e.g., NIST). + Develop and maintain security policies, plans, charters, standards, and procedures. + Promote security awareness through communication, training, and documentation. + Develop and maintain dashboards to manage and communicate risk to relevant stakeholders. + Develop and monitor metrics and prepare reports for senior management. + Monitor the inventory for vendors and suppliers. + Identify risks and recommend process improvements in the third-party risk management and supply chain program. + Build strong partnerships and collaborate with cross-functional teams. + Lead and execute third-party risk mitigation strategies and corrective action plans. + Monitor and manage third-party risks using GRC and security tools. + Stay current on developments in the industry and within the company. **Qualifications** + Bachelor's degree in Information Systems/Security, Computer Science, Cybersecurity, or related field. + Minimum 5 years relevant experience in cybersecurity with a focus on governance, risk and compliance. + Professional certification(s) such as Certified Information Systems Auditor (CISA), Certified Information Systems + Security Professional (CISSP), or Certified in Risk and Information Systems Control (CRISC) required. + Adaptable to fast-changing environments and comfortable with ambiguity. + Excellent verbal, written, and interpersonal skills. + Big 4 or consulting experience. + Strong proficiency in regulations and industry frameworks (e.g., HIPAA, NIST, HITRUST) + Experience with GRC and security performance monitoring tools (e.g., Lockpath, ServiceNow, Prevalent, BitSight). + Ability to travel approximately 10% To all current Molina employees: If you are interested in applying for this position, please apply through the intranet job listing. Molina Healthcare offers a competitive benefits and compensation package. Molina Healthcare is an Equal Opportunity Employer (EOE) M/F/D/V. Pay Range: $77,969 - $137,000 / ANNUAL *Actual compensation may vary from posting based on geographic location, work experience, education and/or skill level.

GovCIO is currently hiring for Senior Cyber Security Specialist to support our client's contract needs. This position is located in Baltimore, MD, Quantico, VA, or Boyers, PA and will be a fully remote position. **Responsibilities** + Extensive experience in developing and submitting DOD related Security Authorization to Operate (ATO) packages to ensure that the DOD systems passes Audits. + Perform risk assessments for threats and incidents. + Ensure that regulatory and DOD/DCSA requirements are met. + Establish teams to implement new security solutions. + Taking ownership and responsibility for reaching objectives and meeting goals. + Plan and coordinate the efforts of the Security Compliance/Assessment Team to uncover weaknesses in the systems and submit the associated reports. + Plan and lead the efforts of the Plan of Action & Milestone (POA&M) Teams to remediate vulnerabilities uncovered for the impact systems. + Plan and lead the efforts of the Authorization to Operate (ATO) Team to document, validate, prepare, and submit the ATO artifacts to ensure success. + Taking ownership and responsibility for reaching objectives and meeting goals. **Qualifications** Bachelor's with 8+ years (or commensurate experience) Required Skills and Experience + 7+ years of experience working in Cybersecurity disciplines. + Experience with cybersecurity policy at the Federal, DoD, Joint, or Army levels. + Ability to identify, assess, and mitigate the potential threats and vulnerabilities that may affect your organization's security posture. + Knowledge of data backup and recovery. + Knowledge of business continuity and disaster recovery continuity of operations plans. **Clearance Required:** US Citizenship is required to obtain and maintain Top Secret Clearance **Company Overview** GovCIO is a team of transformers--people who are passionate about transforming government IT. Every day, we make a positive impact by delivering innovative IT services and solutions that improve how government agencies operate and serve our citizens. But we can't do it alone. We need great people to help us do great things - for our customers, our culture, and our ability to attract other great people. We are changing the face of government IT and building a workforce that fuels this mission. Are you ready to be a transformer? **We are an Equal Opportunity Employer.** All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, disability, or status as a protected veteran. EOE, including disability/vets. Posted Pay Range The posted pay range, if referenced, reflects the range expected for this position at the commencement of employment, however, base pay offered may vary depending on multiple individualized factors, including market location, job-related knowledge, skills, education, experience, and internal equity. The total compensation package for this position may also include other compensation elements, to be discussed during the hiring process. If hired, employee will be in an "at-will position" and the GovCIO reserves the right to modify base salary (as well as any other discretionary payment or compensation program) at any time, including for reasons related to individual performance, GovCIO or individual department/team performance, and market factors. **Posted Salary Range** USD $140,000.00 - USD $150,000.00 /Yr. Submit a referral to this job (************************************************************************************************************************************* **Location** _US-Remote_ **ID** _2025-5592_ **Category** _Cyber Security & Intelligence_ **Position Type** _Full-Time_

**Our Company** At Teradata, we believe that people thrive when empowered with better information. That's why we built the most complete cloud analytics and data platform for AI. By delivering harmonized data, trusted AI, and faster innovation, we uplift and empower our customers and our customers' customers to make better, more confident decisions. The world's top companies across every major industry trust Teradata to improve business performance, enrich customer experiences, and fully integrate data across the enterprise. **What You'll Do** We are looking for a motivated and detail-oriented Information Security Governance Analyst to join our team. As a key member of the Information Security Governance and Compliance team, you will assist in the implementation of information security initiatives that strengthen our organization's security posture. Your role will involve supporting efforts that raise awareness and understanding of cybersecurity across all stakeholders, ensuring that everyone is engaged and informed about the importance of security best practices. + Assist in maintaining and supporting the governance team's documented processes and practices for Teradata. + Ensure all relevant documentation is current and accurate. + Support resiliency efforts through coordination of corporate plans and exercises. + Analyze data to evaluate and set impact scores. + Contribute to campaigns, including phishing simulations, compliance prep, and awareness training. + Gather metrics and assist with detailed reporting to provide insight into the team's efforts. + Help with planning sessions and meetings around governance topics and project deliverables. + Update and maintain documentation, including plans, policies, and procedures. **What Makes You a Qualified Candidate** + Preferred, but not required. Bachelor's degree in information security, Cybersecurity, Business Administration, or a related field to ensure a solid foundation in the principles underpinning the role. + Strong analytical skills with an ability to solve problems effectively. + Demonstrated ability to contribute to campaigns and initiatives that drive organizational change in a tech or cybersecurity environment. + Basic planning and analytical skills for supporting large-scale programs. **What You'll Bring** + Ability to clearly communicate complex information security topics to a variety of audiences. + Strong research skills to stay current with trends and developments in the field. + Adaptability to work in a fast-paced and dynamic environment, tackling challenges with creative solutions. + Basic understanding of information security principles and practices. + A team player with excellent interpersonal skills and the ability to work across all levels of the organization. + Preferred, but not required: Relevant certifications, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified Business Analyst (CBA or CBAP). **Why We Think You'll Love Teradata** We prioritize a people-first culture because we know our people are at the very heart of our success. We embrace a flexible work model because we trust our people to make decisions about how, when, and where they work. We focus on well-being because we care about our people and their ability to thrive both personally and professionally. We are an anti-racist company because our dedication to Diversity, Equity, and Inclusion is more than a statement. It is a deep commitment to doing the work to foster an equitable environment that celebrates people for all of who they are. \#LI-JR1 Teradata invites all identities and backgrounds in the workplace. We work with deliberation and intent to ensure we are cultivating collaboration and inclusivity across our global organization. We are proud to be an equal opportunity and affirmative action employer. We do not discriminate based upon race, color, ancestry, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related conditions), national origin, sexual orientation, age, citizenship, marital status, disability, medical condition, genetic information, gender identity or expression, military and veteran status, or any other legally protected status. Pay Rate: 76400.0000 - 95400.0000 - 114500.0000 Annually Starting pay for the successful applicant will depend on geographic location, internal equity, job-related knowledge, skills, and candidate experience. Sales roles will be eligible for commission payments tied to quota achievement. All other permanent roles will be eligible for one of our annual incentive plans, which are based on company financial attainment and individual performance. Employees in this position are also eligible to participate in the Company's comprehensive benefits programs, which include healthcare, life and disability insurance plans, a 401(k)-retirement savings plan, and time-off programs. Specific details of these benefits, including eligibility criteria and plan options, will be provided during the hiring process and can be reviewed here: **************************************************

The Cyber Defense Incident Responder position will be responsible for investigating, analyzing, and responding to network cyber security incidents.. This role will also be responsible for supporting the development and improvement of processes, playbooks, and runbooks associated with detecting and responding to cyber security incidents. **Responsibilities:** + Track cyber defense incidents from initial detection through final resolution + Collect intrusion artifacts + Determine the scope, urgency, and impact of cyber defense incidents + Recommend mitigation and remediation strategies for enterprise systems + Create thorough reports and documentation of all incidents and procedures; present findings to the teams and IR leadership on a routine basis + Support the development of Incident Response initiatives that improve our capabilities to effectively respond and remediate security incidents + Partner with cyber threat intelligence, the vulnerability management team, and technology remediation groups to deliver shared outcomes that measurably improve our ability to detect, respond to, and deter threats + Support broader security operation initiatives both within the cyber defense team and within engineering and operation departments across the organization + Create and Improve Security Playbooks for a variety of incident and compromise types for all levels of engineers and stakeholders **Salary:** The pay range for this position is $41.97/hour ($87,297/year) for those with entry-level qualifications up to $72.62 ($151,049) for those highly experienced. The specific rate will depend upon the successful candidate's specific qualifications and prior experience. **Basic Qualifications:** + BS degree in computer science, computer engineering, software engineering, cybersecurity or related technical degree; or 4 years equivalent technology experience + 2+ years' experience in information security in an enterprise environment + Experience and understanding of incident response processes, forensic techniques, executing and administration of crisis bridges, and preparation and delivery of incident reports for executives + Knowledge of malware trends and behaviors and the ability to work with other teams to detect and respond to these threats + Experience with attacker tactics, techniques, and procedures + Experience with Windows and Linux Operating Systems + Knowledge of common software, operating systems vulnerabilities, and Unix/Linux + Understanding of cybersecurity organizational practices, operations risk management processes, architectural requirements, and vulnerability risk + Experience with controls or frameworks such as NIST 800-53, NIST CSF, CIS, MITRE ATT&CK + Knowledge of existing, emerging, and long-range issues related to cyber operations strategy, policy, and organization + Excellent written and verbal communication skills + Demonstrated ability to collaborate effectively with internal teams and industry peers **Preferred Qualifications:** + Experience creating workflows and remediation plans for vulnerabilities + Incident Response experience in a healthcare environment + Experience with security assessment tools **Minimum Qualifications:** + EDUCATION - Bachelor's or 4 years of work experience above the minimum qualification + EXPERIENCE - 4 Years of Experience As a health care system committed to improving the health of those we serve, we are asking our employees to model the same behaviours that we promote to our patients. As of January 1, 2012, Baylor Scott & White Health no longer hires individuals who use nicotine products. We are an equal opportunity employer committed to ensuring a diverse workforce. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law.

Team: The Security Evaluations team is responsible for the independent (formal) global security evaluations of Oracle products (mostly FIPS 140 and Common Criteria), including their use in Oracle cloud services, an important aspect of Oracle's commitment to security. The team is part of Oracle's Global Product Security group, under the management of the Chief Security Officer. This group is responsible for managing cross-product security activities and the security assurance for Oracle products and cloud services. The Security Evaluations team (SecEval) are experts in government security evaluations and assurance standards. We are looking for someone to join the team that brings a similar level of "expertise" as the rest of the team. Qualifications: + Three to Five years' experience in a FIPS lab: + performing validations of FIPS 140 OR + the equivalent amount of time managing validations as a vendor. + Solid understanding of FIPS validation methodologies and processes + Comfortable preparing some technical evidence as needed and/or repeating of developer tests to support evaluations and validations. + The ideal candidate will have the ability to translate security certification jargon to development teams and interpret consultants/labs advice. + Knowledge of operating systems, particularly Linux, preferred. + Solid knowledge of cryptography preferred. + Experience with Common Criteria a plus + A working knowledge of any of the following technologies are advantages to the candidate: relational databases (particularly Oracle DBMS), identity and access management products, and cloud service technologies. Knowledge of OpenSSL and other cryptographic modules is also helpful. + The successful candidate should possess excellent time management and organizational skills as well as demonstrable verbal and written communication expertise. + Strong knowledge of Procurement Management processes are key skills for the candidate. PMP or PRINCE2 a plus. + CSSLP, CISM or CISSP a plus. + Education Requirements: + US/Canada: BS (essential) or MS (preferred) degree or equivalent experience relevant to functional area Must be willing to travel up to 10% in US, Canada and worldwide. Career Level - IC4 **Responsibilities** As a Principal Security Analyst in the Security Evaluations team, you will be mainly responsible for managing security evaluations and validations for Oracle. Duties in support of these responsibilities and other duties include: + Track progress of approved security evaluation and validation projects against budget and schedule, performing continuous risk analysis. + Finance and resource budget preparation, maintenance, and reporting + Collaborate with Legal and Procurement departments on activity with all third parties including contracts and Statements of Work + Participate in international evaluation communities and technical working groups, and other appropriate external working groups as assigned. The ability and willingness to influence a community of external participants is critical in this role. + Some testing or evidence development (authoring of FIPS specialized documentation) and/or editing/reviewing of this evidence may be required. Disclaimer: **Certain US customer or client-facing roles may be required to comply with applicable requirements, such as immunization and occupational health mandates.** **Range and benefit information provided in this posting are specific to the stated locations only** CA: Hiring Range in CAD from: $76,700 to $167,600 per annum. US: Hiring Range in USD from: $96,800 to $223,400 per annum. May be eligible for bonus and equity. Oracle maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect Oracle's differing products, industries and lines of business. Candidates are typically placed into the range based on the preceding factors as well as internal peer equity. Oracle US offers a comprehensive benefits package which includes the following: 1. Medical, dental, and vision insurance, including expert medical opinion 2. Short term disability and long term disability 3. Life insurance and AD&D 4. Supplemental life insurance (Employee/Spouse/Child) 5. Health care and dependent care Flexible Spending Accounts 6. Pre-tax commuter and parking benefits 7. 401(k) Savings and Investment Plan with company match 8. Paid time off: Flexible Vacation is provided to all eligible employees assigned to a salaried (non-overtime eligible) position. Accrued Vacation is provided to all other employees eligible for vacation benefits. For employees working at least 35 hours per week, the vacation accrual rate is 13 days annually for the first three years of employment and 18 days annually for subsequent years of employment. Vacation accrual is prorated for employees working between 20 and 34 hours per week. Employees working fewer than 20 hours per week are not eligible for vacation. 9. 11 paid holidays 10. Paid sick leave: 72 hours of paid sick leave upon date of hire. Refreshes each calendar year. Unused balance will carry over each year up to a maximum cap of 112 hours. 11. Paid parental leave 12. Adoption assistance 13. Employee Stock Purchase Plan 14. Financial planning and group legal 15. Voluntary benefits including auto, homeowner and pet insurance The role will generally accept applications for at least three calendar days from the posting date or as long as the job remains posted. This job requires proficiency in the English language. Oracle is a global company with operations in dozens of countries around the world and our teams, including the team this position is part of, are comprised of individuals located in various jurisdictions. As is required of employees in all jobs at Oracle in North America, candidates for this position are required to understand, and communicate, in English so that in the course of performing their work, they can interact with teammates in other locations who are not fluent in the French language. For applicants located in the Province of Quebec, a basic proficiency of the French language is required. **About Us** As a world leader in cloud solutions, Oracle uses tomorrow's technology to tackle today's problems. True innovation starts with diverse perspectives and various abilities and backgrounds. When everyone's voice is heard, we're inspired to go beyond what's been done before. It's why we're committed to expanding our inclusive workforce that promotes diverse insights and perspectives. We've partnered with industry-leaders in almost every sector-and continue to thrive after 40+ years of change by operating with integrity. Oracle careers open the door to global opportunities where work-life balance flourishes. We offer a highly competitive suite of employee benefits designed on the principles of parity and consistency. We put our people first with flexible medical, life insurance and retirement options. We also encourage employees to give back to their communities through our volunteer programs. We're committed to including people with disabilities at all stages of the employment process. If you require accessibility assistance or accommodation for a disability at any point, let us know by calling ***************, option one. **Disclaimer:** Oracle is an Equal Employment Opportunity Employer*. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans' status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law. *** Which includes being a United States Affirmative Action Employer**

Lumen connects the world. We are igniting business growth by connecting people, data and applications - quickly, securely, and effortlessly. Together, we are building a culture and company from the people up - committed to teamwork, trust and transparency. People power progress. We're looking for top-tier talent and offer the flexibility you need to thrive and deliver lasting impact. Join us as we digitally connect the world and shape the future. **The Role** The Principal Information Security Architect provides subject matter expertise for multiple, complex security systems, including developing security architectures and roadmaps, and evaluating, planning and designing security solutions. Additionally, the Principal Architect provides subject matter expertise to Product, IT, Network, and Security teams in the implementation of recommended solutions for identified technical security issues; ensures the implementation of security solutions utilizing advanced technical expertise; serves as architecture lead on major projects with the ability and expertise to develop overall architectural direction; initiates and executes advanced research and development activities of significance to future business security strategies. **The Main Responsibilities** + Drives beneficial security change into the business through the development or review of architectures to ensure that they fit business requirements for security, mitigate risks, conform to the relevant security standards, and balance information risk against the cost of appropriate countermeasures. + Develops and designs new security solutions to reduce risk and align business requirements with security standards. + Supports development of business case and approval process. + Delivers guidelines, best practices, and direction on security standards/policies and roadmaps. Provides subject matter expertise, consultation, and escalation support. + Provides support to Security Review process by assisting with complex questions and projects. Work with business units and partners as needed. + Acts as liaison between the business and technology from a security perspective, maintains an overview of the environment as a whole and its security aspects, understands business strategy and how it relates to security strategy, acts as a liaison between appropriate regulatory bodies, IT auditors, and business stakeholders, educates IT and enterprise roles on the need for (and consequences of) reducing information-related risk, and ultimately drives organizational change at all levels of the business. **What We Look For in a Candidate** Required: + Bachelor's degree in computer science, engineering, or related field with 15+ years of relevant experience or + Master's degree in computer science, engineering, or related field with 12+ years of relevant experience. + Applicable professional/technical certifications must be in place, such as CISSP, GPEN, GWAPT, GISEC, CISM or CISA. + Knowledge of information security industry and regulatory obligations (ISO 27001/27002, NIST Framework, FISMA, FedRAMP, and GDPR). + Software development experience. **Compensation** This information reflects the anticipated base salary range for this position based on current national data. Minimums and maximums may vary based on location. Individual pay is based on skills, experience and other relevant factors. Location Based Pay Ranges: $149,084 - $198,779 in these states: AL, AR, AZ, FL, GA, IA, ID, IN, KS, KY, LA, ME, MO, MS, MT, ND, NE, NM, OH, OK, PA, SC, SD, TN, UT, VT, WI, WV, and WY. $156,539 - $208,718 in these states: CO, HI, MI, MN, NC, NH, NV, OR, and RI. $163,993 - $218,657 in these states: AK, CA, CT, DC, DE, IL, MA, MD, NJ, NY, TX, VA, and WA. \#LI-MG1 Lumen offers a comprehensive package featuring a broad range of Health, Life, Voluntary Lifestyle benefits and other perks that enhance your physical, mental, emotional and financial wellbeing. We're able to answer any additional questions you may have about our bonus structure (short-term incentives, long-term incentives and/or sales compensation) as you move through the selection process. Learn more about Lumen's: + Benefits (**************************************************** + Bonus Structure **What to Expect Next** Requisition #: 337297 **Background Screening** If you are selected for a position, there will be a background screen, which may include checks for criminal records and/or motor vehicle reports and/or drug screening, depending on the position requirements. For more information on these checks, please refer to the Post Offer section of our FAQ page (************************************* . Job-related concerns identified during the background screening may disqualify you from the new position or your current role. Background results will be evaluated on a case-by-case basis. Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records. **Equal Employment Opportunities** We are committed to providing equal employment opportunities to all persons regardless of race, color, ancestry, citizenship, national origin, religion, veteran status, disability, genetic characteristic or information, age, gender, sexual orientation, gender identity, gender expression, marital status, family status, pregnancy, or other legally protected status (collectively, "protected statuses"). We do not tolerate unlawful discrimination in any employment decisions, including recruiting, hiring, compensation, promotion, benefits, discipline, termination, job assignments or training. **Disclaimer** The job responsibilities described above indicate the general nature and level of work performed by employees within this classification. It is not intended to include a comprehensive inventory of all duties and responsibilities for this job. Job duties and responsibilities are subject to change based on evolving business needs and conditions. In any materials you submit, you may redact or remove age-identifying information such as age, date of birth, or dates of school attendance or graduation. You will not be penalized for redacting or removing this information. Please be advised that Lumen does not require any form of payment from job applicants during the recruitment process. All legitimate job openings will be posted on our official website or communicated through official company email addresses. If you encounter any job offers that request payment in exchange for employment at Lumen, they are not for employment with us, but may relate to another company with a similar name. **Application Deadline** 03/14/2025

We are the movers of the world and the makers of the future. We get up every day, roll up our sleeves and build a better world -- together. At Ford, we're all a part of something bigger than ourselves. Are you ready to change the way the world moves? The In-Vehicle Cybersecurity Engineer will act as a technical lead designing security into our vehicles. Engineers will evaluate, critique, and drive secure designs from concept to implementation. In-Vehicle Cybersecurity Engineers identify new methods of securing our technologies from drafting specifications to executing testing. Engineers need to be able to understand and evaluate risk for in-vehicle systems. Recognizing and accommodating the limitations of embedded in-vehicle systems is essential. Engineers are expected to take ownership of assignments including developing in-depth understanding of the technologies under review, working to close security gaps and mitigate identified vulnerabilities, and report out to security management. Over time, Engineers will grow to become subject matter experts acting to develop and mature security controls and features in the vehicle. **What you'll do...** + Own ECU and Vehicle level cyber security design and process integration + Interface with cross-functional teams on technical issues related to cyber security + Perform risk analysis (i.e. TARA) so that appropriate countermeasures can be developed + Develop and maintain security requirements and design validation methodologies (DVM) + Develop and maintain technical documentation as required + Provide training and consulting to internal Ford function teams + Support major product programs/new features with security needs + Collaborate on Advanced Engineering projects with internal and external partners + Research technologies and security benchmarking data gathering + Some traveling may be required (conferences, regional team meetings, government/academia visits, etc.) **You'll have...** + Bachelor's Degree in Electrical Engineering, Computer Engineering, Software Engineering or Computer Science OR a combination of education and experience + 5+ years of experience with embedded, IoT and/or automotive systems cyber security + Experience with security system engineering, development, and testing + Experience with networking and communication protocols (e.g. firewall config, TLS, MACsec, etc.) + Experience designing cyber security controls such as secure communication/networking, secure gateway, IDS, IPS, secure boot, etc. + Experience developing and maintaining engineering documentation including requirements, specifications, test plans, etc. + Self-starter with ability to work independently and collaboratively + Strong communication and analytical skills **Even better, you may have...** + Master's Degree in Cyber Security, Electrical Engineering, Computer Engineering, Software Engineering or Computer Science is a plus + 7+ years of experience with embedded, IoT and/or automotive systems cyber security + Experience with in-vehicle network architecture, modules, and protocols (Automotive Ethernet, CAN/CAN-FD, J1939, USB, SPI, UART, JTAG, etc.) + Experience with symmetric and asymmetric cryptography, digital signature, hash, message authentication, encryption, key exchange + Experience with HSM, SHE, TEE, SELinux, hypervisor, etc. + Experience with SecOC, AUTOSAR + Understanding of embedded RTOS and Linux based operating systems + Understanding of system level architecture, development, design principals + Experience with at least one modern software programming language (C, C++, C#, Python, Java, etc.) + CISSP, GSEC, etc. are a plus This description outlines the general nature and scope of work typically performed in this job. It is not intended to be an exhaustive list of all duties, responsibilities, knowledge, skills, work requirements, etc. It may vary slightly based on business or geographic needs and is subject to being reviewed and updated periodically. You may not check every box, or your experience may look a little different from what we've outlined, but if you think you can bring value to Ford Motor Company, we encourage you to apply! As an established global company, we offer the benefit of choice. You can choose what your Ford future will look like: will your story span the globe, or keep you close to home? Will your career be a deep dive into what you love, or a series of new teams and new skills? Will you be a leader, a changemaker, a technical expert, a culture builder...or all of the above? No matter what you choose, we offer a work life that works for you, including: - Immediate medical, dental, vision and prescription drug coverage - Flexible family care days, paid parental leave, new parent ramp-up programs, subsidized back-up child care and more - Family building benefits including adoption and surrogacy expense reimbursement, fertility treatments, and more - Vehicle discount program for employees and family members and management leases - Tuition assistance - Established and active employee resource groups - Paid time off for individual and team community service - A generous schedule of paid holidays, including the week between Christmas and New Year's Day - Paid time off and the option to purchase additional vacation time. For a detailed look at our benefits, click here: ******************************* (**************************************************************************************************************************************************************************** This position is a range of salary grades **7-8.** Visa sponsorship is not available for this position. SOUTHEAST MI RESIDENTS: Please note, this job is posted as remote unless the selected candidate lives within 50 miles of Dearborn, MI. In this case we request the candidate to be on-site 1-2 days a week. Candidates for positions with Ford Motor Company must be legally authorized to work in the United States. Verification of employment eligibility will be required at the time of hire. We are an Equal Opportunity Employer committed to a culturally diverse workforce. All qualified applicants will receive consideration for employment without regard to race, religion, color, age, sex, national origin, sexual orientation, gender identity, disability status or protected veteran status. In the United States, if you need a reasonable accommodation for the online application process due to a disability, please call **************. \#LI-Remote **Requisition ID** : 41638

Meta's security team is the central engine driving data and system security. We work across all parts of the company, from corporate infrastructure to production to external services, interfacing with nearly every team in the company.We are looking for a Security Engineer with experience influencing, mentoring, and contributing alongside teams of engineers who focus on threat modeling, TTP identification, and detection engineering securing Meta's surfaces. You'll work alongside Software Engineers, Offensive Security Engineers, Product Managers, and Data Scientists/Engineers to identify critical assets, assess the top risks, and evaluate potential attacks against Meta systems. You will be working with engineering teams supporting Meta's products (including WhatsApp, Instagram, Horizon Worlds, Threads, and others) serving over 3.2 billion daily active user working to understand existing detection coverage, enumerating gaps, and presenting findings to product, security, and legal senior leaders to drive decisions around multi-year risk mitigation efforts. **Required Skills:** Security Engineer - Surface Coverage, Detection Engineering Responsibilities: 1. Influence and align the organization's vision and strategy, while engaging our teams to develop and deliver specific, multi-year roadmaps, programs, and projects 2. Collaborate with various functions, drive engineering initiatives and have an impact at an organizational level 3. Lead technical design and strategy leveraging insights from some of the most advanced infrastructure in the world 4. Partner with leadership to influence and drive org design, contribution and prioritization 5. Coach, mentor, support, and care for the team in a way that enables long-term career development, happiness, and success at scale 6. Leverage state-of-the-art graph-based TTP to asset mapping systems to enumerate transitive detection coverage and develop novel approaches to prioritize and scale Product-specific infrastructure coverage 7. Build, cultivate, and maintain positive relationships with cross-functional partners to enable the team's ability to effectively and efficiently execute on project work 8. Assist with hiring, growing, and building a high performing team capable of achieving the team's mission 9. Work across partners in Product Management, Data Science, and Data Engineering to design and iterate on metrics and goals related to attack enumeration and detection coverage and validation **Minimum Qualifications:** Minimum Qualifications: 10. 12+ years of work experience in software or security engineering 11. BS in Computer Science or equivalent experience in Security 12. Demonstrated experience in working across organizational boundaries to achieve company-wide impact 13. Experience leading and managing complex cross-functional programs 14. Knowledge of Windows, MacOS, and Linux operating systems, container orchestration, hypervisors, and distributed system security 15. Experience with an interpreted programming language (PHP, Python, Perl, Ruby, etc.) 16. Experience with attacker tactics, techniques and procedures **Preferred Qualifications:** Preferred Qualifications: 17. Demonstrated experience in one or more Security domains such as Detection Engineering, Product Security, Cloud Security - Web Application Security experience across the Software Development Lifecycle is a plus 18. Experience working with Legal and Governance, Risk, and Compliance teams to understand and address complex and emerging regulatory requirements 19. Background in security-focused software engineering, designing large scale systems and data pipelines, or in offensive security 20. Demonstrated experience launching, scaling, and obtaining buy-in from Product VP stakeholders on a complex multi-year security initiative 21. Experience in threat hunting including leveraging intelligence data to proactively identify and iteratively investigates suspicious behavior across networks and systems **Public Compensation:** $213,000/year to $293,000/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

Headquartered in Dublin, Ohio, Cardinal Health, Inc. (NYSE: CAH) is a global, integrated healthcare services and products company, providing customized solutions for hospitals, health systems, pharmacies, ambulatory surgery centers, clinical laboratories and physician offices worldwide. The company provides clinically-proven medical products and pharmaceuticals and cost-effective solutions that enhance supply chain efficiency from hospital to home. Cardinal Health connects patients, providers, payers, pharmacists and manufacturers for integrated care coordination and better patient management. Backed by nearly 100 years of experience, with approximately 50,000 employees in 46 countries, Cardinal Health ranks among the top 20 on the Fortune 500. We currently have a full-time career opening within Information Security to support the growth of our Navista Application Suite and the Integrated Oncology Network (IoN). **Department overview** The Information Security department at Cardinal Health enables Cardinal Health to securely deliver healthcare products and solutions that improve the lives of people every day by ensuring security practices and controls are embedded into Cardinal Health's people, process and technology. We are a remote-first team and are excited to offer full-time remote opportunities. **Functional Overview** The Senior Information Security & Risk Engineer is a new capability for Cardinal Health and will be executed by the Product Security team. The primary goal of this position is to ensure delivery of best-in-class cybersecurity, risk management, and compliance for Navista, an oncology Managed Service Offering hosted by Cardinal Health. **Job Overview** The Information Security & Risk Engineer will be responsible for day-to-day activities in implementing the corporate information security and compliance program. The individual will be a front-line partner to technical teams and work across the organization to deliver security and compliance initiatives aligning to corporate policies, standards, procedures and audit activities. Success in the role will be measured by the effectiveness of the implementation of information security, risk management and compliance directives. This role will work with various IT and business teams to drive both information security and compliance initiatives. The individual will assist with internal and external security compliance monitoring activities, review client audits, IT control audits, architecture reviews, threat modeling, security risk assessments and will assist in the management of compliance activities such as NIST, HIPAA, SOC 2, FedRAMP, PCI, ISO27001, HITRUST and SOX. Good interpersonal and relationship building skills are essential for success. **Job Responsibilities Include:** + Maintain governance program that ensures that the security policies, standards and process are in place + Serve as liaison to other Cardinal Health teams to ensure knowledge share and best practices + Partner with the engineering, architecture and operations teams to ensure delivery of infrastructure design and threat models which prove security requirements + Monitor security trends and drive security best practices throughout the organization + Evaluate, design, test, and recommend new or improved controls + Work with third party firms and consultants to conduct independent security audits, vulnerability scans, and penetration tests + Investigate, drive resolution and document security incidents **Qualifications** + Bachelors Degree in related field, or equivalent work experience leading cybersecurity or information security initiatives + Have 3+ years information security related work experience, preferably within the healthcare industry + Experience in vulnerability management programs, vulnerability assessments and advanced understanding of risk management + Familiarity with at least one common programming language, software development pipelines, and system lifecycles + Familiarity with security frameworks and assessments such as HIPAA/HITECH, ISO, ITIL, NIST, PCI DSS, & SOX + Familiarity with common security vulnerabilities like OWASP Top 10 + Experience advising and mentoring diverse teams where you do not have direct authority + Strong written and verbal communication skills **Anticipated salary range:** $121,600 - $182,385 **Bonus eligible:** Yes **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 4/7/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

**Job Summary:** The IT Analyst will be responsible for delivering technical support to resolve issues with software, network systems, and hardware. This role includes diagnosing and troubleshooting technical problems, implementing solutions to ensure minimal downtime, and maintaining system functionality. The IT Analyst will collaborate with other teams to address and resolve IT challenges. The ideal candidate will excel in problem-solving, effective communication, and managing multiple priorities in a fast-paced environment. A strong focus on customer service, collaboration, and technical expertise is essential. Performs the function of understanding, enhancing, and monitoring business software developed in-house or purchased from vendor. Interacts closely with users to accurately define business rules. Develop at all layers for robust and resilient capabilities. **Responsibilities** **Responsibilities of the IT Analyst include:** - Systems deployment, configuration management, software troubleshooting, and network maintenance. - Act as a point of escalation for complex technical issues and liaise with other IT professionals or vendors to resolve problems. - Troubleshoot, test, analyze, and maintain various network systems such as LAN, WAN, and Internet systems - Document solutions and contribute to continuous improvement efforts in IT support processes. **Qualifications** + Bachelor's Degree and 2+ years of IT Support, Network Administration, configuration management and testing experience + Experience providing technical support for software applications, mobile devices, and network systems. + Knowledge of the majority or most of the following systems: BMC Remedy, ServiceNow, Active Directory, SharePoint, Windows 10, Cisco Routers/Switches, Palo Alto, Intune, Purebred, Adobe, etc. + IAT Level II Certification (Sec+, CCNA, CySA, GSEC, GICSP, CND, SSCP) + Ability to obtain and maintain a Secret Clearance + Work experience should include application development background using Software Development Life-Cylce (SDLC). + Proficiency in multiple programming languages. Experience spectrum includes elements of: JAVA, Javascript, SpringBoot, consuming and providing Webservices, SQL, Node. + Excellent competencies in planning, organization time management, written & oral communication, basic understanding of business operations. **Job ID** 2024-13567 **Work Type** On-Site **Company Description** **Job Summary:** The IT Analyst will be responsible for delivering technical support to resolve issues with software, network systems, and hardware. This role includes diagnosing and troubleshooting technical problems, implementing solutions to ensure minimal downtime, and maintaining system functionality. The IT Analyst will collaborate with other teams to address and resolve IT challenges. The ideal candidate will excel in problem-solving, effective communication, and managing multiple priorities in a fast-paced environment. A strong focus on customer service, collaboration, and technical expertise is essential. Performs the function of understanding, enhancing, and monitoring business software developed in-house or purchased from vendor. Interacts closely with users to accurately define business rules. Develop at all layers for robust and resilient capabilities. **Responsibilities of the IT Analyst include:** - Systems deployment, configuration management, software troubleshooting, and network maintenance. - Act as a point of escalation for complex technical issues and liaise with other IT professionals or vendors to resolve problems. - Troubleshoot, test, analyze, and maintain various network systems such as LAN, WAN, and Internet systems - Document solutions and contribute to continuous improvement efforts in IT support processes. **Qualifications for the IT Analyst include:** + Bachelor's Degree and 2+ years of IT Support, Network Administration, configuration management and testing experience + Experience providing technical support for software applications, mobile devices, and network systems. + Knowledge of the majority or most of the following systems: BMC Remedy, ServiceNow, Active Directory, SharePoint, Windows 10, Cisco Routers/Switches, Palo Alto, Intune, Purebred, Adobe, etc. + IAT Level II Certification (Sec+, CCNA, CySA, GSEC, GICSP, CND, SSCP) + Requires an ACTIVE Secret or Top-Secret Clearance + Work experience should include application development background using Software Development Life-Cylce (SDLC). + Proficiency in multiple programming languages. Experience spectrum includes elements of: JAVA, Javascript, SpringBoot, consuming and providing Webservices, SQL, Node. + Excellent competencies in planning, organization time management, written & oral communication, basic understanding of business operations. We are an equal opportunity employer and comply with all applicable federal, state, and local fair employment practices laws. All applicants will receive consideration for employment, without regard to race, color, religion, creed, national origin, gender or gender-identity, age, marital status, sexual orientation, veteran status, disability, pregnancy or parental status, or any other basis prohibited by law. If you are an individual with a disability, or have known limitations related to pregnancy, childbirth, or related medical conditions, and would like to request a reasonable accommodation for any part of the employment process, please contact us at ******************** or ************ (information about job applications status is not available at this contact information).

The IT Analyst is a team member of the Information Technology (IT) department at our Manufacturing Plant in Georgetown, KY. Will provide services and support to Plant Operations maximizing availability, performance, and efficiency. Focus on cost effective solutions with a continuous improvement mindset. **IT Analyst Roles & Responsibilities** + IT Daily Support + Installing, configuring, monitoring and troubleshooting computer hardware, software, systems, networks, printers, and scanners + Consult with plant management on continuous improvement ideas and fulfill requests. + Key team member of projects to deliver new initiatives and/or service improvements. + Assist with problem management resolution and permanent corrective actions. + Interface with internal and external Adient Customers **.** + Support IT tasks related to launches and communicating updates at readiness reviews. + Windows administrative knowledge (Servers and PCs) + Experience with Networking Infrastructure and Architecture **Additional Desired:** + Experience in a manufacturing environment is preferred. + Manufacturing Execution System (MES) experience preferred. + Basic database knowledge and report writing skills. + Knowledgeable with Microsoft Products **Education & Training** Required: + Bachelors Degree in IT, or Associates/Technical Degree in IT related field of study with 2+ years of related experience. Desired: + Technical Certifications. + Continuous Improvement training. **Other Requirements** + 7x24 on-call availability for critical plant operation system support. + Willingness to work overtime and weekends. + Ability to work 2rd shift. (5pm-2am) **PRIMARY LOCATION** Foamech ManpowerGroup is committed to providing equal employment opportunities in a professional, high quality work environment. It is the policy of ManpowerGroup and all of its subsidiaries to recruit, train, promote, transfer, pay and take all employment actions without regard to an employee's race, color, national origin, ancestry, sex, sexual orientation, gender identity, genetic information, religion, age, disability, protected veteran status, or any other basis protected by applicable law.

IT Cyber Security Specialist- Battery Manufacturing Introduction to BlueOval SK At BlueOval SK, we will lead the transformation of the electric vehicle (EV) battery business through partnership (Joint Venture formed by Ford and SK On) to provide products and processes to increase our customers' experience. As the future of BlueOval SK, you will help lead the battery revolution by working alongside our teams as we build the batteries required for electric vehicle business excellence. Ford and SK On are investing billions in Kentucky and Tennessee including building three state-of-the art battery manufacturing facilities between the two campuses at BlueOval City in Tennessee and Blue Oval SK Battery Park in Kentucky. These brand-new advanced manufacturing facilities will use Ford's 100-years of automobile manufacturing expertise and SK On's 30+ years of electric vehicle battery expertise to become the world's best battery manufacturer. The IT Cyber Security Specialist at Blue Oval SK - Blue Oval City in Stanton, Tennessee will work as a part of a team to protect important information assets from cyber-attacks and maintain sensitive and confidential information. Key Areas of Responsibility: Safeguards information system assets by identifying and solving potential and actual security problems. Protects system by defining access privileges, control structures, and resources. Recognizes problems by identifying abnormalities; reporting violations. Implements security improvements by assessing current situation; evaluating trends; anticipating requirements. Determines security violations and inefficiencies by conducting period audits. Upgrades system by implementing and maintaining security controls. Keeps users informed by preparing performance reports; community system status. Maintains quality service by following organization standards. Maintains technical knowledge by attending educational workshops; reviewing publications. Contributes to team effort by accomplishing related results as needed. Security systems operation/management Security systems trouble shooting Test new security IT system. Install security system. Maintain security IT system Basic knowledge of cyber security Knowledge of networking fundamentals (TCP/IP, Network Layers, etc.) Knowledge of windows and Linux command skill Minimum Requirements Bachelor's degree in computer science or closely related field 3 + years direct hands-on experience with incident management and response Proficiency in problem-solving, analytical thinking, and penetration testing methodologies Advanced certifications such as SANS GIAC/GCIA/GCIH, CISSP or CASP and / or SIEM - specific training and certification. Advanced understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elements. Hands-on experience analyzing high volumes of logs, network data (e.g. netflow, FPC), and other attack artifacts in support of incident investigations Experience with vulnerability scanning solutions Proficiency with any of the following; Anti-Virus, HIPS, ID/PS, Full Packet Capture, Host-Based Forensics, Network Forensics, and RSA Security. In-depth knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform (e.g. Nitro/McAfee Enterprise Security Manager, ArcSight, QRadar, LogLogic, Splunk). Experience developing and deploying signatures (e.g. YARA, Snort, Suricata, HIPS) Understanding of mobile technology and OS (i.e. Android, iOS, Windows), VMware technology, and Unix and basic Unix commands. Experience in IT security solution operation Experience in IT Network operation Experience in operating endpoint security solutions. Preferred Qualifications Bachelor's degree in Computer Science or cybersecurity related field. Master's degree in cybersecurity, or related field is a plus. Holds certifications such as: CISSP, CISA, ISO 27001 Up to date on current cybersecurity trends, threat landscape and security solutions. About BlueOval SK At BlueOval SK, we will lead the transformation of the electric vehicle (EV) battery business through partnership (Joint Venture formed by Ford and SK On) to provide products and processes to increase our customers' experience. As the future of BlueOval SK, you will help lead the battery revolution by working alongside our teams as we build the batteries required for electric vehicle business excellence. We have a wide variety of opportunities for you to accelerate your career. The Opportunity Ford and SK On are investing billions in Kentucky and Tennessee including building three state-of-the art battery manufacturing facilities between the two campuses at BlueOval City in Tennessee and BlueOval SK Battery Park in Kentucky. These brand-new advanced manufacturing facilities will use Ford's 100-years of automobile manufacturing expertise and SK On's 30+ years of electric vehicle battery expertise to become the world's best battery manufacturer. For more information about BlueOval SK plans, please Follow this link. What you'll receive in return: As part of the BlueOval SK family, you'll enjoy excellent compensation and a comprehensive benefits package that includes generous paid time off (PTO), retirement contributions, incentive compensation and much more. You'll also experience exciting opportunities for professional and personal growth and recognition. If you have what it takes to help us lead the transformation of the EV battery business, we'd love to have you join us. Benefits Include: 401k plan with retirement planning services 401k company matching after completing three months of service Medical and prescription drug coverage Dental and vision coverage Preventative Care Eligibility for great ancillary benefits including: Flexible Spending Accounts (FSAs), Short-Term Disability (STD) and Long-Term Disability (LTD), Employee Basic Life and Accidental Death Dismemberment (AD&D) insurance, and Employee Supplemental Life Insurance Access to Paid Time Off (PTO) after completing probationary period and Emergency PTO Parental Leave Access to Ford Vehicle Discount Program Climate-controlled working environment For a full list of benefits, visit our website: ************************************ Candidates for positions with BlueOval SK must be legally authorized to work in the United States. BlueOval SK does not sponsor employment VISAs for candidates at this time. Verification of employment eligibility will be required at the time of hire. We are an Equal Opportunity Employer committed to a culturally diverse workforce. All qualified applicants will receive consideration for employment without regard to race, religion, color, age, sex, national origin, sexual orientation, gender identity, disability status or protected veteran status.

**About the team:** The Information Security organization advances the overall state of security at Rubrik through purposeful initiatives and coordination of large security projects. Information Security builds technologies, tools, and processes to better enable teams at Rubrik to develop secure software and protect data and systems with appropriate security controls. Information Security also develops systems to monitor and respond to attacks against our systems, provides awareness education to teams on security best practices for data protection, and ensures data sharing relationships with third parties in order to securely protect Rubrik information. **What you'll do:** + Partner with engineering teams across Rubrik to create secure cloud infrastructure design and deployment architectures utilizing threat models and risk analysis documentation specific to a FedRAMP and IL4+ environment + Work with development teams, operations, governance, and other stakeholders to draft security standards and controls and implement monitoring, alerting and governance to adhere to those specifications + Support incident responders in analyzing applicable threats, vulnerabilities, controls and residual risks inside and out of the FedRAMP boundary + Analyze and harden existing applications, infrastructure, automation, and deployment processes partnering with multiple teams to design & implement solutions within the space + Execute Security impact Analysis reviews for all FedRAMP changes coming in to the change management process **Experience you'll need:** + Bachelor's degree required; BS or MS in Computer Science, Information Technology, or a related field + 15 years of experience including cloud technologies, technical architecture and application development + 8+ years experience in cloud security, with experience across AWS, GCP and/or Azure infrastructure design + 2+ years experience in VMWare and/or Network security modeling + Broad knowledge of private and public cloud attack vectors and exploits + Subject matter expertise in CI/CD, Cloud APIs and Identity management + Deep understanding of compute, network and storage technologies in AWS, GCP and/or Azure + Programming experience in Python, Go or Java + Deep security policy subject matter expertise in at least one major public cloud provider (AWS, GCP, Azure) + Experience with deploying and securing SaaS applications and cloud environments at scale + Working experience with CI/CD pipeline, containerization (Kubernetes, Docker, etc) and MicroServices + Knowledge of of IaC (Infrastructure as Code) concepts and implementing standards within them + Understanding of cloud security maturity model frameworks and how to apply them + Strong written and verbal communication skills **Additional Requirements:** Due to the criteria and security levels for Rubrik's FedRAMP program, this position will require the following: + U.S. citizenship at the time of hire + Residence within the contiguous United States (i.e., the lower 48 states and the District of Columbia); and + Willingness to undergo a Single Source Background Investigation if required. \#LI-Remote **Security and Privacy Responsibilities** : This position carries special Security and Privacy Responsibilities for protecting the U.S. Federal Government's interests: + Know, acknowledge, and follow system-specific security policies and procedures; + Protect data and individual privacy per requirements and regulations; + Perform ongoing activities in compliance with service and contractual obligations; + Participate in role-based training, completing assignments on a timely basis; + Report security issues promptly, and aid investigation when needed; + Support controlled changes and vulnerability remediation activities; and + Work collaboratively with Information Security in designing, implementing, assessing or enhancing system-specific security and privacy controls. **Position Risk Designation** : This position carries duties and responsibilities involving the U.S. Federal Government's interests. The selected incumbent may be subject to one or both of the additional background checks with periodic re-screening as noted below: **Position Risk Designation: Non-Sensitive, Low Risk, Tier 1** _Incumbents without access to U.S. Government data may be required to complete Standard Form 85 and undergo a Tier 1 Investigation (T1) for non-sensitive positions of Low Risk. (Baseline screening; formerly National Agency Check and Inquiries (NACI))._ **Position Risk Designation: Non-Sensitive, Moderate Risk, Tier 2 (Public Trust)** _Incumbents with access to U.S. Government data may be required to complete Standard Form 85P and undergo Tier 2 (T2) Investigation for non-sensitive positions designated Moderate Risk._ **Position Risk Designation:Moderate Risk Law Enforcement (CJIS)** _When hired for a position where access to Moderate Risk criminal justice information is required, the employee must complete a fingerprint-based national criminal history background check within 30 days after the employee's start date._ The minimum and maximum base salaries for this role are posted below; additionally, the role is eligible for bonus potential, equity and benefits. The range displayed reflects the minimum and maximum target for new hire salaries for the role based on U.S. location. Within the range, the salary offered will be determined by work location and additional factors, including job-related skills, experience, and relevant education or training. US (SF Bay Area, DC Metro, NYC) Pay Range $206,600-$310,000 USD The minimum and maximum base salaries for this role are posted below; additionally, the role is eligible for bonus potential, equity and benefits. The range displayed reflects the minimum and maximum target for new hire salaries for the role based on U.S. location. Within the range, the salary offered will be determined by work location and additional factors, including job-related skills, experience, and relevant education or training. US2 (all other US offices/remote) Pay Range $186,000-$279,000 USD **Join Us in Securing the World's Data** Rubrik (NYSE: RBRK) is on a mission to secure the world's data. With Zero Trust Data Security, we help organizations achieve business resilience against cyberattacks, malicious insiders, and operational disruptions. Rubrik Security Cloud, powered by machine learning, secures data across enterprise, cloud, and SaaS applications. We help organizations uphold data integrity, deliver data availability that withstands adverse conditions, continuously monitor data risks and threats, and restore businesses with their data when infrastructure is attacked. Linkedin (******************************************************************** | X (formerly Twitter) (****************************** | Instagram (************************************* | Rubrik.com **Inclusion @ Rubrik** At Rubrik, we are dedicated to fostering a culture where people from all backgrounds are valued, feel they belong, and believe they can succeed. Our commitment to inclusion is at the heart of our mission to secure the world's data. Our goal is to hire and promote the best talent, regardless of background. We continually review our hiring practices to ensure fairness and strive to create an environment where every employee has equal access to opportunities for growth and excellence. We believe in empowering everyone to bring their authentic selves to work and achieve their fullest potential. **Our inclusion strategy focuses on three core areas of our business and culture:** + Our Company: We are committed to building a merit-based organization that offers equal access to growth and success for all employees globally. Your potential is limitless here. + Our Culture: We strive to create an inclusive atmosphere where individuals from all backgrounds feel a strong sense of belonging, can thrive, and do their best work. Your contributions help us innovate and break boundaries. + Our Communities: We are dedicated to expanding our engagement with the communities we operate in, creating opportunities for underrepresented talent and driving greater innovation for our clients. Your impact extends beyond Rubrik, contributing to safer and stronger communities. **Equal Opportunity Employer/Veterans/Disabled** Rubrik is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability. Rubrik provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, Rubrik complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training. Federal law requires employers to provide reasonable accommodation to qualified individuals with disabilities. Please contact us at ************* if you require a reasonable accommodation to apply for a job or to perform your job. Examples of reasonable accommodation include making a change to the application process or work procedures, providing documents in an alternate format, using a sign language interpreter, or using specialized equipment. EEO IS THE LAW (*********************************************************************************************** NOTIFICATION OF EMPLOYEE RIGHTS UNDER FEDERAL LABOR LAWS

The IT Analyst is a team member of the Information Technology (IT) department at our Manufacturing Plant in Georgetown, KY. Will provide services and support to Plant Operations maximizing availability, performance, and efficiency. Focus on cost effective solutions with a continuous improvement mindset. IT Analyst Roles & Responsibilities IT Daily Support Installing, configuring, monitoring and troubleshooting computer hardware, software, systems, networks, printers, and scanners Consult with plant management on continuous improvement ideas and fulfill requests. Key team member of projects to deliver new initiatives and/or service improvements. Assist with problem management resolution and permanent corrective actions. Interface with internal and external Adient Customers. Support IT tasks related to launches and communicating updates at readiness reviews. Windows administrative knowledge (Servers and PCs) Experience with Networking Infrastructure and Architecture Additional Desired: Experience in a manufacturing environment is preferred. Manufacturing Execution System (MES) experience preferred. Basic database knowledge and report writing skills. Knowledgeable with Microsoft Products Education & Training Required: Bachelors Degree in IT, or Associates/Technical Degree in IT related field of study with 2+ years of related experience. Desired: Technical Certifications. Continuous Improvement training. Other Requirements 7x24 on-call availability for critical plant operation system support. Willingness to work overtime and weekends. Ability to work 2rd shift. (5pm-2am) PRIMARY LOCATION Foamech

PagerDuty empowers teams of all kinds to do the critical work that moves business forward through the PagerDuty Operations Cloud. Visit our careers site (*********************************** to explore life at PagerDuty, discover opportunities, and sign-up for job alerts! As our **Senior Security Risk & Compliance Specialist** you will drive, design, and coordinate our Security Compliance Program to ensure customer trust, and fuel PagerDuty's expansion into global enterprise markets. You will partner across organizational teams as a Security Compliance SME, coordinating with business and technical stakeholders to meet the demands of our global market. **How You Contribute to Our Vision: Key Responsibilities** + Support the Customer Trust programs, including maintaining current and accurate customer documentation to support security responses to customer questions and customer audits; partnering with internal and external stakeholders for the Third Party Risk Program around vendor on-boarding, and vendor risk assessments. + Knowledge of compliance and regulatory frameworks and processes, including aligning policies to regulatory and business requirements; help teams design controls, automation, and reports to meet compliance requirements. + Administration of both general and program specific internal security education and awareness programs. + Oversees information security risk assessments, directing the development and operational effectiveness of IT security controls, along with risk tracking and management. + Monitor investigations and documentation of cybersecurity compliance issues and incidents. Review information security risk findings and non-compliance with business leaders and propose solutions to mitigate risks. **Basic Qualifications** + 4+ years of Security risk or compliance experience in a tech environment, with **credible experience and** demonstrable success managing regulatory and client audits in at least one of the following compliance programs: ISO27001, FedRAMP, SOC2 + Background of implementing a Security Risk program + Experience with security training and education program administration + Experience redlining security language for legal agreements. + Ability to work on various priorities simultaneously, with a strong bias towards action. Leveraging great written and verbal communication skills to facilitate great stakeholder management and client experience for internal and external customers. **Preferred Qualifications** + Experience with Third Party Risk Management + Experience with metrics-driven reporting including dashboards and status report generation and a focus on process improvement (automation, single pane of glass, continuous improvement) + Familiarity with Cloud Native and SaaS constructs including architectures, DevOps, CI/CD, SecOps disciplines + Able to support the development of program roadmaps, partnering with stakeholders in engineering, program managers and business owners to develop related project plans and timelines. + Familiarity with contemporary project, RFP, risk and issue management tools (such as SecurityPal, UpGuard and Hyperproof). A good understanding of platforms such as Monday.com, Jira and Slack. The base salary range for this position is 117,000 - 184,000 USD. This role may also be eligible for bonus, commission, equity, and/or benefits. Our base salary ranges are determined by role, level, and location. The range, which is subject to change based on primary work location, reflects the minimum and maximum base salary we expect to pay newly hired employees for the position. Within the range, we determine pay for an individual based on a number of factors including market location, job-related knowledge, skills/competencies and experience. Your recruiter can share more about the specific offerings for this role, as well as the salary range for your primary work location during the hiring process. **Not sure if you qualify?** Apply anyway! We extend opportunities to a broad array of candidates, including those with diverse workplace experiences and backgrounds. Whether you're new to the corporate world, returning to work after a gap in employment, or simply looking to take the next step in your career path, we are excited to connect with you. **Where we work** PagerDuty currently has offices in Atlanta, Lisbon, London, San Francisco, Santiago, Sydney, Tokyo, and Toronto. We offer a hybrid, flexible workplace. We also provide ample opportunities for in-person and virtual connection, like team offsites and volunteering events. **How we work** Our values are deeply embedded in how we operate and the people we bring on board. You will see our values ingrained in how we support our customers, collaborate with our colleagues, develop our products and foster an inclusive and empathetic work culture. + Champion the Customer | Put users first to design great products and experiences. + Run Together | Build strong teams that amplify our impact on users. + Take the Lead | Disrupt and invent to be the first choice for users. + Ack + Own | Take ownership and action to deliver more efficiently to users. + Bring Your Self | Bring your best self to build empathy and trust with users. **What we offer** **One way we ensure our employees are inspired to do their best is through a comprehensive total rewards approach that supports them and their loved ones. As a global organization, our programs are competitive with industry standards and aligned with local laws and regulations. Learn more, including country-specific offerings, on our** benefits site (********************************************** **.** **Your package may include:** + Competitive salary + Comprehensive benefits package from day one + Flexible work arrangements + Generous paid vacation time + Paid holidays and sick leave + Dutonian Wellness Days - scheduled company-wide paid days off in addition to PTO + Company equity* + ESPP (Employee Stock Purchase Program)* + Retirement or pension plan* + Paid parental leave - up to 22 weeks for pregnant parent, up to 12 weeks for non-pregnant parent (some countries have longer leave standards and we comply with local laws)* + HibernationDuty - an annual company paid week off when everyone at PagerDuty, with the exception of a small, coverage crew, is asked to take a much needed break to truly disconnect and recharge + Paid volunteer time off - 20 hours per year + Company-wide hack weeks + Mental wellness programs _*Eligibility may vary by role, region, and tenure_ **About PagerDuty** PagerDuty, Inc. (NYSE:PD) is a global leader in digital operations management. The PagerDuty Operations Cloud revolutionizes how critical work gets done, and powers the agility that drives digital transformation. Customers rely on the PagerDuty Operations Cloud to compress costs, accelerate productivity, win revenue, sustain seamless digital experiences, and earn customer trust. More than half of the Fortune 500 and more than two thirds of the Fortune 100 trust PagerDuty including Cisco, Cox Automotive, DoorDash, Electronic Arts, Genentech, Shopify, Zoom and more. Led by CEO Jennifer Tejada, PagerDuty's Board of Directors is 50% female and 62% URP representation. We strive to build a more equitable world by investing 1% each of company equity, product, and employee volunteer time. PagerDuty is Great Place to Work-certified, a Fortune Best Workplace for Millennials, a Fortune Best Medium Workplace, a Fortune Best Workplace in Technology, and a top rated product on TrustRadius and G2. Go behind-the-scenes on our careers site (*********************************** and @pagerduty on Instagram. **Additional Information** PagerDuty is committed to creating a diverse environment and is an equal opportunity employer. PagerDuty does not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, parental status, veteran status, or disability status. PagerDuty is committed to providing reasonable accommodations for qualified individuals with disabilities in our job application process. Should you require accommodation, please email accommodation@pagerduty.com and we will work with you to meet your accessibility needs. PagerDuty uses the E-Verify employment verification program.

Mainframe Security EngineerRemote - United StatesJR011313 **About the role and what you'll be doing:** - Hands-on administration of RACF, ACF2 and Top-Secret login ID's, dataset, and resource rules. Top Secret experience required for this position, ACF2 and RACF experience desired. - Provision user access in response to tickets opened in Service Now within defined SLAs. - Monitor system security policy and violations/incidents - Perform and review daily, weekly, and monthly audit reports - Liaison with business areas and other technical support areas - Provide customer support by preparing ad hoc reports and giving presentations - Monitors the environment for adherence to security standards - Must be available 24 x 7. On-call support will be required. - Experience using Vanguard and/or IBM zSecure security products - iSeries security knowledge a plus **Technical Skills:** - Excellent TSO, JCL, IBM UTILITIES, JES2, and ISPF a must. - Experience with REXX or any programming language desired. - Experience with CICS security administration preferred. - Experience using Vanguard and/or IBM zSecure security products is desired. - Experience with IAM, MFA and PAM are desired. **General Knowledge:** - MVS experience is highly desired - PC Skills (Microsoft Outlook, Word, Excel, PowerPoint) **Personal Skills:** - Strong written and verbal communication skills. - Strong organizational skills with the ability to manage multiple concurrent project deliverables and the ability to work as a global team. - Ability to work on own initiatives. - Strong analytical skills and problem-solving skills - Must be an excellent team player with the ability to work independently in a fast-paced environment - Self-starter, detailed oriented and ability to multitask - Excellent Communication skills required - Good written skills are required **Education:** - CISSP, CISA, CISM or ITIL Certification a plus - Bachelors or master's degree Preferred - Other mainframe security products a plus **Why Ensono?** Ensono is a place to make better happen - for our clients and for your career. You can do great things through innovation or collaboration, by learning or volunteering, or to promote diversity and inclusion. You can do great things for your own health or for a healthier planet. Whatever it means to you to do great things we want Ensono to be the place you can do it. We are a client-facing business, but we do encourage clients to allow us to work remotely most of the time so if you are not required to be on a client site, you can choose to work from home or in our Ensono offices. Some of our benefits include: + Unlimited Paid Days Off + Three health plan options through Blue Cross Blue Shield + 401k with company match + Eligibility for dental, vision, short and long-term disability, life and AD&D coverage, and flexible spending accounts + Paid Maternity Leave, Paternity Leave, and Sabbatical Leave + Education Reimbursement, Student Loan Assistance or 529 College Funding + Enhanced fertility coverage + Wellness program + Depending on location, ability to take Flexible work schedule + Advantage of fitness centers As of the date of this posting, a good faith estimate of the current pay scale for this role is $75,000 to $123,000 annually based on a full-time schedule. Please note that placement in the range may vary based on numerous factors including but not limited to skills, experience, internal equity, and business needs. In addition to base salary, other compensation programs, depending on eligibility, include an annual bonus plan based on company and individual performance and an equity grant under our Associate Equity Appreciation Program. Ensono is an Equal Opportunity/Affirmative Action employer. We are committed to providing equal employment to our Associates and building a diverse and inclusive workforce. All qualified applicants will be considered without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, or other legally protected basis, in accordance with applicable law. Pay transparency nondiscrimination statement/posting OFCCP's pay transparency policy can be found on OFCCP's website (*********************************************************************************************** . If you need accommodation at any point during the application or interview process, please let your recruiter know or email [email protected] . JR011313

The Security Engineer will work as a security technology generalist ensuring that all relevant technologies are running theappropriate securitytools and configured for best practice and secure computing.The Security Engineer will work with other team members and cross-functional teams to improve the security posture of SHI InternationalCorp. This position reports to the Manager of SecurityEngineering & Architecture. **About Us** Since 1989, SHI International Corp. has helped organizations change the world through technology. We've grown every year since, and today we're proud to be a $14 billion global provider of IT solutions and services. Over 17,000 organizations worldwide rely on SHI's concierge approach to help them solve what's next. **But the heartbeat of SHI is our employees - all 6,000 of them.** If you join our team, you'll enjoy: + Our commitment to diversity, as the largest minority- and woman-owned enterprise in the U.S. + Continuous professional growth and leadership opportunities. + Health, wellness, and financial benefits to offer peace of mind to you and your family. + World-class facilities and the technology you need to thrive - in our offices or yours. **Responsibilities** _Include, but are not limited to:_ + Safeguard information systems by identifying and remediating potential and actual security issues. + Implement security improvements by analyzing existing infrastructure, evaluating changes and controls,anticipatingnew requirements. + Proactivelyidentifytechnology gaps and develop and implement solutions collaboratively. + Diagnose system problems; propose and rapidly develop high quality solutions. + Monitor logs for unusual or suspicious activity and takeappropriate action. + Research, plan for, and implement new systems technology in the current operating environment. + Introducelatest informationsecurity issues and requirements to management. + Identifycurrent and emerging technology issues including security trends,vulnerabilities,and threats. + Act as a technical consultant on information security incidents and forensic investigations. + Experience with SOAR practices, including playbook development, data and artifact collection, process automation, technology orchestration, and response actions. **Qualifications** + Bachelor's Degree in computer scienceor4 years ofrelevant work experiencerequired + 3+ years of relevant IT/ Technicalindustry experience + 2+ years of cybersecurity experience + 3+ years of Administration/Engineering experience. + 3 years + experience working on one or more of the following complex technologies: + Knowledge of security standards, regulations, and compliance frameworks (PCI, NIST, ISO) + Knowledge of adversarial tactics,techniquesand procedures (TTPs) + Knowledge of the MITRE ATT&CK framework **Required Skills** + Exceptional administrative, organizational, and problem-solving skills + Excellent written and verbal communication skill + Strong analytical and problem-solving skills + Ability to work and collaborate with diverse worldwide teams and peers + Ability to document and explain technical details to both technical and non-technical teams + Strong Understanding of Operating System and Native Applications, not limited to Windows, Windows Server, MacOS, Linux Server. + Familiarity with scripting languages such as Python + Strong understanding of network protocols, operating systems, and web application technologies + Deploy best practices by understanding and researching security attack patterns and practices. + Well-versed in keeping up with the current and emerging threats and techniques for exploiting security vulnerabilities. + Experience interconnecting security tools using a data lake to correlate data for use in risk management and continuous monitoring practices. **Preferred Skills:** + Experience developing automation with a general-purpose programming or scriptinglanguage + Experienceleveragingthreat intelligence to develop new detection automation. + Experience analyzing large data sets within automation. + Ability to provide risk mitigation solutions present in solutions that do not offer sufficient security practices. + Proficient in troubleshooting securityincidents. **Unique Requirements** + Off hours responsibilities may include troubleshooting major issues, and executing changes to accommodate off-hours maintenance schedules. **Additional Information** + The estimated annual pay range for this position is $90,000 - $120,000. The compensation for this position is dependent on job-related knowledge, skills, experience, and market location and, therefore, will vary from individual to individual.Benefits may include, but are not limited to, medical, vision, dental, 401K, and flexible spending. + Equal Employment Opportunity - M/F/Disability/Protected Veteran Status Refer a friend to this job (******************************************************************************************************************* **Need help finding the right job?** We can recommend jobs specifically for you! **Job Locations** _US-Remote_ **Requisition ID** _2024-18484_ **Approved Min (Total Target Comp)** _USD $90,000.00/Yr._ **Approved Max (Total Target Comp)** _USD $150,000.00/Yr._ **Compensation Structure** _Flat Base_ **Category** _Information Technology_

* Must currently be local to Japan or be willing to relocate to be considered. The Government seeks a Risk Management Framework (RMF) support specialist to provide FRCS system security engineering support in Far East to achieve and maintain Authorizations to Operate (ATOs). The Information System Security Engineer (ISSE) will be responsible for creating and maintaining RMF artifacts and shall implement security controls, patch vulnerabilities on network devices, and resolve system security engineering concerns to ensure cyber compliance and readiness for a Government Facility Engineering Command in Yokosuka Japan. Additional locations may include the below: * Diego Garcia * Singapore * Chinhae * Misawa * Okinawa * Iwakuni * Sasebo * Atsugi Recruiting for this role ends on 10/4/24. Work You'll Do * Complete System / Mission decomposition to identify system components critical to priority mission functions. * Work with CYBERSAFE team to complete grading of Facility Related Control Systems (FRCS). * Report ongoing Risk Management Framework (RMF) package progress regularly to ISSM, HQ teams and various leadership personnel throughout Government Enterprise. * Support government personnel in providing technical capabilities to assist with the development of custom mitigations to challenging technical requirements. * Use collected system information and interviews with Subject Matter Experts (SMEs) and various system personnel to review artifacts for compliance, completeness, and quality in support of successful ATOs and ongoing maintenance. * RMF Artifacts include but aren't limited to: * Hardware and Software Lists * Network diagrams in accordance with the Government's Diagram Requirements Job Aid * Ports, Protocols, and Services Management (PPSM) forms * Categorization Forms * Cybersafe Grading Checklists * Criticality Analysis Checklist (if applicable) * Security Plan (SP) * Security Assessment Plan (SAP) * System specific policies IAW NIST 800-53 control families * Implementation and System Level Continuous Monitoring (SLCM) Plans * Raw vulnerability scan results * Security Center generated reports * Manual Security Technical Implementation Guide (STIG) and Security Requirements Guide (SRG) checklists (CKLs) * Performs all necessary tasks to support RMF packages, including uploading artifacts into eMASS in the proper format to support initial RMF authorization, maintenance, or reauthorization efforts. Duties include: * Implementing security controls in accordance with STIGs and SRGs * Patching vulnerabilities on IT/networking devices and all IP-based controllers * Conducting vulnerability scanning of all IP devices and generate reports * Completing manual STIG checklists (CKLs) according to the approved SAP * eMASS tasks such as inputting test results, uploading scan results, mapping vulnerabilities to controls, updating and maintaining POA&Ms, and processing eMASS workflows * Providing on-site validation support * Facilitating and managing change requests and authorization boundary changes with Operational Technology Design Authority (OTDA) * Collaborating with multiple departments to perform scanning and patching to include intermittent nationwide travel according to multiple site requirements and availability * In addition to RMF support, experience with the following: * Manage IP schemas. * Account management. * Manage and maintain windows servers and clients. * Ensure standardization of network device configuration and compliance with DISA STIG requirements * Provide system administration support for the electrical meter collection and analysis software packages and database requirements. Qualifications Required: * Must currently be local to Japan or be willing to relocate to be considered. * Bachelor's degree in IT/Cybersecurity related field * Active Secret Clearance is required to be considered for this role * Five (5) years of related experience and/or training including military or civilian experience * Problem-solving skills and attention to detail * Experience with obtaining ATO's (Authority to Operate) and RMF (Risk Management Framework) process * Experience with RMF artifacts * Experience implementing security controls, patching vulnerabilities, scans, completing STIG checklist * Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future. * Must have experience working overseas for DoD or Government programs * Ability to be on site 100% of the time in Yokosuka Japan. Preferred (Desired): * Experience with implementing Security Technical Implementation Guides (STIGs) and Security Requirement Guides (SRGs) * Experience conducting ACAS scans and generating reports * Knowledge of industrial communication protocols * Knowledge of HVAC Systems equipment and operation * Knowledge of HVAC Control Systems * Knowledge of utility information systems and energy-management technologies * Ability to travel 0-25%, on average, based on the work you do and the clients and industries/sectors you serve The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $114,000 to $190,000. You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance. Information for applicants with a need for accommodation: ************************************************************************************************************ #engcamp2024 Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our client most complex challenges. This makes Deloitte one of the most rewarding places to work. Our purpose Deloitte's purpose is to make an impact that matters for our clients, our people, and in our communities. We are creating trust and confidence in a more equitable society. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. We are focusing our collective efforts to advance sustainability, equity, and trust that come to life through our core commitments. Learn more about Deloitte's purpose, commitments, and impact. Professional development From entry-level employees to senior leaders, we believe there's always room to learn. We offer opportunities to build new skills, take on leadership opportunities and connect and grow through mentorship. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career. As used in this posting, "Deloitte" means Deloitte Consulting LLP, a subsidiary of Deloitte LLP. Please see ************************* for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law. Deloitte will consider for employment all qualified applicants, including those with criminal histories, in a manner consistent with the requirements of applicable state and local laws, including the City of Los Angeles' Fair Chance Initiative for Hiring Ordinance. See notices of various ban-the-box laws where available. Requisition code: 209278