Information Security Analyst Jobs in New Britain, PA

Ask IT Consulting Inc, backed by a $500 million Microtek group company, provides an industry leading blend of technology, business consulting, and outsourcing services. Ask IT is a minority-owned enterprise; it has been founded on providing the highest quality possible and on the devotion to customer satisfaction. ASK IT consulting is an equal opportunity employer, which is a global staffing, consulting and technology solutions company, offering industry-specific solutions to fortune 500 clients and worldwide corporations. Job Description The Information Security Specialist (ISS) is responsible for developing and documenting information security policies and standards, in addition to planning, coordinating, and implementing security measures for information systems. Years of Relevant Experience: 5 plus years Preferred Education 4 year college degree or equivalent technical study • -Define, develop and implement information security & risk management policies, procedures & best practices to comply with industry standards • -Develop plans to safeguard computer files against accidental or unauthorized • modification, destruction, or disclosure and to meet emergency data processing • needs. Monitor use of data files and regulate access to safeguard information in • computer files. • -Document and maintain a repository with version control of all policies, procedures and best practices • -Perform compliance reviews, risk management functions, test executions and encryptions for application and infrastructure service levels • -Monitor use of data files and safeguard computer files against authorized access and unauthorized access • -Modify computer security files to incorporate new software, correct errors or access changes • -Perform risk assessments and execute tests of data processing system to ensure • functioning of data processing activities and security measures. • -Encrypt data transmissions and erect firewalls to conceal confidential information as it • is being transmitted and to keep out tainted digital transfers. • -Identify and track issues, risks and action items. • -Document information security policies, standards, and procedures spanning and • encompassing the range of topics such as organization security, asset ID and • classification, personal security, communications and operations management, • access control, system development and maintenance, business continuity • management, and compliance. • -Confer with users to discuss issues such as computer data access needs, security • violations, and programming changes. • -Train users and promote security awareness to ensure system security and to • improve server and network efficiency. Qualifications Prior experience in the following are essential for the role: • Websense 7.8 • E policy Orchestrator 4.6 • Mc Afee email gateway (MEG) 7.6 • Airwatch 8.0.6.0 Additional Information If you are interested in finding out more about opportunities near you, if you are in need of a staffing firm such as ours, or if you just have a question regarding your resume and career path, please email me at ryanaskitc.com

ITnova is seeking an experienced Information Security Analyst / SOC Analyst to support the Philadelphia International Airport (PHL) Security Operations Center (SOC). The selected candidate will be responsible for monitoring security alerts, analyzing threats, and implementing proactive security measures to protect critical airport systems. This role requires expertise in cybersecurity tools, incident response, and threat hunting to enhance PHL's overall security posture. Responsibilities: Monitor security alerts and analyze threats in real time. Conduct incident response activities to mitigate cyber risks. Perform threat hunting to identify vulnerabilities and enhance proactive security measures. Maintain Security Information and Event Management (SIEM) systems and analyze logs for anomalies. Coordinate with internal teams and external stakeholders for cybersecurity incident resolution. Develop and implement security policies, procedures, and incident response plans. Ensure compliance with regulatory requirements and industry best practices. Requirements: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or equivalent. Experience with Security Operations Center (SOC) workflows, intrusion detection systems (IDS), and firewalls. Strong understanding of cybersecurity frameworks such as NIST, ISO 27001, and CIS Controls. Hands-on experience with cybersecurity tools, including SIEM, EDR, and vulnerability scanners. Ability to analyze logs and detect potential security threats.

Sr. ISSO Employment Type: Full-Time, Experienced Department: Information Technology CGS is seeking an Information Systems Security Officer (ISSO) with DIACAP and/or RMF experience who has deep expertise in security assessment documentation to support Dept. of Commerce systems and efforts to achieve their Authorization to Operate (ATO). This position is located at the client site in the Herbert Hoover building in Washington, DC. The scope of this position includes full life-cycle Assessment and Authorization (A&A) management through all 6 Steps of the RMF process in support of the Government ISSM.In this role, you'll conduct security assessment, and information system security oversight activities in accordance with NIST 800.53 that support systems from the perspective RMF requirements. CGS brings motivated, highly skilled, and creative people together to solve the government's most dynamic problems with cutting-edge technology. To carry out our mission, we are seeking candidates who are excited to contribute to government innovation, appreciate collaboration, and can anticipate the needs of others. Here at CGS, we offer an environment in which our employees feel supported, and we encourage professional growth through various learning opportunities. Skills and attributes for success: * Review systems to identify potential security weaknesses and recommend improvements to amend vulnerabilities, implement changes, and document upgrades. * Maintain responsibility for managing cybersecurity risk from an organizational perspective. * Identify organizational risks, prioritize those risks, and maintain a risk registry for escalating and presenting those risks to senior leadership. * Provide security guidance and IS validation using the National Institute of Standards and Technology (NIST) RMF, DoC, and local security policies. * Providing configuration management (CM) recommendations for information system security software, hardware, and firmware and coordinating changes and modifications with the ISSM, Security Control Assessor (SCA), and Authorizing Official (AO). * Maintain vulnerability scanning tool compliance, such as HBSS or ACAS, and patch management, such as IAVM to ensure IT staff pushes patches to all systems in an effort to maintain compliance with all applicable directives, manage system changes, and assess the security impact of those changes. * Support security authorization activities, including transitioning from the legacy Information Assurance Certification and Accreditation Process (DIACAP) to compliance with the DoC RMF. * Provide subject matter expertise for cyber security and trusted system technology. * Apply advanced technical knowledge and analysis of specialized functional areas in task requirements to develop solutions to complex problems. * Research, write, review, disposition feedback, and finalize recommendations regarding cyber security policy, assessment and authorization assessments (A&As), security test and evaluation reports, and security engineering practices and processes. * Conduct research and write risk assessment reports to include risk thresholds, evaluation, and scoring. * Support analysis of the findings and provide expert technical guidance for mitigation strategies, including implementation advice on the cyber security risk findings, and other complex problems. Qualifications: * Bachelor's Degree. * A minimum of five (5) years experience as an Information Assurance (IA) Analyst, ISSE, ISSO, or similar role in ATO package development, including generating security documentation for requirements, security control assessment, STIG and IAVA compliance, Standard Operating Procedures, test results, etc. * eMASS experience. * Professional security certification such as: CCNA Security, CySA+, GICSP, GSEC, CompTIA Security+ CE, SSCP, or higher. * Strong desktop publishing skills using Microsoft Word and Excel. * Experience with industry writing styles such as grammar, sentence form, and structure. * Ability to multi-task in a deadline-oriented environment. Ideally, you will also have: * CISSP, CASP, or a similar certificate is preferred. * Master's Degree in Cybersecurity or related field. * Strong initiative, detail orientation, organizational skills, and aptitude for analytical thinking. * Demonstrated ability to work well independently and as a part of a team. * Excellent work ethic and a high commitment to quality. Our Commitment: Contact Government Services (CGS) strives to simplify and enhance government bureaucracy through the optimization of human, technical, and financial resources. We combine cutting-edge technology with world-class personnel to deliver customized solutions that fit our client's specific needs. We are committed to solving the most challenging and dynamic problems. For the past seven years, we've been growing our government contracting portfolio, and along the way, we've created valuable partnerships by demonstrating a commitment to honesty, professionalism, and quality work. Here at CGS we value honesty through hard work and self-awareness, professionalism in all we do, and to deliver the best quality to our consumers mending those relations for years to come. We care about our employees. Therefore, we offer a comprehensive benefits package. Health, Dental, and Vision Life Insurance 401k Flexible Spending Account (Health, Dependent Care, and Commuter) Paid Time Off and Observance of State/Federal Holidays Contact Government Services, LLC is an Equal Opportunity Employer. Applicants will be considered without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Join our team and become part of government innovation! Explore additional job opportunities with CGS on our Job Board: ************************************* For more information about CGS please visit: ************************** or contact: Email: ******************* $118,560 - $171,253.33 a year

Established in 1991, Collabera has been a leader in IT staffing for over 22 years and is one of the largest diversity IT staffing firms in the industry. As a half a billion dollar IT company, with more than 9,000 professionals across 30+ offices, Collabera offers comprehensive, cost-effective IT staffing & IT Services. We provide services to Fortune 500 and mid-size companies to meet their talent needs with high quality IT resources through Staff Augmentation, Global Talent Management, Value Added Services through CLASS (Competency Leveraged Advanced Staffing & Solutions) Permanent Placement Services and Vendor Management Programs. Collabera recognizes true potential of human capital and provides people the right opportunities for growth and professional excellence. Collabera offers a full range of benefits to its employees including paid vacations, holidays, personal days, Medical, Dental and Vision insurance, 401K retirement savings plan, Life Insurance, Disability Insurance. Job Description Job Details: Title: Security Specialist Location: Philadelphia, PA Duration: 3 month (may extend) Division: Intellectual Property and Science Required Skills: • Active Secret clearance (Public Trust) required. • Provide security technical advisory and directions to technical and research teams • Maintain operational security posture for the program to ensure government information security requirements and information systems security policies, standards, and procedures are established and followed. • Assist with the management of security aspects of the information system and performs day-to-day security operations of the system. • Evaluate security solutions to ensure they meet security requirements for processing classified information. • Prepare Standard Operating Procedures that meet the security requirements for the business' clients • Perform vulnerability/risk assessment analysis to support certification and accreditation. • Provides configuration management (CM) for information system security software, hardware, and firmware. • Manage changes to system and assesses the security impact of those changes. • Experience and familiarity with securing Windows Environments, MS SQL Servers, Web Servers, Encryption, and Access Control. • Prepare and review documentation to include System Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, etc. • Experience and/or familiarity with Certification and Accreditation (C&A). • Experience and/or familiarity with the following network protection devices: Firewalls, intrusion detection and prevention systems (IDS/IPS), log analysis, malware analysis, network traffic flow and packet analysis • Experience and/or familiarity with NIST Guidelines, FIPS 140-2, FIPS 190 , FedRAMP, Federal Information Security Management Act (FISMA) and other tools using industry best practices. Additional Information To know more on this position or to schedule an interview please contact; Monil Narayan ************

Company DescriptionJobs for Humanity is partnering with Capital One to build an inclusive and just employment ecosystem. Therefore, we prioritize individuals coming from the following communities: Refugee, Neurodivergent, Single Parent, Blind or Low Vision, Deaf or Hard of Hearing, Black, Hispanic, Asian, Military Veterans, the Elderly, the LGBTQ, and Justice Impacted individuals. This position is open to candidates who reside in and have the legal right to work in the country where the job is located. Company Name: Capital One Job Description201 Third Street (61049), United States of America, San Francisco, CaliforniaSenior Manager, Information Security Office Consultant At Capital One, you will help consult on initiatives, programs, and projects to raise their game in Information Security. You are pragmatic and practical in your understanding of risk and security, but also willing to know when to pull in experts and escalate. You collaborate and innovate with other teams within Capital One to push the envelope. You are comfortable with Cloud Service technologies like Storage Services, Security & Access Control Management, Container Services, and API Implementation and Management. You are familiar with various Cloud computing models to include IaaS, PaaS, and SaaS along with their architectural differences. Security is essential to what we do here, from protecting our customers to our associates. What You'll Do: Act as a central Information Security point of contact for the Enterprise Platform team Coordinate and execute proactive Information Security consulting to the business and technology teams covering Infrastructure Security, Resiliency, Data Security, Network Architecture and Design, and User Access Management Serve as an expert in Capital One's Information Security capabilities, solutions, policies, procedures and standards Influence customers to leverage security capabilities and solutions to shift and integrate security to the left in the development processes Escalate and manage cyber security risk Provide ad hoc support on special Information Security hot topics for the business Provide regular updates to executive leadership with your line of business on the overall Information Security health and risk environment Work with line of business leadership to anticipate their objectives and needs to better serve the line of business Product security consulting in Authentication/Access Management /Identity application and experienced in Authentication and industry-standard protocol for authorization/authorization Basic Qualifications: High School Diploma, GED or equivalent certification At least 8 years of experience working in cybersecurity or information technology At least 7 years of experience providing guidance and oversight of Security concepts At least 7 years of experience performing security risk assessments and security architecture reviews At least 7 years of experience with architecture, software design, networking, and cloud infrastructure At least 5 years of experience with cloud security engineering Preferred Qualifications: Bachelor's Degree 3+ years of experience in securing a public cloud environment (e.g. AWS, GCP, Azure) 4+ years of experience in IAM or related areas Experience building software utilizing public cloud (e.g. AWS, GCP, Azure) Familiarity with Cloud patch management practices such as system rehydration and image management Experience utilizing Agile methodologies Experience with Software Security Architecture Experience with Application Security Experience with Threat Modeling Experience with Penetration Testing or Vulnerability Management Experience with integrating SaaS products into an Enterprise Environment Experience with securing Container services Splunk-Fu / Enterprise Monitoring experience Financial services industry experience Professional certifications such as AWS Certified Solutions Architect and Certified Information Systems Security Professional (CISSP) Experience in Offensive and Defensive Security techniques Experience in a regulated environment Strong conceptual thinking, influence and communication skills At this time, Capital One will not sponsor a new applicant for employment authorization for this position. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. New York City (Hybrid On-Site): $230,100 - $262,700 for Sr Manager, Cyber TechnicalSan Francisco, California (Hybrid On-Site): $243,800 - $278,200 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website. Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer committed to diversity and inclusion in the workplace. All qualified applicants will receive consideration for employment without regard to sex (including pregnancy, childbirth or related medical conditions), race, color, age, national origin, religion, disability, genetic information, marital status, sexual orientation, gender identity, gender reassignment, citizenship, immigration status, protected veteran status, or any other basis prohibited under applicable federal, state or local law. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections 4901-4920; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at ************** or via email at [email protected]. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations. For technical support or questions about Capital One's recruiting process, please send an email to [email protected] Capital One does not provide, endorse nor guarantee and is not liable for third-party products, services, educational tools or other information available through this site. Capital One Financial is made up of several different entities. Please note that any position posted in Canada is for Capital One Canada, any position posted in the United Kingdom is for Capital One Europe and any position posted in the Philippines is for Capital One Philippines Service Corp. (COPSSC).

Headquartered in Dublin, Ohio, Cardinal Health, Inc. (NYSE: CAH) is a global, integrated healthcare services and products company, providing customized solutions for hospitals, health systems, pharmacies, ambulatory surgery centers, clinical laboratories and physician offices worldwide. The company provides clinically-proven medical products and pharmaceuticals and cost-effective solutions that enhance supply chain efficiency from hospital to home. Cardinal Health connects patients, providers, payers, pharmacists and manufacturers for integrated care coordination and better patient management. Backed by nearly 100 years of experience, with approximately 50,000 employees in 46 countries, Cardinal Health ranks among the top 20 on the Fortune 500. We currently have a full-time career opening within Information Security to support the growth of our Navista Application Suite and the Integrated Oncology Network (IoN). **Department overview** The Information Security department at Cardinal Health enables Cardinal Health to securely deliver healthcare products and solutions that improve the lives of people every day by ensuring security practices and controls are embedded into Cardinal Health's people, process and technology. We are a remote-first team and are excited to offer full-time remote opportunities. **Functional Overview** The Senior Information Security & Risk Engineer is a new capability for Cardinal Health and will be executed by the Product Security team. The primary goal of this position is to ensure delivery of best-in-class cybersecurity, risk management, and compliance for Navista, an oncology Managed Service Offering hosted by Cardinal Health. **Job Overview** The Information Security & Risk Engineer will be responsible for day-to-day activities in implementing the corporate information security and compliance program. The individual will be a front-line partner to technical teams and work across the organization to deliver security and compliance initiatives aligning to corporate policies, standards, procedures and audit activities. Success in the role will be measured by the effectiveness of the implementation of information security, risk management and compliance directives. This role will work with various IT and business teams to drive both information security and compliance initiatives. The individual will assist with internal and external security compliance monitoring activities, review client audits, IT control audits, architecture reviews, threat modeling, security risk assessments and will assist in the management of compliance activities such as NIST, HIPAA, SOC 2, FedRAMP, PCI, ISO27001, HITRUST and SOX. Good interpersonal and relationship building skills are essential for success. **Job Responsibilities Include:** + Maintain governance program that ensures that the security policies, standards and process are in place + Serve as liaison to other Cardinal Health teams to ensure knowledge share and best practices + Partner with the engineering, architecture and operations teams to ensure delivery of infrastructure design and threat models which prove security requirements + Monitor security trends and drive security best practices throughout the organization + Evaluate, design, test, and recommend new or improved controls + Work with third party firms and consultants to conduct independent security audits, vulnerability scans, and penetration tests + Investigate, drive resolution and document security incidents **Qualifications** + Bachelors Degree in related field, or equivalent work experience leading cybersecurity or information security initiatives + Have 3+ years information security related work experience, preferably within the healthcare industry + Experience in vulnerability management programs, vulnerability assessments and advanced understanding of risk management + Familiarity with at least one common programming language, software development pipelines, and system lifecycles + Familiarity with security frameworks and assessments such as HIPAA/HITECH, ISO, ITIL, NIST, PCI DSS, & SOX + Familiarity with common security vulnerabilities like OWASP Top 10 + Experience advising and mentoring diverse teams where you do not have direct authority + Strong written and verbal communication skills **Anticipated salary range:** $121,600 - $182,385 **Bonus eligible:** Yes **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 4/7/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

Essential Utilities, Inc. delivers safe, clean, reliable services that improve quality of life for individuals, families, and entire communities. Operating as the Aqua (water and wastewater services) and the Peoples and Delta (natural gas) brands, Essential serves approximately 5.5 million people across 10 states. We are committed to sustainable growth, operational excellence, a superior customer experience, and premier employer status - including a competitive and comprehensive benefits package as well as a commitment to career growth opportunities. We are advocates for the communities we serve and are dedicated stewards of natural lands, protecting more than 7,600 acres of forests and other habitats throughout our footprint. Our company is one of the most significant publicly traded water, wastewater service and natural gas providers in the U.S. Essential Utilities is now looking to appoint an Information Security (InfoSec) Director who will play a critical role in leading and spearheading Information Security, Cybersecurity, Technology Risk Management and Compliance across Information Technology (IT) and Operational Technology (OT). As InfoSec Director you will collaborate closely with OT, IT, and business stakeholders at all levels across our Water, Wastewater, and Natural Gas sectors, with this role tasked with ensuring the development, implementation and operation of programs, capabilities, governance, and policies that enable the organization to innovate and operate efficiently while effectively managing cyber risks and ensuring compliance with regulatory requirements. Ready to take your career to the next level? Let's Talk! Key accountabilities include: Functioning as the strategic leader for Information Security, Cybersecurity, Compliance and Privacy, acting as a subject matter expert responsible for strategy, standards, policies, and control frameworks. Direct and provide a strategic risk management vision to effectively secure the business while supporting innovation and execution. Experience developing multi-year strategic roadmaps addressing the threat and compliance landscapes for both IT and OT/ICS/SCADA. Ensuring alignment with regulatory compliance obligations and emerging cybersecurity standards. Foster an enterprise-wide culture of security awareness for both IT and OT. Oversees and manages the teams and functions for Security Operations & Engineering, Governance Risk and Compliance (GRC), Identity & Access Management, and SAP Security. Ensure operation and continuous improvement of capabilities for vulnerability management, threat management, and incident response. Engage with regulators and industry groups on topics related to cybersecurity in critical infrastructure. The ideal candidate will possess strong technical expertise in environments with large, complex, and distributed technology environments with experience in enterprise IT and OT, with regulated utilities experience preferred. Ability to communicate with both technical teams and executive leadership appropriately, with effective stakeholder management at all levels. Required Experience, Education, Licenses, and Certifications: Minimum of 10 years leadership role in technology with at least five having direct responsibility for Information Security programs and strategy management. B.S. or equivalent degree in Computer Science, Engineering, Information Sciences & Technology, Information Assurance, or related field. Certifications: CISSP and CISM strongly preferred with other advanced certifications (e.g. GCIH, CRISC, GRID, GICSP, CISA, ISSMP/ISSEP/ISSAP, etc.) considered a plus. Expert in cyber risk management, knowing how to effectively use both qualitative and quantitative approaches, and ability to define effective risk treatment strategies. Experience effectively leveraging security frameworks, guidance and best practices including NIST CSF, CIS Critical Security Controls, CIS Benchmarks. Experience with critical industrial operations including SCADA/ICS, with utilities industry experience preferred. Expert level knowledge of security technologies, functions and services including Threat Intelligence, Security Operations Centers, SIEM, Firewall Engineering, Network Security, Authentication, EDR/Anti-Malware, Encryption, PKI, Forensics, Intrusion Detection and Prevention. Essential Utilities, Inc., is an Equal Opportunity/Affirmative Action employer. Equal employment opportunity is provided to all employees and applicants for employment without regard to the following legally protected characteristics: race, color, religion, sex, national origin, age, pregnancy (including childbirth and related medical conditions, including medical conditions related to lactation), physical or mental disability, covered-veteran status, genetic information (including testing and characteristics), sexual orientation, gender identity or expression or any other characteristic protected by applicable local, state or federal law. Essential Utilities is committed to providing reasonable accommodation to individuals with disabilities. If you have a condition that may prevent you from applying for a job online or need to request an accommodation during the interview process, please call (***************. To maintain the integrity of the recruitment process and to avoid real or perceived conflicts of interest due to employment and/or assignment of family members and personal referrals, specific guidelines apply to the hiring and assignment of these individuals including, but not limited to: Family members cannot result in a supervisor/subordinate reporting relationship Family members cannot work in the same department.

Experience protocols, such as SAML 2.0, OAuth 2.0, etc. Experience Internet protocols Experience with cryptography, and PKI Additional Information All your information will be kept confidential according to EEO guidelines.

Description & Requirements Reporting to the Sr. Manager for the Program Security Services team (US Services), the Lead Security Analyst-ISSO is responsible for managing the overall security posture of their assigned projects. Acting as an independent contributor, the Lead Analyst-ISSO will document and validate security compliance requirements, as defined in client contracts and established regulatory frameworks (NIST 800-53, HIPAA, IRS 1075, CMS MARS-E/ARC-AMPE, PCI-DSS). This position requires broad knowledge of Information Technology, including cloud providers such as Azure and AWS. This role will also manage stakeholder relationships with both internal and external customers. US citizenship is required per contract/client, at least one of the following certifications is required: CISSP (preferred), CISA or CISM. Experience with NIST 800-53 and the ability to travel up to 10% is required. Essential Duties and Responsibilities: - Responsible for ensuring information security for an assigned area of Business/Project focusing on key areas of risk, as outlined in the Information Security policy, under the direction of the Information Security management team. - Conduct Information Security risk assessments and compliance evaluations for infrastructure and application assets within required timeframes and to industry standards and regulatory specifications. - Ensure controls are properly and fully implemented to address identified Information Security risks for assigned area of responsibility. - Define, create and maintain the documentation for certification and accreditation of each information system in accordance with regulatory requirements. - Lead and support audits and client reviews of security posture; coordinate the collection, review and submission of Information Security deliverables and track the remediation of audit findings and exceptions. - Manage expectations with multiple stakeholders on projects and programs in conjunction with the Information Security team. - Promotion of Information Security awareness through various communication channels within the organization. - Collaborate with the Information Security team members on process improvements, secure design and recertification of MAXIMUS assets. Identify potential security control gaps by reviewing evidence provided by stakeholders, system generated reports and/or control implementation statements. Perform risk assessments using vulnerability management and application security testing reports. Initiate formal security exception process, when required. Develop Plan of Action and Milestones (POA&M) as necessary. Minimum Requirements - Please refer to the additional information section of the job requisition for this opening to determine clearance eligibility required. - Bachelor's degree and 7+ years of relevant professional experience required, or equivalent combination of education and experience. US Citizenship is REQUIRED per contract/client. At least one of the following certifications is REQUIRED: CISSP (preferred), CISA or CISM Experience with NIST 800-53 is REQUIRED Ability to travel nationally up to 10% is REQUIRED HIPAA experience is preferred Experience with Cloud providers, such as Azure and AWS Knowledge of any of the following security frameworks is preferred: IRS 1075, CMS MARS-E/ARC-AMPE, PCI-DS Demonstrates excellent interpersonal, presentation and verbal/written communication skills Demonstrates strong customer service skills Ability to communicate technical information to non-technical staff Ability to work collaboratively with a broad range of staff (including analysts, engineers and leadership) Proficiency with Microsoft Office SmartSheet experience is a plus Ability to perform comfortably in a fast-paced, deadline-oriented work environment Ability to organize and execute complex tasks Ability to work as a team member as well as independently #LI-JH1 #maxcorp #LeadSecurityAnalyst #HotJobs0311LI #HotJobs0311FB #HotJobs0311X #HotJobs0311TH #TrendingJobs EEO Statement Active military service members, their spouses, and veteran candidates often embody the core competencies Maximus deems essential, and bring a resiliency and dependability that greatly enhances our workforce. We recognize your unique skills and experiences, and want to provide you with a career path that allows you to continue making a difference for our country. We're proud of our connections to organizations dedicated to serving veterans and their families. If you are transitioning from military to civilian life, have prior service, are a retired veteran or a member of the National Guard or Reserves, or a spouse of an active military service member, we have challenging and rewarding career opportunities available for you. A committed and diverse workforce is our most important resource. Maximus is an Affirmative Action/Equal Opportunity Employer. Maximus provides equal employment opportunities to all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status or disabled status. Pay Transparency Maximus compensation is based on various factors including but not limited to job location, a candidate's education, training, experience, expected quality and quantity of work, required travel (if any), external market and internal value analysis including seniority and merit systems, as well as internal pay alignment. Annual salary is just one component of Maximus's total compensation package. Other rewards may include short- and long-term incentives as well as program-specific awards. Additionally, Maximus provides a variety of benefits to employees, including health insurance coverage, life and disability insurance, a retirement savings plan, paid holidays and paid time off. Compensation ranges may differ based on contract value but will be commensurate with job duties and relevant work experience. An applicant's salary history will not be used in determining compensation. Maximus will comply with regulatory minimum wage rates and exempt salary thresholds in all instances. Minimum Salary $ 111,605.00 Maximum Salary $ 145,000.00

A best-in-class city that attracts best-in-class talent, Philadelphia is an incredible place to build a career. From our thriving arts scene and rich history to our culture of passion and grit, there are countless reasons to love living and working here. With a workforce of over 30,000 people, and more than 1,000 different job categories, the City of Philadelphia offers boundless opportunities to make an impact. As an employer, the City of Philadelphia values inclusion, integrity, innovation, empowerment, and hard work above all else. We offer a vibrant work environment, comprehensive health care and benefits, and the experience you need to grow and excel. If you're interested in working with a passionate team of people who care about the future of Philadelphia, start here. What We Offer: • Impact - The work you do here matters to millions. • Growth - Philadelphia is growing, why not grow with it? • Diversity & Inclusion - Find a career in a place where everyone belongs. • Benefits - We care about your well-being. The Office of Innovation & Technology (OIT) is the central IT agency for the City of Philadelphia headed by the Chief Information Officer (CIO). OIT oversees all major information and communications technology initiatives for the City of Philadelphia - increasing the effectiveness of the information technology infrastructure, where the services provided are advanced, optimized, and responsive to the needs of the City of Philadelphia's businesses, residents, and visitors. OIT responsibilities include: identifying the most effective approach for implementing new information technology directions throughout city government; improving the value of the city's technology assets and the return on the city's technology investments; ensuring data security continuity; planning for continuing operations in the event of disruption of information technology or communications services; and supporting accountable, efficient and effective government across every city department, board, commission and agency. Job Description The Philadelphia International Airport is managed by the Department of Aviation of the City of Philadelphia. The airport handles approximately 82,000 travelers per day. The airport Information Technology department is headed by the Chief Information Officer (CIO). As the Director of Information Security, you will play a pivotal role in safeguarding the confidentiality, integrity, and availability of Philadelphia International Airport's information assets. Reporting directly to the Chief Information Security Officer (CISO), you will be tasked with leading strategic initiatives to mitigate cyber threats, ensure compliance with industry regulations & standards. Must have a sound business acumen to help identify, evaluate and report information security risks in a manner that supports the risk posture of the organization. Essential Functions and Responsibilities: Strategic Leadership - Collaborate with the CISO and senior leadership to develop and maintain the organization's information security strategy, policies, and procedures. Provide strategic direction and guidance to the information security team, aligning security initiatives with business objectives and risk tolerance. Risk Management - Lead the identification, assessment, and prioritization of information security risks, threats, and vulnerabilities across the organization's IT infrastructure and systems. Implement risk mitigation strategies and controls to address identified risks effectively. Develop capabilities to manage third party Cybersecurity risks. Security Governance & Compliance - Lead the identification, assessment, and prioritization of information security risks, threats, and vulnerabilities across the organization's IT infrastructure and systems. Develop risk mitigation strategies and controls to address identified risks effectively. Threat Management - Execute strategies for continuous monitoring of network traffic, system logs, and user activities to identify unauthorized or suspicious behavior. Review security monitoring tools, technologies to detect and alert potential security incidents and anomalies. Maintain incident response plans and procedures to effectively respond to and mitigate security incidents. Lead the investigation of security breaches and incidents, coordinating response efforts and implementing corrective actions as necessary. Third Party Risk Management -Assess and manage risks associated with third-party vendors and service providers, ensuring contractual obligations and security requirements are met. Develop processes for evaluating monitoring vendor security posture and performance. Security Operations & Technology -Oversee the implementation and maintenance of security technologies and tools, ensuring they effectively identify, protect, detect, respond, and recover to security threats & vulnerabilities. Change Management -Lead change management committee for reviewing, approving, and implementing changes and ensuring security controls, configurations are updated and maintained. Foster open communication and collaboration among stakeholders, creating forums for dialogue to facilitate decision-making and address concerns related to change initiatives. Experience/Required skills: Strong leadership and management skills are essential for effectively leading a team of security professionals. Proficiency in risk management is necessary for identifying, assessing, and mitigating information security risks. In-depth knowledge of security architecture and design is necessary for developing and implementing robust security controls. Expertise in security operations is essential for monitoring, detecting, and responding to security threats and incidents. A comprehensive understanding of compliance and regulatory requirements is crucial for ensuring that the organization's security practices align with relevant standards and regulations. Excellent communication and presentation skills are needed for effectively conveying complex security concepts to non-technical stakeholders. Strategic planning and execution skills are essential for developing and implementing a comprehensive information security strategy aligned with business objectives. Proficiency in vendor management is necessary for evaluating and selecting security vendors and managing vendor relationships effectively. Strong team building, and development skills are crucial for fostering a collaborative and high-performing security team. Desired Experience and Abilities: Proficiency in analyzing, evaluating security threats and vulnerabilities, as well as assessing the potential impact on the organization. Extensive experience in conducting thorough risk assessments, vulnerability assessments, and penetration testing to identify and prioritize security risks. Ability to architect and integrate security solutions into the organization's infrastructure, ensuring the confidentiality, integrity, and availability of information assets. Commitment to staying updated on emerging security threats, trends, and technologies. Ability to adapt to evolving security challenges and requirements, proactively adjusting security strategies and tactics to address new threats and vulnerabilities. Provide strategic risk guidance for IT projects, including the evaluation and recommendation of technical controls. Coordinate information security and risk management projects with resources from the IT organization and business unit teams. Familiarity with cybersecurity principles, tools, and best practices. Qualifications Bachelor's degree in Computer Science, Information Technology, Information Systems or a related field; Master's degree preferred. Minimum of 10 years of progressive experience in information security, with 5 years of leadership or managerial experience. Proven track record of developing and implementing information security strategies and initiatives in alignment with NIST Cybersecurity Framework. Experience with conducting risk assessments, vulnerability assessments, and developing risk mitigation strategies. Excellent leadership and communication skills, with the ability to collaborate effectively with cross-functional teams and influence stakeholders at all levels of the organization. Strong analytical and problem-solving abilities, with a keen attention to detail and the ability to prioritize and manage multiple tasks simultaneously. In-depth knowledge of cybersecurity principles, technologies, and best practices. Strong understanding of regulatory requirements and compliance frameworks. Excellent leadership, communication, and stakeholder management skills. Relevant certifications such as CISSP, CISM, or CRISC are highly desirable. Experience with security compliance frameworks (e.g., CIS, NIS CSF, NIST RMF, ISO 27001) is a plus. Additional Information Salary Range: $120,000 - $130,000 Starting salary to be determined based on experience and qualifications. Important: To apply, candidates must provide a cover letter and a resume. SPECIAL REQUIREMENTS: Must be a Philadelphia resident. Successful candidate must be a city of Philadelphia resident within six months of hire. Candidate must pass a background check. PHYSICAL AND MENTAL DEMANDS: Position requires a high level of mental concentration and commitment. Discover the Perks of Being a City of Philadelphia Employee: • We offer Comprehensive health coverage for employees and their eligible dependents • Our wellness program offers eligibility into the discounted medical plan • Employees receive paid vacation, sick leave, and holidays • Generous retirement savings options are available • Pay off your student loans faster - As a qualifying employer, City of Philadelphia employees are eligible to participate in the Public Service Loan Forgiveness program. Join the ranks of hundreds of employees who have already benefited from this program and achieved student loan forgiveness. • Enjoy a Free Commute on SEPTA - Starting September 1, 2023, eligible City employees will no longer have to worry about paying for SEPTA public transportation. Whether you're a full-time, part-time, or provisional employee, you can seize the opportunity to sign up for the SEPTA Key Advantage Program and receive free Key cards for free rides on SEPTA buses, trains, trolleys, and regional rails. • Unlock Tuition Discounts and Scholarships - The City of Philadelphia has forged partnerships with over a dozen esteemed colleges and universities in the area, ensuring that our employees have access to a wide range of tuition discounts and scholarships. Experience savings of 10% to 40% on your educational expenses, extending not only to City employees but in some cases, spouse and dependents too! Join the City of Philadelphia team today and seize these incredible benefits designed to enhance your financial well-being and personal growth! *The successful candidate must be a city of Philadelphia resident within six months of hire Effective May 22, 2023, vaccinations are no longer required for new employees that work in non-medical, non-emergency or patient facing positions with the City of Philadelphia. As a result, only employees in positions providing services that are patient-facing medical care (ex: Nurses, doctors, emergency medical personnel), must be fully vaccinated. The City of Philadelphia is an Equal Opportunity employer and does not permit discrimination based on race, ethnicity, color, sex, sexual orientation, gender identity, religion, national origin, ancestry, age, disability, marital status, source of income, familial status, genetic information or domestic or sexual violence victim status. If you believe you were discriminated against, call the Philadelphia Commission on Human Relations at ************ or send an email to [email protected].

The Director - Information Security is a "CISO" type role. This is the role of a strategic leader responsible for establishing and maintaining the enterprise vision, strategy, and program to ensure information assets and technologies are adequately protected. This role will report directly to the CIO and will be responsible for directing staff in identifying, developing, implementing, and maintaining processes across the organization to reduce information and information technology (IT) risks, respond to incidents, establish appropriate standards and controls, manage security technologies, and direct the establishment and implementation of policies and procedures. Leads company's IT technological strategies in support of the company's mission and core objectives, providing leadership, vision, and management of IT Teams. Ensures the effective operation of all IT systems and functions. Accountable for the management, mentoring, and career development of the IT staff members. PRIMARY RESPONSIBILITIES Strategic Planning and Financial Oversight Develops and maintains a culture of security that emphasizes the enterprise-wide responsibility for ALL COMPANY employees. Develops and maintains a comprehensive cloud security strategy aligned with the organization's overall security objectives and the larger organizational cloud strategy. Assures the alignment of IT and business strategy with particular focus on thought leadership and innovation. Must be able to design and execute multi-year road maps in order to transform COMPANY environment and collaborate with COMPANY, SBR and copany entities for technological efficiencies. Develops strategic annual and long-term business plans and operational budgets for responsible IT areas. Tracks implementations to ensure financial and service targets are met according to timelines. Leadership and Operations Management Creates a security strategy and roadmap to drive the organization towards a more secure future. Directs and manages IT Department activities and operations. Leads multiple teams of various levels of employees and consultants through the prioritization and implementation of project-related activities. Provides motivational career development and assessment of team members. Fosters and encourages a diverse, inclusive team. Service Delivery and Stakeholder Management Drives the incident response plan for the organization enrolling leadership to follow a well-rehearsed plan when a cyber event occurs. Oversees and negotiates service level agreements with internal and external stakeholders. Tracks service delivery to ensure agreed targets and standards are met. Directs relationships with vendors and ensures that vendors meet COMPANY business objectives/objectives, SLAs, and deliverables in a timely manner and within budget guidelines. Interacts with major suppliers, overseeing RFPs, bids, contracts, and service agreements. Project Planning and Resource Allocation Directs the design and implementation of security solutions that are secure, scalable, reliable, and cost-effective. Determines the value and ROI of every IT-related project. Prioritizes the scheduling and implementation of major IT projects to ensure the efficient utilization of resources. Identifies IT resources required to meet defined business objectives. Develops and defends opportunities for continuous creative improvement of processes and systems. Acts as a change agent for new technologies and processes in the COMPANY environment. Oversees the creation and maintenance of policies and procedures that protect the organization's computing infrastructure and data. Policy Development and Implementation Collaborates with Legal and Government Relations/Compliance teams to ensure compliance with relevant laws, regulations, and policies. Advocates for changes in other departments' practices to ensure compliance with security policies. Directs the planning, production, and implementation of information and for COMPANY technology-related systems policies, procedures, and regulations. QUALIFICATIONS Demonstrated senior-level IT management experience, adept at shaping and executing complex IT strategies. Executive presence in gaining consensus across all parties. Proven track record managing budgets ranging from $4 million to $10 million, showcasing financial acumen in IT operations. Proficiency in articulating intricate technical concepts to non-technical stakeholders in a clear concise manner. Proficient in leading multiple IT disciplines, including software development, technical support, and systems architecture, showcasing adept project management skills. In-depth understanding of computer systems, applications, operating systems, and robust knowledge of data security protocols. Ability to ensure all systems are secured at all times. Strong negotiation skills and a collaborative approach in dealings with third-party IT business partners. Critical Thinking and Decision-Making (proficiency: High): Advanced decision-making and problem-solving skills, essential for navigating complex IT landscapes and quickly addressing challenges.

Data Intelligence, LLC (DI) is seeking a qualified and experienced Information Systems Security Officer III to support the Naval Surface Warfare Center (NSWC) in Philadelphia, PA. The successful candidate will be responsible for coordinating security efforts to ensure the safety and integrity of classified and unclassified information systems and assist in maintaining a secure operating environment. This position requires a strong understanding of cybersecurity protocols, as well as the ability to coordinate and implement security measures to meet the specific needs of the organization. **This position is contingent upon award of contract** Key Responsibilities: Collaborate with various levels of the organization to implement required security changes and ensure compliance with established security policies and standards. Conduct comprehensive cybersecurity vulnerability and threat assessments to identify and mitigate risks to information systems. Lead cyber-incident-response efforts, including isolating affected systems, conducting initial investigations, collecting relevant data, and providing status updates and reports to leadership. Provide guidance on best practices and recommend improvements to the organization's security posture. Perform risk assessments and develop mitigation strategies to protect sensitive data from internal and external threats. Support continuous monitoring of information systems and provide regular status reports on security compliance. Maintain up-to-date knowledge of emerging cybersecurity threats and industry best practices. Required Skills/Experience: Bachelor's degree in Computer Science, Information Technology, Communications Systems Management, or an equivalent science, technology, engineering, and mathematics (STEM) field. A minimum of 6 years of relevant experience in cybersecurity or information systems security. Prior experience supporting Navy programs. Current IAM Level II certification (or higher) in accordance with DoD 8570.01-M. At least a Secret-level security clearance is required, with the ability to obtain higher-level clearance if necessary. Proficiency in cybersecurity frameworks, risk management processes, and security controls. Strong analytical and problem-solving skills with attention to detail. Excellent communication and interpersonal skills, with the ability to work effectively with a diverse team. Preferred Qualifications: Experience with DoD security requirements and systems. Familiarity with NIST, RMF, and other relevant cybersecurity standards. Ability to work in a potentially remote environment with occasional on-site requirements. Why Work with Data Intelligence, LLC? At Data Intelligence, LLC, we are committed to delivering cutting-edge technology solutions and security expertise to our government clients. Our team members play an integral role in the development and protection of critical national security systems. Join our team and contribute to the defense of vital information assets while advancing your career in a collaborative and rewarding environment. About Us: Data Intelligence, DI is an established small business that has supported the critical missions of our government clients since 2005. We provide full life cycle system development, systems engineering, cybersecurity, and supporting analytical and logistics support to C4ISR and other complex systems. We are an equal opportunity employer that offers competitive salaries, comprehensive benefits, a team-oriented environment, and opportunities for advancement. Our excellent employee retention record reflects our employee focus. We work with Veteran's organization to proactively hire those who have served our country. We offer medical, dental and vision insurance, 401k, PTO and 11 paid holidays. Data Intelligence is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, age, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status. Data Intelligence, DI is an established small business that has supported the critical missions of our government clients since 2005. We provide full life cycle system development, systems engineering, cybersecurity, and supporting analytical and logistics support to C4ISR and other complex systems. We are an equal opportunity employer that offers competitive salaries, comprehensive benefits, a team-oriented environment, and opportunities for advancement. Our excellent employee retention record reflects our employee focus. We work with Veteran's organization to proactively hire those who have served our country. We offer medical, dental and vision insurance, 401k, PTO and 11 paid holidays. Data Intelligence is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, age, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.

PagerDuty empowers teams of all kinds to do the critical work that moves business forward through the PagerDuty Operations Cloud. Visit our careers site (*********************************** to explore life at PagerDuty, discover opportunities, and sign-up for job alerts! As our **Senior Security Risk & Compliance Specialist** you will drive, design, and coordinate our Security Compliance Program to ensure customer trust, and fuel PagerDuty's expansion into global enterprise markets. You will partner across organizational teams as a Security Compliance SME, coordinating with business and technical stakeholders to meet the demands of our global market. **How You Contribute to Our Vision: Key Responsibilities** + Support the Customer Trust programs, including maintaining current and accurate customer documentation to support security responses to customer questions and customer audits; partnering with internal and external stakeholders for the Third Party Risk Program around vendor on-boarding, and vendor risk assessments. + Knowledge of compliance and regulatory frameworks and processes, including aligning policies to regulatory and business requirements; help teams design controls, automation, and reports to meet compliance requirements. + Administration of both general and program specific internal security education and awareness programs. + Oversees information security risk assessments, directing the development and operational effectiveness of IT security controls, along with risk tracking and management. + Monitor investigations and documentation of cybersecurity compliance issues and incidents. Review information security risk findings and non-compliance with business leaders and propose solutions to mitigate risks. **Basic Qualifications** + 4+ years of Security risk or compliance experience in a tech environment, with **credible experience and** demonstrable success managing regulatory and client audits in at least one of the following compliance programs: ISO27001, FedRAMP, SOC2 + Background of implementing a Security Risk program + Experience with security training and education program administration + Experience redlining security language for legal agreements. + Ability to work on various priorities simultaneously, with a strong bias towards action. Leveraging great written and verbal communication skills to facilitate great stakeholder management and client experience for internal and external customers. **Preferred Qualifications** + Experience with Third Party Risk Management + Experience with metrics-driven reporting including dashboards and status report generation and a focus on process improvement (automation, single pane of glass, continuous improvement) + Familiarity with Cloud Native and SaaS constructs including architectures, DevOps, CI/CD, SecOps disciplines + Able to support the development of program roadmaps, partnering with stakeholders in engineering, program managers and business owners to develop related project plans and timelines. + Familiarity with contemporary project, RFP, risk and issue management tools (such as SecurityPal, UpGuard and Hyperproof). A good understanding of platforms such as Monday.com, Jira and Slack. The base salary range for this position is 117,000 - 184,000 USD. This role may also be eligible for bonus, commission, equity, and/or benefits. Our base salary ranges are determined by role, level, and location. The range, which is subject to change based on primary work location, reflects the minimum and maximum base salary we expect to pay newly hired employees for the position. Within the range, we determine pay for an individual based on a number of factors including market location, job-related knowledge, skills/competencies and experience. Your recruiter can share more about the specific offerings for this role, as well as the salary range for your primary work location during the hiring process. **Not sure if you qualify?** Apply anyway! We extend opportunities to a broad array of candidates, including those with diverse workplace experiences and backgrounds. Whether you're new to the corporate world, returning to work after a gap in employment, or simply looking to take the next step in your career path, we are excited to connect with you. **Where we work** PagerDuty currently has offices in Atlanta, Lisbon, London, San Francisco, Santiago, Sydney, Tokyo, and Toronto. We offer a hybrid, flexible workplace. We also provide ample opportunities for in-person and virtual connection, like team offsites and volunteering events. **How we work** Our values are deeply embedded in how we operate and the people we bring on board. You will see our values ingrained in how we support our customers, collaborate with our colleagues, develop our products and foster an inclusive and empathetic work culture. + Champion the Customer | Put users first to design great products and experiences. + Run Together | Build strong teams that amplify our impact on users. + Take the Lead | Disrupt and invent to be the first choice for users. + Ack + Own | Take ownership and action to deliver more efficiently to users. + Bring Your Self | Bring your best self to build empathy and trust with users. **What we offer** **One way we ensure our employees are inspired to do their best is through a comprehensive total rewards approach that supports them and their loved ones. As a global organization, our programs are competitive with industry standards and aligned with local laws and regulations. Learn more, including country-specific offerings, on our** benefits site (********************************************** **.** **Your package may include:** + Competitive salary + Comprehensive benefits package from day one + Flexible work arrangements + Generous paid vacation time + Paid holidays and sick leave + Dutonian Wellness Days - scheduled company-wide paid days off in addition to PTO + Company equity* + ESPP (Employee Stock Purchase Program)* + Retirement or pension plan* + Paid parental leave - up to 22 weeks for pregnant parent, up to 12 weeks for non-pregnant parent (some countries have longer leave standards and we comply with local laws)* + HibernationDuty - an annual company paid week off when everyone at PagerDuty, with the exception of a small, coverage crew, is asked to take a much needed break to truly disconnect and recharge + Paid volunteer time off - 20 hours per year + Company-wide hack weeks + Mental wellness programs _*Eligibility may vary by role, region, and tenure_ **About PagerDuty** PagerDuty, Inc. (NYSE:PD) is a global leader in digital operations management. The PagerDuty Operations Cloud revolutionizes how critical work gets done, and powers the agility that drives digital transformation. Customers rely on the PagerDuty Operations Cloud to compress costs, accelerate productivity, win revenue, sustain seamless digital experiences, and earn customer trust. More than half of the Fortune 500 and more than two thirds of the Fortune 100 trust PagerDuty including Cisco, Cox Automotive, DoorDash, Electronic Arts, Genentech, Shopify, Zoom and more. Led by CEO Jennifer Tejada, PagerDuty's Board of Directors is 50% female and 62% URP representation. We strive to build a more equitable world by investing 1% each of company equity, product, and employee volunteer time. PagerDuty is Great Place to Work-certified, a Fortune Best Workplace for Millennials, a Fortune Best Medium Workplace, a Fortune Best Workplace in Technology, and a top rated product on TrustRadius and G2. Go behind-the-scenes on our careers site (*********************************** and @pagerduty on Instagram. **Additional Information** PagerDuty is committed to creating a diverse environment and is an equal opportunity employer. PagerDuty does not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, parental status, veteran status, or disability status. PagerDuty is committed to providing reasonable accommodations for qualified individuals with disabilities in our job application process. Should you require accommodation, please email accommodation@pagerduty.com and we will work with you to meet your accessibility needs. PagerDuty uses the E-Verify employment verification program.

Schedule: 11 pm - 7 am, 5 days/wk Rate: $19.10/hr. Primary Function: The Guest and Protection Services Senior Specialist plays a key role in front-line operations by providing the team with constant visual surveillance information and access control to help provide an exceptional guest and staff experience, as well as to ensure the safety and protection of the collection and the Foundation's buildings and grounds. The Senior Specialist provides a best-in-class experience to every person who works in and visits our institution. This includes engaging guests in conversation about the collection and the Foundations history, answering questions, enforcing rules, looking out for suspicious behavior, and maintaining the integrity of our back of house spaces and processes. Guest and Protection Services Senior Specialists are part of a team that are truly the face of the Barnes Foundation and work under the direction of the Assistant Director of Guest and Protection Services to ensure a visit to the Barnes is informative, friendly, respectful and safe. Job Qualifications Education/Training/Experience: Two (2) to three (3) years of any combination of training or experience in security or protection services, customer/guest services, hospitality, or event management. High School diploma or equivalent education and experience. Must have a pleasant demeanor and a genuine interest in communication with members of staff and the public. Outgoing personality with excellent interpersonal skills. Demonstrates strong attention to detail with excellent observational and reasoning skills. Ability to understand and apply a significant amount of detailed information. Shows a demonstrated ability to multi-task. Ability to be a calm presence during periods of high volume, stress, or unusual events. Proficiency in digital tools including patrol scanning devices, modern communication tools, and building security and access control systems, ticket scanners, tour devices, and the Barnes App. Knowledge or interest in art, protection and safety. Art background/interest a plus. Must be able to engage guests in conversational English; bilingual or multilingual skills a plus. Highly organized. Must have a flexible schedule with the ability to work weekends and holidays. Physical Activities to Perform Essential Functions: To perform this job successfully, an individual must be able to perform each essential job duty satisfactorily. Reasonable accommodations may be made to enable qualified individuals with disabilities to perform essential job functions. Moving: Ability to stand and walk for 8-hour shifts with minimal rest breaks. Ability to occasionally transport up to 25 lbs. of files, equipment or supplies. Ability to move to access files, equipment or supplies. Vision Requirements: Continual use of computers and display screens. Communication Requirements: Clearly communicate in person, by phone, and by video conference. Communicate with others in conversational and written English. Working Conditions: Position operates in the foundation's buildings and on the foundation's grounds at the Philadelphia campus. Position requires extended time on the computer. Job Responsibilities: Ensure that the building and grounds are welcoming and safe for visitors and guests. Oversees the safety and protection of the Foundation's collection, property, and grounds by enforcing Foundation rules and regulations. Upholds all Barnes service, protection, and communication policies. Monitors the building and collection utilizing building video, security and access control systems. Provides access control to the facility, managing who enters and exits. When assigned, continuously monitors service yard and controls loading dock activity. Superior level customer service ability; acts as a concierge providing information and advice to guests and staff on foundation policies in front and back of house. Will interact with guests, employees, board members, potential clients, event attendees, site contractors, vendors, and other partners. Engages with guests on the Foundation's history, collection, programs, events, classes, and amenities. Coordinates guest services such as coat check, tour device preparation, and visitation collateral. Upholds protection policies in public spaces and ensures visitor compliance. Monitors guest behavior and reports anything unusual to his/her supervisor. Manages the VIP process making sure our special guests are greeted, parties being visited are notified promptly, if necessary, and the overall experience at the Barnes Foundation is exceptional. Handles challenging situations with the public quickly and effectively, with skill and professionalism. Performs bag inspection to prevent prohibited items from entering the building. Conducts continuous tours of both the interior and exterior of the building, inspecting areas for potential hazards, mechanical failures, and other abnormalities. Provide pertinent information to supervisor for any issues or concerns that have significance and would need their attention. Continuously expands required knowledge of facility including services, collection, exhibitions, safety, protection and actively participating in trainings. Ability to observe and report out of the ordinary circumstances based on working knowledge. Completes required reports, logs, and journals as needed. Serve as a critical member of the emergency response team, providing guidance and help to guests and information to the supervisor on duty for emergency situations including fire, theft, damage and protest. Supports other Guest and Protection Services staff in their duties. Adheres to and follows Foundation policies, including those regarding attendance, punctuality and dress code. Performs other duties as assigned. Organization-Wide Competencies: 1. Accountability: a. Prepares for work assignments and meetings, b. Conducts thorough fact-finding, decision-making and/or follow through, c. Admits mistakes and errors and informs others when one is not able to meet a commitment. 2. Job Quality: a. Dependably demonstrates job knowledge necessary for the position, b. Produces timely, accurate, high quality work output, c. Prioritizes work responsibilities effectively and produces work quantity expected for the role. 3. Service: a. Identifies problems and collaborate with others to devise and create effective solutions. b. Interacts and communicates with fellow employees in a manner that promotes a harmonious and cooperative working environment in accordance with our Core Values. c. Facilitates open communication and keeps an open mind about new ideas. 4. Leadership: a. Sets a good example for others, b. Demonstrates ethical decision-making and communication, c. Makes decisions. Uses a solution-oriented, collaborative approach. 5. Collaboration: a. Seeks win-win outcomes in decision-making, b. Shows a proactive, inclusive, helpful, and respectful attitude to colleagues, guests and others, c. Takes initiative to contribute to diversity, equity, inclusion, and accessibility initiatives.

Director, Information Security Time Type: Full time and Qualifications: The Director, Information Security assists the CISO in developing an information security vision and strategy that is aligned to organizational priorities. They will manage the day to day operations and staff of the Information Security department. This area focuses on identity and access management, GRC (governance, risk and compliance) as well as network security/operations. They will assist the CISO in the management and coordination of security standards, along with implementation and execution to ensure compliance to security standards and policies and provide expertise in managing audits, vulnerability remediation and incident response. They will assist in managing the University information security awareness program and promote best practices in security and compliance management.Note to applicants: In the Resume/CV upload field, please submit a resume, a cover letter, and 3 references that can speak to your direct experience in information security and management Essential Duties & Responsibilities Manages the day to day operations and staff of the Information Security department. This area focuses on identity and access management, GRC (governance, risk and compliance) as well as network security/operations. Assists the IAM Analyst with the management of the security awareness program to ensure that there is an appropriate awareness of information security and safe computing practices across the University. Provides support in managing vendor relationships pertaining to information security, including the formal review of university contracts which have technology components. Using a vendor questionnaire, assesses each vendor's overall capabilities including infrastructure, controls, security practices, regulatory compliance, ability to protect University information assets, etc. Issue a security opinion on the suitability of each vendor. Provides support in investigating and assessing security incidents in collaboration with technology managers in IT, and in partnership with the Office of General Counsel. Responds to alleged policy violations and complaints received from external parties. Documents findings via a formal security incident report. Serves as the backup point of contact for security threats, potential breaches, and privacy issues, including matters involving law enforcement. Works with internal and external auditors and agencies on security and compliance matters, including incident response. Assists the IT Audit Analyst in developing a strategy for addressing audits, assessments and compliance efforts. Assists the CISO in establishing annual and long term security and compliance goals. Creates and implements security strategies, metrics, and reporting processes. Develops, maintains, promotes and enforces data management and information security policies, standards, guidelines, and procedures, including those for end users, system and application administrators, service providers, and legal/regulatory compliance. Assists in developing communication and education initiatives around the awareness of information security risks as well as mitigation strategies and protections that are in place at the university. Understands and interacts with IT advisory councils, administrative and academic units through committees, to ensure the development of and consistent application of policies and standards across technology projects, systems and services, including privacy, risk management, compliance and business continuity management. Works collaboratively with others to conduct risk assessments and business impact analysis to identify vulnerabilities and risk exposure. Where risks have been identified, provides recommendations on managing that risk, including acceptance, avoidance, transference, and mitigation techniques to minimize potential impact on the university. Keeps current with emerging governmental regulatory initiatives and security alerts and issues which could have an impact on the university environment. Provides guidance, planning, and monitoring for compliance with various industry requirements (e.g. FERPA, , HIPAA, PCI), which impact the way in which various systems are implemented. Prepares and submits required reports to external agencies. Direct supervisor for: Identity Access Management Analyst; IT Audit Analyst; Graduate Assistant as funding permits; and future incumbents as identified by the University Minimum Qualifications Bachelor's degree, preferably in computer science, OR an equivalent combination of education, training and experience. Minimum of 6 years of progressive professional experience with information technology, including 3 years minimum in a formal information security position (i.e Identity and Access management, Risk Management, Privacy, etc.) with 3 years minimum of management experience. Strong written, oral communication, and presentation skills. Ability to communicate technical/security information effectively to individuals with varying degrees of experience and skill. Experience working with compliance and regulatory matters such as FERPA, PCI, HIPAA and HEOA. Experience and knowledge of NIST, GLBA and GDPR. Superior troubleshooting and problem solving skills. Experience in writing security policies and related documents. Ability to work independently and with others in a collaborative environment. Demonstrated ability to work and effectively manage multiple work streams while meeting internal deadlines. Preferred Microsoft experience - Azure, Security, IAM, CASB, SSO, MFA. Certified Information Systems Security Professional (CISSP) OR Certified Information Security Manager (CISM) OR Certified Information Systems Auditor (CISA). Any Microsoft “SC” specific certifications. Experience with contract and vendor vetting, negotiations and document reviews. Experience working with General/External Counsel and Law enforcement agencies. Physical Requirements Will require long periods of work at a computer This position may be eligible for a flexible work arrangement per the University's guidelines and meeting performance expectations Unusual Work Hours Will require occasional evening and weekend hours. Must be available to respond to emergencies on a 7x24 basis and participate in the IT On Call process Saint Joseph's University is a private, Catholic, Jesuit institution and we expect members of our community to be knowledgeable about - and to make a positive contribution to - our mission. Saint Joseph's University is an equal opportunity employer that seeks to recruit, develop and retain a talented and diverse workforce. The University is committed to the diversity of its faculty and staff so that our students, our disciplines and our community as a whole can benefit from the multiple perspectives it offers. The University seeks qualified candidates who share our commitment to equity, diversity and inclusion. EOE Saint Joseph's University prohibits discrimination on the basis of sex in its programs and activities, including admission and employment, in accordance with Title IX of the Education Amendments of 1972. The Title IX Coordinator is responsible for overseeing compliance with Title IX and other civil rights laws and regulations. To contact the Title IX Coordinator, e-mail ***************, visit Campion Student Center suite 243, or call ************. To learn more about the University's Title IX policies, the process for filing a report or formal complaint of sex discrimination, sexual harassment, or other form of sexual misconduct, and the University's response to reports and/or formal complaints, please visit ******************** Inquiries may also be directed to the Federal agency responsible for enforcing Title IX, the U.S. Department of Education Office for Civil Rights.

Ask IT Consulting Inc, backed by a $500 million Microtek group company, provides an industry leading blend of technology, business consulting, and outsourcing services. Ask IT is a minority-owned enterprise; it has been founded on providing the highest quality possible and on the devotion to customer satisfaction. ASK IT consulting is an equal opportunity employer, which is a global staffing, consulting and technology solutions company, offering industry-specific solutions to fortune 500 clients and worldwide corporations. Job Description The Information Security Specialist (ISS) is responsible for developing and documenting information security policies and standards, in addition to planning, coordinating, and implementing security measures for information systems. Years of Relevant Experience: 5 plus years Preferred Education 4 year college degree or equivalent technical study • -Define, develop and implement information security & risk management policies, procedures & best practices to comply with industry standards • -Develop plans to safeguard computer files against accidental or unauthorized • modification, destruction, or disclosure and to meet emergency data processing • needs. Monitor use of data files and regulate access to safeguard information in • computer files. • -Document and maintain a repository with version control of all policies, procedures and best practices • -Perform compliance reviews, risk management functions, test executions and encryptions for application and infrastructure service levels • -Monitor use of data files and safeguard computer files against authorized access and unauthorized access • -Modify computer security files to incorporate new software, correct errors or access changes • -Perform risk assessments and execute tests of data processing system to ensure • functioning of data processing activities and security measures. • -Encrypt data transmissions and erect firewalls to conceal confidential information as it • is being transmitted and to keep out tainted digital transfers. • -Identify and track issues, risks and action items. • -Document information security policies, standards, and procedures spanning and • encompassing the range of topics such as organization security, asset ID and • classification, personal security, communications and operations management, • access control, system development and maintenance, business continuity • management, and compliance. • -Confer with users to discuss issues such as computer data access needs, security • violations, and programming changes. • -Train users and promote security awareness to ensure system security and to • improve server and network efficiency. Qualifications Prior experience in the following are essential for the role: • Websense 7.8 • E policy Orchestrator 4.6 • Mc Afee email gateway (MEG) 7.6 • Airwatch 8.0.6.0 Additional Information If you are interested in finding out more about opportunities near you, if you are in need of a staffing firm such as ours, or if you just have a question regarding your resume and career path, please email me at ryanaskitc.com

Sr. ISSO Employment Type: Full-Time, Experienced Department: Information Technology CGS is seeking an Information Systems Security Officer (ISSO) with DIACAP and/or RMF experience who has deep expertise in security assessment documentation to support Dept. of Commerce systems and efforts to achieve their Authorization to Operate (ATO). This position is located at the client site in the Herbert Hoover building in Washington, DC. The scope of this position includes full life-cycle Assessment and Authorization (A&A) management through all 6 Steps of the RMF process in support of the Government ISSM.In this role, you'll conduct security assessment, and information system security oversight activities in accordance with NIST 800.53 that support systems from the perspective RMF requirements. CGS brings motivated, highly skilled, and creative people together to solve the government's most dynamic problems with cutting-edge technology. To carry out our mission, we are seeking candidates who are excited to contribute to government innovation, appreciate collaboration, and can anticipate the needs of others. Here at CGS, we offer an environment in which our employees feel supported, and we encourage professional growth through various learning opportunities. Skills and attributes for success: - Review systems to identify potential security weaknesses and recommend improvements to amend vulnerabilities, implement changes, and document upgrades. - Maintain responsibility for managing cybersecurity risk from an organizational perspective. - Identify organizational risks, prioritize those risks, and maintain a risk registry for escalating and presenting those risks to senior leadership. - Provide security guidance and IS validation using the National Institute of Standards and Technology (NIST) RMF, DoC, and local security policies. - Providing configuration management (CM) recommendations for information system security software, hardware, and firmware and coordinating changes and modifications with the ISSM, Security Control Assessor (SCA), and Authorizing Official (AO). - Maintain vulnerability scanning tool compliance, such as HBSS or ACAS, and patch management, such as IAVM to ensure IT staff pushes patches to all systems in an effort to maintain compliance with all applicable directives, manage system changes, and assess the security impact of those changes. - Support security authorization activities, including transitioning from the legacy Information Assurance Certification and Accreditation Process (DIACAP) to compliance with the DoC RMF. - Provide subject matter expertise for cyber security and trusted system technology. - Apply advanced technical knowledge and analysis of specialized functional areas in task requirements to develop solutions to complex problems. - Research, write, review, disposition feedback, and finalize recommendations regarding cyber security policy, assessment and authorization assessments (A&As), security test and evaluation reports, and security engineering practices and processes. - Conduct research and write risk assessment reports to include risk thresholds, evaluation, and scoring. - Support analysis of the findings and provide expert technical guidance for mitigation strategies, including implementation advice on the cyber security risk findings, and other complex problems. Qualifications: - Bachelor's Degree. - A minimum of five (5) years experience as an Information Assurance (IA) Analyst, ISSE, ISSO, or similar role in ATO package development, including generating security documentation for requirements, security control assessment, STIG and IAVA compliance, Standard Operating Procedures, test results, etc. - eMASS experience. - Professional security certification such as: CCNA Security, CySA+, GICSP, GSEC, CompTIA Security+ CE, SSCP, or higher. - Strong desktop publishing skills using Microsoft Word and Excel. - Experience with industry writing styles such as grammar, sentence form, and structure. - Ability to multi-task in a deadline-oriented environment. Ideally, you will also have: - CISSP, CASP, or a similar certificate is preferred. - Master's Degree in Cybersecurity or related field. - Strong initiative, detail orientation, organizational skills, and aptitude for analytical thinking. - Demonstrated ability to work well independently and as a part of a team. - Excellent work ethic and a high commitment to quality. Our Commitment: Contact Government Services (CGS) strives to simplify and enhance government bureaucracy through the optimization of human, technical, and financial resources. We combine cutting-edge technology with world-class personnel to deliver customized solutions that fit our client's specific needs. We are committed to solving the most challenging and dynamic problems. For the past seven years, we've been growing our government contracting portfolio, and along the way, we've created valuable partnerships by demonstrating a commitment to honesty, professionalism, and quality work. Here at CGS we value honesty through hard work and self-awareness, professionalism in all we do, and to deliver the best quality to our consumers mending those relations for years to come. We care about our employees. Therefore, we offer a comprehensive benefits package. Health, Dental, and Vision Life Insurance 401k Flexible Spending Account (Health, Dependent Care, and Commuter) Paid Time Off and Observance of State/Federal Holidays Contact Government Services, LLC is an Equal Opportunity Employer. Applicants will be considered without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Join our team and become part of government innovation! Explore additional job opportunities with CGS on our Job Board: ************************************* For more information about CGS please visit: ************************** or contact: Email: ******************* $118,560 - $171,253.33 a year

Data Intelligence, LLC (DI) is searching for a full time RMF Specialist supporting NSWC Philadelphia, PA (Potentially Remote). is contingent upon award of contract** Job Responsibilities Implement and review RMF and A&A lifecycle documentation in accordance with DON, DoD, NIST SP-800-37, and SP-800-53 Rev 4 policies Ensure/validate the confidentiality, integrity, and availability of systems, networks, and information Conduct risk and vulnerability reviews and assessments to ensure accreditation procedures were followed, and documenting non-compliance. Required Skills/Experience Bachelor's degree in computer science, information technology, or an equivalent technical degree from an accredited college or university. Five (5) years' practical experience in a cybersecurity or assessment and authorization (A&A) related field. Prior experience supporting Navy programs. At least a secret level security clearance. Current IAM Level I certification (or higher). Data Intelligence, DI is an established small business that has supported the critical missions of our government clients since 2005. We provide full life cycle system development, systems engineering, cybersecurity, and supporting analytical and logistics support to C4ISR and other complex systems. We are an equal opportunity employer that offers competitive salaries, comprehensive benefits, a team-oriented environment, and opportunities for advancement. Our excellent employee retention record reflects our employee focus. We work with Veteran's organization to proactively hire those who have served our country. We offer medical, dental and vision insurance, 401k, PTO and 11 paid holidays. Data Intelligence is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, age, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.

Schedule: 11 pm - 7 am, 5 days/wk Rate: $19.10/hr. Primary Function: The Guest and Protection Services Senior Specialist plays a key role in front-line operations by providing the team with constant visual surveillance information and access control to help provide an exceptional guest and staff experience, as well as to ensure the safety and protection of the collection and the Foundation's buildings and grounds. The Senior Specialist provides a best-in-class experience to every person who works in and visits our institution. This includes engaging guests in conversation about the collection and the Foundations history, answering questions, enforcing rules, looking out for suspicious behavior, and maintaining the integrity of our back of house spaces and processes. Guest and Protection Services Senior Specialists are part of a team that are truly the face of the Barnes Foundation and work under the direction of the Assistant Director of Guest and Protection Services to ensure a visit to the Barnes is informative, friendly, respectful and safe. Job Qualifications Education/Training/Experience: Two (2) to three (3) years of any combination of training or experience in security or protection services, customer/guest services, hospitality, or event management. High School diploma or equivalent education and experience. Must have a pleasant demeanor and a genuine interest in communication with members of staff and the public. Outgoing personality with excellent interpersonal skills. Demonstrates strong attention to detail with excellent observational and reasoning skills. Ability to understand and apply a significant amount of detailed information. Shows a demonstrated ability to multi-task. Ability to be a calm presence during periods of high volume, stress, or unusual events. Proficiency in digital tools including patrol scanning devices, modern communication tools, and building security and access control systems, ticket scanners, tour devices, and the Barnes App. Knowledge or interest in art, protection and safety. Art background/interest a plus. Must be able to engage guests in conversational English; bilingual or multilingual skills a plus. Highly organized. Must have a flexible schedule with the ability to work weekends and holidays.