Security Architect Jobs in West Valley City, UT

L3Harris is dedicated to recruiting and developing high-performing talent who are passionate about what they do. Our employees are unified in a shared dedication to our customers mission and quest for professional growth. L3Harris provides an inclusive, engaging environment designed to empower employees and promote work-life success. Fundamental to our culture is an unwavering focus on values, dedication to our communities, and commitment to excellence in everything we do. L3Harris Technologies is the Trusted Disruptor in the defense industry. With customers mission-critical needs always in mind, our employees deliver end-to-end technology solutions connecting the space, air, land, sea and cyber domains in the interest of national security. Job Title: Lead, Information Security Systems Engineer Job Location: Salt Lake City-UT Job Code:22061 Job Schedule:9/80Employees work 9 out of every 14 days totaling 80 hours worked and have every other Friday off Position Overview: Are you ready to take your career to the next level? Join our dynamic team where work/life balance is not just a promise, but a reality. We believe in fostering a supportive and collaborative environment that prioritizes your well-being and professional growth. With access to experienced mentors and a culture that encourages continuous learning, you'll have the opportunity to expand your skills and advance your career. If you're passionate about making an impact and eager to grow alongside talented professionals, we invite you to apply and become a valued member of our team. We are lookingfor a highly motivated Information Security Systems Engineerto join our dynamic team supporting the Department of Defense. As a member of the project team, you will support the certification and accreditation of Military Communication Systems, Management Workstations and supporting Networking Infrastructure in accordance with Risk Management Framework, FIPS, and NSA Certification standards. JobDescription: Works with systems developers or commercial product vendors in the design and evaluation of state-of-the-art secure systems, networks, and database products. Uses methods such as encryption technology, vulnerability analysis and security management. Responsible for integration of multiple methods into a cohesive system security perimeter and environment and the policies and procedures necessary to monitor and maintain such an environment. Prepares Assessment and Authorization documentation using multiple standards under RMF and derivative processes (DOD 8510.01M, JSIG, ICD-503, CNSSI 1253), to achieve security authorization of supported systems. Represents program security needs, concerns, and requirements at customer meetings. Leads and contribute to all Product or Network Information Security Engineering activities pertaining to CDRLs, trade studies, security requirements analysis, secure architecture development, management & compliance with security controls, design review milestones (SRR, SDR, PDR, CDR) and security test/verification activities Performs system CONOP analysis and development Contributes to all Product and/or Security Engineering activities pertaining to CDRLs, trade studies, security requirements analysis, secure architecture development, management & compliance with security controls, design review milestones (SRR, SDR, PDR, CDR) and security test/verification activities Perform functional analysis, timeline analysis, detailed trade studies, requirements derivation and allocation, and interface definition studies to translate customer Information Security requirements into hardware and software specifications Provide Cyber technical leadership for development teams building new multi-discipline (mechanical, electrical, software, hardware etc.) products Provide Cyber technical leadership to development teams at internal and external gate reviews such as technical baseline reviews and design reviews Identify security risks, threats and vulnerabilities of networks, systems, applications, and new technology initiatives (hardware, software, cross-domain solutions, cryptographic devices, firewalls, intrusion detection systems, anti-virus systems and software deployment tools) Ensure RMF Information Security requirements and Program Protection requirements are addressed in all phases of the System Development Lifecycle (SDLC) Conduct security architecture analysis to evaluate and mitigate risks DoD 8570.01-M IASAE Level 3 certification (e.g. CISSP, ISSEP, ISSAP) RequiredQualifications: Bachelors Degree with a minimum of 9years of prior related security experience. Graduate Degree with a minimum of 7years of prior related security experience. In lieu of a degree, minimum of 13years of prior related securityexperience. Active Secret Security Clearance preferred Preferred Qualifications: Active Top Secret/SCI Security Clearance preferred Minimum of 7 years of experience with vulnerability research and analysis of computer hardware, appliances, and/or embedded systems Minimum of 7 years of experience with Risk Management Framework (RMF) accreditation and authorization (A&A) processes to include RMF steps 1-4 (categorization, controls selection, control implementation, security assessment) and standard body of evidence (BoE) package development Minimum of2 years of experience in writing and managing RMF body of evidence documents (e.g., System Security Plan (SSP), Security Compliance Traceability Matrix (SCTM), Certified Test Plan (CTP), Risk Assessment Report (RAR), Continuous Monitoring (ConMon) Plan, Plans of Action and Milestones (POA&M), and Security Assessment Plans and Procedures (SAPP) Minimum 2 years of experience with system testing and evaluation methods and RMF assessment methodology & processes Minimum of 7years of experience with IC and DoD Cyber organizations, including structure, engagement, customer relationship management, and Business Development Minimum of 5 years of experience with DCO and OCO Cyber Effects Operations (CEO) Minimum of 5 years of experience leading technical teams, decomposing requirements, solution development, implementation, and testing/qualification across a portfolio Minimum of5 years of experience with computer hardware architecture, components, and protocols Minimum of 3 years of experience with Modular Open Systems Approach (MOSA) standards Experience in validating the NSA Crypto Modernization Experience developing security overlays, data flow diagrams, internal requirements, CONOPs and interface control documents from customer and/or product requirements Experience with administration and securing Linux (RHEL/CentOS), Microsoft products including Windows Server 2016+, Windows 10, Microsoft System Center Configuration Manager, and WSUS Experience in configuration and use of cyber defense and vulnerability assessment tools such as ACAS/Nessus, Rapid7 Nexpose, etc Experience with architectures integrating VLANs, VRF, virtual switching, multi-layer switching, Multi-layer Firewalls, ACLs, secure configuration, VPN (IPSEC) Foundational knowledge of Layer 3 architecture and diagramming within Visio or other commercial products Understanding of routing and switching as employed in telecommunications and network traffic General knowledge of common threats to information systems and how compromise would damage system integrity Exposure to model-based systems engineering (MBSE) tool suites (e.g., Cameo) and associated processes Experience with application of STIGs, CIS Benchmarks, and/or SCAP and developing associated POAMs Working knowledge of embedded systems, appliances, FPGA, single-board computers, chipsets, and microprocessors Engineering experience in non-traditional national security missions #LI-HJ1#LI-CJ1 L3Harris Technologies is proud to be an Equal Opportunity Employer. L3Harris is committed to treating all employees and applicants for employment with respect and dignity and maintaining a workplace that is free from unlawful discrimination. All applicants will be considered for employment without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender (including pregnancy, childbirth, breastfeeding or other related medical conditions), gender identity, gender expression, sexual orientation, marital status, veteran status, disability, genetic information, citizenship status, characteristic or membership in any other group protected by federal, state or local laws. L3Harris maintains a drug-free workplace and performs pre-employment substance abuse testing and background checks, where permitted by law. Please be aware many of our positions require the ability to obtain a security clearance. Security clearances may only be granted to U.S. citizens. In addition, applicants who accept a conditional offer of employment may be subject to government security investigation(s) and must meet eligibility requirements for access to classified information. By submitting your resume for this position, you understand and agree that L3Harris Technologies may share your resume, as well as any other related personal information or documentation you provide, with its subsidiaries and affiliated companies for the purpose of considering you for other available positions. L3Harris Technologies is an E-Verify Employer. Please click here for the E-Verify Poster in English or Spanish. For information regarding your Right To Work, please click here for English or Spanish. RequiredPreferredJob Industries Law Enforcement & Security

Lumen connects the world. We are igniting business growth by connecting people, data and applications - quickly, securely, and effortlessly. Together, we are building a culture and company from the people up - committed to teamwork, trust and transparency. People power progress. We're looking for top-tier talent and offer the flexibility you need to thrive and deliver lasting impact. Join us as we digitally connect the world and shape the future. **The Role** The Principal Information Security Architect provides subject matter expertise for multiple, complex security systems, including developing security architectures and roadmaps, and evaluating, planning and designing security solutions. Additionally, the Principal Architect provides subject matter expertise to Product, IT, Network, and Security teams in the implementation of recommended solutions for identified technical security issues; ensures the implementation of security solutions utilizing advanced technical expertise; serves as architecture lead on major projects with the ability and expertise to develop overall architectural direction; initiates and executes advanced research and development activities of significance to future business security strategies. **The Main Responsibilities** + Drives beneficial security change into the business through the development or review of architectures to ensure that they fit business requirements for security, mitigate risks, conform to the relevant security standards, and balance information risk against the cost of appropriate countermeasures. + Develops and designs new security solutions to reduce risk and align business requirements with security standards. + Supports development of business case and approval process. + Delivers guidelines, best practices, and direction on security standards/policies and roadmaps. Provides subject matter expertise, consultation, and escalation support. + Provides support to Security Review process by assisting with complex questions and projects. Work with business units and partners as needed. + Acts as liaison between the business and technology from a security perspective, maintains an overview of the environment as a whole and its security aspects, understands business strategy and how it relates to security strategy, acts as a liaison between appropriate regulatory bodies, IT auditors, and business stakeholders, educates IT and enterprise roles on the need for (and consequences of) reducing information-related risk, and ultimately drives organizational change at all levels of the business. **What We Look For in a Candidate** Required: + Bachelor's degree in computer science, engineering, or related field with 15+ years of relevant experience or + Master's degree in computer science, engineering, or related field with 12+ years of relevant experience. + Applicable professional/technical certifications must be in place, such as CISSP, GPEN, GWAPT, GISEC, CISM or CISA. + Knowledge of information security industry and regulatory obligations (ISO 27001/27002, NIST Framework, FISMA, FedRAMP, and GDPR). + Software development experience. **Compensation** This information reflects the anticipated base salary range for this position based on current national data. Minimums and maximums may vary based on location. Individual pay is based on skills, experience and other relevant factors. Location Based Pay Ranges: $149,084 - $198,779 in these states: AL, AR, AZ, FL, GA, IA, ID, IN, KS, KY, LA, ME, MO, MS, MT, ND, NE, NM, OH, OK, PA, SC, SD, TN, UT, VT, WI, WV, and WY. $156,539 - $208,718 in these states: CO, HI, MI, MN, NC, NH, NV, OR, and RI. $163,993 - $218,657 in these states: AK, CA, CT, DC, DE, IL, MA, MD, NJ, NY, TX, VA, and WA. \#LI-MG1 Lumen offers a comprehensive package featuring a broad range of Health, Life, Voluntary Lifestyle benefits and other perks that enhance your physical, mental, emotional and financial wellbeing. We're able to answer any additional questions you may have about our bonus structure (short-term incentives, long-term incentives and/or sales compensation) as you move through the selection process. Learn more about Lumen's: + Benefits (**************************************************** + Bonus Structure **What to Expect Next** Requisition #: 337297 **Background Screening** If you are selected for a position, there will be a background screen, which may include checks for criminal records and/or motor vehicle reports and/or drug screening, depending on the position requirements. For more information on these checks, please refer to the Post Offer section of our FAQ page (************************************* . Job-related concerns identified during the background screening may disqualify you from the new position or your current role. Background results will be evaluated on a case-by-case basis. Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records. **Equal Employment Opportunities** We are committed to providing equal employment opportunities to all persons regardless of race, color, ancestry, citizenship, national origin, religion, veteran status, disability, genetic characteristic or information, age, gender, sexual orientation, gender identity, gender expression, marital status, family status, pregnancy, or other legally protected status (collectively, "protected statuses"). We do not tolerate unlawful discrimination in any employment decisions, including recruiting, hiring, compensation, promotion, benefits, discipline, termination, job assignments or training. **Disclaimer** The job responsibilities described above indicate the general nature and level of work performed by employees within this classification. It is not intended to include a comprehensive inventory of all duties and responsibilities for this job. Job duties and responsibilities are subject to change based on evolving business needs and conditions. In any materials you submit, you may redact or remove age-identifying information such as age, date of birth, or dates of school attendance or graduation. You will not be penalized for redacting or removing this information. Please be advised that Lumen does not require any form of payment from job applicants during the recruitment process. All legitimate job openings will be posted on our official website or communicated through official company email addresses. If you encounter any job offers that request payment in exchange for employment at Lumen, they are not for employment with us, but may relate to another company with a similar name. **Application Deadline** 03/14/2025

Principal Cloud Security Architect - Utah or Tempe, Az. Our clients are the game changers, leaders and investors who fuel the global innovation economy. They're the businesses behind the next medical breakthroughs. And the visionaries whose new technologies could transform the way people live and work. They come to the Company for our expertise, deep network and 30+ years of experience in the industries we serve, and to partner with diverse teams of passionate, enterprising the Company, dedicated to an inclusive approach to helping them grow and succeed at every stage of their business. Join us at the Company and be part of bringing our clients' world-changing ideas to life. At The Company, we have the opportunity to grow and collectively make an impact by supporting the innovative clients and communities the Company serves. We pride ourselves in having both a diverse client roster and an equally diverse and inclusive organization. And we work diligently to encourage all with different ways of thinking, different ways of working, and especially those traditionally underrepresented in technology and financial services, to apply. Job Description Cloud Security Architect provides cyber security advisory services to business units at the Company, and supports IT initiatives and business projects by recognizing security risks and implementing security controls within public and private cloud environments, in adherence to the Company security policies and standards. The Cloud Security Architect directly engages The Company IT teams to integrate new and existing security solutions. The Architect will be assigned to large, enterprise and mission critical projects and implement security strategy and architecture, in order to protect the Company assets, manage risk, and maintain compliance. Knowledge: · Deep understanding of security architectures, defense in depth, cloud and on-prem security models and concepts · Proficient in designing and deploying IaaS security solutions, preferably in AWS public cloud. · Experience and working knowledge of network architecture, subnetting, and TCP/IP protocols, and OSI model layers and protocols at each model layer · Understanding of international and United States laws and regulations impacting cyber security and personal data privacy, including GLBA, SOX, and the FFIEC Information Security requirements · Working knowledge of security frameworks and control references such as NIST CSF, CIS 20, COBIT, PCI DSS, OWASP, ISO 27000 family and NIST SP 800 series. · Familiar with various security architectures and methodologies (Defense in Depth, Segmentation, Least Privilege, Zero-Trust, Kill-Chain, etc.) Skills: · Excellent analytical and problem solving skills · Ability to demonstrate empathy while seeking common interests; effective problem and conflict resolution skills · Scripting skills (Shell, Python, Java, PHP, PowerShell, etc.) preferred but not required · Familiar with government security standards and regulations including GLBA, SOX, PCI, COBIT, ITIL - Familiar with various security architectures and methodologies (Defense in Depth, Kill-Chain, NIST, Critical Controls, OWASP, etc.) · Leadership qualities, desire to influence horizontally and vertically, and mentor team members. · Excellent written and verbal communication skills Education/Experience: · Bachelor's degree in management Information Systems, Computer Science, and/or Business, or equivalent work experience · 7+ years working in IT security domain · Experience implementing, supporting, or defining requirements for security tools such as WAF, SIEM, IPS, CASB, EDR · Experience with AWS public cloud services and security tools - Experience with SIEM technologies. · Experience with cloud technologies specifically AWS. - Experience with AWS in a security environment preferred. - · Experience working with Windows and Linux operating systems · Experience working with firewalls and network IDS/IPS · Experience doing vulnerability assessments, risk assessments and penetration testing Certifications: One or more of the following professional certifications: CISSP, CISM, SANS GIAC, CISA, Security+, AWS Solutions Architect, AWS Security Specialist (or willingness to obtain within 6 months) Strong demonstrated knowledge of networking and TCP/IP protocol or networking certification (CCNA) For more than 35 years, The Company and its subsidiaries have helped innovative companies and their investors move bold ideas forward, fast. The Company Financial Group's businesses, including The Company, offer commercial and private banking, asset management, private wealth management, brokerage and investment services and funds management services to companies in the technology, life science and healthcare, private equity and venture capital,, The Company operates in centers of innovation around the world.

Our client, Filevine, is looking for a Security Architect. Details below... Filevine is forging the future of legal work with cloud-based workflow tools. We have a reputation for intuitive, streamlined technology that helps professionals manage their organization and serve their clients better. We're also known for our team of extraordinary and passionate professionals who love working together to help organizations thrive. Our success has catapulted Filevine to the forefront of our field-we are ranked as one of the most innovative and fastest-growing technology companies in the country by both Deloitte and Inc. Our Mission Filevine is building the seamless intersection between legal and business by creating a world- class platform to help professionals scale. Department Statement:The Information Security team ensures security engineering efforts are effective and aligned with industry standards and best practices. Job Summary: Filevine is looking for a Security Architect to join our Information Security team to ensure that our platform, applications, and infrastructure are compliant and secured at the highest levels, thus protecting, and enhancing customer trust. If you are bright, hardworking, ambitious and enjoy taking ownership for security and compliance, we want to talk to you. This is an exciting opportunity to join a world-class team. Responsibilities Provide security architectural review of development projects throughout the SDLC on a rapid cycle including specifying minimum security requirements. Provide security reviews and recommendations for SAAS and desktop applications (Mac and Windows) for the Filevine product. Provide security review and recommendations on various subsystems, such as email and calendaring plugins across various operating systems and browsers. Experience with helping enhance the security on new Filevine products including the secure use of Ai tooling and their implementation. Improve monitoring capabilities for cloud environments to improve detection of security issues. Strategize and outline goals and objectives to secure the cloud environments and cloud applications while enhancing the application security program. Investigate security incidents. Install security measures and operate software/hardware to protect systems and information infrastructure, including network and web firewalls, and data encryption programs. Document and research best practice architecture designs as part of an overall risk management strategy. Work with internal teams to perform tests and uncover network vulnerabilities. Help remediate detected vulnerabilities to maintain a high-security standard. Stay current on cloud security standards, trends and news. Develop company-wide best practices for cloud security. Research security enhancements and make recommendations to management. Qualifications 5+ years combined in information technology/security with emphasis on network security. A BS/MS degree in a technical field such as information security or computer science can be considered as supplementary experience. Strategize and outline goals and objectives to secure Cloud environments and Cloud applications while building the application security program. Ensure Filevine is following cloud security best practices for cloud environments. Ensure appropriate cloud logging, monitoring and response efforts are in place to protect Filevine and our customers. Excellent history in advising and executing security architecture design and assessments. Great degree of familiarity with designing and implementing secure Enterprise cloud networks. Significant experience with SIEM and logging technologies. Knowledgeable with Threat Hunting practices. Expert knowledge with SOAR platforms and creating run books / play books. Experience with cloud hardening best practices. Experience with both executing and defending network penetration tests. Security Architectural Experience with two (AWS, GCP, Heroku and/or Azure) cloud infrastructure platforms. Experience with container security for Windows & Linux operating systems. Working knowledge of security requirements for SOC 2 Type I & II, HIPAA, GDPR, CCPA and CJIS. Significant experience with security engineering, incident response and security operations best practice. Significant experience with orchestration and observability tools. Strong Project Management experience.A strong curiosity, initiative, persistence, and willingness to experiment to provide solutions to diverse technical challenges. Experience with scripting and development languages (e.g., JavaScript, Python, Java, C++) Automation skills are a plus. Strong team player and work ethic are essential. Preferred Qualifications CISSP Certification or equivalent experience. AWS Certified Cloud Practitioner (Foundational) or equivalent experience. AWS Certified Developer - Associate or equivalent experience. AWS Certified DevOps Engineer - (Professional) or equivalent experience. Certified Cloud Architect (CCA) or equivalent experience. Certified Cloud Professional (CCP) or equivalent experience. Certificate of Cloud Security Knowledge (CCSK) or equivalent experience. CompTIA Cloud+ or equivalent experience. CompTIA Cloud Essentials+ or equivalent experience. Google Associate Cloud Engineer or equivalent experience. Google Professional Cloud Architect or equivalent experience. Microsoft Certified Azure Fundamentals or equivalent experience. Microsoft Azure Administrator Associate or equivalent experience. Microsoft Azure Solutions Architect Expert or equivalent experience.

RELOCATION ASSISTANCE: Relocation assistance may be available CLEARANCE TYPE: SecretTRAVEL: Yes, 10% of the TimeDescriptionAt Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work - and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they're making history. The Systems Security Engineering (SSE) team is seeking a highly motivated and qualified system engineer to serve as a Subcontract Technical Engineer, Level 2. You will critically analyze supply chain solutions that meet all program requirements and manage supply chain risks to ensure positive supplier performance through all phases of the program life cycle from capture to sustainment. You will be the main focal point to the Subcontractor Management team and accountable to the MDT SSE leadership and Technical Lead. This position will be located in Roy, Utah and may offer aa competitive relocation package. Specific duties to include, but are not limited to the following: Track and monitor supplier deliverables Work with Data Management and SMT to resolve / track supplier deliverables. Coordinate assignment of SDRL review with SSE team Assign and track progress of review. Ensure timely response to supplier deliverables. Data entry of comments into DMDS or Enovia Evaluate and resolve contract requirement discrepancies. Track and monitor the delivery of Subcontract data packages to ensure relevant contract requirements are met or exceeded. Participate with contracts administration and purchasing to develop subcontract policies and procedures. Review Statement of Work (SOW) and identify SDRLs on contract and resolve discrepancies by CRMs. Basic Qualifications: Bachelor's Degree in a STEM (Science, Technology, Engineering or Mathematics) discipline from an accredited university and 2 years of related experience, or a Master's Degree in a STEM discipline and 0 years of related experience Minimum 1 years of applying and understanding Systems Security Engineering principles. Minimum 1 years in showing the ability to communicate effectively and clearly present technical approaches and findings. Minimum 1 years of contracting, acquisitions, supply chain, and/or procurement experience. Minimum 1 years of experience performing against schedule. •Must have an active U.S. Government DoD Secret security clearance at time of application, current and within scope, with an ability to obtain and maintain Special Access Program (SAP) approval within a reasonable period of time, as determined by the company to meet its business need Preferred Qualifications: Active Top-Secret clearance with SAP Access. Direct experience with Department of Defense contracting, acquisitions, supply chain, or procurement. Direct experience Program Protection and/or Supply Chain Risk Management. Direct experience with ICBM Systems Position Benefits: As a full-time employee of Northrop Grumman, you are eligible for our robust benefits package including Medical, Dental & Vision coverage Educational Assistance Life Insurance Employee Assistance Programs & Work/Life Solutions Paid Time Off Health & Wellness Resources Employee Discounts This positions standard work schedule is a 9/80. The 9/80 schedule allows employees who work a nine-hour day Monday through Thursday to take every other Friday off. This role may offer a competitive relocation assistance package. #Sentinelsystems Salary Range: $77,500.00 - $115,800.00The above salary range represents a general guideline; however, Northrop Grumman considers a number of factors when determining base salary offers such as the scope and responsibilities of the position and the candidate's experience, education, skills and current market conditions.Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay. Annual bonuses are designed to reward individual contributions as well as allow employees to share in company results. Employees in Vice President or Director positions may be eligible for Long Term Incentives. In addition, Northrop Grumman provides a variety of benefits including health insurance coverage, life and disability insurance, savings plan, Company paid holidays and paid time off (PTO) for vacation and/or personal business.The application period for the job is estimated to be 20 days from the job posting date. However, this timeline may be shortened or extended depending on business needs and the availability of qualified candidates.Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit *********************************** U.S. Citizenship is required for all positions with a government clearance and certain other restricted positions.

Headquartered in Dublin, Ohio, Cardinal Health, Inc. (NYSE: CAH) is a global, integrated healthcare services and products company, providing customized solutions for hospitals, health systems, pharmacies, ambulatory surgery centers, clinical laboratories and physician offices worldwide. The company provides clinically-proven medical products and pharmaceuticals and cost-effective solutions that enhance supply chain efficiency from hospital to home. Cardinal Health connects patients, providers, payers, pharmacists and manufacturers for integrated care coordination and better patient management. Backed by nearly 100 years of experience, with approximately 50,000 employees in 46 countries, Cardinal Health ranks among the top 20 on the Fortune 500. We currently have a full-time career opening within Information Security to support the growth of our Navista Application Suite and the Integrated Oncology Network (IoN). **Department overview** The Information Security department at Cardinal Health enables Cardinal Health to securely deliver healthcare products and solutions that improve the lives of people every day by ensuring security practices and controls are embedded into Cardinal Health's people, process and technology. We are a remote-first team and are excited to offer full-time remote opportunities. **Functional Overview** The Senior Information Security & Risk Engineer is a new capability for Cardinal Health and will be executed by the Product Security team. The primary goal of this position is to ensure delivery of best-in-class cybersecurity, risk management, and compliance for Navista, an oncology Managed Service Offering hosted by Cardinal Health. **Job Overview** The Information Security & Risk Engineer will be responsible for day-to-day activities in implementing the corporate information security and compliance program. The individual will be a front-line partner to technical teams and work across the organization to deliver security and compliance initiatives aligning to corporate policies, standards, procedures and audit activities. Success in the role will be measured by the effectiveness of the implementation of information security, risk management and compliance directives. This role will work with various IT and business teams to drive both information security and compliance initiatives. The individual will assist with internal and external security compliance monitoring activities, review client audits, IT control audits, architecture reviews, threat modeling, security risk assessments and will assist in the management of compliance activities such as NIST, HIPAA, SOC 2, FedRAMP, PCI, ISO27001, HITRUST and SOX. Good interpersonal and relationship building skills are essential for success. **Job Responsibilities Include:** + Maintain governance program that ensures that the security policies, standards and process are in place + Serve as liaison to other Cardinal Health teams to ensure knowledge share and best practices + Partner with the engineering, architecture and operations teams to ensure delivery of infrastructure design and threat models which prove security requirements + Monitor security trends and drive security best practices throughout the organization + Evaluate, design, test, and recommend new or improved controls + Work with third party firms and consultants to conduct independent security audits, vulnerability scans, and penetration tests + Investigate, drive resolution and document security incidents **Qualifications** + Bachelors Degree in related field, or equivalent work experience leading cybersecurity or information security initiatives + Have 3+ years information security related work experience, preferably within the healthcare industry + Experience in vulnerability management programs, vulnerability assessments and advanced understanding of risk management + Familiarity with at least one common programming language, software development pipelines, and system lifecycles + Familiarity with security frameworks and assessments such as HIPAA/HITECH, ISO, ITIL, NIST, PCI DSS, & SOX + Familiarity with common security vulnerabilities like OWASP Top 10 + Experience advising and mentoring diverse teams where you do not have direct authority + Strong written and verbal communication skills **Anticipated salary range:** $121,600 - $182,385 **Bonus eligible:** Yes **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 4/7/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

Description & Requirements Reporting to the Sr. Manager for the Program Security Services team (US Services), the Lead Security Analyst-ISSO is responsible for managing the overall security posture of their assigned projects. Acting as an independent contributor, the Lead Analyst-ISSO will document and validate security compliance requirements, as defined in client contracts and established regulatory frameworks (NIST 800-53, HIPAA, IRS 1075, CMS MARS-E/ARC-AMPE, PCI-DSS). This position requires broad knowledge of Information Technology, including cloud providers such as Azure and AWS. This role will also manage stakeholder relationships with both internal and external customers. US citizenship is required per contract/client, at least one of the following certifications is required: CISSP (preferred), CISA or CISM. Experience with NIST 800-53 and the ability to travel up to 10% is required. Essential Duties and Responsibilities: - Responsible for ensuring information security for an assigned area of Business/Project focusing on key areas of risk, as outlined in the Information Security policy, under the direction of the Information Security management team. - Conduct Information Security risk assessments and compliance evaluations for infrastructure and application assets within required timeframes and to industry standards and regulatory specifications. - Ensure controls are properly and fully implemented to address identified Information Security risks for assigned area of responsibility. - Define, create and maintain the documentation for certification and accreditation of each information system in accordance with regulatory requirements. - Lead and support audits and client reviews of security posture; coordinate the collection, review and submission of Information Security deliverables and track the remediation of audit findings and exceptions. - Manage expectations with multiple stakeholders on projects and programs in conjunction with the Information Security team. - Promotion of Information Security awareness through various communication channels within the organization. - Collaborate with the Information Security team members on process improvements, secure design and recertification of MAXIMUS assets. Identify potential security control gaps by reviewing evidence provided by stakeholders, system generated reports and/or control implementation statements. Perform risk assessments using vulnerability management and application security testing reports. Initiate formal security exception process, when required. Develop Plan of Action and Milestones (POA&M) as necessary. Minimum Requirements - Please refer to the additional information section of the job requisition for this opening to determine clearance eligibility required. - Bachelor's degree and 7+ years of relevant professional experience required, or equivalent combination of education and experience. US Citizenship is REQUIRED per contract/client. At least one of the following certifications is REQUIRED: CISSP (preferred), CISA or CISM Experience with NIST 800-53 is REQUIRED Ability to travel nationally up to 10% is REQUIRED HIPAA experience is preferred Experience with Cloud providers, such as Azure and AWS Knowledge of any of the following security frameworks is preferred: IRS 1075, CMS MARS-E/ARC-AMPE, PCI-DS Demonstrates excellent interpersonal, presentation and verbal/written communication skills Demonstrates strong customer service skills Ability to communicate technical information to non-technical staff Ability to work collaboratively with a broad range of staff (including analysts, engineers and leadership) Proficiency with Microsoft Office SmartSheet experience is a plus Ability to perform comfortably in a fast-paced, deadline-oriented work environment Ability to organize and execute complex tasks Ability to work as a team member as well as independently #LI-JH1 #maxcorp #LeadSecurityAnalyst #HotJobs0311LI #HotJobs0311FB #HotJobs0311X #HotJobs0311TH #TrendingJobs EEO Statement Active military service members, their spouses, and veteran candidates often embody the core competencies Maximus deems essential, and bring a resiliency and dependability that greatly enhances our workforce. We recognize your unique skills and experiences, and want to provide you with a career path that allows you to continue making a difference for our country. We're proud of our connections to organizations dedicated to serving veterans and their families. If you are transitioning from military to civilian life, have prior service, are a retired veteran or a member of the National Guard or Reserves, or a spouse of an active military service member, we have challenging and rewarding career opportunities available for you. A committed and diverse workforce is our most important resource. Maximus is an Affirmative Action/Equal Opportunity Employer. Maximus provides equal employment opportunities to all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status or disabled status. Pay Transparency Maximus compensation is based on various factors including but not limited to job location, a candidate's education, training, experience, expected quality and quantity of work, required travel (if any), external market and internal value analysis including seniority and merit systems, as well as internal pay alignment. Annual salary is just one component of Maximus's total compensation package. Other rewards may include short- and long-term incentives as well as program-specific awards. Additionally, Maximus provides a variety of benefits to employees, including health insurance coverage, life and disability insurance, a retirement savings plan, paid holidays and paid time off. Compensation ranges may differ based on contract value but will be commensurate with job duties and relevant work experience. An applicant's salary history will not be used in determining compensation. Maximus will comply with regulatory minimum wage rates and exempt salary thresholds in all instances. Minimum Salary $ 111,605.00 Maximum Salary $ 145,000.00

Our Company Changing the world through digital experiences is what Adobe's all about. We give everyone-from emerging artists to global brands-everything they need to design and deliver exceptional digital experiences! We're passionate about empowering people to create beautiful and powerful images, videos, and apps, and transform how companies interact with customers across every screen. We're on a mission to hire the very best and are committed to creating exceptional employee experiences where everyone is respected and has access to equal opportunity. We realize that new ideas can come from everywhere in the organization, and we know the next big idea could be yours! The Opportunity Are you passionate about securing global systems and mitigating risks in a fast-paced environment? Adobe Security is looking for a dynamic candidate to join its Vulnerability Operation Center (VOC). As a VOC Product Security Engineer, you will analyze and triage incoming identified vulnerabilities and engage with developers for all of Adobe's products and online services. In this role, you will partner directly with product teams to pave the way for measuring, prioritizing, and reducing risk across Adobe's suite of product offerings. This is a great opportunity to join in ground-breaking work to influence our organization's risk posture. What you'll Do * Validate and assess severity of public and privately disclosed security vulnerabilities * Drive security issues to resolution through continuous engagement with engineering teams * Develop reporting metrics for leadership that highlight risks and trends. * Champion remediation efforts to Industry Wide Vulnerabilities and reducing preventable vulnerabilities * Identify security gaps and collaborate directly with product engineering teams on improved hardening opportunities * Investigate systemic vulnerability trends to improve product risk posture and reduce preventable vulnerabilities What you need to succeed * Bachelor's degree in computer science, engineering or a related discipline and at least 2-3 years of practical experience * Deep knowledge of infrastructure and application security vulnerabilities (OWASP Top 10) and mitigation techniques * Strong understanding of common security concepts that support root-cause analysis to make data-driven decisions on vulnerability patterns and trends * Dependability: Meets commitments, works independently, accepts accountability, handles change, sets personal standards, stays focused under pressure * Ability to speak and communicate professionally Our compensation reflects the cost of labor across several U.S. geographic markets, and we pay differently based on those defined markets. The U.S. pay range for this position is $116,700 -- $207,200 annually. Pay within this range varies by work location and may also depend on job-related knowledge, skills, and experience. Your recruiter can share more about the specific salary range for the job location during the hiring process. At Adobe, for sales roles starting salaries are expressed as total target compensation (TTC = base + commission), and short-term incentives are in the form of sales commission plans. Non-sales roles starting salaries are expressed as base salary and short-term incentives are in the form of the Annual Incentive Plan (AIP). In addition, certain roles may be eligible for long-term incentives in the form of a new hire equity award. Adobe will consider qualified applicants with arrest or conviction records for employment in accordance with state and local laws and "fair chance" ordinances. Adobe is proud to be an Equal Employment Opportunity and affirmative action employer. We do not discriminate based on gender, race or color, ethnicity or national origin, age, disability, religion, sexual orientation, gender identity or expression, veteran status, or any other applicable characteristics protected by law. Learn more. Adobe aims to make Adobe.com accessible to any and all users. If you have a disability or special need that requires accommodation to navigate our website or complete the application process, email accommodations@adobe.com or call **************. Adobe values a free and open marketplace for all employees and has policies in place to ensure that we do not enter into illegal agreements with other companies to not recruit or hire each other's employees.

Are you ready to build a rewarding career and a better future? Venture Talent is always on the lookout for motivated, curious, and creative people to join our IT programs. We are currently seeking a Lead, Information Security Systems Engineer that will be a member of a trusted disruptor in the defense industry. With customers' mission-critical needs always in mind, employees deliver end-to-end technology solutions connecting space, air, land, sea and cyber domains in the interest of national security. This is a full-time permanent role supporting our program in Salt Lake City, UT. This Subject Matter Expert will apply current systems security engineering methods, practices and technologies to the architecture, design, development, evaluation and integration of systems and networks to maintain system security and execute system CONOPS. The Lead will work closely with Government customers and program stakeholders to ensure that the security needs, concerns and requirements are defined and implemented with appropriate fidelity and rigor, early and in a sustainable manner throughout the life cycle of system that will allow for the security authorization of the system of interest. Specific responsibilities include but are not limited to: Works with systems developers or commercial product vendors in the design and evaluation of state-of-the-art security systems, networks, and database products Uses methods such as encryption technology, vulnerability analysis and security management Responsible for integration of multiple methods into a cohesive system security perimeter and environment and the policies and procedures necessary to monitor and maintain such an environment Prepares Assessment and Authorization documentation using multiple standards under RMF and derivative processes (DOD 8510.01M, JSIG, ICD-503, CNSSI 1253), to achieve security authorization of supported systems Represents program security needs, concerns, and requirements at customer meetings Leads and contribute to all Product or Network Information Security Engineering activities pertaining to CDRLs, trade studies, security requirements analysis, secure architecture development, management & compliance with security controls, design review milestones (SRR, SDR, PDR, CDR) and security test/verification activities Performs system CONOP analysis and development Contributes to all Product and/or Security Engineering activities pertaining to CDRLs, trade studies, security requirements analysis, secure architecture development, management & compliance with security controls, design review milestones (SRR, SDR, PDR, CDR) and security test/verification activities Perform functional analysis, timeline analysis, detailed trade studies, requirements derivation and allocation, and interface definition studies to translate customer Information Security requirements into hardware and software specifications Provide Cyber technical leadership for development teams building new multi-discipline (mechanical, electrical, software, hardware etc.) products Provide Cyber technical leadership to development teams at internal and external gate reviews such as technical baseline reviews and design reviews Identify security risks, threats and vulnerabilities of networks, systems, applications, and new technology initiatives (hardware, software, cross-domain solutions, cryptographic devices, firewalls, intrusion detection systems, anti-virus systems and software deployment tools) Ensure RMF Information Security requirements and Program Protection requirements are addressed in all phases of the System Development Lifecycle (SDLC) Conduct security architecture analysis to evaluate and mitigate risks Basic Qualifications 7+ years of experience with vulnerability research and analysis of computer hardware, appliances, and/or embedded systems 7+ years of experience with Risk Management Framework (RMF) accreditation and authorization (A&A) processes to include RMF steps 1-4 (categorization, controls selection, control implementation, security assessment) and standard body of evidence (BoE) package development 2+ years of experience in writing and managing RMF body of evidence documents (e.g., System Security Plan (SSP), Security Compliance Traceability Matrix (SCTM), Certified Test Plan (CTP), Risk Assessment Report (RAR), Continuous Monitoring (ConMon) Plan, Plans of Action and Milestones (POA&M), and Security Assessment Plans and Procedures (SAPP) 2+ years of experience with system testing and evaluation methods and RMF assessment methodology & processes 7+ years of experience with IC and DoD Cyber organizations, including structure, engagement, customer relationship management, and Business Development 5+ years of experience with DCO and OCO Cyber Effects Operations (CEO) 5+ years of experience leading technical teams, decomposing requirements, solution development, implementation, and testing/qualification across a portfolio 5+ years of experience with computer hardware architecture, components, and protocols 3+ years of experience with Modular Open Systems Approach (MOSA) standards Experience in validating the NSA Crypto Modernization Experience developing security overlays, data flow diagrams, internal requirements, CONOPs and interface control documents from customer and/or product requirements Experience with administration and securing Linux (RHEL/CentOS), Microsoft products including Windows Server 2016+, Windows 10, Microsoft System Center Configuration Manager, and WSUS Experience in configuration and use of cyber defense and vulnerability assessment tools such as ACAS/Nessus, Rapid7 Nexpose, etc Experience with architecture integrating VLANs, VRF, virtual switching, multi-layer switching, Multi-layer Firewalls, ACLs, secure configuration, VPN (IPSEC) Foundational knowledge of Layer 3 architecture and diagramming within Visio or other commercial products Understanding of routing and switching as employed in telecommunications and network traffic General knowledge of common threats to information systems and how compromises would damage system integrity Exposure to model-based systems engineering (MBSE) tool suites (e.g., Cameo) and associated processes Experience with application of STIGs, CIS Benchmarks, and/or SCAP and developing associated POAMs Working knowledge of embedded systems, appliances, FPGA, single-board computers, chipsets, and microprocessors Engineering experience in non-traditional national security missions Education / Certifications Bachelor's Degree with a minimum of 9 years of prior related experience Graduate Degree with a minimum of 7 years of prior related experience In lieu of a degree, minimum of 13 years of prior related experience DoD 8570.01-M IASAE Level 3 certification (e.g. CISSP, ISSEP, ISSAP)

NetDocuments is committed to providing an excellent candidate experience and will never ask you to engage in recruitment activity without phone, video, and in person meetings and communications from emails using the @netdocuments.com domain. If you have any concerns or questions about communications you have received, please send them to ************************ so our team members can review. NetDocuments is the world's #1 trusted cloud-based content management and productivity platform that helps legal professionals do their best work. We strive to win together through passionate hard work, exploring new things and recognizing every interaction matters. NetDocuments provides rewarding career growth in an inclusive, diverse environment where employees are encouraged to openly contribute creative ideas and innovation, backed by supportive peers and leadership working together to achieve our goals as a unified team. At our core, we are dedicated to empowering our employees to drive successful business outcomes and better user experiences for our customers and partners. Our customer-centric approach and employee enablement has allowed us to enjoy many accolades, including being named among the 2022, 2023, & 2024 list of Inc. Magazine's 5000 Fastest-Growing Private Companies in America. Other recent awards include: * Two-time winner (2024, 2023) National Top Workplaces * Two-time winner (2024, 2023) Top Workplace innovation * Three-time winner (2023, 2022, 2021) Top Workplace in the US by the Salt Lake Tribune * Three-time winner (2023, 2022, 2021) Best Companies to Work for by Utah Business magazine * Three-time winner (2024, 2023, 2022) Top Workplace Work-Life Flexibility * Three-time winner (2024, 2023, 2022) Top Workplace Compensation & Benefits * 2024 Cultural Excellence * 2024 Technology Industry * 2023 Top Workplace Leadership * 2023 Top Workplace Purpose & Values * 2022 Top Workplace Employee Appreciation and Employee Well Being NetDocuments is a hybrid, remote-friendly workplace. Come join our team and work inspired each day! What You'll Do We are seeking a highly skilled Senior AWS Public Cloud Security Analyst with a passion for securing cloud environments and driving proactive security measures. In this role, you will leverage your expertise in AWS security services, infrastructure as code, threat detection, and compliance frameworks to protect and optimize our public cloud infrastructure. As a key contributor, you'll collaborate with cross-functional teams to identify risks, implement security solutions, and support DevSecOps practices. If you thrive in dynamic environments and have a knack for automation and innovation, we'd love to have you join our team. You will: * Design, implement, and maintain robust AWS security services (IAM, VPC, KMS, GuardDuty, Security Hub, etc.) to safeguard cloud infrastructure. * Develop and enforce security policies using Infrastructure as Code (IaC) tools, such as Terraform, CloudFormation, or Ansible. * Monitor cloud environments by configuring and fine-tuning threat detection and alerting systems (GuardDuty, Wiz, CloudTrail, Security Hub) and integrating with SIEM platforms. * Ensure compliance with security standards such as CIS AWS Foundations Benchmark, NIST, SOC 2, and FedRAMP, collaborating with relevant teams to maintain governance. * Conduct penetration testing and vulnerability assessments in cloud environments, remediating identified risks and implementing best practices. * Collaborate with DevOps and product teams to integrate security into CI/CD pipelines and promote DevSecOps practices across development workflows. * Develop and execute incident response plans (IRPs), ensuring rapid response to security incidents while continuously improving processes. * Automate security checks, monitoring, and compliance tasks through scripting languages such as Python, Bash, or PowerShell. * Lead or support cloud security audits and assessments, documenting security architectures, policies, and incident reports. * Mentor and guide junior engineers on security best practices and contribute to fostering a strong security culture within the organization. * Secure multi-account cloud architectures, applying network security best practices (security groups, NACLs, VPC configurations, etc.) and encryption standards (KMS, HSMs). What You'll Need to be Successful * 5-7 years of experience in cloud security, preferably with AWS environments. * CISSP certification required * Experience with public cloud deployments and securing multi-account architectures. * Familiarity with DevSecOps practices and integrating security into CI/CD pipelines. * Prior experience in cloud migration from private to public environments. * Experience conducting or supporting security audits and assessments. * Deep understanding of AWS security services (IAM, VPC, KMS, Security Hub, CloudTrail, GuardDuty, Config, WAF). * Strong experience with AWS Identity & Access Management (IAM) and role-based access control (RBAC). * Knowledge of network security best practices (security groups, NACLs, VPC architecture, VPN setups). * Experience with encryption standards and management, including KMS, HSMs, and data encryption. * Hands-on experience with Terraform, CloudFormation, or Ansible. * Ability to programmatically enforce security policies using IaC. * Experience setting up and fine-tuning GuardDuty, CloudTrail, Wiz, Security Hub, and SIEM tools (e.g., Splunk, Datadog, AWS CloudWatch). * Familiarity with CIS AWS Foundations Benchmark, NIST 800-53, SOC 2, FedRAMP, and other security frameworks. * Ability to assess, identify, and remediate vulnerabilities in cloud environments. * Experience creating and executing incident response plans (IRPs). * Proficiency in scripting languages such as Python, Bash, or PowerShell to automate security checks and tasks. What Will Make You Stand Out (optional) * Any additional certifications are a plus: * AWS Certified Security - Specialty * AWS Certified Solutions Architect - Associate/Professional * AWS Certified Advanced Networking - Specialty * CEH (Certified Ethical Hacker) or OSCP (Offensive Security Certified Professional) * CISM (Certified Information Security Manager) or CCSP (Certified Cloud Security Professional) What You'll Love About NetDocuments * The People! * 90% healthcare premiums company covered * HSA company contribution * 401K match at 4% with immediate vesting * Flexible PTO (typically 3 to 4 weeks a year) * 10 paid holidays * Monthly contributions for life activities & wellness * Access to LinkedIn learning with monthly dedicated time to explore Compensation Transparency The compensation range for this position is: $120,000 - $150,000 The posted cash compensation for this position includes on target earnings, base salary and variable if applicable. Some roles may qualify for overtime pay. Individual compensation packages are determined based on various factors specific to each candidate, such as career level, skills, experience, geographic location, qualifications, and other job-related considerations Equal Opportunity NetDocuments is an Equal Opportunity Employer and prohibits discrimination and harassment of any kind. All employment decisions are based on business needs, job requirements, individual qualifications, without regard to race, color, religion, sex, (including pregnancy), national origin, age, physical and mental disability, marital status, sexual orientation, gender identity and/or expression, military and veteran status, or any other status protected by laws or regulations in the locations where we operate. NetDocuments believes diversity and inclusion among our employees is critical to our success, and we are committed to providing a work environment free of discrimination and harassment.

As a Security Engineer III at JPMorgan Chase within the Aumni Line of Business, you serve as a seasoned member of a team that works to deliver software solutions that satisfy pre-defined functional and user requirements with the added dimension of preventing misuse, circumvention, and malicious behavior. Carry out critical technology solutions with tamper-proof, audit defensible methods across multiple technical areas within various business functions in support of the firm's business objectives. The Aumni Information Technology & Security department is responsible for maintaining the IT operations and security of Aumni's product, systems, and data. We collaborate with all other departments in various capacities with an emphasis on reducing friction where possible while maintaining security. Our team's mission statement is: To deliver stronger, smarter security solutions, provide peace of mind for the venture capital ecosystem, and enable the success of our customers, employees, and investors. If you don't have experience in each area listed below, don't let that discourage you from applying. We are looking for an individual with a strong foundation, an aptitude to learn, and ability to ask good questions. Job responsibilities Educate our software engineers on secure coding practices and even build out a robust security champions program Provide vulnerability remediation support Implement & manage various SAST, SCA, DAST, and OSS scanning tools. Maintain automations that enforce Secure SDLC Secure design reviews Required qualifications, capabilities, and skills Formal training or certification on Application Security concepts and 3+ years applied experience Must be a team player who is eager to share domain knowledge with the team and eager to learn from others as well Experience of the Secure Software Development Lifecycle Framework. Understanding of security best practices for authentication, authorization, and permissions. Ability to teach developers how to follow security best practices Hands on experience investigating & prioritizing vulnerabilities discovered by third party security tools. (Identifying false positives, out of scope items, adjusting CVSS severity of vulnerability to business context, etc.) Hands on experience with DAST tools Knowledgeable of CI/CD tools and how to integrate security into the pipeline Experience with scripting languages (Bash, Python, etc.) Experience with cloud platforms and securing them Secure Design Reviews Preferred qualifications, capabilities, and skills Experience configuring and monitoring secret scanning tools Experience performing high risk code review/testing Knowledge of well-known Security Frameworks (ASVS, NIST CSF)

Type of Requisition: Regular Clearance Level Must Currently Possess: Top Secret/SCI Clearance Level Must Be Able To Obtain: Top Secret SCI + Polygraph Suitability: Public Trust/Other Required: None Job Family: Information Security Skills: Job Qualifications: Information Security, Information Security Management, Information System Security Certifications: Cisco Certified Network Associate (CCNA) Security - Cisco, GICSP: Global Industrial Cyber Security Professional - Global Information Assurance Certification (GIAC), GSEC: GIAC Security Essentials Certification - Global Information Assurance Certification (GIAC) Experience: 5 + years of related experience US Citizenship Required: Yes Job Description: The Information Systems Security Officer (ISSO) II is responsible for ensuring the appropriate operational security posture is maintained for an information system and as such, works in close collaboration with the ISSM and ISO. The position shall have the detailed knowledge and expertise required to manage the security aspects of an information system and, in many organizations, is assigned responsibility for the day-to-day security operations of a system. This will include physical and environmental protection, personnel security, incident handling, and security training and awareness. It will be required to work in close coordination with the ISSM and ISO in monitoring the information system(s) and its environment of operation to include developing and updating the authorization documentation, implementing configuration management across authorization boundaries. This will include assessing the security impact of those changes and making recommendation to the ISSM. The primary function is working within Special Access Programs (SAPs) supporting Department of Defense (DoD) agencies, such as HQ Air Force, Office of the Secretary of Defense (OSD) and Military Compartments efforts. The position will provide “day-to-day” support for Collateral, Sensitive Compartmented Information (SCI) and Special Access Program (SAP) activities. Performance Shall Include: Assist the ISSM in meeting their duties and responsibilities. Prepare, review, and update authorization packages. Ensure approved procedures are in place for clearing, sanitizing, and destroying various types of hardware and media. Notify ISSM when changes occur that might affect the authorization determination of the information system(s). Conduct periodic reviews of information systems to ensure compliance with the security authorization package. Coordinate any changes or modifications to hardware, software, or firmware of a system with the ISSM and AO/DAO prior to the change. Monitor system recovery processes to ensure security features and procedures are properly restored and functioning correctly. Ensure all IS security-related documentation is current and accessible to properly authorized individuals. Ensure audit records are collected, reviewed, and documented (to include any anomalies) Attend required technical and security training (e.g., operating system, networking, security management) relative to assigned duties. Execute the cyber security portion of the self-inspection, to include security coordination and review of all system assessment plans. Identify cyber security vulnerabilities and assist with the implementation of the countermeasures for them. Prepare reports on the status of security safeguards applied to computer systems. Perform ISSO duties in support of in-house and external customers. Conduct continuous monitoring activities for authorization boundaries under your preview. Assist Department of Defense, National Agency and Contractor organizations with the development of assessment and authorization (A&A) efforts. Experience: 5+ years related experience. 2+ years SAP experience required. Prior performance in roles such as System, Network Administrator or ISSO. Education: Bachelor's degree in a related area or equivalent experience (4 years) Certifications: IAT Level II ( Security+ CE, CCNA Security, etc) or IAM Level II - with in 6 months of hire Clearance Required To Start: TS/SCI required Must be able to Attain - TS/SCI with CI Polygraph #AirforceSAPOpportunities #ISSO III The likely salary range for this position is $92,331 - $121,785. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range. Scheduled Weekly Hours: 40 Travel Required: 10-25% Telecommuting Options: Onsite Work Location: USA UT Ogden Additional Work Locations: Total Rewards At GDIT: Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most. We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 30 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology. We connect people with the most impactful client missions, creating an unparalleled work experience that allows them to see their impact every day. We create opportunities for our people to lead and learn simultaneously. From securing our nation's most sensitive systems, to enabling digital transformation and cloud adoption, our people are the ones who make change real. GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.

The Information Security Engineer 2 is an intermediate level professional role that functions as an oversight engineer for the organization. This role works to improve and maintain security infrastructure while adhering to Church policy. This position may work on initiatives involving internal and external compliance, risk, vulnerability and threat monitoring and assessments. This position works under moderate supervision. This role ensures that information security controls are properly implemented, monitored and maintained to protect organizational data and systems. This individual assists the business in defining objectives, processes and measurements. This is an individual contributor role. This is a US-based hybrid role, but non-local exceptions may be approved under special circumstances. This individual works with divine guidance to provide or support technology that furthers the mission of the Church and reflects the eternal impact of the gospel. We value early, mid and late-career candidates and encourage all applicants with the posted skills and abilities to apply. Responsibilities Execute established security practices with consistency and discipline Lead tactical projects as assigned to clarify and respond to identified security risks across technical domains Mentor junior Information Security Engineers as assigned Research and correct new or unusual security configurations and implementations as identified by intelligence, analysts or monitoring Implement tools and processes that support information security initiatives Collaborate with engineers in other groups to implement standardized practices and follow routine process to promote secure systems Participate in the development and refinement of Information Security programs Participate in the evaluation, selection, testing and implementation of security-focused products and services Develop and maintain documentation for security systems and procedures Qualifications Bachelor's degree in related field or equivalent professional experience Two years of related experience (can be an internship in Information Security, IT and/or Computer Science including expertise in one or more of the following areas: Security, privacy, business continuity, compliance or related area(s), attacker tactics for both enterprise and web systems, cyber threat intelligence, incident handling, continuous monitoring, intrusion detection, advanced network forensics, host forensics, SIEM, SOC processes, and malware analysis Proven ability to assist with the design and implementation of security controls that meet business operational needs Ability to successfully collaborate with a team Familiarity with programming and scripting Good professional written and oral communication skills This job operates in a professional office environment To successfully perform the essential functions of the job there may be physical requirements which need to be met such as sitting for long periods of time and using computer monitors/equipment Preferred: Understanding and experience with databases(Oracle, MS-SQL, MySQL, PostgreSQL, etc.) Understanding of programming languages (Python, Java, .NET, etc.)

Arctic Wolf, with its unicorn valuation, is the leader in security operations in an exciting and fast-growing industry-cybersecurity. We have won countless awards for our excellence in security operations and remain dedicated to providing an industry-leading customer and employee experience. Our mission is simple: End Cyber Risk. We're looking for a Concierge Security Engineer 3 to be part of making this happen. About the Role: The Concierge Security Engineer supports the technical relationship with their assigned customers and leverages their skills and expertise to create and maintain an outstanding partnership with customers around the provision of security services. As a Concierge Security Engineer, you will: Creating and maintaining a partnership with our customers Analyze log and system data Interact with, and manage, internal and external stakeholders Communicate, educate, and share information with non-technical people Help our customers diagnose problems as well as support specific customer requests Primary technical point of contact for our customers Champion for our customers within the Arctic Wolf Team Mentoring junior analysts with their technical and soft skills This is a role that combines aspects of an IT Security Analyst, Security Architect, Incident Response Consultant, a Security Sales Engineer, and Technical Support. The CSE will be responsible for implementing, overseeing, managing, and supporting the network security infrastructure for multiple enterprises by leveraging Arctic Wolf's cloud infrastructure and their expertise in a wide variety of fields. The CSE works in a team along with an assigned Concierge Security Analyst and Customer Success Managers. Arctic Wolf CSEs develop strong working relationships with our customers and feel ownership over their security posture. We are looking for someone who has most of the following: 3+ years in Information Security, Network Security, or Cyber Security 3+ years additionally as a Network Admin, System Admin, Cloud Admin, or similar is strongly preferred Have a detailed understanding of Enterprise IT Security, including: Firewalls, Intrusion Detection, Antivirus, Content Filtering, and Proxies Have an understanding of Enterprise IT Operations, including: Networking, Active Directory, LDAP, Windows Server, and Cloud Infrastructures Analyze log and system data from the above list and other IT systems Know how to use one or more scripting tools and languages such as Python, Bash, and Power Shell Great writing and speaking skills Excellent relationship building skills in a professional context A positive “can-do” attitude A willingness to learn and continuous self-improvement There are no specific degree or certification requirements but degrees in engineering or technology are a plus. Any security or IT certification such as CISSP is also positive. Additional skills and experience: Security forensics Malware analysis E-discovery Threat containment Firewall and IDS provisioning Proxy and content filtering provisioning Authentication and identify management Risk and vulnerability Assessment Network and security Auditing Network troubleshooting Penetration testing Attack simulation PowerPoint presentation skills About Arctic Wolf At Arctic Wolf we're cultivating a collaborative and productive work environment that welcomes a diversity of backgrounds, cultures, and ideas to make our teams even stronger as we grow globally. We've been named one of the 50 Most Innovative Companies in the world for 2022 (Fast Company)-and the 2nd Most Innovative Security Company. This is in addition to consecutive awards from Top Workplace USA (2021, 2022), Best Places to Work - USA (2021, 2022) and Great Place to Work - Canada (2021, 2022). Our Values Arctic Wolf recognizes that success comes from delighting our customers, so we work together to ensure that happens every day. We believe in diversity and inclusion, and truly value the unique qualities and unique perspectives all employees bring to the organization. And we appreciate that-by protecting people's and organizations' sensitive data and seeking to end cyber risk- we get to work in an industry that is fundamental to the greater good. We celebrate unique perspectives by creating a platform for all voices to be heard through our Pack Unity program. We encourage all employees to join or create a new alliance. See more about our Pack Unity here. We also believe and practice corporate responsibility, and have recently joined the Pledge 1% Movement, ensuring that we continue to give back to our community. We know that through our mission to End Cyber Risk we will continue to engage and give back to our communities. All wolves receive compelling compensation and benefits packages, including: Equity for all employees Bonus or commission pay based on role Flexible time off, paid volunteer days and paid parental leave 401k match Medical, Dental, and Vision insurance Health Savings and Flexible Spending Agreement Voluntary Legal Insurance Training and career development programs Arctic Wolf is an Equal Opportunity Employer and considers applicants for employment without regard to race, color, religion, sex, orientation, national origin, age, disability, genetics, or any other basis forbidden under federal, provincial, or local law. Arctic Wolf is committed to fostering a welcoming, accessible, respectful, and inclusive environment ensuring equal access and participation for people with disabilities. As such, we strive to make our entire employee experience as accessible as possible and provide accommodations as required for candidates and employees with disabilities and/or other specific needs where possible. Please let us know if you require any accommodations by emailing *************************. Security Requirements Conducts duties and responsibilities in accordance with AWN's Information Security policies, standards, processes and controls to protect the confidentiality, integrity and availability of AWN business information (in accordance with our employee handbook and corporate policies). Background checks are required for this position. This position may require access to information protected under U.S. export control laws and regulations, including the Export Administration Regulations (“EAR”). Please note that, if applicable, an offer for employment will be conditioned on authorization to receive software or technology controlled under these U.S. export control laws and regulations. Come join the Pack during this exciting time of rapid growth where every employee makes a difference and their contributions are recognized and rewarded.

PagerDuty empowers teams of all kinds to do the critical work that moves business forward through the PagerDuty Operations Cloud. Visit our careers site (*********************************** to explore life at PagerDuty, discover opportunities, and sign-up for job alerts! PagerDuty is seeking a **Senior Security Engineer (Infrastructure & Identity Security)** to join our diverse, customer-focused team! As a Senior Security Engineer, you will be a key technical leader driving security initiatives across PagerDuty's SaaS offerings, with deep expertise in Identity and Access Management. While you'll spearhead our IAM modernization efforts and implement robust authentication patterns, you'll also be instrumental in maintaining our overall security posture through architecture reviews, threat modeling, and automated security solutions. We're looking for a security generalist who excels in IAM - someone who can tackle diverse security challenges across our infrastructure while bringing specialized knowledge in identity and access patterns. Since we own and operate what we build, you'll collaborate with 30+ engineering teams to implement secure, scalable solutions that enhance security while maintaining developer productivity. This is an exciting opportunity to not only revolutionize our IAM strategy but also contribute to the broader security landscape of our SaaS platform. **KEY RESPONSIBILITIES** + Lead and implement comprehensive IAM strategy across cloud infrastructure + Work closely with Product Engineering teams and conduct architecture reviews and threat modeling sessions focusing on but not limited to identity and access patterns + Design and implement modern service-to-service authentication patterns using technologies such as IRSA (IAM Roles for Service Accounts) and pod identity + Develop and maintain a robust secrets management framework and strategy + Drive adoption of principle of least privilege across all services and applications + Design and implement automated workflows for access reviews and certification + Design and implement security controls for AWS cloud infrastructure and containerized environments + Develop metrics and monitoring for IAM-related security events and access patterns + Monitor and maintain security tooling supporting infrastructure security controls + Design and implement security automations and tool integrations + Develop automated vulnerability management workflows to drive timely remediation + Implement automated incident response playbooks **Additional Responsibilities:** + Mentor and guide team members on security best practices and implementation approaches + Participate in our team's on-call rotation, triaging and addressing security issues as they arise. + Contribute to roadmap and annual planning discussions **BASIC QUALIFICATIONS** + 5+ years of experience as a full-stack Security Engineer in an AWS native, micro-service SaaS environment with focus on IAM. + Deep expertise in cloud security, particularly AWS services including but not limited to: + GuardDuty, CloudTrail, Config + IAM family, Secrets Manager, KMS + EKS, Service Mesh architectures + Strong expertise and experience implementing and managing identity providers, specifically Okta and/or Microsoft Entra at scale (1000+ users). + Strong understanding of zero trust principles and modern authentication patterns + Experience working with multiple development teams and technology stacks + 5+ years experience leading technical security initiatives, with proven ability to scope ambiguous projects, break down complex work into actionable items, and successfully delegate responsibilities while maintaining project momentum + Proficiency with security tools: + Vulnerability Management & EDR: Wiz, Snyk, Qualys/Nessus, Crowdstrike + SIEM: SumoLogic or Splunk + Experience with Infrastructure as Code and CI/CD: + Terraform, Helm, Chef, Ansible, Buildkite, Jenkins, ArgoCD + 4+ years of experience and proficiency in at least one programming language and framework (Python, Java, or similar) + Strong understanding of Threat Modeling principles + Experience with Security Incident Response & Risk Management + High appetite for challenging problems with a high degree of ownership. **PREFERRED QUALIFICATIONS** + Hands-on experience implementing IAM solutions at scale + Experience working at a SaaS company larger than 1000 employees and 100M in revenue + Current or past experience with obtaining and maintaining FedRAMP authorization and other compliance frameworks (SOC 2, ISO 27001) + Strong problem-solving abilities with effective change management skills + Possesses a strong sense of ownership and a keen discernment for excellence in security systems within a SaaS environment, demonstrating the ability to distinguish what constitutes a truly robust and effective safeguarding infrastructure. + Demonstrated history of mentoring and coaching + Strong written and verbal communication skills + Working knowledge and experience with PagerDuty Incident Management and Process Automation products. + Familiarity with Corporate security needs and solutions, and ability to provide oversight and mentorship to the Corporate Security team to ensure alignment with CISO strategic initiatives and mandates. The base salary range for this position is 176,000 - 281,000 USD. This role may also be eligible for bonus, commission, equity, and/or benefits. Our base salary ranges are determined by role, level, and location. The range, which is subject to change based on primary work location, reflects the minimum and maximum base salary we expect to pay newly hired employees for the position. Within the range, we determine pay for an individual based on a number of factors including market location, job-related knowledge, skills/competencies and experience. Your recruiter can share more about the specific offerings for this role, as well as the salary range for your primary work location during the hiring process. The successful applicant will be performing work in FedRAMP environments, and therefore, must be a U.S. Person (i.e. U.S. citizen, U.S. national, lawful permanent resident, asylee, or refugee). **This position may also perform work that the U.S. government has specified can only be performed by a U.S. citizen on U.S. soil.** **Not sure if you qualify?** Apply anyway! We extend opportunities to a broad array of candidates, including those with diverse workplace experiences and backgrounds. Whether you're new to the corporate world, returning to work after a gap in employment, or simply looking to take the next step in your career path, we are excited to connect with you. **Where we work** PagerDuty currently has offices in Atlanta, Lisbon, London, San Francisco, Santiago, Sydney, Tokyo, and Toronto. We offer a hybrid, flexible workplace. We also provide ample opportunities for in-person and virtual connection, like team offsites and volunteering events. **How we work** Our values are deeply embedded in how we operate and the people we bring on board. You will see our values ingrained in how we support our customers, collaborate with our colleagues, develop our products and foster an inclusive and empathetic work culture. + Champion the Customer | Put users first to design great products and experiences. + Run Together | Build strong teams that amplify our impact on users. + Take the Lead | Disrupt and invent to be the first choice for users. + Ack + Own | Take ownership and action to deliver more efficiently to users. + Bring Your Self | Bring your best self to build empathy and trust with users. **What we offer** **One way we ensure our employees are inspired to do their best is through a comprehensive total rewards approach that supports them and their loved ones. As a global organization, our programs are competitive with industry standards and aligned with local laws and regulations. Learn more, including country-specific offerings, on our** benefits site (********************************************** **.** **Your package may include:** + Competitive salary + Comprehensive benefits package from day one + Flexible work arrangements + Generous paid vacation time + Paid holidays and sick leave + Dutonian Wellness Days - scheduled company-wide paid days off in addition to PTO + Company equity* + ESPP (Employee Stock Purchase Program)* + Retirement or pension plan* + Paid parental leave - up to 22 weeks for pregnant parent, up to 12 weeks for non-pregnant parent (some countries have longer leave standards and we comply with local laws)* + HibernationDuty - an annual company paid week off when everyone at PagerDuty, with the exception of a small, coverage crew, is asked to take a much needed break to truly disconnect and recharge + Paid volunteer time off - 20 hours per year + Company-wide hack weeks + Mental wellness programs _*Eligibility may vary by role, region, and tenure_ **About PagerDuty** PagerDuty, Inc. (NYSE:PD) is a global leader in digital operations management. The PagerDuty Operations Cloud revolutionizes how critical work gets done, and powers the agility that drives digital transformation. Customers rely on the PagerDuty Operations Cloud to compress costs, accelerate productivity, win revenue, sustain seamless digital experiences, and earn customer trust. More than half of the Fortune 500 and more than two thirds of the Fortune 100 trust PagerDuty including Cisco, Cox Automotive, DoorDash, Electronic Arts, Genentech, Shopify, Zoom and more. Led by CEO Jennifer Tejada, PagerDuty's Board of Directors is 50% female and 62% URP representation. We strive to build a more equitable world by investing 1% each of company equity, product, and employee volunteer time. PagerDuty is Great Place to Work-certified, a Fortune Best Workplace for Millennials, a Fortune Best Medium Workplace, a Fortune Best Workplace in Technology, and a top rated product on TrustRadius and G2. Go behind-the-scenes on our careers site (*********************************** and @pagerduty on Instagram. **Additional Information** PagerDuty is committed to creating a diverse environment and is an equal opportunity employer. PagerDuty does not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, parental status, veteran status, or disability status. PagerDuty is committed to providing reasonable accommodations for qualified individuals with disabilities in our job application process. Should you require accommodation, please email accommodation@pagerduty.com and we will work with you to meet your accessibility needs. PagerDuty uses the E-Verify employment verification program.

L3Harris is dedicated to recruiting and developing high-performing talent who are passionate about what they do. Our employees are unified in a shared dedication to our customers mission and quest for professional growth. L3Harris provides an inclusive, engaging environment designed to empower employees and promote work-life success. Fundamental to our culture is an unwavering focus on values, dedication to our communities, and commitment to excellence in everything we do. L3Harris Technologies is the Trusted Disruptor in the defense industry. With customers mission-critical needs always in mind, our employees deliver end-to-end technology solutions connecting the space, air, land, sea and cyber domains in the interest of national security. Job Title: Lead, Information Security Systems Engineer Job Location: Salt Lake City-UT Job Code:22061 Job Schedule:9/80Employees work 9 out of every 14 days totaling 80 hours worked and have every other Friday off Position Overview: Are you ready to take your career to the next level? Join our dynamic team where work/life balance is not just a promise, but a reality. We believe in fostering a supportive and collaborative environment that prioritizes your well-being and professional growth. With access to experienced mentors and a culture that encourages continuous learning, you'll have the opportunity to expand your skills and advance your career. If you're passionate about making an impact and eager to grow alongside talented professionals, we invite you to apply and become a valued member of our team. We are lookingfor a highly motivated Information Security Systems Engineerto join our dynamic team supporting the Department of Defense. As a member of the project team, you will support the certification and accreditation of Military Communication Systems, Management Workstations and supporting Networking Infrastructure in accordance with Risk Management Framework, FIPS, and NSA Certification standards. JobDescription: Works with systems developers or commercial product vendors in the design and evaluation of state-of-the-art secure systems, networks, and database products. Uses methods such as encryption technology, vulnerability analysis and security management. Responsible for integration of multiple methods into a cohesive system security perimeter and environment and the policies and procedures necessary to monitor and maintain such an environment. Prepares Assessment and Authorization documentation using multiple standards under RMF and derivative processes (DOD 8510.01M, JSIG, ICD-503, CNSSI 1253), to achieve security authorization of supported systems. Represents program security needs, concerns, and requirements at customer meetings. Leads and contribute to all Product or Network Information Security Engineering activities pertaining to CDRLs, trade studies, security requirements analysis, secure architecture development, management & compliance with security controls, design review milestones (SRR, SDR, PDR, CDR) and security test/verification activities Performs system CONOP analysis and development Contributes to all Product and/or Security Engineering activities pertaining to CDRLs, trade studies, security requirements analysis, secure architecture development, management & compliance with security controls, design review milestones (SRR, SDR, PDR, CDR) and security test/verification activities Perform functional analysis, timeline analysis, detailed trade studies, requirements derivation and allocation, and interface definition studies to translate customer Information Security requirements into hardware and software specifications Provide Cyber technical leadership for development teams building new multi-discipline (mechanical, electrical, software, hardware etc.) products Provide Cyber technical leadership to development teams at internal and external gate reviews such as technical baseline reviews and design reviews Identify security risks, threats and vulnerabilities of networks, systems, applications, and new technology initiatives (hardware, software, cross-domain solutions, cryptographic devices, firewalls, intrusion detection systems, anti-virus systems and software deployment tools) Ensure RMF Information Security requirements and Program Protection requirements are addressed in all phases of the System Development Lifecycle (SDLC) Conduct security architecture analysis to evaluate and mitigate risks DoD 8570.01-M IASAE Level 3 certification (e.g. CISSP, ISSEP, ISSAP) RequiredQualifications: Bachelors Degree with a minimum of 9years of prior related security experience. Graduate Degree with a minimum of 7years of prior related security experience. In lieu of a degree, minimum of 13years of prior related securityexperience. Active Secret Security Clearance preferred Preferred Qualifications: Active Top Secret/SCI Security Clearance preferred Minimum of 7 years of experience with vulnerability research and analysis of computer hardware, appliances, and/or embedded systems Minimum of 7 years of experience with Risk Management Framework (RMF) accreditation and authorization (A&A) processes to include RMF steps 1-4 (categorization, controls selection, control implementation, security assessment) and standard body of evidence (BoE) package development Minimum of2 years of experience in writing and managing RMF body of evidence documents (e.g., System Security Plan (SSP), Security Compliance Traceability Matrix (SCTM), Certified Test Plan (CTP), Risk Assessment Report (RAR), Continuous Monitoring (ConMon) Plan, Plans of Action and Milestones (POA&M), and Security Assessment Plans and Procedures (SAPP) Minimum 2 years of experience with system testing and evaluation methods and RMF assessment methodology & processes Minimum of 7years of experience with IC and DoD Cyber organizations, including structure, engagement, customer relationship management, and Business Development Minimum of 5 years of experience with DCO and OCO Cyber Effects Operations (CEO) Minimum of 5 years of experience leading technical teams, decomposing requirements, solution development, implementation, and testing/qualification across a portfolio Minimum of5 years of experience with computer hardware architecture, components, and protocols Minimum of 3 years of experience with Modular Open Systems Approach (MOSA) standards Experience in validating the NSA Crypto Modernization Experience developing security overlays, data flow diagrams, internal requirements, CONOPs and interface control documents from customer and/or product requirements Experience with administration and securing Linux (RHEL/CentOS), Microsoft products including Windows Server 2016+, Windows 10, Microsoft System Center Configuration Manager, and WSUS Experience in configuration and use of cyber defense and vulnerability assessment tools such as ACAS/Nessus, Rapid7 Nexpose, etc Experience with architectures integrating VLANs, VRF, virtual switching, multi-layer switching, Multi-layer Firewalls, ACLs, secure configuration, VPN (IPSEC) Foundational knowledge of Layer 3 architecture and diagramming within Visio or other commercial products Understanding of routing and switching as employed in telecommunications and network traffic General knowledge of common threats to information systems and how compromise would damage system integrity Exposure to model-based systems engineering (MBSE) tool suites (e.g., Cameo) and associated processes Experience with application of STIGs, CIS Benchmarks, and/or SCAP and developing associated POAMs Working knowledge of embedded systems, appliances, FPGA, single-board computers, chipsets, and microprocessors Engineering experience in non-traditional national security missions #LI-HJ1#LI-CJ1 L3Harris Technologies is proud to be an Equal Opportunity Employer. L3Harris is committed to treating all employees and applicants for employment with respect and dignity and maintaining a workplace that is free from unlawful discrimination. All applicants will be considered for employment without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender (including pregnancy, childbirth, breastfeeding or other related medical conditions), gender identity, gender expression, sexual orientation, marital status, veteran status, disability, genetic information, citizenship status, characteristic or membership in any other group protected by federal, state or local laws. L3Harris maintains a drug-free workplace and performs pre-employment substance abuse testing and background checks, where permitted by law. Please be aware many of our positions require the ability to obtain a security clearance. Security clearances may only be granted to U.S. citizens. In addition, applicants who accept a conditional offer of employment may be subject to government security investigation(s) and must meet eligibility requirements for access to classified information. By submitting your resume for this position, you understand and agree that L3Harris Technologies may share your resume, as well as any other related personal information or documentation you provide, with its subsidiaries and affiliated companies for the purpose of considering you for other available positions. L3Harris Technologies is an E-Verify Employer. Please click here for the E-Verify Poster in English or Spanish. For information regarding your Right To Work, please click here for English or Spanish. RequiredPreferredJob Industries Law Enforcement & Security

This Information Security Engineer 4 position is a senior-level role on the Church's internal Offensive Security team, responsible for penetration testing and red teaming. The role focuses on identifying security issues, responsibly employing attack methodologies, and demonstrating operational impacts to protect the Church and its mission. Candidates are expected to work independently with minimal supervision and possess strong written and verbal communication skills. This position ensures that information security controls are properly implemented, monitored, and maintained to protect organizational data and systems. The role assists the business and team in defining appropriate testing objectives, processes, and measurements. This is an individual contributor position. This individual works with divine guidance to provide or support technology that furthers the mission of the Church and reflects the eternal impact of the gospel. We value early, mid and late-career candidates and encourage all applicants with the posted skills and abilities to apply. Responsibilities Testing Responsibilities include: Formally assigned and self-driven testing objectives across all technical attack disciplines, including but not limited to web app, mobile app, network, and infrastructure testing, as well as code review and exploitation Strict adherence to rules of engagement, scopes, and other testing stipulations Research into complex technical topics and issues Assessment of the effectiveness of security controls and architecture decisions Defining of appropriate testing objectives, processes, and measurements Engaging with internal customers to coordinate and report on testing efforts Effectively communicating work performed, through writing reports, giving presentations, and advising technical and non-technical professionals on security best practices and potential fixes Validating fixes deployed for identified issues to determine their effectiveness In addition to the testing responsibilities listed above other responsibilities which may be assigned as needed include: Automation of repeatable processes, including team processes Maintenance and creation of team infrastructure and tools Advising on, or assisting with, incident response Tracking of testing related metrics Creation and documentation of processes, procedures, and knowledge Attacker simulations for specific scenarios such as part of purple teaming efforts Trainings aimed at increasing the candidate's job role capabilities and understanding Creation of trainings for internal groups outside of Offensive Security aimed at increasing understanding or capability surrounding attacks and identified issues Mentoring of junior engineers or other technical professionals Assessing the validity and safety of third-party attack tools Physical security assessments as assigned Additional general responsibilities could include: Lead multiple efforts such as integration/automation, vulnerability mitigation, penetration testing, digital forensics, incident response, PKI infrastructure or code security Mentor junior Information Security Engineers Provide leadership in security services and operations Lead in tactical projects as they arise to clarify and respond to identified security risks across technical domains Lead the effort to define business objectives, operational parameters, success metrics and process documentation for a security program Investigate and correct new or unusual security configurations and implementations as identified by intelligence, analysts or monitoring Execute established security practices with consistency and discipline Implement tools, processes and communications that support information security initiatives Operate, observe and analyze security practices Operate Information Security tools and processes Collaborate with engineers in other groups to implement standardized practices and follow routine process to promote secure systems Participate in the development and refinement of Information Security programs Participate in the evaluation, selection, testing and implementation of security-focused products and services Develop and maintain documentation for security systems and procedures Continually looks for ways to incrementally improve practices where appropriate and collaborate in identifying and formulating new practices where possible Process service request tickets efficiently and reliably Qualifications Bachelor's degree in related field or equivalent professional experience Eight years experience in security, privacy, business continuity, compliance or related field with demonstrable expertise in two or more domains of information security - Or six years relevant work experience plus demonstrable expertise and skills in three of the following areas: Attacker tactics for both enterprise and web systems, cyber threat intelligence, incident handling, continuous monitoring, intrusion detection, advanced network forensics, host forensics and malware analysis Functions equally well in abstract conceptual and architectural work as in detailed technical implementation and configuration work Familiarity with programming and scripting Ability to successfully work on a team Effective professional written and oral communication skills This job operates in a professional office environment To successfully perform the essential functions of the job there may be physical requirements which need to be met such as sitting for long periods of time and using computer monitors/equipment Preferred: Relevant security certification from one or more of the following or equivalent certifying authorities: GIAC, ISC2, Offensive Security, etc. #LI-JR1

Top Secret Clearance Jobs is dedicated to helping those with the most exclusive security clearance find their next career opportunity and get interviews within 48 hours. Odyssey Systems has an exciting opportunity for a Information System Security Officer (ISSO)to support the Aerospace Dominance Enabler Division (AFLCMC/HBZ)at Hill AFB in Ogden Utah. HBZ functions as the Air Force's technical, acquisition and sustainment experts providing unique and comprehensive support to the warfighter. The ADE Division is responsible for a vast array of USAF systems to include Electronic Warfare, Range Systems, Range Instrumentation, Air Combat Training and Aircrew Readiness, Command and Control Systems, Advanced Radar Threat Systems, Combat Survivor Evader Locator, P5 Combat Training Systems, Black Switch and Legacy Voice Systems. Furthermore, the ADE Division provides support to depot level sustainment and maintenance efforts, FMS, U.S. Army, Navy, Pacific Air Forces, Air Combat Command (ACC), Air Force Materiel Command (AFMC), and Air Education and Training Command (AETC) on a continuous basis. This position plays a crucial role in supporting the HBZ Division by contributing to the establishment of a new Top Secret facility and ensuring that all compliance requirements and policies are correctly adhered to. Responsibilities In this position you will p rovide ISSO support that will be responsible for ensuring the appropriate operational security posture is maintained for the assigned IT. Including activities to maintain situational awareness and to initiate actions to improve or restore cybersecurity posture. Duties Duties includ e, but not limited to: Implements and enforce all AF cybersecurity policies, procedures, and countermeasures. Completes and maintains required cybersecurity certification IAW AFMAN17-1303. Individuals in this position must be U.S. citizens Ensures all users have the requisite security clearances and need-to-know, complete annual cybersecurity training, and are aware of their responsibilities before being granted access to the IT according to AFMAN 17-1301 Maintains all authorized user access control documentation IAW the applicable AF Records Information Management System Ensures software, hardware, and firmware complies with appropriate security configuration guidelines, e.g., security technical implementation guides /security requirement guides Ensures proper configuration management procedures are followed prior to implementation and contingent upon necessary approval. Coordinate changes or modifications with the system-level ISSM, SCA, and/or SCAR. 16 AFI17-101 6 FEBRUARY 2020 Initiates protective or corrective measures, in coordination with the ISSM, when a security incident or vulnerability is discovered Reports security incidents or vulnerabilities to the system-level ISSM. Initiates exceptions, deviations, or waivers to cybersecurity requirements Qualifications Minimum Required Qualifications: Citizenship: Must be a US citizen Clearance : Top Secret Clearance Education: Bachelor's Degree in a related field and 12 years of experience in the respective technical/professional discipline being performed, five of which must be in the DoD OR 15 years of directly related experience with proper certifications as described in the PWS labor category performance requirements, eight of which must be in the DoD Preferred Education: Master's or Doctorate Degree in a related field and ten years of experience in the respective technical / professional discipline being performed, five years of which must be in the DoD Additional Information Location: Hill AFB, Ogden UT Company Overview Odyssey Systems Consulting Group, is an innovative small business committed to providing world-class technical, management, and training support services to government and public sector clients. We focus on people, processes, and performance to deliver superior results. Since our inception in 1997, our commitment to mission success and customer satisfaction has been recognized with exponential growth and exceptional past performance ratings. We accept challenging assignments and drive projects from the planning stages, through implementation, and into operations and support. Please note: Final compensation for this position will be determined by various factors such as the Federal Government contract labor categories and contract wage rates, relevant work experience, specific skills and competencies, geographic location, education, and certifications. Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities

PagerDuty empowers teams of all kinds to do the critical work that moves business forward through the PagerDuty Operations Cloud. Visit our careers site (*********************************** to explore life at PagerDuty, discover opportunities, and sign-up for job alerts! PagerDuty is seeking a **Senior Security Engineer** to join our diverse, customer-focused team! As a **Senior Security Engineer** , you will be a key contributor in leading, driving and delivering security initiatives for PagerDuty's SaaS offerings, focusing on application & product security through architecture reviews, threat modeling sessions, and defining secure-by-design product standards and protections that support PagerDuty's security mission. Since we own and operate what we build, you'll collaborate closely with engineers across many product development teams. You will work closely with our internal development teams to ensure we deliver secure, highly reliable, and scalable solutions to our customers. This is an exciting opportunity to build security solutions that make developers and customers happy. The ideal candidate will have a blend of experiences across large enterprise environments and small or mid-size environments and will have focused on establishing security standards, coordinating with product development teams, developing strategies for secure-by-default architectures, and corresponding process and tooling selection and implementation. Things that make you smile: secure product architectures, providing an engaging Developer Experience for security adoption, and cute animal memes. **KEY RESPONSIBILITIES** + Embrace the role of hands-on technical lead in defining product security standards and guiding platform protections. + Establish criteria and conduct comprehensive security reviews throughout all stages of product development to identify and address security risks. + Perform regular threat assessments, coordinate with third-party testers for penetration testing, and conduct internal penetration testing to identify and mitigate security risks. + Mentor and guide team members to ensure product and business objectives are prioritized in project implementations, fostering a strong documentation culture with project charters and design documents. + Work with loosely defined requirements where you exercise your analytical skills to clarify questions, share your approach, and collaborate with the team to design and implement effective security frameworks. Maintain a strong appetite for challenging problems with a high degree of ownership. + Participate in the team's On-Call rotation, triaging and addressing security issues as they arise, and implement measures to prevent future occurrences. + Enable service team security implementations by developing security-as-code constructs, including infrastructure-as-code (IaC) modules, libraries and frontend components, while creating and maintaining developer-focused documentation to promote easy adoption. + Establish and uphold baseline standards and hardened configurations for platform components. + Continuously enhance security frameworks by focusing on product security standards and software supply chain protections, tailored for application security in cloud-native, microservices environments. **BASIC QUALIFICATIONS** + 5+ years of experience as a Security Engineer focused on product and application security in a cloud-native, microservices environment, preferably within AWS. + Demonstrated experience with security standards and patterns for APIs, microservices, and serverless architectures, including best practices for secure SDLC integration and development. + Familiarity with cloud-native product technologies including: + Vulnerability detection via multiple approaches including SAST, DAST, SCA, and runtime (e.g., Qualys/Nessus, Wiz, Snyk, etc.) + Security event collection and analysis (e.g., SIEM such as: SumoLogic, LogRythm, or Splunk, etc.) + Container Security (e.g., Kubernetes, EKS) + CI/CD technologies and integrations (e.g., CircleCI, Buildkite, Helm, Terraform, Chef) + Security Incident Response & Risk Management processes and tools + 4 years of experience and proficiency in at least one programming language and framework (e.g., Python, Bash, Phoenix/Elixir, Java, Ruby on Rails). + Exceptional written, oral communication, and interpersonal skills. + Strong organizational skills with the ability to successfully manage multiple priorities and deadlines. **PREFERRED QUALIFICATIONS** + Strong hands-on experience in deploying secure coding practices, automation, threat modeling and application security solutions. + Strong understanding of modern application architectures, including microservices, containerization, and cloud-native applications. + Experience with obtaining and maintaining FedRAMP authorization. + Experience working at a SaaS company larger than 1,000 employees and $100M in revenue. + Ability to analyze complex problems, and implement these solutions with a growing proficiency in change management. + Demonstrates a strong sense of ownership and a commitment to excellence in securing systems within a SaaS environment, with the ability to identify and implement resilient, effective product security measures. + Proven history of mentoring and coaching. The base salary range for this position is 176,000 - 281,000 USD. This role may also be eligible for bonus, commission, equity, and/or benefits. Our base salary ranges are determined by role, level, and location. The range, which is subject to change based on primary work location, reflects the minimum and maximum base salary we expect to pay newly hired employees for the position. Within the range, we determine pay for an individual based on a number of factors including market location, job-related knowledge, skills/competencies and experience. Your recruiter can share more about the specific offerings for this role, as well as the salary range for your primary work location during the hiring process. **Not sure if you qualify?** Apply anyway! We extend opportunities to a broad array of candidates, including those with diverse workplace experiences and backgrounds. Whether you're new to the corporate world, returning to work after a gap in employment, or simply looking to take the next step in your career path, we are excited to connect with you. **Where we work** PagerDuty currently has offices in Atlanta, Lisbon, London, San Francisco, Santiago, Sydney, Tokyo, and Toronto. We offer a hybrid, flexible workplace. We also provide ample opportunities for in-person and virtual connection, like team offsites and volunteering events. **How we work** Our values are deeply embedded in how we operate and the people we bring on board. You will see our values ingrained in how we support our customers, collaborate with our colleagues, develop our products and foster an inclusive and empathetic work culture. + Champion the Customer | Put users first to design great products and experiences. + Run Together | Build strong teams that amplify our impact on users. + Take the Lead | Disrupt and invent to be the first choice for users. + Ack + Own | Take ownership and action to deliver more efficiently to users. + Bring Your Self | Bring your best self to build empathy and trust with users. **What we offer** **One way we ensure our employees are inspired to do their best is through a comprehensive total rewards approach that supports them and their loved ones. As a global organization, our programs are competitive with industry standards and aligned with local laws and regulations. Learn more, including country-specific offerings, on our** benefits site (********************************************** **.** **Your package may include:** + Competitive salary + Comprehensive benefits package from day one + Flexible work arrangements + Generous paid vacation time + Paid holidays and sick leave + Dutonian Wellness Days - scheduled company-wide paid days off in addition to PTO + Company equity* + ESPP (Employee Stock Purchase Program)* + Retirement or pension plan* + Paid parental leave - up to 22 weeks for pregnant parent, up to 12 weeks for non-pregnant parent (some countries have longer leave standards and we comply with local laws)* + HibernationDuty - an annual company paid week off when everyone at PagerDuty, with the exception of a small, coverage crew, is asked to take a much needed break to truly disconnect and recharge + Paid volunteer time off - 20 hours per year + Company-wide hack weeks + Mental wellness programs _*Eligibility may vary by role, region, and tenure_ **About PagerDuty** PagerDuty, Inc. (NYSE:PD) is a global leader in digital operations management. The PagerDuty Operations Cloud revolutionizes how critical work gets done, and powers the agility that drives digital transformation. Customers rely on the PagerDuty Operations Cloud to compress costs, accelerate productivity, win revenue, sustain seamless digital experiences, and earn customer trust. More than half of the Fortune 500 and more than two thirds of the Fortune 100 trust PagerDuty including Cisco, Cox Automotive, DoorDash, Electronic Arts, Genentech, Shopify, Zoom and more. Led by CEO Jennifer Tejada, PagerDuty's Board of Directors is 50% female and 62% URP representation. We strive to build a more equitable world by investing 1% each of company equity, product, and employee volunteer time. PagerDuty is Great Place to Work-certified, a Fortune Best Workplace for Millennials, a Fortune Best Medium Workplace, a Fortune Best Workplace in Technology, and a top rated product on TrustRadius and G2. Go behind-the-scenes on our careers site (*********************************** and @pagerduty on Instagram. **Additional Information** PagerDuty is committed to creating a diverse environment and is an equal opportunity employer. PagerDuty does not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, parental status, veteran status, or disability status. PagerDuty is committed to providing reasonable accommodations for qualified individuals with disabilities in our job application process. Should you require accommodation, please email accommodation@pagerduty.com and we will work with you to meet your accessibility needs. PagerDuty uses the E-Verify employment verification program.