landing_page-logo
  1. Home
  2. »All Job Categories
  3. »Information Technology Jobs

Auto-apply to these information technology jobs

We've scanned millions of jobs. Simply select your favorites, and we can fill out the applications for you.

Senior Information Security Engineer-logo
Senior Information Security Engineer
Swivel TransactionsSan Antonio, Texas
SWBC is seeking a talented individual to serve as a key Information Security Engineer empowered to leverage the industry’s latest security principles, practices, and tools to improve the reliability, integrity, and security of on premise and cloud-hosted applications. Works by, with, and through internal and external DevOps stakeholders to incorporate security into all stages of the software development life cycle. Applies DevSecOps principles and applicable security standards to secure cloud services, cloud native applications, integrations, and supporting infrastructure through Continuous Integration (CI) and Continuous Delivery (CD) workflows, patterns, and tools. Analyzes cybersecurity, software development, infrastructure, software design, architecture and information technology best practices, threat intelligence, and emerging requirements to improve the security of the hosting environment and applications. Monitors cloud applications and services for indicators for compromise and compliance shortfalls and tracks issues for timely remediation. Implements administrative and technical controls to ensure security, privacy, and compliance of data stored, processed, or transmitted on Company owned or controlled cloud platforms. Monitors industry security updates, technologies, and best practices to ensure the Company's multi-cloud environment continues to provide adequate security and meet compliance requirements. Why you'll love this role: In this role, you will work with some of the top information security, technology, and business professionals in the financial services industry. As part of an agile and innovated security team, you will work closely with stakeholders at all levels and interact with the industry’s top partners. You will employ advanced security technology and tactics to defend cutting-edge FINTECH and business technology. Beyond amazing career opportunities and singular experiences, our security team is diverse in all aspects; passionate about collaboration; leverages amazing technology and automation; laughs often; and celebrates our success as a team. Our leaders recognize that empowerment, autonomy, work-life balance, professional development, continuous improvement, and a commitment to shared values are key enablers of our success. We work hard, take care of each other, and deliver positive outcomes daily. This will be your best career decision. Essential duties include the following: Identifies, implements, maintains, and monitors risk-informed, standards-based, effective, and efficient security controls within a hybrid multi-cloud technology environment. Supports continuous integration and continuous development pipelines and processes that automatically build, test, and deploy infrastructure and containerized applications to ensure appropriate security checks are included automatically or manually. Reviews software releases and infrastructure changes for security vulnerabilities and risks prior to approval. Supports enterprise software development and cloud infrastructure projects and production applications that store, process, and transmit regulated data to ensure controls meet or exceed standards. Manages vulnerabilities and security testing for on premise and cloud-hosted applications and tracks issues to remediation. Supports audit and compliance efforts to ensure applications, infrastructure, and integrations meet applicable compliance and contractual standards. Identifies, recommends, and tests technical security standards and guidelines for software development, DevOps, and release management to ensure that all delivered solutions and architecture adhere to industry best-practices for availability, confidentiality, and integrity. Partners with internal and external development teams and other stakeholders to improve security and operational monitoring for cloud hosted workloads. Develops and tests incident response plans to prepare for, respond to, and recover from security incidents and operational issues as part of an incident response team. Supports efforts to provide for a secure integrated development environment for external and internal software and release management pipelines. Builds and tracks performance indicators and metrics to inform security control monitoring in cloud environments. Performs all other duties as assigned. Serious candidates will possess the minimum qualifications: Bachelor’s Degree in Computer or Software Engineering, Information Security, Cybersecurity or related field from an accredited four year college or university required. Master’s Degree preferred. AWS Certified Solutions Architect or DevOps Engineer Professional certification required. AWS Security Specialty certification highly desired. Certified Information Systems Security Professional (CISSP) and Certified Cloud Security Professional (CCSP) highly desired. Cloud Security Alliance (CSA) Certificate of Cloud Security Knowledge (CCSK) desired. GIAC Cloud Security Automation (GCSA) certification highly desired. Must be able to obtain certification within 6 months of hire. Minimum eight (8) years of extensive security engineering experience, including architectural design using AWS best practices and industry standards. Experience implementing and managing tools for security, availability, and compliance monitoring in a cloud environment which includes collecting data, parsing log files, capturing network traffic, setting alert thresholds, and notifying stakeholders. Experience and understanding of the DevOps deployment pipeline and security considerations for each step of the CI/CD processes. Experience with serverless architectures, their features, advantages, security concerns, and tactics for deploying effective security in serverless implementations. Experience with vulnerability management and virtual patching in the cloud. Experience with Amazon Web Services (AWS) cloud architecture components, security, identity, & compliance services, and knowledge of how to secure the environment. Familiar with DevOps toolsets to track work items, code, test, build, and release, and knowledge of how each stage is secured and automated. Familiar with tools to perform vulnerability assessments, threat detection, compliance benchmarking, audit logging, log evaluation, and network collection for cloud hosted applications. Familiar with basic web development practices, i.e. HTML, CSS, JavaScript, JQuery, etc. Familiar with team development tools and source control, including Azure DevOps, GIT, etc. Familiar with the principles of software development life cycle (SDLC) and separation of duties. Understanding of micro service architecture and implementation of appropriate security controls used in various architectural designs and conditions. Understanding of “As Code” processes and attack surfaces presented by CI, CD, and CM tools and familiarity with techniques for how to harden these tools. Understanding of the Secure DevOps auditing controls and how to leverage automated scanners to automate policy requirements. Demonstrated knowledge of how to configure security services and tools such as Web Application Firewalls, Content Delivery Networks, and Intrusion Monitoring to protect against common website attacks. Demonstrated knowledge of encryption and encryption key management using managed services and a dedicated cloud hardware security module. Knowledge of container security issues, hardening containerized environments, container orchestration tools, and running production workloads in the cloud. Knowledge of IT Security Operations. Knowledge of UI, AI, and Machine Learning. Knowledge the Payment Card Industry (PCI) Data Security Standard (DSS). Able to understand and write basic JSON programming language policies. Demonstrated ability to work as an essential part of a highly motivated business, technology, development teams. Proficient Microsoft Office skills, including Word and Excel. Written and verbal communication skills and the ability to work with teams and external stakeholders are essential. Strong problem resolution and interpersonal skills. Strong multi-tasking skills. Able to use general office equipment including copy machine and phone system. SWBC offers*: Competitive overall compensation package Work/Life balance Employee engagement activities and recognition awards Years of Service awards Career enhancement and growth opportunities Leadership Academy and Mentor Program Continuing education and career certifications Variety of healthcare coverage options Traditional and Roth 401(k) retirement plans Lucrative Wellness Program *Based upon employee eligibility Additional Information: SWBC is a Substance-Free Workplace and requires pre-employment drug testing. Please note, SWBC does not hire tobacco users as allowed by law. To learn more about SWBC, visit our website at www.SWBC.com. If interested, please click the appropriate apply button.

Posted 30+ days ago

Information Governance Specialist-logo
Information Governance Specialist
WFB Perkins Coie LLPSeattle, Washington
Job Description: Perkins Coie is seeking a qualified and dynamic individual to take on the role of Information Governance Specialist who will work under the direction of the Information Governance Manager and be responsible for applying established policies and procedures to facilitate the management of physical and electronic records in support of the Firm’s operational needs and Information Governance strategy. The Information Governance Specialist will likewise assist with the life cycle of Firm and client/matter records, regardless of media or location (on-site and off-site). This position will work closely with legal and staff teams, assisting with the management of information throughout the organization to ensure compliance with legal, regulatory, and operational requirements and standard operating procedures. ESSENTIAL FUNCTIONS These essential functions are primary job duties that incumbents must be able to perform unassisted or with some reasonable accommodation. Prioritize & accomplish multiple tasks in a fast-paced, deadline-driven, and detail-oriented work environment. Implement Information Governance policies to ensure compliance with the Firm’s legal obligations, operational requirements, and risks regarding all records. Provide guidance and training to attorneys and staff as necessary. Promote the Firm’s objective to reduce the use/creation of physical hard-copy files. Coordinate and/or perform scanning activities to ensure projects are completed timely and accurately. Execute Information Governance procedures for the collection, review, and release of physical records necessary to comply with client records transfer requests. Support procedures related to legal hold processes, such as collections, terminations, and preservation orders. Support processes for physical records disposition in response to court-ordered document destruction or implementation of Firm retention policies. Execute physical records collection and disposition processes related to attorney and staff departures. Process physical records received in conjunction with the onboarding of lateral attorneys and/or the transfer of incoming client files. Perform routine audits of physical records inventories. Attend all regularly scheduled department, office, and Firm-wide meetings, and complete all mandatory training as assigned. SPECIFIC SKILLS REQUIRED Strong written and oral communication skills. Strong interpersonal and collaborative skills. Ability to work well with others on a team. Ability to exercise discretion and maintain the confidentiality of Firm records and information. SPECIFIC SKILLS PREFERRED Experience utilizing records management software and document management systems. Familiarity with importing/exporting data to and from document management systems. Familiarity with cloud collaboration systems such as Google G-Suite and Microsoft Teams. Experience with Microsoft software, specifically Outlook, Word, PowerPoint, and Excel. Familiarity with video conferencing and screen share functionality. Familiarity with workflow management applications such as ServiceNow. Familiarity with SFTP/FTP sites and encryption technology. Familiarity with structured, semi-structured, and unstructured data. Familiarity with the management of network file shares. Ability to analyze data and interpret information to improve the management of client and administrative records. Familiarity with industry best practices and information governance. PHYSICAL DEMANDS To perform the essential functions of this job, the employee must: Be able to lift and/or move up to 30 pounds. Regularly sit, use hands to handle objects, and communicate effectively. Occasionally reach with hands and arms. Reasonable accommodations may be provided for individuals with disabilities. EDUCATION AND EXPERIENCE Qualified candidates must have a high school diploma or GED;, those with a Bachelor’s Degree are preferred. Candidates may also have equivalent work experience in Records Management, Information Governance, or Data Management. * To comply with Export Control laws, candidates must be U.S. citizens or lawful permanent residents to apply . At Perkins Coie, we look for self-motivated individuals dedicated to providing value and superior service and who have a high degree of integrity and enthusiasm for their work. We have created a company culture based on collaboration, devotion to serving our clients, and mutual respect. Perkins Coie is committed to advancing diversity and inclusion both within the firm and throughout our collective communities. Work with one of the 100 Best Companies to Work For and receive great health insurance, tuition reimbursement, and paid sabbaticals. This position is eligible for an annual discretionary bonus, 401(k) plan, medical, dental, and vision insurance, accrued paid time off plan starting at 20 days annually, personal medical and parental leave, up to 10 paid holidays, and family care benefits. More information regarding benefits and programs may be found here . This position may be filled in the following location(s). The compensation depends on qualifications and experience. Washington state compensation range: $43,160 to $60,840 annually . #LI-Hybrid

Posted 5 days ago

Business Information Consultant Senior - Health System Reimbursement-logo
Business Information Consultant Senior - Health System Reimbursement
CareBridgeSaint Louis, MO
Business Information Consultant Senior- Health System Reimbursement Location: This role requires associates to be in-office 1 day per week, fostering collaboration and connectivity, while providing flexibility to support productivity and work-life balance. This approach combines structured office engagement with the autonomy of virtual work, promoting a dynamic and adaptable workplace. Ideal candidates will be able to report to one of our Pulse Point locations in Atlanta, GA, Richmond, VA, Indianapolis, IN, Norfolk, VA, Wallingford, CT, St. Louis, MO, Louisville, KY or Mason, OH. The Business Information Consultant Senior- Health System Reimbursement is responsible for coordinating and consolidating various impact analyses for management reporting. How you will make an impact: Establishes, improves, and optimizes the consolidating processes for forecast and month-end results. Consolidates and prepares executive summary reports for various business segments in the SBU for top management decision-making. Analyzes and designs solutions to address varied and highly complex business needs. Collaborates with businesses and technical areas to implement new or enhanced products. Coordinates with external audits as appropriate. Acts as the central contact with internal departments and external auditors. Minimum Requirements: Requires a BA/BS degree in Statistics, Economics, or Business Administration and minimum of 8 years of relevant experience; or any combination of education and experience which would provide an equivalent background. Preferred Skills, Capabilities and Experiences: Proficient in modeling the financial impacts of changes in reimbursement structures and rates for health systems such as hospitals and physician practices highly preferred. Experience benchmarking hospital or physician rates against Medicare reimbursement highly preferred. Excel, SQL, and SAS experience highly preferred. Strong knowledge of products as well as our internal business models and data systems highly preferred. Experience providing leadership in evaluating financial performance of complex organizations highly preferred. Excellent leadership, problem solving, organizational, planning, presentation and interpersonal skills highly preferred. Ability to work independently and draw up plans to address issues/concerns highly preferred. Please be advised that Elevance Health only accepts resumes for compensation from agencies that have a signed agreement with Elevance Health. Any unsolicited resumes, including those submitted to hiring managers, are deemed to be the property of Elevance Health. Who We Are Elevance Health is a health company dedicated to improving lives and communities - and making healthcare simpler. We are a Fortune 25 company with a longstanding history in the healthcare industry, looking for leaders at all levels of the organization who are passionate about making an impact on our members and the communities we serve. How We Work At Elevance Health, we are creating a culture that is designed to advance our strategy but will also lead to personal and professional growth for our associates. Our values and behaviors are the root of our culture. They are how we achieve our strategy, power our business outcomes and drive our shared success - for our consumers, our associates, our communities and our business. We offer a range of market-competitive total rewards that include merit increases, paid holidays, Paid Time Off, and incentive bonus programs (unless covered by a collective bargaining agreement), medical, dental, vision, short and long term disability benefits, 401(k) +match, stock purchase plan, life insurance, wellness programs and financial education resources, to name a few. Elevance Health operates in a Hybrid Workforce Strategy. Unless specified as primarily virtual by the hiring manager, associates are required to work at an Elevance Health location at least once per week, and potentially several times per week. Specific requirements and expectations for time onsite will be discussed as part of the hiring process. The health of our associates and communities is a top priority for Elevance Health. We require all new candidates in certain patient/member-facing roles to become vaccinated against COVID-19 and Influenza. If you are not vaccinated, your offer will be rescinded unless you provide an acceptable explanation. Elevance Health will also follow all relevant federal, state and local laws. Elevance Health is an Equal Employment Opportunity employer and all qualified applicants will receive consideration for employment without regard to age, citizenship status, color, creed, disability, ethnicity, genetic information, gender (including gender identity and gender expression), marital status, national origin, race, religion, sex, sexual orientation, veteran status or any other status or condition protected by applicable federal, state, or local laws. Applicants who require accommodation to participate in the job application process may contact elevancehealthjobssupport@elevancehealth.com for assistance. Qualified applicants with arrest or conviction records will be considered for employment in accordance with all federal, state, and local laws, including, but not limited to, the Los Angeles County Fair Chance Ordinance and the California Fair Chance Act.

Posted 1 week ago

Security Enablement Lead, Information Security-logo
Security Enablement Lead, Information Security
Idexx Laboratories, Inc.Westbrook, ME
IDEXX Laboratories is seeking a Information Security Enablement Lead to drive our security empowerment initiatives across the organization. This pivotal role will serve as the cornerstone of our Security Champions program and Secure Systems Development Lifecycle (SSDLC) education program. The ideal candidate will be passionate about creating a security-minded culture, adept at building relationships across technical teams, and experienced in translating complex security concepts into actionable guidance for development teams. As the Security Enablement Lead, you will be responsible for building and maintaining a network of security-minded individuals embedded within delivery teams who act as force multipliers for our security initiatives. Additionally, you will develop and implement comprehensive security education programs to integrate security awareness throughout the development lifecycle. This role requires a unique blend of technical security knowledge, education/training expertise, and program management skills. If you would love to make a meaningful impact on global health through our work with animals, people, and the environment, thrive in a collaborative culture that values security as a shared responsibility, and have the opportunity to build and scale security programs across a diverse, global organization, then this could be the role for you! Location: Maine-based or driving distance to Westbrook, Maine HQ is preferred, but we are open to individuals outside of this area as well, mostly EST and CST time zones In this role you will be responsible for... Security Champions Program Management Lead the day-to-day operation and evolution of the Security Champions program Recruit, onboard, and support a growing network of security champions embedded within product and application delivery teams Coordinate specialized security training, certification opportunities, and regular briefings on security trends and threats Establish and maintain a community platform for knowledge sharing and collaboration Track and report on program success metrics including security defect identification rates, resolution times, and team awareness levels Act as the primary liaison between security champions and the security organization Drive the program to full operational status by Q4 2025 as outlined in our roadmap Facilitate recognition for champion contributions to security initiatives SSDLC Education Framework Support development of a comprehensive security engineering framework based on industry standards (OWASP SAMM, CIS Benchmarks, CMU SEF) Implement a role-based security training curriculum for technical personnel (developers, architects, testers) Communicate security controls across the development lifecycle Establish security assessment methods for application architectures Implement training needs assessment, curriculum development, and module launches Design and deliver education programs on secure development practices Build awareness campaigns to promote security best practices Measure and report on training effectiveness using established metrics Cross-Functional Partnership Collaborate with InfoSec, IT Operations, and product delivery teams to align security objectives Provide guidance on security best practices to development teams Support security requirement implementation and vulnerability management initiatives Identify opportunities to enhance security processes and tools Contribute to the continued development of the security culture at IDEXX What you will need to Succeed... Bachelor's degree in Computer Science, Information Security, or related field, or equivalent work experience 3 to 5+ years of experience in information security, with specific focus on application security, secure development practices, or security program implementation Demonstrated experience developing and delivering security training or education programs Strong understanding of SDLC processes and secure coding principles Excellent communication, presentation, and interpersonal skills Ability to translate complex security concepts for technical and non-technical audiences Program management experience with demonstrated success in building and scaling initiatives Knowledge of security frameworks and standards (OWASP, NIST, CIS, etc.) Preferred Security certification (CISSP, CSSLP, Security+, etc.) Experience implementing or managing a Security Champions program Background in training, education, or knowledge management Knowledge of cloud security concepts across major platforms (AWS, Azure, GCP) Knowledge of security tooling (SAST, DAST, SCA, etc.) Knowledge of vulnerability management processes Experience working in regulated industries What you can expect from us: Base annual salary target: $90000 - $100000 (yes, we do have flexibility if needed) Opportunity for annual cash bonus Health / Dental / Vision Benefits Day-One 5% matching 401k Additional benefits including but not limited to financial support, pet insurance, mental health resources, volunteer paid days off, employee stock program, foundation donation matching, and much more! Why IDEXX? We're proud of the work we do, because our work matters. An innovation leader in every industry we serve, we follow our Purpose and Guiding Principles to help pet owners worldwide keep their companion animals healthy and happy, to ensure safe drinking water for billions, and to help farmers protect livestock and poultry from diseases. We have customers in over 175 countries and a global workforce of over 10,000 talented people. So, what does that mean for you? We enrich the livelihoods of our employees with a positive and respectful work culture that embraces challenges and encourages learning and discovery. At IDEXX, you will be supported by competitive compensation, incentives, and benefits while enjoying purposeful work that drives improvement. Let's pursue what matters together. IDEXX values a diverse workforce and workplace and strongly encourages women, people of color, LGBTQ+ individuals, people with disabilities, members of ethnic minorities, foreign-born residents, and veterans to apply. IDEXX is an equal opportunity employer. Applicants will not be discriminated against because of race, color, creed, sex, sexual orientation, gender identity or expression, age, religion, national origin, citizenship status, disability, ancestry, marital status, veteran status, medical condition, or any protected category prohibited by local, state, or federal laws. #LI-REMOTE

Posted 30+ days ago

Head Of Product, Information Security And Identity-logo
Head Of Product, Information Security And Identity
UpholdNew York, NY
About Uphold Uphold is a financial technology company that believes on-chain services are the future of finance. It provides modern infrastructure for on-chain payments, banking, and investments. Offering Consumer Services, Business Services, and Institutional Trading, Uphold makes pioneering financial services easy and trusted for millions of customers in more than 140 countries. Uphold strips away the complexity and lack of transparency to open up Web3 finance for everyone. To learn more about Uphold, please visit https://uphold.com . The Opportunity Uphold is seeking a Head of Product, Information Security and Identity to lead the vision, strategy, and execution of its cybersecurity and Identity and Access Management (IAM) functions. This director-level, hybrid role-based in New York City with a required weekly in-office presence-blends product leadership with deep technical expertise to deliver secure, scalable solutions that protect users, systems, and data. The ideal candidate will have a strong background in fraud detection and prevention, with demonstrated experience designing, implementing, and managing IAM solutions that safeguard sensitive information while proactively mitigating access-related fraud risks. Expertise in authentication protocols, role-based access control, and privileged access management is essential, along with hands-on experience using IAM tools and analytics to detect anomalies and prevent identity-based threats. This role will collaborate closely with cybersecurity, compliance, and fraud teams to establish policies and controls that ensure secure and compliant access across the organization. Reporting to the VP of Product, the Head of Product will be responsible for defining product strategy, aligning cross-functional teams, and delivering solutions that meet the evolving needs of customers, regulatory frameworks, and emerging security threats-all while maintaining a seamless customer experience. What you'll be doing primarily: Define and lead the product vision, roadmap, and strategy for information security and identity products, including authentication, access management, data protection, and threat detection. Collaborate with Engineering, Security, Legal, and Compliance teams to ensure product security, privacy, and regulatory compliance (e.g., GDPR, SOC 2, CCPA). Own the product lifecycle from discovery through delivery, including customer research, requirements definition, prioritization, and go-to-market planning. Build and manage a high-performing product team with expertise in security, IAM, and cloud infrastructure. Analyze market trends, competitive landscape, and emerging technologies to inform product direction. Serve as the voice of the customer and advocate for intuitive, secure, and scalable identity experiences. Partner with internal stakeholders (IT, security operations, DevSecOps) to ensure enterprise-grade security standards are applied across products. Represent the product function in executive discussions, customer briefings, and industry forums. Required Qualifications: 10+ years of experience in product management with at least 5 years focused on information security, identity, or access management. Proven leadership experience managing product teams and cross-functional initiatives at scale. Ability to translate technical security concepts into user-friendly experiences through user stories, wireframing, and journey mapping. Experience using LLMs and other AI tooling to improve efficiency and productivity. Deep understanding of IAM protocols (e.g., OAuth, SAML, OpenID Connect), security frameworks (e.g., NIST, ISO 27001), and cloud-native security practices. Experience with enterprise SaaS platforms, security services, or developer-focused products. Strong analytical, communication, and stakeholder management skills. Bachelor's degree in Computer Science, Engineering, or a related field, or equivalent hands-on experience. Experience working in regulated industries (finance, healthcare, government) and coordination with control functions. Crypto industry experience is a big plus! Ability to travel globally as needed. Experience working with global teams. Self-starter: able to work asynchronously and independently. Hybrid role: This role requires you to be in person in our NY office weekly. Bonus if you have: Empathy for consumer and business user security experience and implementation considerations. Familiarity with DevSecOps, zero trust architecture, and security automation. Understanding threat modeling, data privacy, risk management, and fraud prevention. What we have to offer you: An amazing work environment in a company that continues to grow, driven by extraordinary and passionate people that keep up innovating and challenging more each day. An international team, in a cutting edge field, working on the most fascinating projects. Growth and career opportunities, and the chance to be proactive and creative. A flexible and enthusiastic work environment that offers you snacks, a lot of coffee and other great benefits. Open and transparent culture - we get together on a weekly basis to share updates, strategic plans, and engage with each other informally over food and drinks. Interesting events that keep you connected with the team and celebrate our success. Salary: $150K + DOE/Bonus/Options/Benefits/Lunch Provided in Office Join us to grow, innovate, and contribute meaningfully. Be part of our talented team! Visit our careers page for more exciting opportunities, if this role isn't the perfect fit. EEOC Employer We're proud to be an Equal Opportunity Employer and we celebrate our employees' differences, including race, color, religion, gender identity, national origin, age, military service eligibility, veteran status, sexual orientation, marital status, disability, and any other protected classes. Difference makes us stronger and better - together.

Posted 5 days ago

Senior Associate, Information Assurance Services-logo
Senior Associate, Information Assurance Services
AprioAtlanta, GA
Work with a nationally ranked CPA and advisory firm that is passionate for what's next. Aprio has 30 U.S. office locations, one in the Philippines and more than 2,100 team members that speak 60+ languages across the globe. By bringing together proven expertise, deep understanding, and strategic foresight for fast-growing industries, Aprio ensures clients are prepared for wherever life or business may take them. Discover a top-rated culture, vast growth opportunities and your next big career move with Aprio. Join Aprio's Information Assurance Services team and you will help clients maximize their opportunities. Aprio is a progressive, fast-growing firm looking for a Senior Associate to join their dynamic team. Aprio's Information Assurance practice supports the delivery of attestation and consulting services for multiple clients in data and tech-based industries such as credit reporting and analytics, payment card services, healthcare IT, and cloud services. The business model and methodologies are focused on risk management and adding value to clients in all services provided. Aprio's IAS group utilizes sound business practices and technical expertise (rather than working off checklists) to enable clients to identify, mitigate, and monitor the most technical risks associated with their technology use. Position Summary Aprio is seeking a CMMC Certified Professional (CCP) to join our Information Assurance Services (IAS) practice as a Senior Associate. This role is focused on providing assistance during formal CMMC Level 2 assessments and readiness consulting services to clients within the Defense Industrial Base (DIB), helping them prepare for CMMC compliance with NIST SP 800-171 Rev. 2 requirements. This is an ideal position for someone with a technical risk background, audit experience, and hands-on knowledge of NIST-based cybersecurity frameworks. You will play a key role in providing assistance during assessments, guiding remediation efforts, and supporting overall cybersecurity posture improvements. Responsibilities: Client Service: Assist in conducting CMMC Level 2 assessments in accordance with the CMMC Assessment Process (CAP) Deliver CMMC readiness engagements, including control gap assessments and evidence review Evaluate and test client implementations against NIST SP 800-171 controlsin accordance with the CMMC program Provide expert guidance to clients preparing for formal certification or self-assessment Review documentation, perform interviews, and validate technical configurations for adequacy and sufficiency Document and communicate findings through detailed reports, briefings, and walkthroughs Internal and Development: Collaborate with team members to develop internal methodologies for CMMC Support the creation of processes and templates for client engagements Sales and Marketing: Support business development efforts by participating in discovery calls, client scoping, and proposal creation Serve as a subject matter expert in CMMC, NIST SP 800-171, and related DoD compliance programs Qualifications: Required: Active or in progress CMMC Certified Professional (CCP) certification CompTIA Security+ (or equivalent DoD 8140Intermediate Certifications) Minimum 2 years of experience with NIST SP 800-171 assessments or implementation Experience supporting clients in regulated industries, particularly the DIB Excellent communication and documentation skills, including writing audit reports Strong understanding of cybersecurity risk management principles and control testing Willingness to travel up to 30% Preferred: CMMC Certified Assessor (CCA) CISSP, CISA, CISM, or otherDoD 8140 advanced security certifications Familiarity with frameworks including FedRAMP, ISO 27001, and NIST CSF Prior experience working for aC3PAO, 3PAO or in a government contracting environment Bachelor's degree in Cybersecurity, Computer Science, Information Systems, or related field What We Offer Opportunity to work with a nationally recognized cybersecurity team and cutting-edge clients Continued training and development support for higher-level certifications and advancement Culture of mentorship, innovation, and teamwork $81,500 - $105,000 a year The salary range for this opportunity is stated above. As such, an actual salary may fall closer to one or the other end of the range, and in certain circumstances, may wind up being outside of the listed salary range. The application window is anticipated to close on August 21st and may be extended as needed. Why work for Aprio: Whether you are just starting out, looking to advance into management or searching for your next leadership role, Aprio offers an opportunity to grow with a future-focused, innovative firm. Perks/Benefits we offer for full-time team members: Medical, Dental, and Vision Insurance on the first day of employment Flexible Spending Account and Dependent Care Account 401k with Profit Sharing 9+ holidays and discretionary time off structure Parental Leave - coverage for both primary and secondary caregivers Tuition Assistance Program and CPA support program with cash incentive upon completion Discretionary incentive compensation based on firm, group and individual performance Incentive compensation related to origination of new client sales Top rated wellness program Flexible working environment including remote and hybrid options What's in it for you: Working with an industry leader: Be part of a high-growth firm that is passionate for what's next. An awesome culture: Thirty-one fundamental behaviors guide our culture every day ensuring we always deliver an exceptional team-member and client experience. We call it the Aprio Way. This shared mindset creates lasting relationships between team members and with clients. A great team: Work with a high-energy, passionate, caring and ambitious team of professionals in a collaborative culture. Entrepreneurship: Have the freedom to innovate and bring your ideas to help us grow to become the CPA firm of choice nationally. Growth opportunities: Grow professionally in an environment that fosters continuous learning and advancement. Competitive compensation: You will be rewarded with competitive compensation, industry-leading benefits and a flexible work environment to enjoy work/life balance. EQUAL OPPORTUNITY EMPLOYER Aprio is an Equal Opportunity Employer encouraging diversity in the workplace. All qualified applicants will receive consideration for employment without regard to race; color; religion; national origin; sex; pregnancy; sexual orientation; gender identity and/or expression; age; disability; genetic information, citizenship status; military service obligations or any other category protected by applicable federal, state, or local law. Aprio, LLP and Aprio Advisory Group, LLC, operate in an alternative business structure, with Aprio Advisory Group, LLC providing non-attest tax and consulting services, and Aprio, LLP providing CPA firm services.

Posted 3 days ago

Social Media Assistant - Black Information Network-logo
Social Media Assistant - Black Information Network
Iheartmedia, Inc.Virtual, TN
iHeartMedia Markets Current employees and contingent workers click here to apply and search by the Job Posting Title. The audio revolution is here - and iHeart is leading it! iHeartMedia, the number one audio company in America, reaches 90% of Americans every month -- a monthly audience that's twice the size of any other audio company - almost three times the size of the largest TV network - and almost 4 times the size of the largest ad-supported music streaming service. In fact, we have: More #1 rated markets than the next two largest radio companies combined; We're the largest podcast publisher, with more monthly downloads than the second- and third-largest podcast publishers combined. Podcasting, the fastest-growing new media, today has more monthly users than streaming music services or Netflix; iHeart is the home of many of the country's most popular and trusted on-air personalities and podcast influencers, who build important connections with hundreds of communities across America; We create and produce some of the most popular and well-known branded live music events in America, including the iHeartRadio Music Festival, the iHeartRadio Music Awards, the iHeartCountry Festival, iHeartRadio Fiesta Latina and the iHeartRadio Jingle Ball Tour; iHeartRadio is the #1 streaming radio digital service in America; Our social media footprint is 7 times larger than the next largest audio service; and We have the only complete audio ad technology stack in the industry for all forms of audio, from on demand to broadcast radio, digital streaming radio and podcasting, which bring data, targeting and attribution to all forms of audio at an unparalleled scale. As a result, we're able to combine our strong leadership position in audience reach, usage and ad tech with powerful tools and insights for our sales organizations to help them build success for their clients at a more efficient cost than any other option. Because we reach almost every community in America, we're committed to providing a range of programming that reflects the diversity of the many communities we serve - and our company reflects that same kind of diversity. Our company values stress collaboration, curiosity, welcoming dissent, accepting mistakes in the pursuit of new ideas, and respect for everyone. Only one company in America has the #1 position in everything audio: iHeartMedia! If you're excited about this role but don't feel your experience aligns perfectly with the job description, we encourage you to apply anyway. At iHeartMedia we are dedicated to building a diverse, inclusive, and authentic workplace and are looking for teammates passionate about what we do! What We Need: The Social Media Assistant for the Black Information Network will support the content team in growing engagement, strengthening brand recognition, and driving audience reach and revenue through impactful social storytelling. This role is ideal for creatives who are passionate about content creation and love finding new ways to tell compelling stories through social media. The ideal candidate is a self-starter who thrives in a fast-paced, 24/7 news environment. While independence is key, being a team player is of the utmost importance-collaboration is at the heart of everything we do. We're looking for someone who is chronically online-the kind of person who lives and breathes social media, always knows the latest trends, and genuinely loves creating content. If making TikToks, brainstorming viral moments, and experimenting with creative storytelling excites you, this role offers plenty of space for fun and innovation. At BIN, our mission is to inform and empower the Black community-so it's essential that you're tapped into Black culture, conversations, and current events. You should not only understand the significance of this role but also know how to engage and speak authentically to our audience in a way that's impactful, respectful, and culturally resonant. This role reports directly to the Senior Director of Digital & Social Strategy. What You'll Do: Key Responsibilities: Manage and maintain BIN's daily social media presence, ensuring content is consistently engaging and aligned with the brand's voice. Create visually compelling social content using Canva, Photoshop, and other graphic design tools to enhance storytelling. Stay on top of social media trends, keeping the team informed and incorporating timely, relevant content into daily strategy. Write engaging, culturally relevant social copy that resonates with BIN's audience. Monitor emerging platforms and explore opportunities to integrate them into BIN's broader social strategy. Track analytics and performance metrics to optimize content and improve engagement. Collaborate with internal teams to support editorial, marketing, and partnership initiatives. Engage with the audience by responding to comments and fostering meaningful conversations. Be flexible and available beyond traditional 9-to-5 hours as news is constantly evolving (this is an hourly role, so OT is available as needed). Provide general administrative support to the social team as needed. What You'll Need: Experience/Skills/Qualifications: 1+ years of experience in social media, digital marketing, or content creation. Experience in news, entertainment, or cultural media is a plus. Strong understanding of Instagram, TikTok, X (Twitter), Facebook, Threads, BlueSky, and other emerging social platforms. Graphic design skills (Canva, Photoshop, or equivalent) are required. Experience using social media management platforms like Sked, Hootsuite, Later, or similar is a plus. Excellent writing and communication skills with a keen eye for detail. Ability to pivot quickly in a fast-paced, 24/7 news cycle while maintaining accuracy and creativity. A balance of creativity and strategy-we want someone who can dream up ideas and also analyze what works. Strong organizational and multitasking skills. Bachelor's Degree in Marketing, Media, Communications, Journalism, or a related field is preferred but not required. What You'll Bring: Respect for others and a strong belief that others should do this in return Full proficiency to perform work with limited supervision and to take a broad perspective resolving problems of infrequent/atypical nature Comfort acting as a resource for less experienced colleagues Commitment to process improvement for overall team effectiveness Strong written and verbal communication and ability to explain details and complex information Compensation: Salary to be determined by multiple factors including but not limited to relevant experience, knowledge, skills, other job-related qualifications, and alignment with market data. $17.30 - $21.63 Location: New York, NY: 125 West 55th Street, 10019 Position Type: Regular Time Type: Full time Pay Type: Hourly Benefits: iHeartMedia's benefits offering is flexible and offers a variety of choices to meet the diverse needs of our changing workforce, including the following: Employer sponsored medical, dental and vision with a variety of coverage options Company provided and supplemental life insurance Paid vacation and sick time Paid company holidays, including a floating holiday that enable our employees to celebrate the holiday of their choosing A Spirit day to encourage and allow our employees to more easily volunteer in their community A 401K plan Employee Assistance Program (EAP) at no cost - services include telephonic counseling sessions, consultation on legal and financial matters, emotional well-being, family and caregiving A range of additional voluntary programs, such as spending accounts, student loan refinancing, accident insurance and more! We are accepting applications for this role on an ongoing basis. The Company is an equal opportunity employer and will not tolerate discrimination in employment on the basis of race, color, age, sex, sexual orientation, gender identity or expression, religion, disability, ethnicity, national origin, marital status, protected veteran status, genetic information, or any other legally protected classification or status. Non-Compete will be required for certain positions and as allowed by law. Our organization participates in E-Verify. Click here to learn about E-Verify.

Posted 30+ days ago

Sales Experience Consultant - Sales And Information Center (Part Time) Starting At $20.00/Hr-logo
Sales Experience Consultant - Sales And Information Center (Part Time) Starting At $20.00/Hr
Sea IslandSaint Simons Island, GA
Basic Job Function: The Sales Experience Consultant (SEC) is a sales professional responsible for making room, dining and activity reservations at all Sea Island outlets, including: The Cloister, The Lodge, The Inn, Cottage Rentals, all restaurants, spa, and activities. The SEC is expert in their knowledge of the resort, including days/hours of operation, dress code, room types, cottage details, deposit and cancellation policies, and other pertinent information for all resort experiences. The SEC will employ value selling techniques with guests and members, primarily via telephone and email. Occasionally, the SEC will have face-to-face selling interactions with guests and members on property. The SEC will have measurable goals, including: lead conversion, call volume answered, accuracy, call scoring, and quality audits. The SEC must provide outstanding customer service in accordance with Forbes Five-Star standards. Minimum Requirements: Minimum One (1) years' experience in a related field, including: hospitality, sales, reservations and/or call center High School Diploma or equivalent credentials College degree preferred Equivalent combination of education and work experience Strong communication skills, both written and verbal Strong conflict resolution skills Proficient in Windows XP and Microsoft Office software applications such as: Word, Excel, PowerPoint and Outlook Experience with Opera, NAVIS, Resort Suite, and/or Res Diary preferred Minimum typing skill of 35+ wpm Must have ability to courteously present information to people in one-on-one and group situations Consistently aspires to fulfill our core Company values (Respect, Integrity, Passion, Teamwork, Accountability, Caring, Loyalty & Trust) Exhibits the Sea Island Five-Star Behavior Standards with guests, members and co-workers Must possess a positive attitude and have the ability to work with a variety of people and in cooperation with coworkers efficiently and effectively Must be detail oriented and able to manage competing priorities and multiple deadlines in a fast-paced environment Ability to easily adapt to organizational and environmental changes Must be flexible to working days, early mornings, evenings, weekends, and holidays Report to work at the scheduled time, neatly groomed and in compliance with company Dress Code Policy Tasks/Responsibilities: Responsible for making, modifying, and/or cancelling all resort room, dining, and activity reservations Efficiently and accurately make room reservations for The Cloister, The Lodge, The Inn and Cottage Rentals, by accurately describing room types, correctly entering guest information into the reservation systems and processing payments in a timely manner Efficiently and accurately make reservation for all restaurants and activities, including: Golf, Spa, Children's Camp, Nature Activities, and more Manage multiple reservation software, including: Resort Suite, Res Diary, Opera and NAVIS Receive a high volume of incoming telephone calls promptly and politely, demonstrating proper phone etiquette Maintain a thorough knowledge of current guest services, activities, dining options, shops, local attractions, and historical information regarding Sea Island and the surrounding area to answer any questions guests may have to the best of one's ability Communicate with guests and members in a professional manner, through phone and email Create and manage lead forms for potential reservations based on guest interactions Follow up on leads with outbound calls, utilizing a variety of selling techniques Work with all resort departments to maintain maximum rapport and open communication channels to anticipate and satisfy Member and Guest needs and demands Act to solve guest problems coordinating necessary efforts through the appropriate departments and consistently follow-up with guests to ensure proper actions and responses have been received Monitor and ensure that all guest information is input into the system accurately, completely and promptly Ensure guest history information is collected and utilized on all guest transactions given an accurate account of what has been discussed with the guest so operational departments can deliver or exceed the guest's expectations Maintain knowledge of Forbes 5-Star Standards Assist with Travel Agent reservations Maintain confidentiality of all guest and Team Member information Communicate with the guests in a professional manner via phone, e-mail and in person Complete a Guest Problem Resolutions (GPR) form on any issues (solved or unsolved) and follow-up, as needed Maintains cleanliness and organization in all work areas Uphold appropriate departmental standards of quality/timing Uphold and ensure compliance with all company and departmental policies and procedures Report all equipment problems and maintenance issues, known safety hazards, or unsafe practices and procedures to supervisor immediately Attends all scheduled employee meetings and brings suggestions for improvement Willing and timely execution of other duties as delegated by leadership Physical Requirements: Ability to sit for prolonged periods Ability to perform repetitive tasks with accuracy Ability to read, write and communicate effectively in English, both written and verbal Ability to maintain compliance with Sea Island's Company Resort Professional Image Policy

Posted 1 week ago

Chief Information Security Officer-logo
Chief Information Security Officer
CRA International, Inc.Boston, MA
About Charles River Associates Charles River Associates is a leading global consulting firm that provides economic, financial, and business management expertise to major law firms, corporations, and governments around the world. CRA advises clients on economic and financial matters pertaining to litigation and regulatory proceedings, and guides corporations through critical business strategy and performance-related issues. Since 1965, clients have engaged CRA for its combination of industry experience and rigorous, fact-based analysis that provides clients with clear, implementable solutions to complex business concerns. The Information Technology (ITS) department at Charles River Associates is a team of 40 professionals dedicated to enhancing, maintaining, and developing the firm's technology infrastructure and security. The team comprises six functions: Enterprise Applications Services; Service Delivery & Telecom; Information Security; Infrastructure, Cloud and Networks; Project Management and Procurement; and Human Resource Information Systems. Information Technology staff are based in the Boston, Chicago, College Station, New York, Oakland, and Washington, DC offices domestically, as well as London and Munich offices internationally. Position Overview The Chief Information Security Officer (CISO) is responsible for developing and implementing an information security program that includes procedures and policies frameworks for application security, infrastructure security, compliance and security operations. Reporting to the Chief Information Officer, the CISO will oversee the organization's information security strategy, manage a team of security professionals, and ensure compliance with relevant laws and regulations. The ideal candidate will possess deep technical expertise in the field of Information Security with a successful history of delivering Enterprise-wide security programs. Develop, implement, and coordinate enterprise-wide information security program that aligns with business needs and compliance responsibilities; Define and execute both vision and strategy for the entire company's security risk management program to include organizational security, information technology, application security, and compliance; Build and drive a cybersecurity strategy and framework, with initiatives to secure the organization's cyber and technology assets; Evaluate and prioritize risks and emergent security threats throughout our organization, recommending mitigation strategies and identifying risks associated with current and future systems; Coordinate IT Security Governance activities, including monitoring, evaluating, reporting on, directing security efforts, and establishing security-related policies and procedures; Coordinate internal and enterprise communications and communicate technical information in a manner that enables effective strategic decisions for both technical and non-technical stakeholders; Oversee information security incident detection, response, and recovery to mitigate the impact and ensure timely resolution and communication; Manage all teams involved in IT security, including hiring and developing a pipeline of talent, providing training and mentoring to security team members; Lead a third-party oversight function to assess, onboard, and monitor key suppliers, ideally using a risk-based approach; Oversee the security awareness programs to educate employees about information security and their role in protecting the organization's assets; Perform periodic information security-related risk analyses, prioritize risks, and implement effective risk mitigation processes to protect the enterprise information assets; Communicate security policies and procedures to all personnel and monitor compliance, provide periodic reporting on the information security program to leadership; Coordinate with legal and compliance to ensure compliance with laws and regulatory requirements; Maintain company certifications (SOC2, ISO27001 etc.); Manage client compliance program including client audits, contractual compliance; Lead cybersecurity operation and implement contingency plans for disaster recovery protocols and business continuity plans with business resilience in mind; Stay current with emerging security trends, threats, and technology solutions to ensure the organization maintains a robust security posture; and Other duties and special projects as assigned. Desired Qualifications Bachelor's Degree from an accredited institution in Computer Science, Information Technology, Engineering, Cybersecurity, Mathematics, Business, or a related field required; advanced degree in a related technical, audit, law, or security field preferred; 10+ years of experience in evolving information security and IT roles, including 3+ years' experience as a Chief Information Security Officer and 5 years' leadership/management-level experience with enterprise-level security programs, policy, and administration; Certified Information Systems Security Professional (CISSP) required; additional certifications (CRISC, CISA, CISM, CISSP or similar) desirable; Deep understanding of cybersecurity principles, frameworks, standards, and best practices, including NIST 800-53 and Cybersecurity Framework (CSF), ISO 27001, SANS, OWASP, COBIT and others. High familiarity with privacy laws across all global jurisdictions; Familiarity with relevant legal and regulatory compliance requirements, such as cybersecurity laws, financial regulations, data protection laws (e.g., SOC2, HIPAA, HITECH Act, GDPR), and industry-specific regulations; Knowledge of network architectures, including cloud security, firewalls, and intrusion detection/prevention systems; Knowledge of Cloud platforms, such as AWS, Azure, Google Cloud, and protecting data stored within such environments; Strong security architecture background with experience building and driving a cybersecurity strategy and framework, with initiatives to secure the organization's cyber and technology assets and prevent, mitigate, and recover from security breaches and incidents; Strong understanding of information security principles, practices, and technologies, including network security, application security, cloud security and endpoint security; Excellent oral and written communication skills and the ability to adapt your communication style across various audiences - technical, executive, user; Strong leadership skills, both within the information security business unit and as a collaborator with other business units and stakeholders; Demonstrated success in building and leading high-performing teams in dynamic environments; Strong sense of urgency, personal responsibility, accountability; self-motivated, efficient, and effective; and Excellent organizational and time management skills, able to initiate, organize, prioritize, and coordinate multiple & complex projects. Work Location Flexibility CRA creates a work environment that enables our colleagues to benefit from being together in the office to best deliver on our promise of career growth, mentorship and inclusivity. At the same time, we recognize that individuals realize a range of benefits when working from home periodically. We currently ask that individuals spend 3 to 4 days a week on average working in the office (which may include traveling to another CRA office), with specific days determined in coordination with your team. At certain times of the year (e.g. holiday periods), additional remote work options are offered to those whose work commitments permit it, although our offices remain open for those who choose or need to be there. Our Commitment to Equal Employment Opportunity Charles River Associates is an equal opportunity employer (EOE). All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, disability, status as a protected veteran, or any other protected characteristic under applicable law.

Posted 2 weeks ago

Information System Security Specialist-logo
Information System Security Specialist
Allegheny Science And TechnologyWashington, DC
Allegheny Science & Technology (AST) is seeking a skilled Information System Security Specialist to join our team and support our FBI customer who requires full lifecycle support for legacy voice capabilities to include enhancements/changes to existing capabilities, as well as new capabilities. Duties & Responsibilities: Managing the security entities by conducting risk assessments, enforcing security policies, and supporting incident response activities. Performing audit logging, documenting access control, and tracking security training Managing the Authority to Operate (ATO) processes, ensuring systems meet security standards and compliance requirements. Conducting vulnerability scanning. Tracking, analyzing, and resolving vulnerabilities. Managing security assessments, compliance, and using specialized tools to monitor and protect critical infrastructure. Required Qualifications: Bachelor's degree & 7 years of experience in a related field. Additional experience may be considered in lieu of a degree. Primary Product Knowledge: Xacta 360, Xacta.io, JCAM, Tenable Nessus, Splunk Other Qualifications: Must be a U.S. Citizen with an active Top Secret Clearance. Must be able to successfully pass an FBI Polygraph prior to starting work. 10-20% travel is required. Multiple factors contribute to determining the final pay for a position. These include, but are not limited to, relevant work experience, skills, certifications, and competencies that align with the specific role, geographic location, educational background, and contract provisions related to labor categories specific to the position. We are committed to offering a competitive compensation package that reflects the value and expertise that each candidate brings to our team. The pay range for this position based on full-time employment is $124,000 - $174,000.

Posted 30+ days ago

Information Security Engineer-logo
Information Security Engineer
First Horizon Corp.Maryville, TN
Locations: Onsite in Memphis, TN; Maryville, TN; Birmingham, AL; Lafayette, LA; New Orleans, LA; Charlotte, NC; Raleigh, NC; or Dallas, TX. Summary The Cyber Security Engineer - Threat Management is a mid-level Cyber Security Engineer responsible for second level security event/incident response along with the collection, analysis, and dissemination of cyber threat intelligence. These capabilities will include timely collection of advanced warning of impeding IT vulnerabilities or threats, a thorough correlation, analysis, and storage of threat intelligence information, and operational support of the incident response process. The candidate They will deliver and sustain the enterprise management strategy and solutions from a governance, process, discipline and technology standpoint, to support enterprise environments and our presence in various cloud instances and on-premises data centers covering threats / FIM / configuration management / incident response / vulnerability management. Secondary roles include IPS, EDR, TIP tools, and other information security solutions. Essential Functions of the Job: Responding to SOC alerts performing an analysis, and containment of security events. Provide tier II support for escalated security incidents. Support the Cyber Incident Response Team (CIRT) in the effective detection, analysis, and containment of attacks. Operate the configuration management program to track configuration drift over time, working with asset custodians to correct any configuration deviation from baseline. Operate the File Integrity Management program to track changes to file systems on critical systems. Operate the processes necessary to collect threat intelligence, analyze the data for patterns and actionable information, and create intelligence products for other teams to consume using MITRE ATT&CK Framework. Identifies security risks and exposures, determines the causes of security violations and suggests procedures to halt future incidents. Integrate appropriate systems and logs into the global threat management platform or Security Event and Incident Management system to properly protect critical assets. Design, test and develop specific content and alerting to identify threats against critical assets. Document incident response playbooks for new threat content and alerts. Maintain an understanding of attacks, vectors and emergent threats. Obtain and share cyber security intelligence with security partners, vendors and law enforcement as necessary. Produce weekly and monthly operational metrics. Work with vendors and internal customers to respond to escalations. Recommends Preventative Security Actions. Recommends Corrective Security Actions. Comprehension of basic banking systems. Job Requirements: High School Graduate or Equivalent. Bachelor's Degree Preferred but not required in Computer Engineering/Computer Science or related field. CISSP, GSEC, GCIH, CEH or other security certifications preferred, but not required. Three year minimum working in cyber threat or information security. Knowledge and Skills Requirements: Familiar with compliance regulations such as SOX, PCI-DSS, GLBA, and Federal Banking regulations. Proficient with cloud security and monitoring capabilities in Azure Proficient with Incident Response in Azure Proficient with configuration management scanning tools. Knowledgeable with Tripwire or other file integrity management tools. Excellent team skills and integrity in a professional environment. Ability to Map threats and vulnerabilities to MITRE. About Us First Horizon Corporation is a leading regional financial services company, dedicated to helping our clients, communities and associates unlock their full potential with capital and counsel. Headquartered in Memphis, TN, the banking subsidiary First Horizon Bank operates in 12 states across the southern U.S. The Company and its subsidiaries offer commercial, private banking, consumer, small business, wealth and trust management, retail brokerage, capital markets, fixed income, and mortgage banking services. First Horizon has been recognized as one of the nation's best employers by Fortune and Forbes magazines and a Top 10 Most Reputable U.S. Bank. More information is available at www.FirstHorizon.com. Benefit Highlights Medical with wellness incentives, dental, and vision HSA with company match Maternity and parental leave Tuition reimbursement Mentor program 401(k) with 6% match More -- FirstHorizon.com/First-Horizon-National-Corporation/Careers/Our-Benefits Follow Us Facebook X formerly Twitter LinkedIn Instagram YouTube

Posted 4 days ago

Information Security Program Specialist (Federal Clients)-logo
Information Security Program Specialist (Federal Clients)
Arc AspicioWashington, DC
Interested in working in an innovative, collaborative environment with motivated, social people? At Arc Aspicio, you can join a leading consulting firm that specializes in human capital, data analytics, management, and strategy professional services to deliver compelling solutions. Consultants join our practice focused on mission-critical projects and quickly learn to contribute to and grow our company across multiple projects. We invest in hiring, mentoring, and training smart, diverse, and self-driven professionals interested in all aspects of the company and our homeland security and Government clients. We are looking for people who are willing to share ideas and work as part of an inclusive, innovative team. The Information Security Program Specialist (Federal Clients) oversees, manages, tracks, and reports on Government program-level IT system security and infrastructure assets. They bring at least 6+ years of relevant experience and possess the ability to facilitate close collaboration and communication with Government leadership, facility managers, software development teams, and Government security offices. Arc Aspicio is currently working in a hybrid work environment where work will be performed at client sites, the Arc Aspicio DC office, and remotely. All candidates must live in the Washington, DC area at the time of employment. Responsibilities Design, develop, and implement information security policies and procedures at a Government program level, consisting of a portfolio of applications, facilities, and infrastructure Directly interact with Program Leadership and Project Leads to conduct audits, manage security assets, documentation, processes, and procedures Develop assessment criteria to evaluate compliance with Government-wide information security policy directives Analyze and evaluate the security posture of existing programs and work with leads to implement changes and improvements Coordinate and conduct risk assessments to identify areas of potential vulnerability in systems and infrastructure used throughout the program Identify and contribute to new processes, techniques, and procedures to upgrade and enhance cyber-security protocols Provide technical advice and leadership on security aspects of network and systems design to promote implementation of appropriate systems security applications and policies Communicate security status, risk, actions, and initiatives with Government leadership Collaborate with our clients to solve tough problems, delivering outstanding client service, and achieving mission results Apply excellent consulting, business analysis, and communications skills to quickly identify problems, analyze challenges, and recommend solutions to our team and our clients Assists ISSO with responsibilities as required Required Qualifications 6-8 years of relevant experience in overseeing and interacting within a portfolio of security assets and systems at a Government program level Direct experience with senior clients and stakeholder engagement and delivering work products for clients in a complex environment Proven to be flexible and thrive in a dynamic, ambiguous, and complex work environment and manage multiple tasks and projects simultaneously Outstanding written and oral communication and collaboration skills and strong leadership potential Ability to collaborate and work effectively remotely and in-person Technologically savvy, especially with Microsoft products and use of collaboration tools like SharePoint Desire to join a consulting firm and learn business concepts; loves to collaborate and reach out to get involved in company events, offerings, and special projects Ability to work in the Washington, DC metro area and travel to different locations Clearance: US Citizenship only (no dual citizenship) Currently holds or has the ability to obtain a Top Secret Clearance Education: Bachelor's degree Critical Skills: Executive presence, entrepreneurial spirit, strong work ethic, collaborative mind-set, excellent problem-solving skills, and interest in working in a consulting firm. Interest in working on assignments outside of one project is strongly desired Preferred Qualifications Certified Information Systems Security Professional (CISSP) certified Applying to Arc Aspicio: Our recruiting process is very competitive. Therefore, we ask that you submit a brief, tailored cover letter to tell us what you are looking for in a company and why you would be a great fit for a consulting firm in this role. Cover letters are essential so we can understand your interest and experience relevant to consulting. Total Rewards: Salary is just one element of our Total Rewards which includes compensation, benefits, bonuses, professional development, and other career opportunities. The projected salary range for this position is $108,000 - $140,000. This range takes into account the wide variety of factors that are considered in making compensation decisions, including but not limited to: skill sets and expertise, experience, education, training, certifications, contract and client requirements (if applicable), and other business and organizational needs. At Arc Aspicio, it is not typical for an individual to be hired at or near the top of the range for their role, and compensation decisions are dependent on the facts and circumstances of each case. About Arc Aspicio: Arc Aspicio enhances the future of our nation by creating bold ideas and bringing them to life. A consulting and solutions company, Arc Aspicio solves problems by applying our integrated capabilities in strategy, design, data, human capital, behavioral science, and technology. The company passionately pursues our vision to be the hub of creativity where people take action to change the world. Employees collaborate with clients and partners to create solutions using a human-centered approach. Our goal is to attract people who love to collaborate and work in a team-oriented environment. Our culture empowers our employees to learn, share knowledge, be leaders in everything they do, and develop strong relationships with their clients and colleagues. Our positions are based in the DC metro area and require employees to live in DC, VA, and MD within commuting distance of our client sites and DC office. Commitment to Diversity, Equity, Inclusion, and Innovation: Arc Aspicio is committed to creating a diverse, inclusive, equitable, and safe workplace and we are proud to be an equal opportunity employer. As a growing consulting and solutions firm focused on innovation, we welcome applications from candidates with diverse backgrounds. All employment is decided on the basis of qualifications, merit, and business need. Equal Opportunity Employer/M/F/D/V

Posted 1 day ago

Sr. Information Systems Security Officer (Isso)-logo
Sr. Information Systems Security Officer (Isso)
Contact Government ServicesWinston Salem, NC
Sr. ISSO Employment Type:Full-Time, Experienced /p> Department: Information Technology CGS is seeking an Information Systems Security Officer (ISSO) with DIACAP and/or RMF experience who has deep expertise in security assessment documentation to support Dept. of Commerce systems and efforts to achieve their Authorization to Operate (ATO). This position is located at the client site in the Herbert Hoover building in Washington, DC. The scope of this position includes full life-cycle Assessment and Authorization (A&A) management through all 6 Steps of the RMF process in support of the Government ISSM.In this role, you'll conduct security assessment, and information system security oversight activities in accordance with NIST 800.53 that support systems from the perspective RMF requirements. CGS brings motivated, highly skilled, and creative people together to solve the government's most dynamic problems with cutting-edge technology. To carry out our mission, we are seeking candidates who are excited to contribute to government innovation, appreciate collaboration, and can anticipate the needs of others. Here at CGS, we offer an environment in which our employees feel supported, and we encourage professional growth through various learning opportunities. Skills and attributes for success: Review systems to identify potential security weaknesses and recommend improvements to amend vulnerabilities, implement changes, and document upgrades. Maintain responsibility for managing cybersecurity risk from an organizational perspective. Identify organizational risks, prioritize those risks, and maintain a risk registry for escalating and presenting those risks to senior leadership. Provide security guidance and IS validation using the National Institute of Standards and Technology (NIST) RMF, DoC, and local security policies. Providing configuration management (CM) recommendations for information system security software, hardware, and firmware and coordinating changes and modifications with the ISSM, Security Control Assessor (SCA), and Authorizing Official (AO). Maintain vulnerability scanning tool compliance, such as HBSS or ACAS, and patch management, such as IAVM to ensure IT staff pushes patches to all systems in an effort to maintain compliance with all applicable directives, manage system changes, and assess the security impact of those changes. Support security authorization activities, including transitioning from the legacy Information Assurance Certification and Accreditation Process (DIACAP) to compliance with the DoC RMF. Provide subject matter expertise for cyber security and trusted system technology. Apply advanced technical knowledge and analysis of specialized functional areas in task requirements to develop solutions to complex problems. Research, write, review, disposition feedback, and finalize recommendations regarding cyber security policy, assessment and authorization assessments (A&As), security test and evaluation reports, and security engineering practices and processes. Conduct research and write risk assessment reports to include risk thresholds, evaluation, and scoring. Support analysis of the findings and provide expert technical guidance for mitigation strategies, including implementation advice on the cyber security risk findings, and other complex problems. Qualifications: Bachelor's Degree. A minimum of five (5) years experience as an Information Assurance (IA) Analyst, ISSE, ISSO, or similar role in ATO package development, including generating security documentation for requirements, security control assessment, STIG and IAVA compliance, Standard Operating Procedures, test results, etc. eMASS experience. Professional security certification such as: CCNA Security, CySA+, GICSP, GSEC, CompTIA Security+ CE, SSCP, or higher. Strong desktop publishing skills using Microsoft Word and Excel. Experience with industry writing styles such as grammar, sentence form, and structure. Ability to multi-task in a deadline-oriented environment. Ideally, you will also have: CISSP, CASP, or a similar certificate is preferred. Master's Degree in Cybersecurity or related field. Strong initiative, detail orientation, organizational skills, and aptitude for analytical thinking. Demonstrated ability to work well independently and as a part of a team. Excellent work ethic and a high commitment to quality. Our Commitment: Contact Government Services (CGS) strives to simplify and enhance government bureaucracy through the optimization of human, technical, and financial resources. We combine cutting-edge technology with world-class personnel to deliver customized solutions that fit our client's specific needs. We are committed to solving the most challenging and dynamic problems. For the past seven years, we've been growing our government contracting portfolio, and along the way, we've created valuable partnerships by demonstrating a commitment to honesty, professionalism, and quality work. Here at CGS we value honesty through hard work and self-awareness, professionalism in all we do, and to deliver the best quality to our consumers mending those relations for years to come. We care about our employees. Therefore, we offer a comprehensive benefits package. Health, Dental, and Vision Life Insurance 401k Flexible Spending Account (Health, Dependent Care, and Commuter) Paid Time Off and Observance of State/Federal Holidays Contact Government Services, LLC is an Equal Opportunity Employer. Applicants will be considered without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Join our team and become part of government innovation! Explore additional job opportunities with CGS on our Job Board: https://cgsfederal.com/join-our-team/ For more information about CGS please visit: https://www.cgsfederal.com or contact: Email: info@cgsfederal.com $118,560 - $171,253.33 a year

Posted 30+ days ago

Sc32p2 Information Scientist - Synthetic Chemist / Natural Product Chemist-logo
Sc32p2 Information Scientist - Synthetic Chemist / Natural Product Chemist
Chemical Abstracts Service, a Division of the American Chemical SocietyColumbus, OH
CAS uses intuitive technology, unparalleled scientific content, and unmatched human expertise to help companies create groundbreaking innovations that benefit the world. As the scientific information solutions division of the American Chemical Society, CAS manages the largest curated reservoir of scientific knowledge, and for 116 years, has helped innovators mine, assess and apply that information to keep businesses thriving. The CAS team is global, diverse, endlessly curious and strives to make scientific insights accessible to innovators worldwide. CAS is currently seeking a Synthetic Chemist / Natural Product Chemist on our Content Operations team. This position will be located in our headquarters in Columbus, Ohio. Position Summary: The Synthetic chemist applies scientific expertise, analytical skills, problem solving capabilities, and relevant language skills to help build CAS's world-class collection of chemical information data. They leverage their education and specialized training to curate high-quality research data from patents from 64 patent offices, thousands of journals, technical reports, books, conference proceedings and dissertations published in 180 countries and in more than 50 languages. The role may include indexing substance and reaction data found in patents, journals, and other chemistry-related literatures. The incumbent may also provide scientific and content knowledge, capabilities, insights, and solutions for other CAS functions. Job Duties: Analyzes, collects, and curates the valuable chemical structure data disclosed in patent or journal publications, utilizing CAS indexing policies and their expertise. Leverages technical knowledge and applicable language skills to extract key insights and build the CAS Content Collection. Qualifications: An advanced degree in Synthetic Chemistry / Natural Product or a related science is preferred. Alternatively, a bachelor's degree with 1-3 years of related work experience. Japanese and/or Korean language skill is desired, but not required. Excellent scientific reading comprehension and writing skills. Ability to learn policies, work habits, insights, and tool usage from trainers to foster quality and productivity. Strong attention to detail and ability to work independently. CAS offers a competitive salary and comprehensive benefits package, including a generous vacation plan, medical, dental, vision insurance plans, and employee savings and retirement plans. Candidates for this position must be authorized to work in the United States and not require work authorization sponsorship by our company for this position now or in the future. EEO/Minority/Female/Disabled/Veteran

Posted 1 week ago

Sr. Information Systems Security Officer (Isso)-logo
Sr. Information Systems Security Officer (Isso)
Contact Government ServicesSan Antonio, TX
Sr. ISSO Employment Type:Full-Time, Experienced /p> Department: Information Technology CGS is seeking an Information Systems Security Officer (ISSO) with DIACAP and/or RMF experience who has deep expertise in security assessment documentation to support Dept. of Commerce systems and efforts to achieve their Authorization to Operate (ATO). This position is located at the client site in the Herbert Hoover building in Washington, DC. The scope of this position includes full life-cycle Assessment and Authorization (A&A) management through all 6 Steps of the RMF process in support of the Government ISSM.In this role, you'll conduct security assessment, and information system security oversight activities in accordance with NIST 800.53 that support systems from the perspective RMF requirements. CGS brings motivated, highly skilled, and creative people together to solve the government's most dynamic problems with cutting-edge technology. To carry out our mission, we are seeking candidates who are excited to contribute to government innovation, appreciate collaboration, and can anticipate the needs of others. Here at CGS, we offer an environment in which our employees feel supported, and we encourage professional growth through various learning opportunities. Skills and attributes for success: Review systems to identify potential security weaknesses and recommend improvements to amend vulnerabilities, implement changes, and document upgrades. Maintain responsibility for managing cybersecurity risk from an organizational perspective. Identify organizational risks, prioritize those risks, and maintain a risk registry for escalating and presenting those risks to senior leadership. Provide security guidance and IS validation using the National Institute of Standards and Technology (NIST) RMF, DoC, and local security policies. Providing configuration management (CM) recommendations for information system security software, hardware, and firmware and coordinating changes and modifications with the ISSM, Security Control Assessor (SCA), and Authorizing Official (AO). Maintain vulnerability scanning tool compliance, such as HBSS or ACAS, and patch management, such as IAVM to ensure IT staff pushes patches to all systems in an effort to maintain compliance with all applicable directives, manage system changes, and assess the security impact of those changes. Support security authorization activities, including transitioning from the legacy Information Assurance Certification and Accreditation Process (DIACAP) to compliance with the DoC RMF. Provide subject matter expertise for cyber security and trusted system technology. Apply advanced technical knowledge and analysis of specialized functional areas in task requirements to develop solutions to complex problems. Research, write, review, disposition feedback, and finalize recommendations regarding cyber security policy, assessment and authorization assessments (A&As), security test and evaluation reports, and security engineering practices and processes. Conduct research and write risk assessment reports to include risk thresholds, evaluation, and scoring. Support analysis of the findings and provide expert technical guidance for mitigation strategies, including implementation advice on the cyber security risk findings, and other complex problems. Qualifications: Bachelor's Degree. A minimum of five (5) years experience as an Information Assurance (IA) Analyst, ISSE, ISSO, or similar role in ATO package development, including generating security documentation for requirements, security control assessment, STIG and IAVA compliance, Standard Operating Procedures, test results, etc. eMASS experience. Professional security certification such as: CCNA Security, CySA+, GICSP, GSEC, CompTIA Security+ CE, SSCP, or higher. Strong desktop publishing skills using Microsoft Word and Excel. Experience with industry writing styles such as grammar, sentence form, and structure. Ability to multi-task in a deadline-oriented environment. Ideally, you will also have: CISSP, CASP, or a similar certificate is preferred. Master's Degree in Cybersecurity or related field. Strong initiative, detail orientation, organizational skills, and aptitude for analytical thinking. Demonstrated ability to work well independently and as a part of a team. Excellent work ethic and a high commitment to quality. Our Commitment: Contact Government Services (CGS) strives to simplify and enhance government bureaucracy through the optimization of human, technical, and financial resources. We combine cutting-edge technology with world-class personnel to deliver customized solutions that fit our client's specific needs. We are committed to solving the most challenging and dynamic problems. For the past seven years, we've been growing our government contracting portfolio, and along the way, we've created valuable partnerships by demonstrating a commitment to honesty, professionalism, and quality work. Here at CGS we value honesty through hard work and self-awareness, professionalism in all we do, and to deliver the best quality to our consumers mending those relations for years to come. We care about our employees. Therefore, we offer a comprehensive benefits package. Health, Dental, and Vision Life Insurance 401k Flexible Spending Account (Health, Dependent Care, and Commuter) Paid Time Off and Observance of State/Federal Holidays Contact Government Services, LLC is an Equal Opportunity Employer. Applicants will be considered without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Join our team and become part of government innovation! Explore additional job opportunities with CGS on our Job Board: https://cgsfederal.com/join-our-team/ For more information about CGS please visit: https://www.cgsfederal.com or contact: Email: info@cgsfederal.com $118,560 - $171,253.33 a year

Posted 30+ days ago

Business Information Consultant Senior - Health System Reimbursement-logo
Business Information Consultant Senior - Health System Reimbursement
CareBridgeMason, OH
Business Information Consultant Senior- Health System Reimbursement Location: This role requires associates to be in-office 1 day per week, fostering collaboration and connectivity, while providing flexibility to support productivity and work-life balance. This approach combines structured office engagement with the autonomy of virtual work, promoting a dynamic and adaptable workplace. Ideal candidates will be able to report to one of our Pulse Point locations in Atlanta, GA, Richmond, VA, Indianapolis, IN, Norfolk, VA, Wallingford, CT, St. Louis, MO, Louisville, KY or Mason, OH. The Business Information Consultant Senior- Health System Reimbursement is responsible for coordinating and consolidating various impact analyses for management reporting. How you will make an impact: Establishes, improves, and optimizes the consolidating processes for forecast and month-end results. Consolidates and prepares executive summary reports for various business segments in the SBU for top management decision-making. Analyzes and designs solutions to address varied and highly complex business needs. Collaborates with businesses and technical areas to implement new or enhanced products. Coordinates with external audits as appropriate. Acts as the central contact with internal departments and external auditors. Minimum Requirements: Requires a BA/BS degree in Statistics, Economics, or Business Administration and minimum of 8 years of relevant experience; or any combination of education and experience which would provide an equivalent background. Preferred Skills, Capabilities and Experiences: Proficient in modeling the financial impacts of changes in reimbursement structures and rates for health systems such as hospitals and physician practices highly preferred. Experience benchmarking hospital or physician rates against Medicare reimbursement highly preferred. Excel, SQL, and SAS experience highly preferred. Strong knowledge of products as well as our internal business models and data systems highly preferred. Experience providing leadership in evaluating financial performance of complex organizations highly preferred. Excellent leadership, problem solving, organizational, planning, presentation and interpersonal skills highly preferred. Ability to work independently and draw up plans to address issues/concerns highly preferred. Please be advised that Elevance Health only accepts resumes for compensation from agencies that have a signed agreement with Elevance Health. Any unsolicited resumes, including those submitted to hiring managers, are deemed to be the property of Elevance Health. Who We Are Elevance Health is a health company dedicated to improving lives and communities - and making healthcare simpler. We are a Fortune 25 company with a longstanding history in the healthcare industry, looking for leaders at all levels of the organization who are passionate about making an impact on our members and the communities we serve. How We Work At Elevance Health, we are creating a culture that is designed to advance our strategy but will also lead to personal and professional growth for our associates. Our values and behaviors are the root of our culture. They are how we achieve our strategy, power our business outcomes and drive our shared success - for our consumers, our associates, our communities and our business. We offer a range of market-competitive total rewards that include merit increases, paid holidays, Paid Time Off, and incentive bonus programs (unless covered by a collective bargaining agreement), medical, dental, vision, short and long term disability benefits, 401(k) +match, stock purchase plan, life insurance, wellness programs and financial education resources, to name a few. Elevance Health operates in a Hybrid Workforce Strategy. Unless specified as primarily virtual by the hiring manager, associates are required to work at an Elevance Health location at least once per week, and potentially several times per week. Specific requirements and expectations for time onsite will be discussed as part of the hiring process. The health of our associates and communities is a top priority for Elevance Health. We require all new candidates in certain patient/member-facing roles to become vaccinated against COVID-19 and Influenza. If you are not vaccinated, your offer will be rescinded unless you provide an acceptable explanation. Elevance Health will also follow all relevant federal, state and local laws. Elevance Health is an Equal Employment Opportunity employer and all qualified applicants will receive consideration for employment without regard to age, citizenship status, color, creed, disability, ethnicity, genetic information, gender (including gender identity and gender expression), marital status, national origin, race, religion, sex, sexual orientation, veteran status or any other status or condition protected by applicable federal, state, or local laws. Applicants who require accommodation to participate in the job application process may contact elevancehealthjobssupport@elevancehealth.com for assistance. Qualified applicants with arrest or conviction records will be considered for employment in accordance with all federal, state, and local laws, including, but not limited to, the Los Angeles County Fair Chance Ordinance and the California Fair Chance Act.

Posted 1 week ago

Information Systems Security Officer (Isso)-logo
Information Systems Security Officer (Isso)
Contact Government ServicesNew Orleans, LA
ISSO Employment Type: Full-Time, Experienced Department:Information Technology CGS is seeking an Information Systems Security Officer (ISSO) with DIACAP and/or RMF experience who has deep expertise in security assessment documentation to support Dept. of Commerce systems and efforts to achieve their Authorization to Operate (ATO). This position is located at the client site in the Herbert Hoover building in Washington, DC. The scope of this position includes full life-cycle Assessment and Authorization (A&A) management through all 6 Steps of the RMF process in support of the Government ISSM.In this role, you'll conduct security assessment, and information system security oversight activities in accordance with NIST 800.53 that support systems from the perspective RMF requirements. CGS brings motivated, highly skilled, and creative people together to solve the government's most dynamic problems with cutting-edge technology. To carry out our mission, we are seeking candidates who are excited to contribute to government innovation, appreciate collaboration, and can anticipate the needs of others. Here at CGS, we offer an environment in which our employees feel supported, and we encourage professional growth through various learning opportunities. Skills and attributes for success: Review systems to identify potential security weaknesses and recommend improvements to amend vulnerabilities, implement changes, and document upgrades. Maintain responsibility for managing cybersecurity risk from an organizational perspective. Identify organizational risks, prioritize those risks, and maintain a risk registry for escalating and presenting those risks to senior leadership. Provide security guidance and IS validation using the National Institute of Standards and Technology (NIST) RMF, DoC, and local security policies. Providing configuration management (CM) recommendations for information system security software, hardware, and firmware and coordinating changes and modifications with the ISSM, Security Control Assessor (SCA), and Authorizing Official (AO). Maintain vulnerability scanning tool compliance, such as HBSS or ACAS, and patch management, such as IAVM to ensure IT staff pushes patches to all systems in an effort to maintain compliance with all applicable directives, manage system changes, and assess the security impact of those changes. Support security authorization activities, including transitioning from the legacy Information Assurance Certification and Accreditation Process (DIACAP) to compliance with the DoC RMF. Provide subject matter expertise for cyber security and trusted system technology. Apply advanced technical knowledge and analysis of specialized functional areas in task requirements to develop solutions to complex problems. Research, write, review, disposition feedback, and finalize recommendations regarding cyber security policy, assessment and authorization assessments (A&As), security test and evaluation reports, and security engineering practices and processes. Conduct research and write risk assessment reports to include risk thresholds, evaluation, and scoring. Support analysis of the findings and provide expert technical guidance for mitigation strategies, including implementation advice on the cyber security risk findings, and other complex problems. Qualifications: Bachelor's Degree. A minimum of five (5) years experience as an Information Assurance (IA) Analyst, ISSE, ISSO, or similar role in ATO package development, including generating security documentation for requirements, security control assessment, STIG and IAVA compliance, Standard Operating Procedures, test results, etc. eMASS experience. Professional security certification such as: CCNA Security, CySA+, GICSP, GSEC, CompTIA Security+ CE, SSCP, or higher. Strong desktop publishing skills using Microsoft Word and Excel. Experience with industry writing styles such as grammar, sentence form, and structure. Ability to multi-task in a deadline-oriented environment. Ideally, you will also have: CISSP, CASP, or a similar certificate is preferred. Master's Degree in Cybersecurity or related field. Strong initiative, detail orientation, organizational skills, and aptitude for analytical thinking. Demonstrated ability to work well independently and as a part of a team. Excellent work ethic and a high commitment to quality. Our Commitment: Contact Government Services (CGS) strives to simplify and enhance government bureaucracy through the optimization of human, technical, and financial resources. We combine cutting-edge technology with world-class personnel to deliver customized solutions that fit our client's specific needs. We are committed to solving the most challenging and dynamic problems. For the past seven years, we've been growing our government contracting portfolio, and along the way, we've created valuable partnerships by demonstrating a commitment to honesty, professionalism, and quality work. Here at CGS we value honesty through hard work and self-awareness, professionalism in all we do, and to deliver the best quality to our consumers mending those relations for years to come. We care about our employees. Therefore, we offer a comprehensive benefits package. Health, Dental, and Vision Life Insurance 401k Flexible Spending Account (Health, Dependent Care, and Commuter) Paid Time Off and Observance of State/Federal Holidays Contact Government Services, LLC is an Equal Opportunity Employer. Applicants will be considered without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Join our team and become part of government innovation! Explore additional job opportunities with CGS on our Job Board: https://cgsfederal.com/join-our-team/ For more information about CGS please visit: https://www.cgsfederal.com or contact: Email: info@cgsfederal.com $92,213.33 - $125,146.66 a year

Posted 30+ days ago

2025-26 AY Quarterly Lecturer - Information Systems & Analytics (Pool)-logo
2025-26 AY Quarterly Lecturer - Information Systems & Analytics (Pool)
Santa Clara UniversitySanta Clara, CA
Position Title: 2025-26 AY Quarterly Lecturer - Information Systems & Analytics (Pool) Position Type: Temporary Salary Range: $9,933 per 3-unit course. Purpose: The Information Systems and Analytics (ISA) Department of the Leavey School of Business at Santa Clara University seeks qualified applicants to teach the following courses during the 2025-2026 academic year: Information Systems Policy and Strategy Internet of Things Social Network Analytics Cloud Computing Web Programming Mobile Programming Object Oriented Programming Supply Chain Analytics Big Data Technologies Enterprise Architecture And others QUALIFICATIONS Candidates with relevant educational/industrial background and teaching experiences are preferred. ABOUT THE ISA DEPARTMENT The ISA department offers both Information Systems and Business Analytics programs at the undergraduate and master's levels and contributes courses to the MBA and other graduate programs at Santa Clara University. ADDITIONAL INFORMATION Questions about this position can be directed to ISA Department at ISA@scu.edu. TO APPLY Interested applicants should submit a cover letter indicating interest and qualifications, CV, teaching evaluations (if available) and contact information for at least three references. Additional Information: Please note that your employment is subject to the terms of a collective bargaining agreement between the University and the Service Employees International Union Local 1021 ("Local 1021"; see https://www.scu.edu/provost/faculty-affairs/cba-ntt/ ). Telecommute Santa Clara University is registered to do business in the following states: California, Nevada, Oregon, Washington, Arizona, and Illinois. Employees approved to telecommute are required to perform their work within one of these states. Work Authorization: SCU does not sponsor any applicants for work visas for this position. The successful candidate must be able to provide evidence of identity and legal authorization to work in the United States. EEO Statement Equal Opportunity/Notice of Nondiscrimination Santa Clara University is an equal opportunity employer. For a complete copy of Santa Clara University's equal opportunity and nondiscrimination policies, see https://www.scu.edu/title-ix/policies-reports/ Title IX of the Education Amendments of 1972 Santa Clara University does not discriminate in its employment practices or in its educational programs or activities on the basis of sex/gender, and prohibits retaliation against any person opposing discrimination or participating in any discrimination investigation or complaint process internally or externally. Information about Title IX can be found at www.scu.edu/title-ix. Information about Section 504 and the ADA Coordinator can be found at https://www.scu.edu/oae/ , (408) 554-4109, oae@scu.edu. Inquiries can also be made to the Assistant Secretary of Education within the Office for Civil Rights (OCR). Clery Notice of Availability Santa Clara University annually collects information about campus crimes and other reportable incidents in accordance with the federal Jeanne Clery Disclosure of Campus Security Policy and Campus Crime Statistics Act. To view the Santa Clara University report, please go to the Campus Safety Services website. To request a paper copy please call Campus Safety at (408) 554-4441. The report includes the type of crime, venue, and number of occurrences. Americans with Disabilities Act Santa Clara University affirms its' commitment to employ qualified individuals with disabilities within the workplace and to comply with the Americans with Disability Act. All applicants desiring an accommodation should contact the Department of Human Resources, and 408-554-5750 and request to speak to Indu Ahluwalia by phone at 408-554-5750 or by email at iahluwalia@scu.edu.

Posted 3 days ago

(545) Information System Security Officer (Isso)-logo
(545) Information System Security Officer (Isso)
Arlo SolutionsWashington, DC
Company Summary Arlo Solutions (Arlo) is an information technology consulting services company that specializes in delivering technology solutions. Our reputation reflects the high quality of the talented Arlo Solutions team and the consultants working in partnership with our customers. Our mission is to understand and meet the needs of both our customers and consultants by delivering quality, value-added solutions. Our solutions are designed and managed to not only reduce costs, but to improve business processes, accelerate response time, improve services to end-users, and give our customers a competitive edge, now and into the future. Position Overview The Mid Information System Security Officer (ISSO) (IAM 2) will support the Defense Security Cooperation Agency (DSCA) Cybersecurity (CYBR) team by providing expertise in Risk Management Framework (RMF) activities, security control assessments, controls validation, and continuous monitoring. The role involves ensuring compliance with RMF, IT, and Federal Information System Controls Audit Manual (FISCAM) guidelines, and supporting the cybersecurity responsibilities detailed in the DSCA CYBR Service Catalog. Work Location: Hybrid (Must live near DCA or Mechanicsburg, PA, 3 days a week in the office, 2 days a week remote) Job Responsibilities and/or Success Factors Produce all required DOD compliance documentation for RMF, Audit Response and Remediation, Cyber Task Orders, Required Scorecards, Privacy documentation, and other compliance requirements as detailed in the DSCA CYBR Service Catalog. Draft and coordinate cybersecurity-related documentation to meet required standards, controls, and metrics. Support all steps of the RMF process (Steps 0-6) required to gain and maintain DOD Information Network (DODIN) and agency commercial network authority to operate. Assist in categorization, control selection, implementation, and tailoring support, as well as support of assessments from the ISSO role. Prepare and validate controls in eMASS packages for assessment and review. Ensure that control requirements are well-defined and that necessary documentation and evidence are gathered for validation and assessment. Work in the DOD GRC tool Enterprise Mission Assurance Support Service (eMASS) to support control validation. Conduct continuous monitoring of information systems to detect vulnerabilities, threats, and security incidents. Utilize security tools and technologies to perform regular scans, assessments, and analysis of system vulnerabilities. Maintain and update continuous monitoring processes and procedures to ensure they are effective and aligned with organizational requirements. Assist in the configuration and maintenance of security tools and technologies provided by the CSSP. Assist in the detection, analysis, and response to cybersecurity incidents. Participate in incident response activities, including triage, containment, eradication, and recovery. Document and report on incident response activities, providing detailed analysis and recommendations for improvement. Provide support to the Watch Officer in monitoring and managing cybersecurity events and incidents. Maintain situational awareness of the organization's security posture and emerging threats. Assist with the performance of daily and ad hoc/on-demand vulnerability scans, monthly audit scans, and monthly discovery scans. Provide weekly vulnerability compliance reporting to ISSMs. Review and adjust assets, subnets, credentials, and policies to properly manage C5ISR provided Assured Compliance Assessment Solution (ACAS) solutions. Track and ensure configuration compliance of Enterprise Security Services (ESS) Suite with RMF, ATO, and Inspection requirements. Assist with the maintenance of completed security waiver forms in coordination with EADSD and ISSM (PMO). Work with TSD to implement effective scanning, COAMS System Registration, and Continuous Monitoring Scoring (CMRS) Tagging. Maintain and update Ports, Protocols, and Services Management (PPSM) records, including emergency and exception requests. Support the maintenance and accuracy of DoD Allow List entries. Maintain accurate and up-to-date documentation of all RMF, IT, and FISCAM controls validation activities. Prepare and submit regular reports on the status of security controls, RMF activities, and DevSecOps pipeline security. Provide detailed documentation and evidence to support security assessments and audits. Support the maintenance and configuration needed to maintain accurate ingestion of logs from all assets. Provide summaries of events/incidents, including time of event/incident, anomalous activity identified, asset names and IPs, affected users, and POC for outreach/additional actions. Complete Cybersecurity Incident Reporting Forms and assist with the detection and analysis of cybersecurity events and incidents. Support accurate IR POC list, accurate hardware/software and IP inventory, and accurate summary of event/incident. Document efforts involved in mitigating cybersecurity-related events/incidents that occur within the enterprise. Support the generation of performance monitoring reports to monitor asset availability. Support the generation of system health and security posture reports for system owners and ISSMs. Support accurate hardware and software inventory, accurate ingestion of logs from all assets, and accurate system performance and security posture baselines. Conduct specified areas of focus/detail for trend analysis. Support migration information provided by affected system ISSM and report vulnerabilities to appropriate system ISSMs/POCs. Assist with the reporting to outside agencies, including JFHQ, battle stations, external leadership, and other DOD Agencies. Support the correlated agency-level POA&Ms with the coordination of POA&Ms from DSCA to outside entities. Help complete the Cybersecurity Incident Reporting Form, including additional inputs such as personnel logs, system logs, event logs, and accurate software and hardware inventory list. Education and Minimum Qualifications Must be a US Citizen Active Secret Clearance Bachelor's degree in computer science, Information Technology, Cybersecurity, or a related field is required OR additional four years of experience Minimum of five years of relevant experience in cybersecurity, information assurance, or a related field. Experience with the Risk Management Framework (RMF) and security control assessments is highly desirable. Experience in IT controls validation and familiarity with Federal Information System Controls Audit Manual (FISCAM) guidelines. Experience in incident response, continuous monitoring, and vulnerability management. Strong understanding of RMF processes, including categorization, control selection, implementation, and assessment. Proficiency in using security assessment tools and platforms such as eMASS (Enterprise Mission Assurance Support Service). Familiarity with continuous monitoring processes and tools. Experience with incident response processes and tools. Knowledge of cybersecurity frameworks and standards, such as NIST, ISO 27001, and CIS Controls. Desired Qualifications: Certifications such as CISSP, CISM, CISA, CAP, or equivalent are highly desirable. AAP Statement We are proud to be an Affirmative Action and Equal Opportunity Employer and as such, we evaluate qualified candidates in full consideration without regard to race, color, religion, sex, sexual orientation, gender identity, marital status, national origin, age, disability status, protected veteran status, and any other protected status.

Posted 1 week ago

Sr. Information Systems Security Officer (Isso)-logo
Sr. Information Systems Security Officer (Isso)
Contact Government ServicesFargo, ND
Sr. ISSO Employment Type:Full-Time, Experienced /p> Department: Information Technology CGS is seeking an Information Systems Security Officer (ISSO) with DIACAP and/or RMF experience who has deep expertise in security assessment documentation to support Dept. of Commerce systems and efforts to achieve their Authorization to Operate (ATO). This position is located at the client site in the Herbert Hoover building in Washington, DC. The scope of this position includes full life-cycle Assessment and Authorization (A&A) management through all 6 Steps of the RMF process in support of the Government ISSM.In this role, you'll conduct security assessment, and information system security oversight activities in accordance with NIST 800.53 that support systems from the perspective RMF requirements. CGS brings motivated, highly skilled, and creative people together to solve the government's most dynamic problems with cutting-edge technology. To carry out our mission, we are seeking candidates who are excited to contribute to government innovation, appreciate collaboration, and can anticipate the needs of others. Here at CGS, we offer an environment in which our employees feel supported, and we encourage professional growth through various learning opportunities. Skills and attributes for success: Review systems to identify potential security weaknesses and recommend improvements to amend vulnerabilities, implement changes, and document upgrades. Maintain responsibility for managing cybersecurity risk from an organizational perspective. Identify organizational risks, prioritize those risks, and maintain a risk registry for escalating and presenting those risks to senior leadership. Provide security guidance and IS validation using the National Institute of Standards and Technology (NIST) RMF, DoC, and local security policies. Providing configuration management (CM) recommendations for information system security software, hardware, and firmware and coordinating changes and modifications with the ISSM, Security Control Assessor (SCA), and Authorizing Official (AO). Maintain vulnerability scanning tool compliance, such as HBSS or ACAS, and patch management, such as IAVM to ensure IT staff pushes patches to all systems in an effort to maintain compliance with all applicable directives, manage system changes, and assess the security impact of those changes. Support security authorization activities, including transitioning from the legacy Information Assurance Certification and Accreditation Process (DIACAP) to compliance with the DoC RMF. Provide subject matter expertise for cyber security and trusted system technology. Apply advanced technical knowledge and analysis of specialized functional areas in task requirements to develop solutions to complex problems. Research, write, review, disposition feedback, and finalize recommendations regarding cyber security policy, assessment and authorization assessments (A&As), security test and evaluation reports, and security engineering practices and processes. Conduct research and write risk assessment reports to include risk thresholds, evaluation, and scoring. Support analysis of the findings and provide expert technical guidance for mitigation strategies, including implementation advice on the cyber security risk findings, and other complex problems. Qualifications: Bachelor's Degree. A minimum of five (5) years experience as an Information Assurance (IA) Analyst, ISSE, ISSO, or similar role in ATO package development, including generating security documentation for requirements, security control assessment, STIG and IAVA compliance, Standard Operating Procedures, test results, etc. eMASS experience. Professional security certification such as: CCNA Security, CySA+, GICSP, GSEC, CompTIA Security+ CE, SSCP, or higher. Strong desktop publishing skills using Microsoft Word and Excel. Experience with industry writing styles such as grammar, sentence form, and structure. Ability to multi-task in a deadline-oriented environment. Ideally, you will also have: CISSP, CASP, or a similar certificate is preferred. Master's Degree in Cybersecurity or related field. Strong initiative, detail orientation, organizational skills, and aptitude for analytical thinking. Demonstrated ability to work well independently and as a part of a team. Excellent work ethic and a high commitment to quality. Our Commitment: Contact Government Services (CGS) strives to simplify and enhance government bureaucracy through the optimization of human, technical, and financial resources. We combine cutting-edge technology with world-class personnel to deliver customized solutions that fit our client's specific needs. We are committed to solving the most challenging and dynamic problems. For the past seven years, we've been growing our government contracting portfolio, and along the way, we've created valuable partnerships by demonstrating a commitment to honesty, professionalism, and quality work. Here at CGS we value honesty through hard work and self-awareness, professionalism in all we do, and to deliver the best quality to our consumers mending those relations for years to come. We care about our employees. Therefore, we offer a comprehensive benefits package. Health, Dental, and Vision Life Insurance 401k Flexible Spending Account (Health, Dependent Care, and Commuter) Paid Time Off and Observance of State/Federal Holidays Contact Government Services, LLC is an Equal Opportunity Employer. Applicants will be considered without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Join our team and become part of government innovation! Explore additional job opportunities with CGS on our Job Board: https://cgsfederal.com/join-our-team/ For more information about CGS please visit: https://www.cgsfederal.com or contact: Email: info@cgsfederal.com $118,560 - $171,253.33 a year

Posted 30+ days ago

Swivel Transactions logo
Senior Information Security Engineer
Swivel TransactionsSan Antonio, Texas
Apply with Sonara
Apply

Automate your job search with Sonara.

Submit 10x as many applications with less effort than one manual application.1

Reclaim your time by letting our AI handle the grunt work of job searching.

We continuously scan millions of openings to find your top matches.

pay-wall

Job Description

SWBC is seeking a talented individual to serve as a key Information Security Engineer empowered to leverage the industry’s latest security principles, practices, and tools to improve the reliability, integrity, and security of on premise and cloud-hosted applications. Works by, with, and through internal and external DevOps stakeholders to incorporate security into all stages of the software development life cycle. Applies DevSecOps principles and applicable security standards to secure cloud services, cloud native applications, integrations, and supporting infrastructure through Continuous Integration (CI) and Continuous Delivery (CD) workflows, patterns, and tools. Analyzes cybersecurity, software development, infrastructure, software design, architecture and information technology best practices, threat intelligence, and emerging requirements to improve the security of the hosting environment and applications. Monitors cloud applications and services for indicators for compromise and compliance shortfalls and tracks issues for timely remediation. Implements administrative and technical controls to ensure security, privacy, and compliance of data stored, processed, or transmitted on Company owned or controlled cloud platforms. Monitors industry security updates, technologies, and best practices to ensure the Company's multi-cloud environment continues to provide adequate security and meet compliance requirements. 

Why you'll love this role:

In this role, you will work with some of the top information security, technology, and business professionals in the financial services industry. As part of an agile and innovated security team, you will work closely with stakeholders at all levels and interact with the industry’s top partners. You will employ advanced security technology and tactics to defend cutting-edge FINTECH and business technology. Beyond amazing career opportunities and singular experiences, our security team is diverse in all aspects; passionate about collaboration; leverages amazing technology and automation; laughs often; and celebrates our success as a team. Our leaders recognize that empowerment, autonomy, work-life balance, professional development, continuous improvement, and a commitment to shared values are key enablers of our success. We work hard, take care of each other, and deliver positive outcomes daily. This will be your best career decision.

Essential duties include the following:

  • Identifies, implements, maintains, and monitors risk-informed, standards-based, effective, and efficient security controls within a hybrid multi-cloud technology environment.

  • Supports continuous integration and continuous development pipelines and processes that automatically build, test, and deploy infrastructure and containerized applications to ensure appropriate security checks are included automatically or manually. Reviews software releases and infrastructure changes for security vulnerabilities and risks prior to approval.

  • Supports enterprise software development and cloud infrastructure projects and production applications that store, process, and transmit regulated data to ensure controls meet or exceed standards.

  • Manages vulnerabilities and security testing for on premise and cloud-hosted applications and tracks issues to remediation.

  • Supports audit and compliance efforts to ensure applications, infrastructure, and integrations meet applicable compliance and contractual standards.

  • Identifies, recommends, and tests technical security standards and guidelines for software development, DevOps, and release management to ensure that all delivered solutions and architecture adhere to industry best-practices for availability, confidentiality, and integrity.

  • Partners with internal and external development teams and other stakeholders to improve security and operational monitoring for cloud hosted workloads.

  • Develops and tests incident response plans to prepare for, respond to, and recover from security incidents and operational issues as part of an incident response team.

  • Supports efforts to provide for a secure integrated development environment for external and internal software and release management pipelines.

  • Builds and tracks performance indicators and metrics to inform security control monitoring in cloud environments.

  • Performs all other duties as assigned.

Serious candidates will possess the minimum qualifications:

  • Bachelor’s Degree in Computer or Software Engineering, Information Security, Cybersecurity or related field from an accredited four year college or university required. Master’s Degree preferred.

  • AWS Certified Solutions Architect or DevOps Engineer Professional certification required.

  • AWS Security Specialty certification highly desired.

  • Certified Information Systems Security Professional (CISSP) and Certified Cloud Security Professional (CCSP) highly desired.

  • Cloud Security Alliance (CSA) Certificate of Cloud Security Knowledge (CCSK) desired.

  • GIAC Cloud Security Automation (GCSA) certification highly desired. Must be able to obtain certification within 6 months of hire.

  • Minimum eight (8) years of extensive security engineering experience, including architectural design using AWS best practices and industry standards.

  • Experience implementing and managing tools for security, availability, and compliance monitoring in a cloud environment which includes collecting data, parsing log files, capturing network traffic, setting alert thresholds, and notifying stakeholders.

  • Experience and understanding of the DevOps deployment pipeline and security considerations for each step of the CI/CD processes.

  • Experience with serverless architectures, their features, advantages, security concerns, and tactics for deploying effective security in serverless implementations.

  • Experience with vulnerability management and virtual patching in the cloud.

  • Experience with Amazon Web Services (AWS) cloud architecture components, security, identity, & compliance services, and knowledge of how to secure the environment.

  • Familiar with DevOps toolsets to track work items, code, test, build, and release, and knowledge of how each stage is secured and automated.

  • Familiar with tools to perform vulnerability assessments, threat detection, compliance benchmarking, audit logging, log evaluation, and network collection for cloud hosted applications.

  • Familiar with basic web development practices, i.e. HTML, CSS, JavaScript, JQuery, etc.

  • Familiar with team development tools and source control, including Azure DevOps, GIT, etc.

  • Familiar with the principles of software development life cycle (SDLC) and separation of duties.

  • Understanding of micro service architecture and implementation of appropriate security controls used in various architectural designs and conditions.

  • Understanding of “As Code” processes and attack surfaces presented by CI, CD, and CM tools and familiarity with techniques for how to harden these tools.

  • Understanding of the Secure DevOps auditing controls and how to leverage automated scanners to automate policy requirements.

  • Demonstrated knowledge of how to configure security services and tools such as Web Application Firewalls, Content Delivery Networks, and Intrusion Monitoring to protect against common website attacks.

  • Demonstrated knowledge of encryption and encryption key management using managed services and a dedicated cloud hardware security module.

  • Knowledge of container security issues, hardening containerized environments, container orchestration tools, and running production workloads in the cloud.

  • Knowledge of IT Security Operations.

  • Knowledge of UI, AI, and Machine Learning.

  • Knowledge the Payment Card Industry (PCI) Data Security Standard (DSS).

  • Able to understand and write basic JSON programming language policies.

  • Demonstrated ability to work as an essential part of a highly motivated business, technology, development teams.

  • Proficient Microsoft Office skills, including Word and Excel.

  • Written and verbal communication skills and the ability to work with teams and external stakeholders are essential.

  • Strong problem resolution and interpersonal skills.

  • Strong multi-tasking skills.

  • Able to use general office equipment including copy machine and phone system.

SWBC offers*:  

  • Competitive overall compensation package
  • Work/Life balance 
  • Employee engagement activities and recognition awards 
  • Years of Service awards
  • Career enhancement and growth opportunities 
  • Leadership Academy and Mentor Program
  • Continuing education and career certifications 
  • Variety of healthcare coverage options
  • Traditional and Roth 401(k) retirement plans 
  • Lucrative Wellness Program

*Based upon employee eligibility 

     

Additional Information:

    

SWBC is a Substance-Free Workplace and requires pre-employment drug testing.

    

Please note, SWBC does not hire tobacco users as allowed by law.

    

To learn more about SWBC, visit our website at www.SWBC.com. If interested, please click the appropriate apply button.