- Home
- »All Job Categories
- »Information Technology Jobs
Auto-apply to these information technology jobs
We've scanned millions of jobs. Simply select your favorites, and we can fill out the applications for you.
MillimanSeattle, WA
$203,200 - $397,210 / year
NOTE TO APPLICANTS: Individual(s) must be legally authorized to work in the United States without the need for immigration support or sponsorship from Milliman now or in the future POSITION SUMMARY: The Chief Information Security Officer (CISO) is a senior-level executive responsible for developing, implementing, and overseeing Milliman's global information security program. As a member of Global Corporate Services (GCS) reporting directly to the Chief Information Officer (CIO) and working closely with the CEO, Board of Directors, and Equity Principals, the CISO ensures the confidentiality, integrity, and availability of Milliman's information assets, technology infrastructure, and data across all practices and geographies. This role provides strategic leadership, vision, and governance for all aspects of information security, aligning security initiatives with business objectives and regulatory requirements. RESPONSIBILITIES: Strategic Leadership & Governance Drive the information security function across Milliman, ensuring alignment with organizational goals. Establish and implement a global information security vision and strategy by collaborating with the Board, senior leaders, and Equity Principals. Design and deliver the security roadmap, including staffing and budget plans, and manage the approved corporate information security budget. Serve as an expert advisor to the Board and senior leadership on IT security matters. Facilitate organization-wide security enhancements that integrate business objectives with IT infrastructure, physical infrastructure, and human resources. Act as the primary change agent facilitating information security improvements in security culture, business relationships, and product/service design. Chair the Security Technology Steering Group (STSG). Risk Management & Compliance Collaborate with senior leadership on IT-related risk management to identify, assess, and address risks. Oversee the development, implementation, and maintenance of global information security policies, standards, guidelines, and procedures. Ensure compliance with relevant laws, regulations, and industry frameworks (e.g., ISO 27001, HIPAA, HITRUST, SOC 2). Partner with the Legal Department to maintain a collaborative approach to information security and privacy. Manage third-party/vendor security risk programs and ensure alignment with corporate policies. Serve as a voting member of the Enterprise Risk Management Committee and Technology Operations Committee and act as a key advisor to senior leadership on IT security matters. Incident Response & Operational Oversight Oversee emergency procedures and incident response protocols, serving as the control point during significant security incidents. Direct teams to detect, report, contain, and mitigate incidents impacting data and infrastructure security. Oversee periodic security reviews of all business units and present findings to the Enterprise Risk Committee and Board. Partner with the Legal team in response to privacy incidents and significant events. Collaborate with IT teams to develop, evaluate, and improve network disaster recovery plans. Maintain relationships with law enforcement and relevant government agencies in support of the information security program. Program Development & Stakeholder Engagement Develop and implement enterprise-wide security awareness training. Build and report on metrics and KPIs to measure program effectiveness. Recommend security enhancements and purchases consistent with evolving threats and strategic objectives. Stay current on technological advances and identify opportunities for adoption within Milliman. Provide coordination, communication, and dissemination of best practices across the organization. Support Equity Principals and their practices in security-related matters consistent with GCS service expectations. SKILLS & QUALIFICATIONS REQUIRED: Bachelor's degree in Computer Science, Computer Engineering, Information Systems, or related discipline. The ideal candidate must possess certification (s): Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) The ideal candidate must have 10+ years in management of business or technology organizations, with demonstrated competency in strategic thinking, leadership, and relationship management, and enterprise-level responsibility. The ideal candidate must have 7+ years of direct management experience overseeing security teams and budgets. The ideal candidate must have previous experience with regulatory compliance frameworks such as ISO 27001/2, HIPAA, HITRUST, and SOC 2. The ideal candidate must have previous experience with cloud security control design and management experience. The ideal candidate must have thorough knowledge of finance, budgeting, project management, and systems development lifecycle. The ideal candidate must have knowledge of security domains such as auditing, policy, database security, firewall design and implementation, risk analysis, identity management, access management, and web services. Must have demonstrated leadership in multi-discipline, high-performance teams, including supervision and professional development of technical staff. Must have proven ability to work with geographically diverse offices in a global organization. Must have excellent verbal and written communication skills, including the ability to prepare documentation, policies, and build consensus across broad groups. Must have the ability to deal effectively with concrete, tangible issues as well as abstract, conceptual matters. Must demonstrated thought leadership in information security and creating innovative, scalable business solutions with the ability to lead and motivate cross-functional, interdisciplinary teams. Must have strong time management skills, ability to handle multiple projects concurrently, and the capacity to be flexible and nimble as business needs change and evolve. SKILLS & QUALIFICATIONS PREFERRED: Advanced degree (master's or PhD) in Information Security, Computer Science, or related field. Experience within consulting or professional services organizations. Familiarity with enterprise-level cloud technologies, defect tracking tools, agile management tools, and Microsoft Suite. Additional certifications (e.g., GIAC, CCSP, CRISC, PMP). LOCATION: This is a remote role. The expected application deadline for this job is December 15th, 2025 COMPENSATION: The overall salary range for this role is $203,200 - $397,210. For candidates residing in: Alaska, California, Connecticut, Illinois, Maryland, Massachusetts, New Jersey, New York City, Newark, San Jose, San Francisco, Pennsylvania, Virginia, Washington, or the District of Columbia the salary range is $233,680 - $397210. All other locations the salary range is $203,200 - $345,400. A combination of factors will be considered, including, but not limited to, education, relevant work experience, qualifications, skills, certifications, etc. BENEFITS: We offer a comprehensive benefits package designed to support employees' health, financial security, and well-being. Benefits include: Medical, Dental and Vision- Coverage for employees, dependents, and domestic Employee Assistance Program (EAP)- Confidential support for personal and work-related 401(k) Plan- Includes a company matching program and profit-sharing Discretionary Bonus Program- Recognizing employee Flexible Spending Accounts (FSA) - Pre-tax savings for dependent care, transportation, and eligible medical expenses. Paid Time Off (PTO) - Begins accruing on the first day of Full-time employees accrue 15 days per year, and employees working less than full-time accrue PTO on a prorated basis. Holidays- A minimum of 10 paid holidays per Family Building Benefits- Includes adoption and fertility Paid Parental Leave- Up to 12 weeks of paid leave for employees who meet eligibility Life Insurance & AD&D - 100% of premiums covered by Short-Term and Long-Term Disability- Fully paid by ABOUT MILLIMAN: Independent for over 75 years, Milliman delivers market-leading services and solutions to clients worldwide. Today, we are helping companies take on some of the world's most critical and complex issues, including retirement funding and healthcare financing, risk management and regulatory compliance, data analytics and business transformation. Milliman invests in skills training and career development and gives all employees access to a variety of learning and mentoring opportunities. Our growing number of Milliman Employee Resource Groups (ERG's) are employee-led communities that influence policy decisions, develop future leaders, and amplify the voices of their constituents. We encourage our employees to give back to their varied professions, including leadership in professional organizations. Please visit our web site ( https://www.milliman.com/en/social-impact ) to learn more about Milliman's commitments to our people, inclusion, and sustainability. Through a team of professionals ranging from actuaries to clinicians, technology specialists to plan administrators, we offer unparalleled expertise in employee benefits, investment consulting, healthcare, life insurance and financial services, and property and casualty insurance. EQUAL OPPORTUNITY: All qualified applicants will receive consideration for employment, without regard to race, color, religion, sex, sexual orientation, national origin, disability, or status as a protected veteran.
Posted 30+ days ago
Action Logistics, IncArlington, TX
Job Overview: We are seeking a qualified Information Systems Auditor to conduct a focused audit of our accounting servers and data backup infrastructure. This role will assess the effectiveness, reliability, and security of our current data backup and recovery processes, ensuring they comply with best practices and support business continuity objectives. The audit will specifically evaluate the backup strategies for our accounting systems, including their implementation, scheduling, monitoring, testing, and restoration capabilities. Key Responsibilities: Conduct a comprehensive audit of the current backup methods and policies for all Accounting-related servers and data repositories. Evaluate existing infrastructure, software, and tools used for backup and recovery, including offsite/cloud-based solutions. Assess the consistency, frequency, and completeness of backup processes, including full, incremental, and differential strategies. Test and validate data restoration procedures at various levels (file, database, server image, and full disaster recovery scenarios). Identify gaps or risks in backup integrity, scheduling, encryption, and retention policies. Review user access and security protocols related to backup data and restoration tools. Document all findings and provide actionable recommendations to improve backup reliability, security, and compliance. Collaborate with IT staff and third-party vendors (if applicable) to validate systems, access logs, and restoration capabilities. Produce a final audit report including an executive summary, technical findings, remediation priorities, and proposed action plan. Qualifications: Bachelor’s degree in Information Systems, Cybersecurity, Computer Science, Accounting Information Systems, or related field. 5+ years of experience in IT audit, systems administration, or cybersecurity with direct involvement in data backup and recovery. Strong understanding of accounting system infrastructures (e.g., Microsoft Dynamics GP). Familiarity with backup solutions (e.g., Datto, AWS backup) and cloud/offsite backup best practices. Experience with risk assessments and business continuity planning. Certifications such as CISA, CISSP, or CRISC are highly desirable. Strong communication skills, including report writing and presenting findings to senior leadership. Powered by JazzHR
Posted 30+ days ago
Veracity InsurancePleasant Grove, UT
$75,000 - $85,000 / year
At Veracity, we aim to be a different kind of insurance partner – one that is free from outside investors, venture capital, or the pressures of a corporate parent. Ours is a culture of empowerment – one that believes in effort, results, and accountability. We believe that transparency fosters trust, trust fosters growth, and that growth drives innovation. Our commitment to rigorous evaluation and relentless execution lead to rapid evolution. We answer only to the small business owners we serve, and this independence allows us to stay focused on what matters most: helping their businesses thrive by providing expert guidance and best-in-class insurance policies. We’re growing fast and want you to be a part of it! We’re seeking a talented, detail-oriented Information Security and Compliance Analyst to join our team. Reporting to the Technical Operations and Information Security Manager, this role is responsible for supporting the organization’s cybersecurity posture by maintaining and enhancing security policies, controls, and monitoring systems, and ensuring compliance with frameworks such as SOC 2 and PCI DSS to protect company and client data. Key Responsibilities Strengthen the organization’s cybersecurity posture by implementing, maintaining, and improving security policies, standards, and technical controls Monitor security tools and system activity to identify, investigate, and escalate potential threats or vulnerabilities Support vulnerability management, including performing scans, tracking remediation, and validating fixes Maintain accurate, audit-ready documentation and coordinate evidence collection for SOC 2, PCI DSS, and other compliance frameworks Support incident response processes, including triage, documentation, and post-incident follow-up Assist with user access reviews, control testing, risk assessments, and security awareness efforts Collaborate with IT, Engineering, and Compliance teams on secure configurations, remediation plans, and cross-functional security initiatives Participate in routine policy, procedure, and control reviews to ensure alignment with regulatory requirements and security best practices Maintain detailed logs and reports of security activities, metrics, and compliance obligations Identify opportunities to strengthen controls, streamline processes, and enhance overall security program maturity Required to perform other duties as requested, directed, or assigned Requirements and Qualifications Bachelor’s degree in information systems, IT, Cybersecurity, or a related field 2–3 years of experience in security compliance, auditing, or governance (SOC 2 experience preferred) Strong integrity, attention to detail, and accountability in handling sensitive or regulated information Proactive problem-solving skills with the ability to anticipate and address risks effectively Strong collaboration and communication skills with experience working across technical and compliance teams Ability to remain composed and effective under pressure, including during audits and security incident Perks Health, dental, and vision plans Amazing work-life balance with 4 weeks of Paid Time Off 10 Paid Company Holidays with 2 floating holidays 401K Programs with employer match Personal assistance programs for support in a healthy personal and work life Why Veracity? Here at Veracity, you’ll be part of a team of trailblazers and visionaries. We’re not just revolutionizing the way people “do” insurance; we are creating a whole new paradigm. Here, you will experience a vibrant and inclusive workplace where your ideas matter! With us, you have a chance to: Engage in groundbreaking projects that are reshaping the insurance landscape Collaborate with a group of dedicated, like-minded professionals Experience a culture that prioritizes growth and development Compensation Range: $75k/yr - $85k/yr We are proud to be an equal-opportunity employer. We are committed to providing equal opportunities to all qualified applicants, regardless of race, color, religion, sex, national origin, disability, or any other legally protected characteristics. If you need accommodation, please let us know during the interview process. Powered by JazzHR
Posted 1 week ago
Kegman IncMelbourne, FL
Information System Security Officer Kegman Inc. is a Woman-Owned/Service-Disabled Veteran-Owned Small Business headquartered in Melbourne FL that provides engineering and technical support services to U.S. Government clients. We are seeking an Information System Security Officer (ISSO) to join our team at Patrick Space Force Base in Melbourne, FL. NOTE: This is not a remote/telework job. This job requires the selected applicant to have an active U.S. Government-issued security clearance at time of hire and, therefore, requires U.S. citizenship. The ISSO will be involved in all aspects of cybersecurity operations and will partner with program/site leads as well as government staff and mission partners to maintain an effective information security program. This position will document, implement, and assess security controls to perform system monitoring and compliance assessment activities. In addition, this ISSO will provide Risk Management Framework (RMF) support. Responsibilities Work as part of an integrated team to develop and maintain RMF body of evidence documentation (example: System Security Plan, Security Controls Traceability Matrix, Plan of Action and Milestones, ATO’s) using Microsoft products such as Word, Excel, PowerPoint, and Visio. Maintain repositories of all body of evidence documentation for systems under your purview and ensure they are accessible only to properly authorized individuals. Develop and execute security control assessment procedures to verify conformance with control requirements as part of ongoing continuous monitoring and authorization assessment activities. Work in close coordination with system administrators and other cyber team members to ensure systems are operated, maintained, and disposed of in accordance with applicable security policies and procedures and notify the ISSM when changes occur that might impact system authorization posture. Support the CISO, PM, ISSM or ISO in maintaining current authorization to operate, and approval to connect, and in implementing corrective actions identified in the plan of action and milestones. Coordinates, with the CISO, PM, ISSM and AO staffs, development of an IS Configuration Management strategy and monitor any proposed or actual changes to the system and its environment. Ensure all security-related vulnerabilities and deficiencies are documented in the Plan of Action and Milestones (POA&M). Ensure integration of cybersecurity into, and throughout the lifecycle of the IT, on behalf of the ISSM and ISO. Ensure the development and implementation of an effective information security education, training, and awareness program. Ensure configuration management policies and procedures for authorizing use of hardware/software on a system are followed and coordinate any additions, changes or modifications to hardware, software, or firmware with the ISSO/ISSM prior to the addition, change or modification. Ensure software, hardware, and firmware complies with appropriate security configuration guidelines (e.g., security technical implementation guides (STIG)/security requirement guides). Reports security incidents or vulnerabilities to the CISO/ISSM/wing cybersecurity office according to AFI 17-203, Cyber Incident Handling. Basic Qualifications Experience working in information assurance or cybersecurity roles supporting classified DoD environments Working knowledge of NIST 800-53 controls and RMF Experience analyzing and interpreting outputs of various endpoint security, vulnerability, and enumeration tools (example: Tenable Nessus, Security Center, SolarWinds, EndPoint Security Solutions, Vulnerator, SCAP Compliance Checker) Preferred Qualifications Strong interpersonal and written/oral communication skills to coordinate with program/site leads as well as government staff and mission partners Experience working on/with Government contracts Detail-oriented team member who can consistently meet deadlines and is able to work independently as needed Able to multi-task and work with a diverse work group of vendors, executive managers, subcontractors, consultants, and other professionals. Education Bachelor’s degree in Cybersecurity or other related field and 3+ years of experience, or Master’s degree Or DoD 8570 IAM Level I (Security+) or higher baseline certification (CISSP preferred) OTHER: U.S. citizenship required. Must pass a pre-employment drug test. Must have a fully adjudicated (not an interim) U.S. Government-issued security clearance at time of hire. Kegman Inc. is an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status or any other characteristic protected by law. Kegman will abide by the requirements of 41 CFR 60741.5(a). This regulation prohibits discrimination against qualified individuals on the basis of disability and requires affirmative action by covered prime contractors and subcontractors to employ and advance in employment qualified individuals with disabilities. Please be aware many of our positions require an active security clearance. Security clearances are be granted to U.S. citizens. In addition, applicants who accept a conditional offer of employment that requires a security clearance will be subject to government security investigation(s) and must meet and maintain eligibility requirements for access to classified information. By submitting your résumé for this position, you understand and agree that Kegman may share your résumé, as well as any other related personal information or documentation you provide, with its subsidiaries and affiliated companies for the purpose of considering you for other available positions. Kegman maintains a drug-free workplace and performs pre-employment substance abuse testing where permitted by law. Powered by JazzHR
Posted 1 week ago
Lucayan Technology Solutions LLCTampa, FL
Location: Remote Clearance Required: Public Trust (Minimum Background Investigation – MBI) Employment Type: Full-Time Overview Lucayan Technology Solutions is seeking an experienced Lead Systems Information Engineer to support and lead the technical team responsible for the IRS Microsoft 365 (M365) Cloud Suite platform. The ideal candidate will bring deep expertise in Microsoft cloud technologies, strong leadership capabilities, and experience working within federal government environments requiring strict compliance, privacy, and security controls. Key Responsibilities Lead, manage, and support the technical operations of the IRS Microsoft 365 Cloud Suite environment. Perform system administration, maintenance, integration, troubleshooting, and optimization of M365 services. Oversee implementation and support of Power Platform, including PowerApps, Power BI, and Flow. Conduct security and privacy analysis in alignment with IRS and federal standards. Develop and maintain project documentation, including technical policies, procedures, and system configurations. Serve as the primary technical liaison, collaborating with internal teams, stakeholders, and IRS SMEs to ensure deliverables meet compliance requirements. Provide technical guidance and mentorship to team members. Quickly adapt to IRS-specific processes, security requirements, and compliance frameworks. Required Qualifications Minimum 5 years of experience supporting Microsoft 365 Cloud Suite in a large corporate or government environment. Experience supporting federal government clients or similar high-security environments (IRS experience is a plus). Expertise with Microsoft Power Platform (PowerApps, Power BI, Flow). Strong .NET development skills (C#, ASP.NET MVC, Entity Framework, JavaScript, HTML, CSS). Proficiency in PowerShell scripting for automation and administration. Experience with Exchange, Intune, Azure AD , and other Azure ecosystem tools. Experience with SharePoint Administration and PowerApps model-driven development. Excellent communication, problem-solving, and leadership skills. Security Clearance & Training Requirements Must have or be able to obtain a Public Trust (MBI) clearance. Must complete all IRS-required security, privacy, and compliance training. Preferred Qualifications Prior IRS support experience or familiarity with IRS modernization initiatives. Working knowledge of federal compliance frameworks (NIST, FISMA, Zero Trust, TIC). Microsoft certifications such as: M365 Enterprise Administrator Expert Power Platform Developer / Administrator Azure Administrator or Solutions Architect Experience leading remote technical teams. Work Environment Fully remote position with virtual collaboration across distributed teams. Fast-paced, compliance-driven environment supporting federal agencies. May require occasional off-hours support for maintenance or urgent system needs. Powered by JazzHR
Posted 3 weeks ago
Independent SoftwareFort Meade, MD
What You Will Do At Independent Software, we are committed to building secure, mission-driven technology that protects what matters most. As an Information System Security Manager, you will provide expert-level oversight of security operations across complex systems and programs. You will help design, implement, and enforce information security policies that align with organizational goals and regulatory requirements. Your leadership will ensure systems remain secure throughout their lifecycle—from concept through retirement—while collaborating closely with engineers, program managers, and cybersecurity personnel.This role offers the opportunity to shape enterprise cybersecurity practices, lead high-impact security initiatives, and mentor the next generation of security professionals. You will be a key contributor to programs that support critical national priorities Key Responsibilities: Provide management support for the development, coordination, and enforcement of enterprise information assurance programs Oversee the operational security posture for assigned information systems or programs Lead the development and enforcement of system security policies, standards, and procedures Perform risk and vulnerability assessments to support security authorization decisions Provide day-to-day security operations support and oversight for ISSEs and ISSOs Manage and assess the security impact of changes to hardware, software, and firmware Review and manage documentation including System Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation packages, and System Requirements Traceability Matrices (SRTMs) Analyze user needs to determine functional and cross-functional security requirements Gather and organize technical information relevant to organizational goals and security posture Facilitate issue resolution through Technical Exchange Meetings and integrated product teams Collaborate with engineering staff to ensure secure systems integration throughout the development lifecycle Serve as the program’s designated ISSM and provide daily oversight to ISSOs Advise and support Program Managers on cybersecurity strategy and program execution Enable the design and implementation of secure IT systems for future enterprise environments Required Skills and Qualifications: Twelve years of professional experience in the field of security authorization Demonstrated experience with current security tools, hardware and software security implementation, communication protocols, and encryption technologies Knowledge of commercial security products, risk management practices, security incident management, and PKI and authorization services Experience developing and managing system security documentation and artifacts Proven ability to manage security across multi-system environments, including secure collaboration with engineering, operations, and leadership teams Strong communication and leadership skills to interact with both technical teams and executive stakeholders Education and Experience: Bachelor’s degree in Computer Science, Cybersecurity, IT Engineering, or a related field from an accredited college or university In lieu of a degree, four additional years of relevant work experience may be substituted Certifications: Compliance with DoD 8570.01-M Minimum certification required: IAM Level II (e.g., CISSP, CAP, CISM) Clearance Requirement: Must possess an active TS/SCI with appropriate Polygraph to be considered for this role This position is contingent on contract award We’re an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status. Powered by JazzHR
Posted 30+ days ago
IDS InternationalArlington, VA
Join our team at IDS Technology as an Information Warfare Exercise Design Specialist and immerse yourself in cutting-edge military exercises focused on Special Operations in the Information Environment. As a leader, you'll use your expertise to bring digital information to life, simulating a near-peer contested information environment to provide warfighters with real-life training. You'll work with US Military and other organizations to develop, plan, and coordinate scenarios, providing instruction, coaching, and subject matter expertise in the human domain and computer and network troubleshooting. With opportunities to travel to exercise sites and provide remote support, this role offers a dynamic and exciting environment to hone your skills and make a meaningful impact. Apply your knowledge of relevant technologies and expertise in SOF, Cyber, PSYOP, Intel, SPACE and Civil Affairs to this unique challenge. Embrace the chance to push the boundaries of Information Advantage, developing innovative solutions and advancing the field. Join us at IDS, where we believe in resolving conflict through innovative approaches and technical solutions. Why IDS? IDS believes in resolving conflict and building innovative approaches to do so. Combining operational expertise with an intimate understanding of today’s greatest challenges to bring our customers the technical solutions required for success in a complex and multi-domain world. Synthetic Internet for Training and Exercises (SITE), a proprietary product of IDS Technology Government Services, is a digital training solution that provides a full-range, free-play, immersive, realistic, and scalable simulated Information Advantage environment where warfighters simultaneously train on full-spectrum cyberspace, Electronic Warfare, and social media analytics during integrated and multi-domain exercises. Responsibilities: Become the Subject Matter Expert on the SITE platform. Maintain current knowledge of relevant technologies and subject areas. Display subject matter expertise in SOF, Cyber, PSYOP, Intel, or Civil Affairs and its relevance to Multi-Domain Operations and/and Operations in the Information Environment. Work with our technical team to learn how to build and design websites within SITE that enrich an exercise scenario’s Operational Environment. Travel to exercise locations as required. Travel and accommodation to/at training locations are provided for the assignment period (typically 1-4 weeks). Computer and networking troubleshooting with customers, including server connection diagnosis, token authentication errors, and basic user support. Be able to communicate issues to the remote Technical Support Team and Software Developers and manage troubleshooting ticketing from identification to resolution. Perform research on various social media platforms; develop and incorporate replicated platforms and associated input/outputs into scenario planning, execution, and assessment. Demonstrate that you know the problems clients are facing in the innovation and growth of Information Advantage with real examples from your experience. Convince customers that there are challenges they may not yet have identified (or at least understood could be solved) Identify which of our use cases match the client’s pain points, enabling the customer to help compile a list of requirements, capabilities, MOP/MOEs, and improve their experience with SITE. Surface new product development opportunities and/or issues with current solution & own feedback loop to the product team and roadmap Monitor KPIs and ARR growth. Prepare reports, briefs, and documents to support event scenario development. Oversee OPFOR (red) and population (grey) activity on social media and civilian internet activity, ensuring MSEL/scenario development is accurately portrayed online. Demonstrate a strong understanding of layered effects between Kinetic Operations, Information Operations, Full-spectrum Cyberspace Operations, Electronic Warfare, SIGINT, SPACE, and MILDEC. Understand and demonstrate the TTPs and concepts of social media weaponization. Define and develop innovative Information Advantage capabilities that integrate advanced analytics and concepts of operation into the exercise scenario. Plan and create visual information products that communicate assigned information objectives and illustrate assigned messages to inform OPSGRP and the training audience. Gather open-source and controlled intelligence to develop a predictive understanding of adversarial strategies, priorities, and overlapping interests. Plan, develop, and disseminate digital information content into the rotational scenario in a closed internet environment, such as tweets, blogs, news articles, propaganda, Facebook profiles, images, and videos. Develop and publish Open-Source Enterprise style Daily Social Media Alerts to be used by training units and exercise control groups for scenario development and inclusion in AARs to demonstrate the tangible confluence of the physical and digital environments. Establish a community and facilitate interaction to identify opportunities for collaboration and sharing. Create presentations and marketing material to articulate the program. Required Qualifications: Active Top-Secret clearance. Those with “SECRET” clearance will be reviewed on a case-by-case basis Ability to travel up to 50% Familiarity with Direct Action, Counterterrorism, Unconventional Warfare, Foreign Internal Defense, Psychological Operations, Civil Affairs, Multi-Media Production, and Special Operations Forces. Experience working with tactical to enterprise-scale clients, especially within USASOC. Familiarity with exercise planning and management Preferred Qualifications: Degree from an accredited college; preferred degree in Computer Science or Information Technology CompTIA Network+ CompTIA Sec+ Eight (8) years demonstrated experience in an intelligence discipline, civil affairs, ODA, Joint SOF, or psychological operations working in the DoD or IC, or six (6) years demonstrated experience working in a field related to OSINT research, J39X, non-standard communications, cyberspace operations, collection management, or analysis or the exploitation of publicly available information or social media. Demonstrated working knowledge of computer networking, including Local Area Networks (LAN) and Cloud Networks Special Operations Forces experience in both intelligence and operations Computer Skills: Advanced knowledge of Microsoft Office tools (Word, Excel, and PowerPoint). Working knowledge of WordPress, VPNs, and HTML Physical Demands: Employee must be able to sit at a workstation for extended periods; use hand(s) to handle or feel objects, tools, or controls; reach with hands and arms; talk and hear. Most positions require the ability to work on a desktop or laptop computer for extended periods of time reading, reviewing/analyzing information, and providing recommendations, summaries, and/or reports in written format. Must be able to communicate effectively with others verbally and in writing. Employee may be required to occasionally lift and/or move moderate amounts of weight, typically less than 40 pounds. Regular and predictable attendance is essential. Must be an effective communicator both verbally and in writing. Most positions require the ability to work on a desktop or laptop computer for extended periods of time. Computer activities include reading, reviewing, and analyzing information and providing recommendations, summaries, and reports in written or verbal format. Additionally, positions require the ability to sit at a workstation for extended periods; use hand(s) to handle or feel objects, tools, or controls; reach with hands and arms; as well as speak and hear. Employee may be required to occasionally lift and/or move moderate amounts of weight, typically less than 20 pounds, but may vary depending on the position. Regular and predictable attendance is essential. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status, and any other characteristic protected by federal, state, and local law. If you are unable to apply through the portal and need to speak to someone about necessary accommodations to apply, please email accommodation@idsinternational.com and we will follow up with you. Do not submit resumes and applications through this email. Powered by JazzHR
Posted 30+ days ago
Lucayan Technology Solutions LLCChantilly, VA
📍 Chantilly, VA | 🕒 Full-Time | 🔒 TS/SCI with Polygraph | Onsite Join Our Mission Lucayan Technology LLC is looking for an Information Systems Security Engineer (ISSE) with Space Systems experience to join our growing cybersecurity team in Chantilly, VA. In this role, you will be instrumental in safeguarding mission-critical systems, applying your expertise in ICD 503 compliance, secure systems design, and information assurance engineering. What You’ll Do Conduct information system security engineering throughout the lifecycle, from acquisition to operations. Integrate security requirements into system design and development using systems engineering methodologies. Collaborate with government stakeholders to ensure compliance with ICD 503 certification and accreditation. Provide hands-on expertise with networks, virtualization platforms, and enterprise operating systems. Lead or support technical activities in system integration, configuration management, and testing . Participate in space system security requirement reviews, working groups, and national-level security councils. Prepare and maintain security documentation, including System Security Plans (SSPs), CONOPS, POA&Ms, and configuration management plans . Qualifications Required: Active TS/SCI with Polygraph . Bachelor’s degree in Computer Science, Engineering, or related discipline. 8+ years of experience in information assurance and systems security engineering. Hands-on experience with operating systems (Windows, Linux, Unix, macOS) and virtualization (VMware, Xen, Hyper-V). Demonstrated knowledge of ICD 503 and security accreditation processes. Space systems security engineering experience. One of the following baseline certifications: CISSP, CISM, GCLP, CCSP . Preferred: Master’s degree in Computer Science, Cybersecurity, or related field. Experience with NIST Risk Management Framework (RMF) and continuous monitoring practices. Strong technical project management and leadership experience. Why You Should Join Lucayan At Lucayan Technology LLC, we specialize in cybersecurity, engineering, and program support for mission-critical federal and defense programs. Our engineers play a direct role in protecting national security systems, including space-based platforms and networks . By joining Lucayan, you’ll gain: The opportunity to contribute to high-impact national security missions . A collaborative environment working alongside government and industry experts. Professional growth through training, certifications, and advancement opportunities. A company culture built on integrity, mission-focus, and technical excellence . 👉 Apply today and help us secure the future of national defense and space systems! Powered by JazzHR
Posted 30+ days ago
Lucayan Technology Solutions LLCChantilly, VA
📍 Chantilly, Virginia | 🕒 Full-Time | 🔒 TS/SCI with Polygraph | Onsite Overview Lucayan Technology LLC is seeking a Cyber Defense IASAE Level II to join our growing team in Chantilly, VA. This role is focused on designing and securing information system architectures for a mission-critical Intelligence Community program. As part of Lucayan’s cybersecurity engineering team, you will play a key role in protecting networks, applications, and systems by applying ICD 503 standards, DoD IA policies , and best practices in cybersecurity architecture. What You’ll Do Design and secure end-to-end information system architectures . Engineer security solutions across networks, applications, and databases. Implement defense-in-depth strategies, including firewalls, VPNs, IDS/IPS, antivirus, switches, routers, and boundary protection . Support system development through ICD 503 certification and accreditation processes. Collaborate with government stakeholders to ensure compliance with NIST and NRO security policies . Integrate security engineering into all phases of the system lifecycle. Do you have what it takes? Requirements: Active TS/SCI with Polygraph . Bachelor’s degree in Computer Engineering, Cybersecurity, INFOSEC, Information Management, or Computer Science. 5+ years of IASAE experience. One of the following certifications: CASP, CSSLP, or CISSP (Associate). Preferred: Experience supporting senior government managers on IA issues. Familiarity with NRO policies and Risk Management Framework (RMF) . End-to-end system security engineering and integration experience. About Lucayan Technology LLC At Lucayan Technology LLC, we deliver mission-focused cybersecurity, engineering, and program management solutions to the Department of Defense and Intelligence Community . Our teams are trusted to safeguard some of the nation’s most sensitive systems, from enterprise networks to space-based platforms. By joining Lucayan, you’ll contribute directly to national security , work in a collaborative environment , and gain access to professional development opportunities that support your career growth. 👉 Apply today to become part of Lucayan’s expert cybersecurity engineering team and help us secure the future of national defense systems. Powered by JazzHR
Posted 30+ days ago
Summit Federal Services, LLCSalem Winston, NC
Summit Federal Services, LLC (SFS) with headquarters in Oakland, Maryland, is a fast growing woman owned Small Business and HUBZone company with an outstanding record of performance providing more effective and efficient acquisition, business process, training, IT, administrative and security services to multiple federal agencies. SFS/Merito is looking for a Information Systems Security Manager to spearhead their client organizations information security program. The ISSM will lead the development and implementation of security measures, ensuring compliance with industry regulations, frameworks, and company policies. The ideal candidate will bring expertise in cybersecurity, risk management, and information systems security compliance to protect the organization’s critical assets Location: Winston-Salem, NC, hybrid (Remote for first 5 months then reports onsite) Job Type: Contract Reports To: Corporate Compliance Manager & Facility Security Officer Pay : Based on experience Key Responsibilities: • Lead the establishment and maintenance of classified networks and operating systems. • Develop and maintain technical documentation and security policies for IT equipment within open storage areas. • Determine technical Information Assurance (IA) requirements and conduct cyber risk assessments, including vulnerability analysis and implementation of mitigation solutions in alignment with RMF standards. • Author and manage security documentation for system authorization, continuous monitoring, and information systems lifecycle management (e.g., Authorization to Operate (ATO), System Security Plan (SSP), Plans of Action and Milestones (POAM). • Provide guidance and technical expertise in the creation of solutions for complex security problems, requiring deep knowledge of systems security. • Ensure that security controls are implemented effectively and continuously throughout the information systems lifecycle. • Utilize cybersecurity tools to provide ongoing security monitoring for infrastructure in accordance with Department of Defense (DoD) requirements. • Perform system audits, vulnerability risk assessments, and investigations into security incidents or violations related to information assurance. • Conduct regular training and awareness programs on cybersecurity best practices and risk mitigation strategies for all system users. • Other duties as required. Basic Qualifications: • U.S. Citizenship. • Active Secret Clearance. • Prior experience as an ISSM or ISSO, with strong familiarity in establishing classified networks and information systems. • Experience as a COMSEC Custodian and in handling security controls for classified information systems. • Proficiency in cybersecurity frameworks and risk management practices, including the Risk Management Framework (RMF) and DoD compliance requirements. Preferred Qualifications: • Relevant certifications such as CISSP, CISM, or Security+ • Familiarity with cybersecurity tools, auditing processes, and incident response frameworks. Summit Federal Services, LLC is an equal opportunity employer regardless of race, color, religion, creed, sex, marital status, national origin, disability, age, veteran status, on-the-job injury, sexual orientation, political affiliation or belief. Employment decisions are made without consideration of these or any other factors that employers are prohibited by law from considering. Any discriminatory action can be a cause for disciplinary action. Summit Federal Services, LLC also prohibits discrimination against individuals with disabilities and will reasonably accommodate applicants with a disability, upon request, and will also ensure reasonable accommodation for employees with a disability. Powered by JazzHR
Posted 30+ days ago
cFocus Software IncorporatedDahlgren, VA
cFocus Software seeks a Sr. Information Management Specialist to join our program supporting the Department of Defense (DoD). This position is remote. This position requires the ability to obtain a Secret clearance. Qualifications: Six (6) years of professional experience in a broad-base Automatic Data Processing (ADP) services environment This position requires a DoD IAM III level certification Duties: Develop, implement, and maintain information and records management policies, processes, and systems in alignment with DoD and Navy regulations. Oversee the organization, classification, and lifecycle management of digital and physical information assets. Ensure compliance with Department of the Navy (DON) and National Archives and Records Administration (NARA) records retention schedules. Support data governance and configuration management efforts to maintain data integrity and traceability. Coordinate with IT and cybersecurity teams to ensure the protection of classified and sensitive information. Manage the creation, maintenance, and disposition of records in accordance with approved Navy information management procedures. Implement metadata standards, tagging, and indexing strategies to facilitate efficient data retrieval and analysis. Support audit and inspection readiness activities related to records and information management compliance. Train and mentor staff on information management procedures, security protocols, and document control systems. Maintain and update document repositories and electronic filing systems to ensure accessibility and compliance. Develop reports and metrics to track compliance, data quality, and information lifecycle activities. Serve as the subject matter expert (SME) for information management, providing guidance to stakeholders and leadership. Collaborate with program managers and contracting officers to ensure contract deliverables and documentation are properly archived and retrievable. Participate in continuous improvement initiatives to enhance information sharing, collaboration, and data governance capabilities. Ensure secure and compliant handling, transmission, and storage of controlled unclassified and classified information. Powered by JazzHR
Posted 30+ days ago
VISTRADANew York, NY
$150,000 - $200,000 / year
Chief Information Security Officer (CISO) Vistrada is looking to hire strong Chief Information Security Officers (CISO). The CISO will provide strategic cybersecurity guidance and oversight to Vistrada clients by leading and managing their cybersecurity programs to help protect their infrastructure, data, people, and customers. Candidates should have extensive knowledge of cybersecurity best practices, industry standards, and regulations. They should also have strong communication, leadership, and project management skills, as well as the ability to work collaboratively with internal and external stakeholders. Job Responsibilities and Common Duties Include: Apply consultative and leadership skills to build high rapport with clients and team members. Provide expert security advisory, compliance and security program oversight, oversee security/compliance assessments, and prepare high-quality reports (including gap analysis, POAM, recommendations, and remediation planning). Lead and manage a team of security analyst(s) providing oversight, direction, expertise, and mentoring. Provide virtual chief information security officer services. Support clients on a fractional owner model. Act as an extension of client’s information security management and governance function. Develop, implement, and oversee information security programs. Assess, identify requirements for, and make recommendations on security controls and technologies. Develop security roadmaps and plans of action. Vendor and third-party risk management program support and due diligence. Develop business continuity and incident response plans. Focus on key performance indicators, metrics, security dashboards. Assist With Business Development. Work with potential new clients to understand and define business and technology needs, provide subject matter expertise to answer client’s questions and concerns, and identify and align services with client’s needs. Support statements of work, identify resource requirements, assumptions, estimates, and assist with responses to Requests for Proposals (RFPs). Identify client’s security and technology needs and identify business development opportunities as outcomes of assessment activities. Develop expert level content, participate in panel discussions and public speaking events, and attend conference exhibitor opportunities. Architect high quality security solutions to the needs of clients. Perform other duties that may be assigned by management. Required Experience / Skills: 10+ years of CISO experience working in related field(s). Expert knowledge of cybersecurity frameworks and regulations including: NIST, ISO, CMMC, PCI, COBIT, DFARS, HIPAA, etc. Hands-on incident response coordination and oversight experience. Strong understanding of IT Risk and components, including application, infrastructure, network, and vendors. Bachelor’s degree in Computer Science, Accounting, MIS, or comparable work experience. Develop and present management level materials to effectively communicate and message to stakeholders. Relevant certifications such as CISA, CISM, or CISSP, or similar experience. The annual pay range for this role is $150,000 - 200,000. Company Background: Vistrada is a business, technology and management services firm dedicated to helping clients plan, design and implement initiatives supporting Cybersecurity, Business Transformation, Integrated Risk Management, and Managed Services. Vistrada provides seasoned expertise and a flexible team structure allowing agility and responsiveness to support client’s evolving needs. Our company operates nationally today with resources centered around NYC, Albany NY, Austin TX, Chicago, IL and Salt Lake City, UT. We have many resources who operate remotely and onsite as needed in a wider geography. Our business organization has four verticals and multiple cross competencies headed by leaders with more than 20+ years of experience on average Powered by JazzHR
Posted 30+ days ago
Cambridge International Systems IncPhiladelphia, PA
Information System Security Officer – Top Secret Clearance | Philadelphia, PA Cambridge International Systems, Inc. Join a dynamic global team united by shared values: commitment, integrity, and perseverance. At Cambridge, you’ll work alongside top talent worldwide, tackling some of today’s most complex and critical challenges in defense and security. We are currently seeking an Information System Security Officer to support operations in Philadelphia, PA. This is a full-time, CONUS position requiring an active DoD Top Secret clearance. This position is contingent upon contract award in October 2025. What You’ll Do Serve as an ISSO supporting RMF compliance and cybersecurity for DoD systems. Implement and monitor security controls, ensuring adherence to NIST 800-53 and DoD policies. Conduct vulnerability assessments, threat analyses, and continuous monitoring using tools like ACAS, STIG Viewer, and eMASS. Support incident response activities, including isolating assets, collecting data, and reporting findings. Maintain RMF documentation (SSPs, POA&Ms, RARs) and ensure system accreditation packages remain current. Collaborate with system owners, administrators, and the ISSM to sustain system security posture. Track, report, and resolve cybersecurity findings while preparing for audits and inspections. What You’ll Bring Required Qualifications: Education & Experience: Bachelor’s degree in computer science, information technology, communications systems management, or an equivalent science, technology, engineering & mathematics (STEM) degree from an accredited college or university Technical Expertise: Six (6) years of experience implementing and coordinating cybersecurity policies across organizational levels, ensuring compliance with DoD and federal standards. Proven expertise conducting vulnerability assessments, threat analyses, and risk mitigation activities. Demonstrated ability to support cyber incident response — including isolating affected assets, performing initial investigations, collecting data, and providing detailed status reports. Certifications: Meets DoD IAM Level II baseline requirements — holding one or more of the following: CAP, CASP+ CE, CISM, CISSP (or Associate), GSLC, CCISO, or HCISPP OS/CE Qualification: As directed by Privileged Access Agreement and DFARS 252.239-7001 requirements. Must have a current and active DoD Top Secret security clearance. Proficient with modern IT tools and infrastructure technologies Travel & Passport Some overnight stays possible. Work Environment Compliance with vaccination and medical requirements for TDY/OCONUS roles as per Vaccine Recommendations by AOR | Health.mil . Office setting: Primarily an office-based role in Philadelphia, PA Standard desk/computer work with flexibility for walking and movement on site Must be able to work in an office environment, sitting at a desk, looking at a computer for most of the workday. Work is physically comfortable; the employee has discretion about sitting, walking, standing, etc. May be required to travel short distances to offices/conference rooms and buildings on site. Background & Security Employment is contingent upon successful background investigation Drug screening may be required for federal contract compliance Benefits & Perks We believe in investing in our team—both professionally and personally: Medical, dental, vision, life, accident, and critical illness insurance 401(k) immediate vesting and match Paid time off and company holidays Generous tuition & training support Relocation assistance Sign-on and performance-based bonuses Employee referral program Access to Tickets at Work, EAP, wellness initiatives, and more Join Us If you're driven by mission, technology, and teamwork—we want to hear from you. Cambridge is growing, and this position is just one of many opportunities on our global team. Know someone perfect for the role? Referrals are welcome—both employees and non-employees may qualify for a bonus. Apply today and help shape the future of secure cloud computing for national security. About Cambridge International Systems At Cambridge, innovation grows through diversity. We are proud to be an equal opportunity employer, committed to creating an inclusive and supportive work environment for all. Learn more at www.cbridgeinc.com . Powered by JazzHR
Posted 30+ days ago
Mantis Security CorporationReston, VA
Mantis Security is a leading specialty firm of high caliber talent who specialize in Cyber Operations, Cyber Defense, Information Assurance, Software Development, DevSecOps, Security Engineering, and Cloud Engineering. We enable and protect our nation's most important IT assets and invest in the long-term career development of every employee! We are currently looking for the next ISSO to join our team of experts! What you will be doing: Mantis Security is seeking for immediate placement a highly qualified and technical Information Systems Security Officer (ISSO) to lead the Assessment and Authorization (A&A) for multiple analytic mission systems. The ISSO must be proficient in standard A&A activities, and will generate and maintain the complete security body of evidence (BoE) while leading the A&A activities according to the Risk Management Framework (RMF). The ISSO will work with the software engineers and cloud engineers to ensure applications and systems are developed to meet required security controls, as well as to promote proper security configuration. The candidate should possess 8570 IAT Level II baseline certifications and have working knowledge of the Risk Management Framework (RMF), along with other Intelligence Community (IC) and DoD policy and guidance (ICD 503, CNSSI-1253, etc.). All candidates must have current TS/SCI eligibility with the ability to obtain a CI polygraph to be considered. Duties Include: Support to the Assessment and Authorization (A&A) and all Risk Management Framework (RMF) processes (ICD 503, CNSSI-1253, NIST 800-37, NIST 800-53, etc.) for all multiple information systems Work with software engineers, DevOps engineers, release managers, and project management to follow A&A and ATO processes, and ensure Minimum Viable Product (MVP) and full releases are compliant and meet security requirements for continuous delivery to an AWS production environment Ensure validity and accuracy review of all associated security documentation Create and maintain System Security Plan (SSP), Security CONOPS, Security Test Plan (STP) and Security Test Procedures, document and maintain implementation details of NIST 800-53 security controls Plans and performs security functional testing, creates and maintains STPs, supports security assessments Utilize Xacta to maintain Security Body of Evidence (BoE) files and to work through the A&A process for each system release cycle Provide guidance on the application of security policy, identifying security requirements, providing technical guidance for the satisfaction of requirements, reviewing and determining the adequacy of required documentation Manage the plan of action and milestones (POA&Ms) by working with project managers and engineers to develop schedules and engineering actions that mitigate open findings Monitor and audit operational systems for proper use Must have: Bachelor’s degree with 9 years of experience, or Master’s degree with 7 years of experience, or no degree with 13 years of experience DoD 8570 IAT Level II certification requirements (one of CCNA Security, CySA+, GICSP, GSEC, Security+ CE, or SSCP) Must have current TS/SCI eligibility or Active TS/SCI Must be able to obtain a CI polygraph Nice to have: Proficiency with Xacta IA Manager (or Xacta 360) We believe that our strength is in our employees. We offer employees the chance to work with great people on projects of high importance and are committed to providing the best culture that foster’s technical innovation and personal growth. To help our staff achieve a productive work-life balance, we offer a full range of highly competitive benefits for our employees and their families. For more information visit our website at https://www.mantissecurity.com Powered by JazzHR
Posted 3 weeks ago
AERMOR LLCNorfolk, VA
Location: Norfolk, VA Clearance: Secret Position Type: Full-Time AERMOR is seeking an Information System Security Specialist III to provide advanced cybersecurity and information assurance support to ensure the protection, compliance, and accreditation of information systems. This role requires hands-on expertise with Risk Management Framework (RMF), information assurance tools, and security evaluation processes to support Authority to Operate (ATO) requirements. The Specialist will oversee and maintain security postures, evaluate security solutions, and ensure compliance with applicable federal and DoD cybersecurity policies and standards. This is not a remote position. Responsibilities: Apply cybersecurity, engineering, and Test & Evaluation (T&E) knowledge to support security planning and execution. Demonstrate working knowledge of the Risk Management Framework (RMF) process; experience with DIACAP is also applicable. Utilize Information Assurance tools such as: DISA Enterprise Mission Assurance Support Service (eMASS) and Assured Compliance Assessment Solution (ACAS). Assist with the preparation and maintenance of process artifacts, traceability documents, and compliance evidence to support ATO requirements. Evaluate security solutions to verify compliance with security requirements for processing up to classified information. Supervise and/or maintain the operational security posture of assigned information systems and programs. Develop or assist in developing system security policies. Ensure compliance with change management and configuration control processes. May be required to hold Interim Security Control Assessor qualification. Required Experience: Bachelor’s degree with 5 years of practical experience, OR High School/GED with 7 years of practical experience. Demonstrated competency in Cybersecurity, Engineering, Test & Evaluation (T&E), or Assessment & Authorization (A&A)/ Certification & Accreditation (C&A). Familiarity with security policies, standards, and guidance documents. Strong background in RMF, DIACAP, and related security compliance processes. Experience with eMASS, ACAS, and other security assessment tools. Must hold Information Assurance Technical (IAT) III certification. Powered by JazzHR
Posted 4 weeks ago
Independent SoftwareFort Meade, MD
What You Will Do At Independent Software, we believe security starts with the details. As an Information Systems Security Officer (ISSO), you will support the security posture of critical systems across their lifecycle. From assisting with risk assessments to maintaining compliance documentation, you’ll play a key role in protecting sensitive systems and data. Working alongside experienced ISSMs and ISSEs, you will gain hands-on experience with cybersecurity best practices in a collaborative, mission-driven environment.Independent Software is where innovation meets purpose. You'll join a team that values integrity, learning, and technical excellence. We offer the opportunity to work on impactful projects, grow your cybersecurity expertise, and contribute to real-world missions. With flexible work environments, strong mentorship, and a commitment to professional development, Independent Software is the place to launch or elevate your cybersecurity career. Key Responsibilities: Assist senior ISSOs in implementing and enforcing information systems security policies and standards Support the evaluation of security solutions for classified environments Perform basic configuration management for security software, hardware, and firmware Maintain records for systems including upgrades, firewalls, routers, switches, and other network components Develop and maintain required cybersecurity documentation such as System Security Plans (SSPs), Risk Assessment Reports, and other accreditation packages Assist in daily security operations and maintaining the system’s operational cybersecurity posture Track and manage user access control and authentication mechanisms Support vulnerability and risk assessments to enable system authorization Coordinate with engineers and customers to ensure compliance with IT security policies and NIST RMF Help manage and control system changes and assess their security impact Interact with system owners, customers, and IT staff to support cybersecurity objectives Required Skills and Qualifications: Strong foundational knowledge in IT or cybersecurity principles Experience with or understanding of system hardening, access control, or security policy implementation Ability to prepare, maintain, and review cybersecurity documentation Familiarity with vulnerability assessment and basic risk analysis Clear communication and collaboration skills to support interaction with teams and stakeholders Minimum of five years of combined work-related experience in IT, cybersecurity, or security authorization · Experience in at least two of the following areas is required: Current security tools Hardware or software security implementation Communication protocols Encryption tools or techniques Education and Experience: Bachelor’s degree in Computer Science, Cybersecurity, IT Engineering, or related technical discipline In lieu of a bachelor’s degree, an additional four years of relevant work experience may be substituted Certifications: Must be compliant with DoD 8570.01-M Minimum certification required: IAM Level I Clearance Requirement: Must possess an active TS/SCI with appropriate Polygraph to be considered for this role This position is contingent on contract award We’re an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status. Powered by JazzHR
Posted 30+ days ago
CACI International Inc.Alexandria, VA
$78,700 - $165,200 / year
Systems Engineer - Information Support Plan (ISP) Job Category: Consulting Time Type: Full time Minimum Clearance Required to Start: Secret Employee Type: Regular Percentage of Travel Required: Up to 10% Type of Travel: Local The Opportunity: CACI International Inc. has an immediate opening for a Systems Engineer with Information Support Plan (ISP) Support Review and assess Information Support Plans (ISPs) submitted to the DoD CIO in support of Defense Acquisition System decision points, ensuring alignment with DoDI 5000.02 (Operation of the Adaptive Acquisition Framework) and other applicable DoD 5000-series policies, as well as DoDI 8330.01 and joint staff J6 requirements, to identify interoperability, supportability, net-centric, and integration issues. Ensure ISP documentation complies with DoDI 8310.01 and is consistent with approved DoD IT Standards Profiles, Enterprise Architecture Framework views, and acquisition program baseline requirements, thereby promoting interoperability, information sharing, cybersecurity, and integration within the DoD Enterprise. Coordinate with Interoperability Steering Group representatives, joint staff J6, and the Joint Interoperability Test Command to validate compliance with statutory and regulatory joint certification requirements. Occasionally provide interoperability and acquisition policy guidance ensuring solutions are compliant with DoD acquisition, cybersecurity, and interoperability mandates. Responsibilities: The individual provides comprehensive support to the DoD Information Support Plan (ISP) process, including: Champion data-focused digital engineering practices and automation strategies across DoD interoperability initiatives. Development, review, and coordination of directives, instructions, and other documents that guide the ISP process and support DoD enterprise architecture transformation. Help desk support for the ISP development tool: offer technical assistance and support for incoming queries and issues. Investigate and resolve operational problems in conjunction with other engineering and technical personnel. Coordinate with DoD CIO personnel on the review of assigned ISPs. Support the Joint Assessment and Standards Management (JASM) tool and DoD Information Standards Registry (DISR). Specific Duties Include: Lead initiatives to integrate emerging technologies into DoD enterprise architecture and data management processes. Assess ISPs for ACAT I-IV and Non-ACAT programs across military and government agencies. Provide technical assistance on ISPs for the JASM Helpdesk supporting DoD CIO and DISA. Create JASM software documentation on user test findings, analysis, and operating procedures for the JASM guidebooks. Provide strategic support to the Interoperability Steering Group (ISG) by coordinating meetings and teleconferences, facilitating issue resolution, and contributing to informed decision-making for the DoD CIO. Support reviews of DoD IT systems to ensure compliance with Subtitle III of Title 40 USC (Clinger-Cohen Act) and DoDI 8330.01 interoperability certification requirements. Apply DoDI 8310.01 to verify IT standards compliance and conformance across systems and services. Provide analysis and recommendations to enhance systems and services in alignment with DoD IT standards, interoperability goals, and digital transformation objectives. Other Responsibilities May Include: Support triage and review of program justification documentation for DoD acquisition processes. Review and assess Interface Control Documents (ICDs), Capabilities Development Documents (CDDs), and Capability Production Documents (CPDs) for acquisition process compliance. Qualifications: Required: Current Secret DOD security clearance Minimum 12 years of related work experience. Master's degree in a technical discipline At least 2 years' experience in an Enterprise Architecture & Interoperability environment. Understanding of acquisition processes and DoD program justification requirements. Desired: Exceptional strategic communication skills with ability to influence and drive organizational change across complex DoD enterprise environments. Demonstrated ability to anticipate technology trends and proactively recommend integration of emerging technologies (AI/ML, cloud computing, edge computing, IoT, blockchain) into DoD processes and architecture. Experience in developing and executing strategic technology roadmaps that align with DoD digital transformation initiatives. Proven track record of leading cross-functional teams through complex technology adoption and process transformation efforts. Strong stakeholder management and executive communication skills, with ability to translate technical concepts into strategic business value propositions. Experience with agile methodologies, DevSecOps, and modern software development practices in government environments. Knowledge of data analytics, automation frameworks, and digital engineering best practices. Ability to identify and articulate strategic opportunities for technology integration that enhance mission effectiveness and operational efficiency. ____ What You Can Expect: A culture of integrity. At CACI, we place character and innovation at the center of everything we do. As a valued team member, you'll be part of a high-performing group dedicated to our customer's missions and driven by a higher purpose - to ensure the safety of our nation. An environment of trust. CACI values the unique contributions that every employee brings to our company and our customers - every day. You'll have the autonomy to take the time you need through a unique flexible time off benefit and have access to robust learning resources to make your ambitions a reality. A focus on continuous growth. Together, we will advance our nation's most critical missions, build on our lengthy track record of business success, and find opportunities to break new ground - in your career and in our legacy. Your potential is limitless. So is ours. Learn more about CACI here. ____ Pay Range: There are a host of factors that can influence final salary including, but not limited to, geographic location, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, education, and certifications. Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives. We offer competitive compensation, benefits and learning and development opportunities. Our broad and competitive mix of benefits options is designed to support and protect employees and their families. At CACI, you will receive comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits. Learn more here. The proposed salary range for this position is: $78,700 - $165,200 CACI is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, age, national origin, disability, status as a protected veteran, or any other protected characteristic.
Posted 30+ days ago
University of Northern IowaCedar Falls, IA
If you are a current University of Northern Iowa employee and would like to apply for this position, login to UNI Works and type "Find Jobs" in the search bar to view and apply for open positions. Full Consideration Date: 12/10/2025 Job Description: The Opportunity UNI is seeking a Chief Information Security Officer (CISO) who wants to own and shape an ever evolving institutional information security program. The CISO provides institution-level leadership for this program, reports to the Chief Information Officer, and leads the information security office within the Information Technology (IT) department. This role is responsible for setting direction for information security, managing risk in a way that supports teaching, learning, research, and operations, and building a culture where security is understood as an enabler of the university mission. The CISO works closely with campus partners to balance security, usability, and budget in a regional comprehensive setting where collaboration is essential. Key Responsibilities The CISO will: Provide institution level leadership for UNI's information security and privacy program, including strategy, governance, and day to day operations of the information security office. Identify and assess information security, privacy, and technology risks and recommend and implement standards, control frameworks, and processes that support teaching, learning, research, and operations in a regional comprehensive university setting. Design and maintain a modern security architecture across networks, systems, applications, cloud services, and data platforms, aligned with university policies, Board of Regents expectations, and applicable regulatory and contractual requirements. Oversee identity and access management, including account lifecycle, multi factor authentication and authorization, privileged access, and related governance and controls. Lead incident monitoring, detection, investigation, and response, including post incident reviews that drive continuous improvement and realistic risk reduction. Significant incidents may occasionally require leadership and coordination outside standard business hours. Partner with IT units and campus leaders to embed security and privacy requirements into technology planning, solution design, procurement, and change management, including vendor and third-party technology risk, digital accessibility, and AI related initiatives. Develop and champion security awareness and education efforts for the university community and provide consulting support so departments and IT staff can implement secure, practical solutions. Lead, coach, and develop a collaborative, customer focused security team and build strong partnerships with IT units, colleges, divisions, and administrative offices. Participate in and help lead information security governance processes, manage designated budgets, recommend tools and services, and represent UNI with Regents partners, peer institutions, government entities, auditors, insurers, and relevant professional organizations. About You Required qualifications Bachelor's degree, preferably in information technology, computer science, information systems, cybersecurity, business, or a related field. At least seven years of progressive experience in information security, risk management, or closely related IT leadership roles, including experience leading or serving as a primary owner for one or more major components of an enterprise or institutional information security program. Demonstrated experience leading information security work that includes most of the following: security governance, risk assessment, incident response, identity and access management, vendor and third-party technology risk, security policy development, and security architecture or design. Strong interpersonal communication, relationship building, change leadership, and strategic planning skills. Experience working in a complex, decentralized organization and building strong relationships and influence across diverse stakeholders. Preferred qualifications Master's degree in a related field. Professional security certifications such as CISSP, CISM, CRISC, or equivalent. Experience in higher education, public sector, or another complex non profit institution. Experience with cloud security, vendor and third-party risk management, and budget management. Experience partnering on or supporting technology aspects of digital accessibility and responsible AI use, or a clear interest in learning and leading in these areas. Experience with network and systems security architecture and analysis and familiarity with regulatory and compliance frameworks such as FERPA, GLBA, HIPAA, PCI DSS, CMMC, or similar standards. Position Details: Job Category: Professional and Scientific Type of Position: Annual Service Schedule: Calendar Year This position is eligible for a hybrid schedule. Remote work must be performed within the state of Iowa. Employees who elect remote work must comply with the requirements of our remote work policy and agreement. Application Instructions: All application materials received by December 10, 2025, will be given full consideration. To apply for this position, please click on "Apply" and complete the Employment Application. The following materials must be attached when applying: 1) Resume 2) Cover Letter You will be presented with the opportunity to attach multiple documents when completing the application. Before submitting your online job application, ensure that ALL required materials listed above have been uploaded. Once your job application has been submitted, you cannot make changes. If you have questions regarding this application process, please email careers-support@uni.edu or call 319-273-2422. Compensation: $130,000 to Commensurate Pay Grade: 124 Pay Basis: Salary Iowa enjoys a lower cost of living than many other states. See how the Waterloo-Cedar Falls area compares by utilizing the cost of living calculator. Our overall compensation package is enhanced by excellent benefits for eligible non-temporary positions. To learn more about the vibrant Cedar Valley community, visit https://livethevalley.com/ . If you would like general assistance with the application process or an accommodation due to a disability, please contact Human Resource Services at hrs-employment@uni.edu or call (319) 273-2422. All offers of employment are contingent upon a background check that includes a review of conviction history. A conviction does not automatically preclude University employment. Rather, the University considers conviction information on a case-by-case basis and assesses the nature of the offense, the circumstances surrounding it, the proximity in time of the conviction, and its relevance to the position. UNI is an Equal Opportunity/Affirmative Action employer. The University encourages applications from persons of color, women, individuals living with disabilities, and protected veterans. All qualified applicants will receive consideration for employment without regard to age, color, creed, disability, ethnicity, genetic information, marital status, national origin, political affiliation, pregnancy, race, religion, sex, sexual orientation, veteran or military status, or any other basis protected by federal and/or state law. Campus Security & Crime Statistics, in compliance with the Jeanne Clery Disclosure of Campus Security Policy and Campus Crime Statistics Act, information on crime statistics for recent years, Public Safety personnel and programs, building access, reporting crimes, safety suggestions, and policies, programs, and services regarding alcohol, drugs, and sexual abuse, is available in the UNI Annual Security and Fire Report. A paper copy is available from the Department of Public Safety, 030 Gilchrist Hall, University of Northern Iowa, Cedar Falls, IA 50614. Department of Public Safety, 030 Gilchrist Hall, University of Northern Iowa, Cedar Falls, IA 50614. Privacy Statement | Equal Opportunity and Non-Discrimination Statement | Federal EEO Rights | E-Verify | Policies and Procedures | Tobacco Free Campus
Posted 3 weeks ago
ANDURIL INDUSTRIESCosta Mesa, CA
$146,000 - $194,000 / year
Anduril Industries is a defense technology company with a mission to transform U.S. and allied military capabilities with advanced technology. By bringing the expertise, technology, and business model of the 21st century's most innovative companies to the defense industry, Anduril is changing how military systems are designed, built and sold. Anduril's family of systems is powered by Lattice OS, an AI-powered operating system that turns thousands of data streams into a realtime, 3D command and control center. As the world enters an era of strategic competition, Anduril is committed to bringing cutting-edge autonomy, AI, computer vision, sensor fusion, and networking technology to the military in months, not years. ABOUT THE TEAM Anduril employs a variety of networks and networking infrastructures to support global operations. Information Systems Security Managers are in charge of directly supporting business lines that wish to deploy Anduril products in classified environments. Information Systems Security Managers lead lean teams of Information Systems Security Officers to enable the program personnel to create contract deliverables. Well versed in Information Technology and the Risk Management Framework, Information Systems Security Managers are the driving force of Anduril's classified deployments. Forward thinkers capable of managing Business Line needs as well as critical thinking skills in order to drive customer requirements are the best candidates for a Information Systems Security Manager. ABOUT THE JOB WHAT YOU'LL DO Provide expertise in documenting security controls to reduce the administrative cost of deploying Anduril's products into operational environments. Partner with program and security teams to coordinate security artifacts in support of classified deployments. Apply technology standards from the commercial space in classified, air-gapped environments. Collaborate with Information System Owners to understand key stakeholders' needs and provide complex technical solutions to meet contractual obligations. Tailor NIST 800-53 controls to determine applicability to the network environment and oversee the implementation of Continuous Monitoring for respective programs. Define, document, and conduct security scanning on Anduril's products and accredited information systems. Scope, shape, and orchestrate the development of features to ensure products meet compliance goals. REQUIRED QUALIFICATIONS Design, develop, and implement secure systems and networks per NIST RMF, JSIG, and other industry standards. Integrate security best practices into Anduril's Software Development Lifecycle (SDLC) and infrastructure design, collaborating with internal IT and engineering teams. Conduct security risk assessments, vulnerability assessments, and audits to identify and mitigate threats. Recommend and implement security solutions, such as IDS/IPS, encryption protocols, and secure communications technologies. Develop and enforce access controls, encryption strategies, and other technical measures to safeguard systems. Maintain and update System Security Plans (SSPs), POA&Ms, and other accreditation documentation. Security Management (ISSM): Manage the organization's security posture, ensuring compliance with internal policies and external regulatory frameworks. Oversee Authorization and Accreditation (A&A) processes to obtain/maintain system Authority to Operate (ATO). Lead incident response efforts, including investigation, root cause analysis, containment, and reporting. Conduct regular audits, continuous monitoring, and risk assessments to ensure ongoing compliance and system resilience. Collaborate with government security officials, stakeholders, and teams to address security gaps and improve controls. Develop and deliver security awareness training and ensure adherence to security best practices. Provide leadership and mentorship to security team members, fostering a culture of cybersecurity excellence. Currently possesses and is able to maintain an active U.S. Top Secret security clearance. PREFERRED QUALIFICATIONS Experience with application security paradigms such as Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Software Composition Analysis (SCA). As well as the tools needed to perform these actions. Proven experience in securing micro-services architecture, including implementing best practices and compliance with DoD cybersecurity standards. Experience with cybersecurity in unmanned and ground control system within DoD environments. Experience with containerization and kubernetes along with the best practices for securing them. Experience with Cloud Service Providers (CSPs) and the various tools they offer for implementing security and compliance best practices. US Salary Range $146,000-$194,000 USD The salary range for this role is an estimate based on a wide range of compensation factors, inclusive of base salary only. Actual salary offer may vary based on (but not limited to) work experience, education and/or training, critical skills, and/or business considerations. Highly competitive equity grants are included in the majority of full time offers; and are considered part of Anduril's total compensation package. Additionally, Anduril offers top-tier benefits for full-time employees, including: Healthcare Benefits US Roles: Comprehensive medical, dental, and vision plans at little to no cost to you. UK & AUS Roles: We cover full cost of medical insurance premiums for you and your dependents. IE Roles: We offer an annual contribution toward your private health insurance for you and your dependents. Additional Benefits Income Protection: Anduril covers life and disability insurance for all employees. Generous time off: Highly competitive PTO plans with a holiday hiatus in December. Caregiver & Wellness Leave is available to care for family members, bond with a new baby, or address your own medical needs. Family Planning & Parenting Support: Coverage for fertility treatments (e.g., IVF, preservation), adoption, and gestational carriers, along with resources to support you and your partner from planning to parenting. Mental Health Resources: Access free mental health resources 24/7, including therapy and life coaching. Additional work-life services, such as legal and financial support, are also available. Professional Development: Annual reimbursement for professional development Commuter Benefits: Company-funded commuter benefits based on your region. Relocation Assistance: Available depending on role eligibility. Retirement Savings Plan US Roles: Traditional 401(k), Roth, and after-tax (mega backdoor Roth) options. UK & IE Roles: Pension plan with employer match. AUS Roles: Superannuation plan. The recruiter assigned to this role can share more information about the specific compensation and benefit details associated with this role during the hiring process. To view Anduril's candidate data privacy policy, please visit https://anduril.com/applicant-privacy-notice/ .
Posted 30+ days ago
CareBridgeMason, OH
Business Information Consultant- Health System Reimbursement Location: This role requires associates to be in-office 1 day per week, fostering collaboration and connectivity, while providing flexibility to support productivity and work-life balance. This approach combines structured office engagement with the autonomy of virtual work, promoting a dynamic and adaptable workplace. Ideal candidates will be able to report to one of our Pulse Point locations in Atlanta, GA, Richmond, VA, Indianapolis, IN, Wallingford, CT or Mason, OH. Alternate locations may be considered if candidates reside within a commuting distance from an office. Please note that per our policy on hybrid/virtual work, candidates not within a reasonable commuting distance from the posting location(s) will not be considered for employment, unless an accommodation is granted as required by law. The Business Information Consultant- Health System Reimbursement is responsible for serving as an expert in data analysis, reporting and formulating recommendations and providing guidance to other data analysts. How you will make an impact: Establishes, improves, and optimizes the consolidating processes for forecast and month-end results. Consolidates and prepares executive summary reports for various business segments in the SBU for top management decision-making. Analyzes and designs solutions to address varied and highly complex business needs. Collaborates with businesses and technical areas to implement new or enhanced products. Coordinates with external audits as appropriate. Acts as the central contact with internal departments and external auditors. Creates and maintains databases to track business performance. Analyzes data and summarizes performance using summary statistical procedures. Develops and analyzes business performance reports (e.g. for claims data, provider data, utilization data) and provides notations of performance deviations and anomalies. Creates and publishes periodic reports, as well as any necessary ad hoc reports. Makes recommendations based upon data analysis. Provides analytic consultation to other business areas, leadership or external customers. Data analysis and reporting encompasses a much higher level of complexity. Minimum Requirements: Requires a BS/BA degree in related field and a minimum of 5 years of experience; or any combination of education and experience which would provide an equivalent background. Preferred Skills, Capabilities and Experiences: Proficient in modeling the financial impacts of changes in reimbursement structures and rates for health systems such as hospitals and physician practices highly preferred. Experience benchmarking hospital or physician rates against Medicare reimbursement highly preferred. Excel, SQL, and SAS experience highly preferred. Strong knowledge of products as well as our internal business models and data systems highly preferred. Experience providing leadership in evaluating financial performance of complex organizations highly preferred. Excellent leadership, problem solving, organizational, planning, presentation and interpersonal skills highly preferred. Ability to work independently and draw up plans to address issues/concerns highly preferred. Please be advised that Elevance Health only accepts resumes for compensation from agencies that have a signed agreement with Elevance Health. Any unsolicited resumes, including those submitted to hiring managers, are deemed to be the property of Elevance Health. Who We Are Elevance Health is a health company dedicated to improving lives and communities - and making healthcare simpler. We are a Fortune 25 company with a longstanding history in the healthcare industry, looking for leaders at all levels of the organization who are passionate about making an impact on our members and the communities we serve. How We Work At Elevance Health, we are creating a culture that is designed to advance our strategy but will also lead to personal and professional growth for our associates. Our values and behaviors are the root of our culture. They are how we achieve our strategy, power our business outcomes and drive our shared success - for our consumers, our associates, our communities and our business. We offer a range of market-competitive total rewards that include merit increases, paid holidays, Paid Time Off, and incentive bonus programs (unless covered by a collective bargaining agreement), medical, dental, vision, short and long term disability benefits, 401(k) +match, stock purchase plan, life insurance, wellness programs and financial education resources, to name a few. Elevance Health operates in a Hybrid Workforce Strategy. Unless specified as primarily virtual by the hiring manager, associates are required to work at an Elevance Health location at least once per week, and potentially several times per week. Specific requirements and expectations for time onsite will be discussed as part of the hiring process. The health of our associates and communities is a top priority for Elevance Health. We require all new candidates in certain patient/member-facing roles to become vaccinated against COVID-19 and Influenza. If you are not vaccinated, your offer will be rescinded unless you provide an acceptable explanation. Elevance Health will also follow all relevant federal, state and local laws. Elevance Health is an Equal Employment Opportunity employer and all qualified applicants will receive consideration for employment without regard to age, citizenship status, color, creed, disability, ethnicity, genetic information, gender (including gender identity and gender expression), marital status, national origin, race, religion, sex, sexual orientation, veteran status or any other status or condition protected by applicable federal, state, or local laws. Applicants who require accommodation to participate in the job application process may contact elevancehealthjobssupport@elevancehealth.com for assistance. Qualified applicants with arrest or conviction records will be considered for employment in accordance with all federal, state, and local laws, including, but not limited to, the Los Angeles County Fair Chance Ordinance and the California Fair Chance Act.
Posted 30+ days ago
Chief Information Security Officer (Ciso)
MillimanSeattle, WA
$203,200 - $397,210 / year
Automate your job search with Sonara.
Submit 10x as many applications with less effort than one manual application.1
Reclaim your time by letting our AI handle the grunt work of job searching.
We continuously scan millions of openings to find your top matches.
Job Description
NOTE TO APPLICANTS: Individual(s) must be legally authorized to work in the United States without the need for immigration support or sponsorship from Milliman now or in the future
POSITION SUMMARY:
The Chief Information Security Officer (CISO) is a senior-level executive responsible for developing, implementing, and overseeing Milliman's global information security program. As a member of Global Corporate Services (GCS) reporting directly to the Chief Information Officer (CIO) and working closely with the CEO, Board of Directors, and Equity Principals, the CISO ensures the confidentiality, integrity, and availability of Milliman's information assets, technology infrastructure, and data across all practices and geographies.
This role provides strategic leadership, vision, and governance for all aspects of information security, aligning security initiatives with business objectives and regulatory requirements.
RESPONSIBILITIES:
Strategic Leadership & Governance
- Drive the information security function across Milliman, ensuring alignment with organizational goals.
- Establish and implement a global information security vision and strategy by collaborating with the Board, senior leaders, and Equity Principals.
- Design and deliver the security roadmap, including staffing and budget plans, and manage the approved corporate information security budget.
- Serve as an expert advisor to the Board and senior leadership on IT security matters.
- Facilitate organization-wide security enhancements that integrate business objectives with IT infrastructure, physical infrastructure, and human resources.
- Act as the primary change agent facilitating information security improvements in security culture, business relationships, and product/service design.
- Chair the Security Technology Steering Group (STSG).
Risk Management & Compliance
- Collaborate with senior leadership on IT-related risk management to identify, assess, and address risks.
- Oversee the development, implementation, and maintenance of global information security policies, standards, guidelines, and procedures.
- Ensure compliance with relevant laws, regulations, and industry frameworks (e.g., ISO 27001, HIPAA, HITRUST, SOC 2).
- Partner with the Legal Department to maintain a collaborative approach to information security and privacy.
- Manage third-party/vendor security risk programs and ensure alignment with corporate policies.
- Serve as a voting member of the Enterprise Risk Management Committee and Technology Operations Committee and act as a key advisor to senior leadership on IT security matters.
Incident Response & Operational Oversight
- Oversee emergency procedures and incident response protocols, serving as the control point during significant security incidents.
- Direct teams to detect, report, contain, and mitigate incidents impacting data and infrastructure security.
- Oversee periodic security reviews of all business units and present findings to the Enterprise Risk Committee and Board.
- Partner with the Legal team in response to privacy incidents and significant events.
- Collaborate with IT teams to develop, evaluate, and improve network disaster recovery plans.
- Maintain relationships with law enforcement and relevant government agencies in support of the information security program.
Program Development & Stakeholder Engagement
- Develop and implement enterprise-wide security awareness training.
- Build and report on metrics and KPIs to measure program effectiveness.
- Recommend security enhancements and purchases consistent with evolving threats and strategic objectives.
- Stay current on technological advances and identify opportunities for adoption within Milliman.
- Provide coordination, communication, and dissemination of best practices across the organization.
- Support Equity Principals and their practices in security-related matters consistent with GCS service expectations.
SKILLS & QUALIFICATIONS REQUIRED:
- Bachelor's degree in Computer Science, Computer Engineering, Information Systems, or related discipline.
- The ideal candidate must possess certification (s): Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM)
- The ideal candidate must have 10+ years in management of business or technology organizations, with demonstrated competency in strategic thinking, leadership, and relationship management, and enterprise-level responsibility.
- The ideal candidate must have 7+ years of direct management experience overseeing security teams and budgets.
- The ideal candidate must have previous experience with regulatory compliance frameworks such as ISO 27001/2, HIPAA, HITRUST, and SOC 2.
- The ideal candidate must have previous experience with cloud security control design and management experience.
- The ideal candidate must have thorough knowledge of finance, budgeting, project management, and systems development lifecycle.
- The ideal candidate must have knowledge of security domains such as auditing, policy, database security, firewall design and implementation, risk analysis, identity management, access management, and web services.
- Must have demonstrated leadership in multi-discipline, high-performance teams, including supervision and professional development of technical staff.
- Must have proven ability to work with geographically diverse offices in a global organization.
- Must have excellent verbal and written communication skills, including the ability to prepare documentation, policies, and build consensus across broad groups.
- Must have the ability to deal effectively with concrete, tangible issues as well as abstract, conceptual matters.
- Must demonstrated thought leadership in information security and creating innovative, scalable business solutions with the ability to lead and motivate cross-functional, interdisciplinary teams.
- Must have strong time management skills, ability to handle multiple projects concurrently, and the capacity to be flexible and nimble as business needs change and evolve.
SKILLS & QUALIFICATIONS PREFERRED:
- Advanced degree (master's or PhD) in Information Security, Computer Science, or related field.
- Experience within consulting or professional services organizations.
- Familiarity with enterprise-level cloud technologies, defect tracking tools, agile management tools, and Microsoft Suite.
- Additional certifications (e.g., GIAC, CCSP, CRISC, PMP).
LOCATION:
This is a remote role. The expected application deadline for this job is December 15th, 2025
COMPENSATION:
The overall salary range for this role is $203,200 - $397,210. For candidates residing in:
- Alaska, California, Connecticut, Illinois, Maryland, Massachusetts, New Jersey, New York City, Newark, San Jose, San Francisco, Pennsylvania, Virginia, Washington, or the District of Columbia the salary range is $233,680 - $397210.
- All other locations the salary range is $203,200 - $345,400.
A combination of factors will be considered, including, but not limited to, education, relevant work experience, qualifications, skills, certifications, etc.
BENEFITS:
We offer a comprehensive benefits package designed to support employees' health, financial security, and well-being. Benefits include:
- Medical, Dental and Vision- Coverage for employees, dependents, and domestic
- Employee Assistance Program (EAP)- Confidential support for personal and work-related
- 401(k) Plan- Includes a company matching program and profit-sharing
- Discretionary Bonus Program- Recognizing employee
- Flexible Spending Accounts (FSA) - Pre-tax savings for dependent care, transportation, and eligible medical expenses.
- Paid Time Off (PTO) - Begins accruing on the first day of Full-time employees accrue 15 days per year, and employees working less than full-time accrue PTO on a prorated basis.
- Holidays- A minimum of 10 paid holidays per
- Family Building Benefits- Includes adoption and fertility
- Paid Parental Leave- Up to 12 weeks of paid leave for employees who meet eligibility
- Life Insurance & AD&D - 100% of premiums covered by
- Short-Term and Long-Term Disability- Fully paid by
ABOUT MILLIMAN:
Independent for over 75 years, Milliman delivers market-leading services and solutions to clients worldwide. Today, we are helping companies take on some of the world's most critical and complex issues, including retirement funding and healthcare financing, risk management and regulatory compliance, data analytics and business transformation.
Milliman invests in skills training and career development and gives all employees access to a variety of learning and mentoring opportunities. Our growing number of Milliman Employee Resource Groups (ERG's) are employee-led communities that influence policy decisions, develop future leaders, and amplify the voices of their constituents. We encourage our employees to give back to their varied professions, including leadership in professional organizations. Please visit our web site (https://www.milliman.com/en/social-impact) to learn more about Milliman's commitments to our people, inclusion, and sustainability.
Through a team of professionals ranging from actuaries to clinicians, technology specialists to plan administrators, we offer unparalleled expertise in employee benefits, investment consulting, healthcare, life insurance and financial services, and property and casualty insurance.
EQUAL OPPORTUNITY:
All qualified applicants will receive consideration for employment, without regard to race, color, religion, sex, sexual orientation, national origin, disability, or status as a protected veteran.
Automate your job search with Sonara.
Submit 10x as many applications with less effort than one manual application.