Fetching information
Preparing content
The OT Security Site Lead works across multiple technical and business areas to facilitate implementation of the regional OT security initiatives and provide onsite support for core security functions of asset management, vulnerability remediation, and equipment backup and recovery as well as support for incident management. Asset management – achieve/maintain equipment asset visibility targets for the site through the vulnerability and intrusion detection systems (IDS). Vulnerability remediation – lead annual remediation plans for the site and support investigation and resolution of alerts from the IDS system. Regional support – contribute as a subject matter expert in developing OT security tools, systems, and processes across the prevention, vulnerability mgmt., and incident response/recovery workstreams. 2+ years of experience with machine control networks / industrial control systems (ICS); basic understanding of communication networks, cybersecurity fundamentals.
Collaborate with security groups such as red teams, threat intelligence and risk management to form a holistic team dedicated to thwarting attackers and reducing attack surface.. At least 7 years’ experience in information security administration, vulnerability management or security operations.. Proficient with vulnerability management solutions such as Tenable, Qualys, Nexpose, Nessus, Kenna Security, Tanium and open source.. Understanding of Windows and *nix operating systems, endpoint applications, networking protocols and devices.. Preferably some experience with vulnerability management across Amazon Web Services (AWS), Microsoft Azure or Google Cloud Platform (GCP).
Infrastructure as Code (IaC): Develop and manage AWS infrastructure using Terraform, CloudFormation, and Ansible to automate provisioning and configuration.. Security & Compliance: Enforce AWS security best practices, including IAM policies, AWS Shield, AWS Macie, encryption, and FedRAMP compliance.. Certifications: AWS Certified Solutions Architect - Professional (or equivalent AWS certification preferred).. Cloud Security & Compliance: Deep understanding of AWS security tools, IAM best practices, encryption standards, and DoD/Federal compliance frameworks (FedRAMP, NIST, RMF, Zero Trust Architecture).. Technical Tool Proficiency: Strong expertise in Terraform, Ansible, Kubernetes, AWS Lambda, and AWS DevOps services.
Applied Technology Services (ATS) is an IT systems integrator and has been a trusted partner to customers in the Mid-Atlantic region for 20 years.. ATS provides a wide array of professional and managed services from the data center to the desktop.. Minimum of 2 years of experience in incident detection, incident response, and digital forensics.. Hands-on experience with security technologies including Firewalls, VPNs, Data Loss Prevention (DLP), IDS/IPS, Web Proxies, and endpoint security solutions.. Relevant certifications (e.g., CISSP, CEH, CompTIA Security+, CISM, or equivalent).
The role will require experience in vulnerability management, cyber asset management, managing/executing the phishing program, 3 rd and 4 th party assessments, operating and configuring systems such as intrusion detection/prevention, malware detection/prevention/analysis, data loss prevention, forensics, incident response, secrets management, and event logging/correlation.. Support and manage installing, configuring, monitoring, and troubleshooting network security solutions and related monitoring tools including L2/L3 network security devices, IDS/IPS, full packet capture, DLP, Endpoint (AV, DLP, Endpoint Detection & Response), and infrastructure supporting log management based on industry best practices, and technical requirements.. Manage outsource providers in a MSSP relationship (Vendor Management) to include contract management, SLA management, event resolution, escalations, etc.. 3+ years of any combination of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security.. 2+ years of any combination of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration, or network security experience.
This leader will specialize in one of the following domains: Zero Trust (including Identity & Access Management), Cloud Security, Network Security, Security Operations & Response, or Strategy & GRC. The role is pivotal in shaping client engagements, building domain-specific practices, and delivering high-impact security transformation programs.. Domain Ownership Lead one of the five security pillars, with deep expertise in either Zero Trust, IAM, Cloud Security, Network Security, Security Operations, or GRC.. Strong understanding of regulatory frameworks (e.g., NIST, ISO, SOC, HIPAA, PCI DSS).. Experience with security technologies such as Okta, SailPoint, Palo Alto, Splunk, Azure/AWS/GCP security services.. Through our company-wide volunteering and giving platform, you can donate, start fundraisers, volunteer, and search over 2 million non-profit organizations.
The security team offers guidance and technical expertise in areas like application security, infrastructure and cloud security, policies and procedures, disaster recovery and compliance/regulation.. The Senior Application Security Architect will be part of the central information security team and act as a subject matter expert to all of Morningstar’s product teams by provide security guidance and creating application security standards and patterns.. Identify web/mobile/api application security vulnerabilities and offer remediation advice. A bachelor’s degree and 5+ years’ experience in a development or software security / penetration testing role, or equivalent experience. While some positions are available as fully remote, we’ve found that we’re at our best when we’re purposely together on a regular basis, typically three days each week.
Under the supervision of the AVP of Information Security, the Senior Information Security Engineer is responsible for implementing, supporting and maintaining robust security controls across cloud and enterprise environments, with a focus on Azure cloud security. The engineer collaborates closely with development teams to embed security into application and API lifecycles, leveraging secure coding practices, vulnerability assessments, and modern DevSecOps tools. Additionally, the role supports third-party risk management, audits, and contributes to the organization’s defense against emerging threats, including those related to AI technologies. Implement and monitor Azure cloud security controls, including identity management, data encryption, and compliance configurations, aligned with architectural standards and best practices. Collaborate with development teams to ensure application and API security through secure coding, vulnerability assessments, and security testing using AI tools, CI/CD pipelines, Azure DevOps, and API management, adhering to OWASP, NIST, and other standards.
Provide daily support and perform maintenance tasks (as required) for security infrastructure components, including (but not limited to) Web Security Gateways, Network Access Control systems (ISE), Intrusion Detection and Prevention Systems (IDS/IPS), Firewall policy and rules implementation, etc.. Senior Solutions Engineer (SecOps Services) - Mid-Atlantic region (Remote in NC, VA, WV, MD, DC, DE, NJ, or PA).. Senior Security Engineer, AWS Vulnerability Management - Host OS, AWS Vulnerability Management - Host OS. Senior Security Analyst (Top Secret Clearance).. Associate Director, Cloud Security Architect
Recognized as a Leader in the Forrester Wave for Microsegmentation, Illumio enables Zero Trust, strengthening cyber resilience for the infrastructure, systems, and organizations that keep the world running.. We’re looking for a strategic and hands-on leader to guide our Technical Product Management (TPM) team.. Marketing & Demand Generation – Drive lead-gen programs, digital marketing strategies, and regional marketing plans.. Deep expertise in network security, segmentation, firewalls, SDN, and cloud security.. Hands-on experience in Network Security, Cloud Security, or Threat Management.
We are a not-for-profit corporation chartered to work for the public interest, with no commercial conflicts to influence what we do. The Information Systems Security Department (R311) within the Global Security Services Division (R300) seeks a Lead Information Systems Cyber Engineer to provide Information Assurance and Cybersecurity services for classified systems. Ensure compliance with Risk Management Framework (RMF) policies, including System Security Plans (SSPs), Risk Assessment Reports, and Security Controls Traceability Matrix (SCTM). Active Top Secret security clearance. Experience with Windows Server 2019, Active Directory, SPLUNK, and intrusion detection tools.
This role will require expertise in cybersecurity risk management, incident response, and cloud security architectures, as well as strong leadership abilities to mentor and guide teams in advancing organizational security capabilities.. RMF Compliance & ATO Processes: Oversee RMF compliance efforts and manage ATO processes for both classified and unclassified systems, ensuring security posture meets federal, DoD, and national security requirements.. Security Architecture Integration: Support the integration of cloud security architectures, vulnerability assessments, and mitigation strategies to enhance system security and resilience.. Extensive experience in integrating enterprise-wide security solutions, including cloud security architectures and vulnerability assessments.. Proven proficiency in leading incident response operations, developing IT security frameworks, and aligning them with DoD, SCI/SAP/JWICS standards.
We represent companies at every stage of development, from entrepreneurial start-ups to multibillion-dollar global corporations, as well as the venture firms, private equity firms, and investment banks that finance and advise them.. This position under the direction of the Director of Security Engineering and Operations, is responsible for managing the Firms information security systems and processes, assuring enforcement of security policies, managing the information security threat lifecycle, analyzing and responding to security events escalated by the Security Operations Center (SOC) and coordinating actions to limit risks identified through our automated systems.. Manage the Firms security technology including but not limited to: anti-virus, vulnerability scanning, intrusion detection, content filtering, and insider threat systems. One or more of the following certifications required: GIAC, CISSP, CISM, CEH, CIPP. Extensive knowledge of traditional security controls and technologies, such as Security Information and Event Management (SIEM) systems, intrusion detection/prevention systems (IDS/IPS), public key infrastructure (PKI), identity and access management (IDAM) systems, antivirus and firewalls, in addition to newer offerings such as endpoint detection and response (EDR), threat intelligence platforms, security automation and orchestration, deception technologies and application controls
Sophos is now the largest pure-play Managed Detection and Response (MDR) provider, supporting more than 28,000 organizations.. In addition to MDR and other services, Sophos’ complete portfolio includes industry-leading endpoint, network, email, and cloud security that interoperate and adapt to defend through the Sophos Central platform.. Secureworks provides the innovative, market-leading Taegis XDR/MDR, identity threat detection and response (ITDR), next-gen SIEM capabilities, managed risk, and a comprehensive set of advisory services.. The solutions are powered by historical and real-time threat intelligence from Sophos X-Ops and the newly added Counter Threat Unit (CTU).. Foundational knowledge Managed Detection and Response (MDR) services as well as Incident Response offerings
Integrate network security management such as AD, MFA authenticator, Clearpass, ESXi, PMP, PIM, PAM, ELA, SIEM, SEM, SEP, SCOM, etc.. Familiar with products such as F5, CyberArk, CypherTrust, ManageEngine, SolarWinds, Symantec, CyberNet, etc.. Cisco Certified Network Associate (CCNA) or higher (CCNP, CCIE).. Familiarity with data center operations and virtualized networking (VMware NSX, Hyper-V networking, ESXi, etc. Experience with cloud services integration (AWS, Azure, Google Cloud) and network design for hybrid/cloud environments.
Faculty comprise a mix of disciplines, including information, computer science, economics, political science, law, sociology, design, media studies, and more.. Our alumni have careers in diverse fields, such as data science, user experience design and research, product management, engineering, information policy, cybersecurity, and more.. Maintaining Course Operations: Use the learning management system (LMS) and other educational technology tools to manage course websites, post assignments, and communicate with students effectively.. Advancing Online Pedagogy: Engage in faculty development programs to stay current on the latest research, tools, and practices for effective online teaching.. Special Topics: AI-Driven Threat Detection, Blockchain Security, Cloud Security, Critical Infrastructure Security, Cyber Threat Intelligence, Cyber Resilience, Incident Response, IoT Security, Post-Quantum Cryptography, Privacy-Preserving Machine Learning, Social Engineering, Zero Trust Security
We are looking for a Computer Network Defense Analyst (CNDA)to join a growing team in multiple location such as Annapolis Junction, MD and Salt Lake City, UT. Responsibilities: Use information collected from a variety of sources (e.g., intrusion detection systems, firewalls, network traffic logs, and host system logs) to identify potential vulnerabilities, respond to cyber events that occur, and defend against events that might occur. Experience with Computer or information systems design/development, programming, information/cyber/network security, vulnerability analysis, penetration testing, computer forensics, information assurance, and/or systems engineering. Foreign Language may count toward experience requirements. Desired: Relevant Certs or Specialized Training would include (but not limited to): JCAC graduate, CEH, CFR, CySA+, GCIH, CNDSP Security Clearance: A current government clearance, background investigation, and polygraph are required. Determination of official compensation or salary relies on several different factors including, but not limited to: level of position, complexity of job responsibilities, geographic location, work experience, education, certifications, Federal Government contract labor categories, and contract wage rates.
IAM Security Engineer needs 4-7 years' experience in Cyber Security - IAM Professional Services. IAM Security Engineer requires: o IAM - Oracle OIM & Ping Federate, Authorization, Microsoft CA, LDAP, AD certificate services, Digital certificates, Openssl and middleware programming. IAM Security Engineer duties: o Designs, implements, and manages Identity and Access Management (IAM) solutions to ensure secure and controlled access to an organization's resources. o user provisioning and de-provisioning, access management, and compliance with security policies. o Incident response and threat intelligence related to IAM systems
This leader will specialize in one of the following domains: Zero Trust (including Identity & Access Management), Cloud Security, Network Security, Security Operations & Response, or Strategy & GRC. The role is pivotal in shaping client engagements, building domain-specific practices, and delivering high-impact security transformation programs. Domain Ownership : Lead one of the five security pillars, with deep expertise in either Zero Trust, IAM, Cloud Security, Network Security, Security Operations, or GRC. Strong understanding of regulatory frameworks (e.g., NIST, ISO, SOC, HIPAA, PCI DSS). Experience with security technologies such as Okta, SailPoint, Palo Alto, Splunk, Azure/AWS/GCP security services. Through our company-wide volunteering and giving platform, you can donate, start fundraisers, volunteer, and search over 2 million non-profit organizations.
Experience with AWS networking security tools ( ANF, security groups) and with AWS cloud security technologies, including IAM , Guard duty, Wiz, Prisma Cloud etc.. Experience with container technologies (Kubernetes, EKS, ECS, Swarm, Docker, etc.). Strong background in scripting and programming, including – Terraform, Golang or Python, PowerShell. Certifications in AWS, Azure, and/or Google Cloud.. Cybersecurity certifications (i.e., CISSP, CEH, CCSP, GSEC, etc.)