Principal Cybersecurity Specialist – Liberty Mutual Insurance – Remote

liberty mutual insurance logo

APPLY HERE
Principal Cybersecurity Specialist – Cyber Risk Assessment
 
At Liberty Mutual Insurance, we believe progress happens when people feel secure. Our cybersecurity program must continually evolve, adapt, and advise on practices to deliver against growing regulatory requirements, increased threats, and changing people, processes, and technology drivers.

Our Cybersecurity Governance, Risk, and Compliance (cGRC) organization manages IT compliance and cybersecurity risk supported by an integrated set of products and services that support the lifecycle of our assessment functions. From design and documentation of controls, to testing and assessment of our enterprise and information systems, to consulting on and validation of issues and remediations, we partner with teams across the company to understand their business drivers and optimize security practices in relation to external/regulatory drivers, cybersecurity frameworks, and organizational risk posture.

As a Principal Cybersecurity Specialist in the Cyber Risk Assessment space, you will be a key member of our cybersecurity risk assessment program. You will independently lead and collaborate on analyzing and providing risk assessment for cloud and traditional infrastructure applications across our global organization. You would lead and influence global stakeholders to identify and maintain controls and control patterns, establish baseline measures for control effectiveness, work with information system teams to select controls, and work with control and information teams to close gaps during assessment.

You must have the ability to convey complicated technology and security concepts to diverse audiences and ideally have deep knowledge and/or experience in security, networking, systems administration, application development, database administration, public cloud, or another technical domain. Proficiency in a risk management framework and conducting risk assessments in the financial services industry or other regulated industries is a plus. Maintaining and sharing a current understanding of the latest security threats, trends and technologies is a crucial component of the position.

Ideal candidates have a passion for security, the drive to share their expertise, and the ability to collaborate and help teams deliver solutions that meet our business goals while protecting the confidentiality, integrity and availability of information systems and our data.

About the job

Acts as a trusted advisor partnering with specialists, peers, and technology teams to interpret and communicate cybersecurity risk drivers and their relationships with controls, technology, and processes to ensure impact of decisions is understood, documented, and clearly communicated.
Promote and contribute to the creation and curation of a comprehensive cybersecurity risk and compliance control framework and library.
Supports and promotes the use of quantitative risk valuation models and tooling to inform and support decision-making.
Determine significant risk points through application and threat model review, and exercise process for risk assessment and risk acceptance.
Provides technical expertise and leadership to partners, IT management and other infrastructure staff in risk assessments, implementation, and operational aspects of information security procedures and products
Researches and assesses new threats and security alerts and recommends remedial action.
Maintains ongoing awareness of existing and proposed security standard setting groups, State, Federal and Global regulations, and assesses impact and modification to existing security standards and procedures as necessary.
Job Specifications:

Reference: 2022-47510
Category: Technology
Primary Location: Remote
Additional Locations: Indianapolis, IN; Boston, MA; Dover, NH; Portsmouth, NH; Plano, TX;
Schedule: Full-TimeSalary: USD-$115,000.00-–-$161,600.00-/-Year
Education Level:
Travel: As Needed

Information Security OT Engineer – Colgate Palmolive – New Jersey USA

colgate palmolive logo

APPLY HERE
Job Title: Information Security OT Engineer
Travel Required?: No Travel
Date: Apr 29, 2022
Full remote working option
No Relocation Assistance Offered
# 132342 – Piscataway, New Jersey, United States

About Colgate-Palmolive
Do you want to come to work with a smile and leave with one as well? In between those smiles, your day is comprised of connecting with others across the world, full of stimulating discussions, and making impactful contributions.
If this is how you see your career, Colgate is the place to be! Our trustworthy household brands, dedicated employees, and sustainability commitments make us a company passionate about building a future to smile about for our employees, consumers, and surrounding communities. As the brand with the highest household presence in the world, we transcend physical boundaries. We win as a global organization by continually learning and collaborating. The pride in our brand fuels a workplace that encourages creative thinking, fosters experimentation, and promotes authenticity which has contributed to our enduring success. If you are passionate about working for a company that lives by their values, then give your career a reason to smile…every single day.

The Role:
Colgate-Palmolive is looking for an Information Security OT Engineer to join its growing Global Information Security organization. The Information Security OT Engineer will work closely with the Operational Technology (OT) organization, as well as the extended Global Information Technology Infrastructure and Manufacturing teams across the globe. This challenging position requires in depth experience and knowledge of both Operational Technology and Cyber Security Technology.

Roles and Responsibilities:

Serve as a technical liaison between the IT and Operations Technology (OT) organizational units to ensure production facilities, operations and systems are following security best practices
Lead cyber threat and security incident identification, protection, detection, response and remediation activities impacting the manufacturing operations environment and escalating to management.
Define and ensure compliance with security policies, processes and standards to build a comprehensive Operational Technology security program
Works with cross-organizational teams to address alert deficiencies
Configure, test, document and implement new or upgrades to security processes, controls or products as advised.
Participates in investigations to determine root cause of security incidents.
Provide operational support, troubleshooting and maintenance of Security related processes, controls or products.

Basic Requirements:

Minimum 2 years of experience in OT industry or similar experience
3+ years of experience with systems engineering of cyber security systems
Working knowledge of cybersecurity policies and standards related to ICS/SCADA.
Ability to apply knowledge of Cyber Security to OT/ICS/SCADA system to implement new cyber defense/resiliency techniques.
Knowledge or Experience with endpoint security software

Preferred Requirements:

Experience with Firewalls, Networking and IDS/IPS and Splunk
Knowledge or Experience with AWS or GCP cloud services
Awareness of and experience leveraging industry best practices for network and cloud security
Understanding of attack vectors, vulnerabilities, and how they are leveraged by malicious actors

Key Proficiencies:

Ability to quickly assimilate new technologies, tools, internal/external systems and design frameworks is a mandatory requirement. Strong and broad technology background is greatly preferred.
Ability to think with a security mindset. The successful candidate must have a strong IT background with in-depth knowledge of corporate application access control, network routing and packet analysis and cyber threat analysis.
Solid understanding of application architecture, development and secure coding practices.
Strong written and oral communication skills including the ability to interact directly with others that do not have a security background and be a security spokesperson throughout the Manufacturing and Supply Chain organizations.

Equal Opportunity Employer
Colgate is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity, sexual orientation, national origin, ethnicity, age, disability, marital status, veteran status (United States positions), or any other characteristic protected by law.

Are you interested in working for Colgate-Palmolive? You can apply online and attach all relevant documents such as a cover letter and resume or CV. Applications received by e-mail are not considered in the selection process. Become part of our team. We look forward to your application.

Colgate-Palmolive is a leading global consumer products company, tightly focused on Oral Care, Personal Care, Home Care and Pet Nutrition. Colgate sells its products in over 200 countries and territories around the world under such internationally recognized brand names as Colgate, Palmolive, elmex, Tom’s of Maine, Sorriso, Speed Stick, Lady Speed Stick, Softsoap, Irish Spring, Protex, Sanex, Elta MD, PCA Skin, Ajax, Axion, Fabuloso, Soupline and Suavitel, as well as Hill’s Science Diet and Hill’s Prescription Diet.

For more information about Colgate’s global business, visit the Company’s web site at http://www.colgatepalmolive.com. To learn more about Colgate Bright Smiles, Bright Futures® oral health education program, please visit http://www.colgatebsbf.com. To learn more about Hill’s and the Hill’s Food, Shelter & Love program please visit http://www.hillspet.com. To learn more about Tom’s of Maine please visit http://www.tomsofmaine.com.

Reasonable accommodation during the application process is available for persons with disabilities. Please contact Application_Accommodation@colpal.com with the subject “Accommodation Request” should you require accommodation.

Cybersecurity Site Lead – General Dynamics IT – Florida USA

general dynamics information technology

APPLY HERE
Cybersecurity Site Lead – NASA, Kennedy Space Center (KSC) )
CLEARANCE LEVEL
None
CATEGORY
Project/Task Management
LOCATION
Orlando, Florida
REQ#: RQ116919
TRAVEL REQUIRED: LESS THAN 10%
PUBLIC TRUST: BI FULL 6C (T4)
REQUISITION TYPE: REGULAR
We are GDIT. We support and secure some of the most complex government, defense, and intelligence projects across the country. At GDIT, cyber security is not just a singular part of our mission—it connects every one of us because it’s embedded into every aspect of what we do.

GDIT is your place. You make it your own by bringing your ideas and unique perspective to our culture. By owning your opportunity at GDIT, you are helping us ensure today is safe and tomorrow is smarter. Our work depends on a Cyber Security Site Lead joining our team to support NASA activities in Merritt City near Orlando, FL.

At GDIT, people are our differentiator. As a Site Lead supporting NASA, you will be trusted to lead the local Site/Center organization and personnel and to implement and adapt the Enterprise approach in context of Center-specific missions.

As a Site Lead, you will support the consolidation of NASA’s Cybersecurity services into a single centralized and enterprise model. You will provide support and leadership for continuity of service delivery and a smooth contractual startup, including management, staffing and technical tasks; tools and processes; knowledge transfer; and site surveys for details on metrics, incumbents, software and hardware, and Center stakeholder concerns and issues.

Responsibilities:

Support a successful unification, consolidation, and use of NASA’s cybersecurity and privacy processes at the enterprise while maintaining mission focus, improving efficiency, and valuing the workforce.
Support phase-in and transition activities (e.g., surveys, discovery, documentation, metrics, communications, etc.) with a focus on helping Center clients and team personnel to adapt to the Enterprise approach.
Develop project schedules and oversee staff to meet project requirements and determining resource requirements. Communicate any issues, problems, or additional information to project managers and project stakeholders and recommend solutions. Monitor and evaluate project timeline and activity and report on progress to project managers.
Develop methods to monitor and measure risk, compliance, and assurance efforts. Review or conduct audits of information technology (IT) programs and projects.
Ensures Center/Facility specific needs and issues are addressed and scheduled
Support continuous security monitoring, vulnerability assessment support, Security Test and Evaluation (ST&E) support and Certification/Accreditation support for the on-going assessment, planning, integration, and recommending enhancement of systems
Assesses client objectives, conducts gap analysis, and identifies and evaluates requirements. Support the design, integration and operation of Cybersecurity systems for the protection of networks, systems, and infrastructure
Maintain, and optimize existing monitoring, intrusion detection, and vulnerability
Implement improvement and innovation efforts and initiatives as part of the Continual Service Improvement Process. Understands available resources and recommends resource-effective solutions to enhance enterprise performance, reliability, maintainability, and availability
Provide recommendations for possible improvements and upgrades.
Drive continuous improvement and new processes to deliver a positive customer experience. Ensure that all acquisitions, procurements, and outsourcing efforts address information security requirements consistent with organization goals.
Coordinate and manage the overall service provided to a customer end-to-end. Ensure that appropriate Service-Level Agreements (SLAs) and underpinning contracts have been defined that clearly set out for the customer a description of the service and the measures for monitoring the service.
WHAT YOU’LL NEED:

Bachelor’s degree in related field with 2+ yeas of cybersecurity experience
Recent experience supporting NASA and familiarity with their cybersecurity posture.
Demonstrated management and leadership skills in cybersecurity or related IT field
While we anticipate being able to accommodate some telework, the selected applicant must be able to work on site at Kennedy Space Center up to 5 days a week, depending on business needs.
The selected applicant will be subject to a government security investigation. US Citizenship is required. An existing Security Clearance or Public Trust is preferred.
WHAT GDIT CAN OFFER YOU:

Full-flex work week
401K with company match
Internal mobility team dedicated to helping you own your career
Collaborative teams of highly motivated critical thinkers and innovators
Ability to make a real impact on the world around you

About Our Work

We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.

COVID-19 Vaccination

GDIT does not have a vaccination mandate applicable to all employees. To protect the health and safety of its employees and to comply with customer requirements, however, GDIT may require employees in certain positions to be fully vaccinated against COVID-19. Vaccination requirements will depend on the status of the federal contractor mandate and customer site requirements.

GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.

Cybersecurity Site Lead – General Dynamics IT – Maryland USA

general dynamics information technology

APPLY HERE
Cybersecurity Site Lead, NASA Goddard Space Flight Center
CLEARANCE LEVEL: None
CATEGORY
Project/Task Management
LOCATION
Greenbelt, Maryland
REQ#: RQ119753
TRAVEL REQUIRED: LESS THAN 10%
PUBLIC TRUST: BI FULL 6C (T4)
REQUISITION TYPE: REGULAR
We are GDIT. We support and secure some of the most complex government, defense, and intelligence projects across the country. At GDIT, cyber security is not just a singular part of our mission—it connects every one of us because it’s embedded into every aspect of what we do.

GDIT is your place. You make it your own by bringing your ideas and unique perspective to our culture. By owning your opportunity at GDIT, you are helping us ensure today is safe and tomorrow is smarter. Our work depends on a Cyber Security Site Lead joining our team to support NASA activities in Greenbelt, Maryland.

At GDIT, people are our differentiator. As a Site Lead supporting NASA, you will be trusted to lead the local Site/Center organization and personnel and to implement and adapt the Enterprise approach in context of Center-specific missions.

As a Site Lead, you will support the consolidation of NASA’s Cybersecurity services into a single centralized and enterprise model. You will provide support and leadership for continuity of service delivery and a smooth contractual startup, including management, staffing and technical tasks; tools and processes; knowledge transfer; and site surveys for details on metrics, incumbents, software and hardware, and Center stakeholder concerns and issues.

Responsibilities:

Support a successful unification, consolidation, and use of NASA’s cybersecurity and privacy processes at the enterprise while maintaining mission focus, improving efficiency, and valuing the workforce.
Support phase-in and transition activities (e.g., surveys, discovery, documentation, metrics, communications, etc.) with a focus on helping Center clients and team personnel to adapt to the Enterprise approach.
Develop project schedules and oversee staff to meet project requirements and determining resource requirements. Communicate any issues, problems, or additional information to project managers and project stakeholders and recommend solutions. Monitor and evaluate project timeline and activity and report on progress to project managers.
Develop methods to monitor and measure risk, compliance, and assurance efforts. Review or conduct audits of information technology (IT) programs and projects.
Ensures Center/Facility specific needs and issues are addressed and scheduled
Support continuous security monitoring, vulnerability assessment support, Security Test and Evaluation (ST&E) support and Certification/Accreditation support for the on-going assessment, planning, integration, and recommending enhancement of systems
Assesses client objectives, conducts gap analysis, and identifies and evaluates requirements. Support the design, integration and operation of Cybersecurity systems for the protection of networks, systems, and infrastructure
Maintain, and optimize existing monitoring, intrusion detection, and vulnerability
Implement improvement and innovation efforts and initiatives as part of the Continual Service Improvement Process. Understands available resources and recommends resource-effective solutions to enhance enterprise performance, reliability, maintainability, and availability
Provide recommendations for possible improvements and upgrades.
Drive continuous improvement and new processes to deliver a positive customer experience. Ensure that all acquisitions, procurements, and outsourcing efforts address information security requirements consistent with organization goals.
Coordinate and manage the overall service provided to a customer end-to-end. Ensure that appropriate Service-Level Agreements (SLAs) and underpinning contracts have been defined that clearly set out for the customer a description of the service and the measures for monitoring the service.
WHAT YOU’LL NEED:

NASA experience, current or within the last year
Bachelor’s degree in related field with 2+ yeas of cybersecurity experience
Recent experience supporting NASA and familiarity with their cybersecurity posture.
Demonstrated management and leadership skills in cybersecurity or related IT field
While we anticipate being able to accommodate some telework, the selected applicant must be able to work on site in Greenbelt, MD up to 5 days a week, depending on business needs.
The selected applicant will be subject to a government security investigation. US Citizenship is required. An existing Security Clearance or Public Trust is preferred.
WHAT GDIT CAN OFFER YOU:

Full-flex work week
401K with company match
Internal mobility team dedicated to helping you own your career
Collaborative teams of highly motivated critical thinkers and innovators
Ability to make a real impact on the world around you

About Our Work

We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.

COVID-19 Vaccination

GDIT does not have a vaccination mandate applicable to all employees. To protect the health and safety of its employees and to comply with customer requirements, however, GDIT may require employees in certain positions to be fully vaccinated against COVID-19. Vaccination requirements will depend on the status of the federal contractor mandate and customer site requirements.

GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.

Senior Data Services Cyber Software Engineer – Huntingdon Ingalls – Virginia USA

Hungtingdon Ingalls logo

APPLY HERE
Senior Data Services Cyber Software Engineer- MARS (Engineer Software 4)- 4871
Location: Reston, VA, US, 20191-3414
Company: HII’s Mission Technologies division
Requisition Number: 4871
Required Travel: 0 – 10%
Employment Type: Full Time/Salaried/Exempt
Hours Per Week: 40
Security Clearance: TS/SCI
Level of Experience: Senior
Employee Referral Bonus Amount: ERP Amount: $4,500

Summary
HII-Technical Solutions Division (HII-TSD) is currently seeking a Senior Data Services Cyber Software Engineer to work for our customer in Reston or Herndon, VA. Position will be supporting technology and concept development efforts to advance the state of the art in Big Data, Data Analysis, Artificial Intelligence, Machine Learning and Advanced Analytics, to enhance the DoD and IC information processes technical architectures. *CI *MV *TE
 
What you will do
The selected candidate should have experience with agile software methodology, and software engineering design best practices. The candidate will work within a cross-functional Scrum team, and will be responsible for developing software, participating in acceptance criteria development, creating scripts and utilizing Open Source and COTS tools to automate testing, documenting instructions, and participating in integration activities.

Job Duties:

Performs software engineering and development activities associated with supporting, maintaining, and enhancing software using an Agile DevSecOps model
Develops and integrates bug fixes and new feature enhancements using customer standard development tools and processes (e.g., Java, Jira, Git, Junit)
Identifies and integrates DoD and IC shared services (e.g., IC PKI and IAA)
Designs and develops APIs and data access services for data feeds, and integrates microservices using the API gateway to enable enterprise access to data
Supports trade studies/analyses of alternatives and assessments of potential technologies that may be applicable to the system, and provides recommendations
What we are looking for
9 years relevant experience with Bachelors in related field; 7 years relevant experience with Masters in related field; 4 years relevant experience with PhD or Juris Doctorate in related field; or High School Diploma or equivalent and 13 years relevant experience
Java, Spring/Spring Boot
Software Automation and DevSecOps experience
Elasticsearch, PostgreSQL experience
Experience using modern techniques such as NiFi, REST, JSON, Spring, Spring Boot, JavaScript frameworks (e.g., JQuery, Angular, React), and Docker
Programming Language Experience such as Java, Python, and JavaScript
Clearance: Must possess and maintain a TS/SCI clearance
Bonus points for…
Bachelors with 9+ years of relevant experience; Masters with 7 years of relevant experience; PhD with 4 years of relevant experience; or an additional 4 years of experience maybe considered in lieu of a degree requirement
Experience with Immuta
Experience with SymmetricDS or JumpMind
Python API development or machine learning experience
Clearance: Possess and maintain a TS/SCI with CI Poly
Physical Requirements
Office work environment normally encountered.

HII’s Mission Technologies division develops integrated solutions that enable today’s connected, all-domain force. Capabilities include C5ISR systems and operations; the application of AI and machine learning to battlefield decisions; defensive and offensive cyberspace strategies and EW; unmanned, autonomous systems; LVC solutions; platform modernization; and critical nuclear operations. Together, HII’s domain expertise and advanced technologies support mission partners anywhere around the globe. For more information, visit tsd.huntingtoningalls.com.

HII is a global engineering and defense technologies provider. With a 135-year history of trusted partnerships in advancing U.S. national security, HII delivers critical capabilities ranging from the most powerful and survivable naval ships ever built, to unmanned systems, ISR and AI/ML analytics. HII leads the industry in mission-driven solutions that support and enable a networked, all-domain force. Headquartered in Virginia, HII’s skilled workforce is 44,000 strong.

Huntington Ingalls Industries is an Equal Opportunity/Vets and Disabled Employer. U.S. Citizenship may be required for certain positions.

Senior Cyber Software Engineer – Hungtingon Ingalls – Virginia USA

Hungtingdon Ingalls logo

APPLY HERE
Share this Job
Senior Cyber Software Engineer- MARS OB Team (Engineer Software 4)- 4872
Date: May 9, 2022
Location: Reston, VA, US, 20191-3414
Company: HII’s Mission Technologies division
Requisition Number: 4872
Required Travel: 0 – 10%
Employment Type: Full Time/Salaried/Exempt
Hours Per Week: 40
Security Clearance: TS/SCI
Level of Experience: Senior
Employee Referral Bonus Amount: ERP Amount: $4,500

Summary
HII-Technical Solutions Division (HII-TSD) is currently seeking a Senior Cyber Software Engineer to work for our customer in Reston or Herndon, VA. Position will be supporting technology and concept development efforts to advance the state of the art in Big Data, Data Analysis, Artificial Intelligence, Machine Learning and Advanced Analytics, to enhance the DoD and IC information processes technical architectures. *CI *MV *TE
 
What you will do
The selected candidate should have front end software engineering design experience and an understanding of Agile software methodology. The candidate will work within a cross-functional Scrum team, and will be responsible for developing software, participating in acceptance criteria development, utilizing Open Source and COTS tools for development, and participating in integration activities.

Job Duties:

Develop a web application using modern techniques such as REST, Java, JSON, Spring, Python, and Javascript frameworks (e.g., Vue.js, React)
Performs test-driven software engineering and development activities associated with designing, developing, maintaining, and enhancing the application using an Agile DevSecOps model
Uses processes and tools that support the DevSecOps pipeline including JIRA, Git, Junit, Jenkins, SonarQube, Fortify, and Artifactory
Develops or provides input to engineering artifacts including Weekly Status Reports, Development Sprint Plans, System Design Documents, Database Design Documents, Requirements Traceability Matrices, and Sprint Summary Reports
What we are looking for
9 years relevant experience with Bachelors in related field; 7 years relevant experience with Masters in related field; 4 years relevant experience with PhD or Juris Doctorate in related field; or High School Diploma or equivalent and 13 years relevant experience
Agile software development using JavaScript, Java, and Python
Experience using Vue.js or a similar JavaScript framework
Clearance: Must possess and maintain a TS/SCI clearance
Bonus Points for…
Bachelors with 9+ years of relevant experience; Masters with 7 years of relevant experience; PhD with 4 years of relevant experience; or an additional 4 years of experience maybe considered in lieu of a degree requirement
Experience with Java, Python, and PostgreSQL
Experience working in an AWS environment
Experience with Keycloak
Experience with map engines such as OpenLayers and Cesium
Security+ or equivalent certification
Clearance: Possess and maintain a TS/SCI with CI Poly
Physical Requirements
Office work environment normally encountered.

HII’s Mission Technologies division develops integrated solutions that enable today’s connected, all-domain force. Capabilities include C5ISR systems and operations; the application of AI and machine learning to battlefield decisions; defensive and offensive cyberspace strategies and EW; unmanned, autonomous systems; LVC solutions; platform modernization; and critical nuclear operations. Together, HII’s domain expertise and advanced technologies support mission partners anywhere around the globe. For more information, visit tsd.huntingtoningalls.com.

HII is a global engineering and defense technologies provider. With a 135-year history of trusted partnerships in advancing U.S. national security, HII delivers critical capabilities ranging from the most powerful and survivable naval ships ever built, to unmanned systems, ISR and AI/ML analytics. HII leads the industry in mission-driven solutions that support and enable a networked, all-domain force. Headquartered in Virginia, HII’s skilled workforce is 44,000 strong.

Huntington Ingalls Industries is an Equal Opportunity/Vets and Disabled Employer. U.S. Citizenship may be required for certain positions

Senior Cyber Systems O&M Engineer – Huntingdon Ingalls – Virginia USA

Hungtingdon Ingalls logo

APPLY HERE
Senior Cyber Systems O&M Engineer- MARS (Engineer Systems 4)- 4876
Location: Reston, VA, US, 20191-3414
Company: HII’s Mission Technologies division
Requisition Number: 4876
Required Travel: 0 – 10%
Employment Type: Full Time/Salaried/Exempt
Hours Per Week: 40
Security Clearance: TS/SCI w/ CI Poly
Level of Experience: Senior
Employee Referral Bonus Amount: ERP Amount: $5,000

Summary
HII-Technical Solutions Division (HII-TSD) is currently seeking a Senior Cyber Systems O&M Engineer to work for our customer in Reston or Herndon, VA. Position will be supporting technology and concept development efforts to advance the state of the art in Big Data, Data Analysis, Artificial Intelligence, Machine Learning and Advanced Analytics, to enhance the DoD and IC information processes technical architectures. *CI *MV *TE

What you will do
Monitor system health
Troubleshoot system problems
Maintain storage systems
Interface with other parts of the team for hardware, network, and infrastructure support
Provide after-hours on-call/call-in support on a rotational basis
Ensure system security requirements are satisfied
Create/maintain system scripts, patch/upgrade system, and administer user accounts

What we are looking for
9 years relevant experience with Bachelors in related field; 7 years relevant experience with Masters in related field; 4 years relevant experience with PhD or Juris Doctorate in related field; or High School Diploma or equivalent and 13 years relevant experience
Experience with managing systems in AWS
Experience managing and monitoring large clusters (>400 nodes) and containerized applications
Experience in the planning, design, development, implementation and technical support of multi-platform, multi-system networks, including those composed of Linux-based hardware platforms, to encompass diagnosing network performance shortcomings and designing and implementing performance improvements
Demonstrated ability to work with OpenSource (NoSQL) products that support highly distributed, massively parallel computation needs such as, Hbase, CloudBase/Acumulo, Big Table, etc
Demonstrated work experience with Hadoop Distributed File System (HDFS)
Strong Linux command line skills
Active Security+CE certification
Clearance: Must possess and maintain a TS/SCI with CI Poly
Bonus points for…
Bachelors and 9+ years of relevant experience; Masters and 7 years of relevant experience; or an additional 4 years of relevant experience may be considered in lieu of the degree requirement
Technical experience and knowledge of distributed storage networks, routing, and application messaging frameworks
Demonstrated knowledge of analytical needs and requirements, query syntax, data flows, and traffic manipulation
Experience with Splunk Dashboards
Experience with NiFi, HA Proxy, Docker, Kubernetes, Spark, and Elastic Search
Experience provisioning and sustaining network infrastructures and have experience developing, operations, and managing networks required to operate in a secure PKI, IPSEC, or VPN enabled environment
Experience with Certification and Accreditation processes
Physical Requirements

Office work environment normally encountered.

HII’s Mission Technologies division develops integrated solutions that enable today’s connected, all-domain force. Capabilities include C5ISR systems and operations; the application of AI and machine learning to battlefield decisions; defensive and offensive cyberspace strategies and EW; unmanned, autonomous systems; LVC solutions; platform modernization; and critical nuclear operations. Together, HII’s domain expertise and advanced technologies support mission partners anywhere around the globe. For more information, visit tsd.huntingtoningalls.com.

HII is a global engineering and defense technologies provider. With a 135-year history of trusted partnerships in advancing U.S. national security, HII delivers critical capabilities ranging from the most powerful and survivable naval ships ever built, to unmanned systems, ISR and AI/ML analytics. HII leads the industry in mission-driven solutions that support and enable a networked, all-domain force. Headquartered in Virginia, HII’s skilled workforce is 44,000 strong.

Huntington Ingalls Industries is an Equal Opportunity/Vets and Disabled Employer. U.S. Citizenship may be required for certain positions

Cybersecurity Risk Manager – Eastman – Tennessee USA

Eastman logo

APPLY HERE
Eastman’s current hiring policy encourages and prefers new hires be fully vaccinated before reporting to work in this role when possible.
 
Founded in 1920, Eastman is a global specialty materials company that produces a broad range of products found in items people use every day. With the purpose of enhancing the quality of life in a material way, Eastman works with customers to deliver innovative products and solutions while maintaining a commitment to safety and sustainability. The company’s innovation-driven growth model takes advantage of world-class technology platforms, deep customer engagement, and differentiated application development to grow its leading positions in attractive end markets such as transportation, building and construction, and consumables. As a globally inclusive and diverse company, Eastman employs approximately 14,000 people around the world and serves customers in more than 100 countries. The company had 2021 revenues of approximately $10.5 billion and is headquartered in Kingsport, Tennessee, USA. For more information, visit www.eastman.com.

The Eastman Cybersecurity Risk Manager reports to the Chief Information Security Officer and leads a team of individual contributors who identify, analyze, and elevate cybersecurity risk to stakeholders. You will take on the challenge of standardizing a cybersecurity risk management program and gain global experience while working across diverse backgrounds and experiences.

Daily work
Lead cybersecurity maturity assessments to benchmark against peers and best practices
Understand regulations, guidelines, and industry practices to manage risk and ensure compliance (e.g., NIST CSF, NIST SP 800-53, SOX, GDPR)
Establish and maintain cyber risk criteria
Identify and document cyber threats, both internal and external
Prioritize and communicate the potential business impacts and likelihood of risk events
Work with other business units to establish a strong risk-awareness culture
Explain roles in managing risk to all enterprise levels
Monitor cybersecurity control effectiveness
Develop and audit security documentation to include policies, standards, and procedures
Provide leadership and subject matter expertise/training to other risk disciplines, business units, and corporate functions
Stay abreast of research and benchmarking for risk management practices in alignment with cybersecurity industry and regulatory requirements
Challenge your colleagues about security trends and developments
Manage the performance and development of risk management employees

Role level
Coordinates and supervises the daily activities of a professional or a large and/or moderately complex support/operations team up. May include subordinate work leaders. Has formal supervisor responsibilities; sets priorities for, and coaches team members to meet objectives. Decisions are guided by policies, procedures, and business plan; receive guidance and oversight from manager.
Requires thorough understanding and application of procedures and concepts within own discipline and basic knowledge of other disciplines.
4 years of relevant experience in IT (Information Technology) and/or risk management
Demonstrated ability to build effective working relationships with multiple levels of an organization
Technical knowledge, project management, and ability to influence others
Excellent written and verbal communication skills
Bachelor’s degree

Candidate preferences

2 years of people leadership experience
Cybersecurity and/or risk certifications

Eastman as a company

2022 Military Friendly Employer
2022 America’s Most Just Companies
2021 Top 50 Employer for Minority Engineer Magazine
2021 Fortune Change the World
2021 Barron’s Top 100 Most Sustainable Companies
2021 Corporate Champion
2020 World’s Most Ethical Companies (7 Time Honoree)
2020 Wall Street Journal World’s Most Sustainably Managed Companies
2020 Environment + Energy Leader Top Project of the Year Award
2020 Forbes Best Employer for Diversity
2020 Sourcing Journal’s Sustaining Voices
Examine our corporate responsibility at responsibility.eastman.com.

Eastman benefits

401k with company matching
Annual Retirement Savings Contribution – automatic 5% base pay
Healthcare benefits, adoption and parental leave, vacation
More at myeastmanbenefits.com

Eastman Chemical Company is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status or any other characteristics protected by law.

Eastman is committed to creating a powerfully diverse workforce and a broadly inclusive workplace, where everyone can contribute to their fullest potential each day.

Security awareness Training Specialist – Verizon – Colorado USA

verizon logo

APPLY HERE
Colorado Springs, CO, United States
Full-Time Technology
Job # 599785
 
When you join Verizon
Verizon is one of the world’s leading providers of technology and communications services, transforming the way we connect across the globe. We’re a diverse network of people driven by our shared ambition to shape a better future. Here, we have the ability to learn and grow at the speed of technology, and the space to create within every role. Together, we are moving the world forward – and you can too. Dream it. Build it. Do it here.

What you’ll be doing…
Creating technologies to solve the world’s biggest challenges is no small task. Join our Corporate Information Security Team focused on security education and awareness. You will help drive a security focused culture and enable users of our systems to make sound security decisions. If you think creatively and converse as easily with engineers as with artists, then we want you!

You will coordinate security awareness activities and initiatives designed to influence teams supporting both technical and non-technical disciplines to exercise sound security behaviors. You will play a significant role in helping us reduce risk to our organization by ensuring all individuals with access to Verizon information resources understand and follow our security requirements, and behave in a secure and responsible manner.

Responsibilities:

Effectively interpret customer needs and, through collaboration with subject matter experts and independent research, support the planning, development, and implementation of effective, high-quality cyber security education, training, and awareness materials.
Collaborate with cyber and information security experts to augment or further develop non-technical and technical targeted training on cybersecurity risks and cyber health.
Partner with Verizon’s Learning & Development and Corporate Privacy and Compliance organizations to provide critical cybersecurity and information protection resources to employees that adhere to customer, government, and regulatory training requirements.
Actively evaluate cyber security education, training, and awareness programs for efficiency by identifying and gathering workforce trend analysis and performance improvement metrics, and then actively shape new products to address gaps and provide awareness on the cyber threat landscape, emerging threats, and best practices to follow.
Actively lead efforts todrive deeper adoption of the Cyber Health program that promotes a cyber aware culture.
Coordinate targeted awareness training to enable system operators, innovators, and security practitioners to adopt sound security behaviors while executing day-to-day functions.
Support security awareness initiatives as assigned to help minimize the human threat to Verizon information assets.
Formulate communication strategies and plans to support major security initiatives that are visually appealing, branded appropriately and convey the appropriate tone for interacting with users in a positive manner.
Manage projects that will require the ability to plan, manage, maintain and sustain a complex, organization wide program long-term.
Identify creative and innovative methods to effectively leverage a variety of communications channels, activities, and events to drive positive security behavior adoption.
Coordinate with team members and openly share thought leadership and experience on proven techniques.
Develop and operationalize measures to determine if awareness and education efforts are accomplishing the desired outcome.
Maintain current with cyber security threats and trends.
Consistently deliver high quality work products that fully address the criteria for which they were intended, require minimal modification, and are grammatically sound.
As a contributor, take ownership for assigned areas of responsibility and effectively manage workload to meet team deadlines.
Project confidence, poise and competence under pressure while interacting with team members, and partners.
Where you’ll be working…

This is a work-from-home role performed almost exclusively from your home office with occasional in-person meetings and training.

What we’re looking for…

You’ll need to have:

Bachelor’s degree or four or more years of experience.
Four or more years of relevant work experience.
Experience in one or more of the following fields: Learning & Development, Communications, IT, Network Engineering, or Cyber Security.
Even better if you haveone or more of the following:

A degree in Cyber Security, Computer Science, Information Systems or other related fields.
Knowledge of information security and foundational principles.
Ability to develop creative and innovative solutions to complex security and risk related issues.
Project management experience.
Ability to prioritize and balance multiple projects simultaneously.
Ability to work with technical subject matter experts and translate that information seamlessly to non-technical employees and stakeholders.
Kknowledge of Verizon business operations.
Knowledge of the foundational technologies used across environments.
Experience preparing and providing executive level communications and reporting.
Experience working in a Fortune 100 or other large enterprise.
PC skills.
Knowledge of Microsoft Office / G-Suite tools.
Interpersonal skills.
Ability to thrive in a team environment.

Compensation

Our benefits are designed to help you move forward in your career, and in areas of your life outside of Verizon. From health and wellness benefits, short term incentives, 401 (k) Savings Plan, stock incentive programs, paid time off, parental leave, adoption assistance and tuition assistance, plus other incentives,we’ve got you covered with our award-winning total rewards package. For part-timers, your coverage will vary as you may be eligible for some of these benefits depending on your individual circumstances.

If you are hired into a Colorado work location, the compensation range for this position is between $98,000 and $183,000 based on a full-time schedule. The salary will vary depending on your location and confirmed job-related skills and experience. This is an incentive based position with the potential to earn more. For part-time roles, your compensation will be adjusted to reflect your hours.

Equal Employment Opportunity

We’re proud to be an equal opportunity employer – and celebrate our employees’ differences, including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, and Veteran status. At Verizon, we know that diversity makes us stronger. We are committed to a collaborative, inclusive environment that encourages authenticity and fosters a sense of belonging. We strive for everyone to feel valued, connected, and empowered to reach their potential and contribute their best. Check out our diversity and inclusion page to learn more.

COVID-19 Vaccination Requirement

Verizon requires new hires to be fully vaccinated against COVID-19. Verizon provides reasonable accommodations consistent with legal requirements (e.g., for medical, religious, or state law recognized reasons).

Cyber Risk Programs Security Consultant III – Verizon – California USA

verizon logo

APPLY HERE
Cyber Risk Programs Security Consultant III
Irvine, CA, United States
Full-Time Commercial
Job # 599616
 
When you join Verizon
Verizon is one of the world’s leading providers of technology and communications services, transforming the way we connect across the globe. We’re a diverse network of people driven by our shared ambition to shape a better future. Here, we have the ability to learn and grow at the speed of technology, and the space to create within every role. Together, we are moving the world forward – and you can too. Dream it. Build it. Do it here.

What you’ll be doing…
The Verizon Cyber Risk Programs (CRP) Security Consultant III, is an experienced resource who is assigned one or more clients and is expected to lead most client interactions and program delivery.
A CRP Security Consultant III is to provide the services (activities, tasks, reports, recommendations, guidance, consultation and deliverables) in accordance with the Verizon CRP service description, SOW
and/or contractual requirements. A Consultant III is also responsible for delivering assessments findings to technical staff and at times the C-Suite.

You will perform both remote and onsite client activities such as control validation to include; policy, process and procedure reviews, wireless/IOT assessments and physical inspections of client office and data center facilities, this includes interviewing and surveying client stakeholders in order to validate technical and administrative controls which may require both domestic and international travel, typically 25-50%. In addition to serving as primary point of contact and lead delivery Consultant, you are also expected to lead junior team members, provide coaching, mentorship, guidance, and lead special projects, and initiatives.

Primary responsibilities include, but not limited to:

Serve as primary point of contact and lead delivery Consultant and deliver the Cyber Risk
Program (CRP) or Cyber Risk Monitoring Level 3 (CRM-L3) program to external customers.
Delivering custom compliance and risk programs based on ISO2700, NIST CSF & NIST 800-53, PCI-DSS, CIS Critical Security Controls, HIPAA, and HITRUST.
Identify ways to maximize program delivery efficiency and/or evaluating process flows and procedures with recommendations made to leadership teams.
Cybersecurity research
Provide coaching, mentorship, guidance, and lead special projects, and initiatives.
Where you’ll be working:

In this hybrid role, you’ll have a defined work location that includes work from home and assigned office days set by your manager.

What we’re looking for…

You’ll need to have:

Bachelor’s degreein Business, Computer Science, Information Systems or Cyber Security or four or more years of work experience.
Four or more years of relevant work experience.
Active CISSP certification
A technical background And experience in both IT and Cyber Security.
Knowledgeand focus in Information Assurance/Security, Cyber Security, Risk Management, Governance, Risk and Compliance Assessments and/or Auditing.
Enterprise System Auditing and experience with a multitude of security management, monitoring and testing tools and platforms.
Experience with the following security tools and platforms; vulnerability scanners, phishing tools, threat intelligence dashboards, FW configuration review tools and wireless/IOT tools.
Experience with presenting to technical staff, department leads, and executives (C-suite/Board of Directors to include preparing quarterly Executive Summary Risk Reports and presenting to customer stakeholder teams.
Willingness to travel up to approximately 50% of the time.
Even better if you have one or more of the following:

Certifications in any of the following: ISSP-ISSAP, E-CEH, E-CIH, ISACA CISM, CISA, CRISC, CCSP, CCSK, GSEC, GIAC, GPEN, CHFI or other cybersecurity related certifications.
Strong time management and prioritization skills.
Oral and written communication skills to be able to articulate and communicate assessment findings and recommendations in a clear and concise manner to the appropriate target audience which may include project managers, program managers, and technical points of contacts and/or external/internal management stakeholders.
Ability to multitask between internal tasks, projects and time sensitive client related deliverables and tasks, and complete other duties as assigned by a supervisor (Principal Consultant/Team Lead, Manager, Sr. Manager.
Vendor specific certifications: Qualys, Tenable, Rapid 7, Digital Defense, Recorded Future, Firemon, Tuffin, and ProofPoint.
Knowledge of common frameworks such as ISO 27000, NIST CSF, NIST-800, GDPR, PCI-DSS, HIPAA, HITRUST, and CIS Controls.
Experience with quantifying cyber security risk using threat likelihood, implementation state, and business impact variables in addition to prioritizing risk initiatives based on business need, compliance requirements, and/or industry best practice risk reduction methodologies.
Experience with performing research on cyber security best practices, security systems, control validation procedures and system configurations.
Experience with cybersecurity program assessment processes, closely examining the relationship between people, processes and technology and their effects on information confidentiality, integrity, and availability in order to draft reports that contain priority of effort recommendations
Knowledge with the changing nature of the threat landscape and therefore understands the necessity of being able to adapt and respond appropriately to changing requirements and objectives.
#VZProfessionalServices

Equal Employment Opportunity

We’re proud to be an equal opportunity employer – and celebrate our employees’ differences, including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, and Veteran status. At Verizon, we know that diversity makes us stronger. We are committed to a collaborative, inclusive environment that encourages authenticity and fosters a sense of belonging. We strive for everyone to feel valued, connected, and empowered to reach their potential and contribute their best. Check out our diversity and inclusion page to learn more.

COVID-19 Vaccination Requirement

Verizon requires new hires to be fully vaccinated against COVID-19. Verizon provides reasonable accommodations consistent with legal requirements (e.g., for medical, religious, or state law recognized reasons).