401 to 425 of 2,920 Information Security Jobs

Position Overview: We are seeking a Journeyman Information Security Analyst to support cybersecurity operations and information assurance activities at Eglin AFB. The ideal candidate will play a key role in maintaining the confidentiality, integrity, and availability of mission-critical systems and ensuring compliance with Department of Defense (DoD) security policies. Key Responsibilities: Monitor and analyze system … security logs and alerts to identify suspicious activities and potential threats. Support vulnerability assessments and risk analysis activities. Implement security controls in accordance with DoD cybersecurity regulations and RMF (Risk Management Framework). Assist with security incident response, containment, investigation, and remediation efforts. Maintain and review documentation for systems accreditation and security posture. Support audits, inspections … and assessments to ensure compliance with applicable security standards. Provide input to the development of security policies and procedures. Collaborate with system administrators, engineers, and other stakeholders to resolve security issues. Required Qualifications: Active Top Secret clearance. Current CompTIA Security+ certification (IAT Level II). 2-5 years of hands-on experience in information security More ❯

Information Systems Security Officer (ISSO) Location: Washington D.C. or Riverdale, MD or Herndon, VA Job Type: Full-time Salary: $135,000 - $180,000 Job Description: As an Information Systems Security Officer (ISSO) and Shape the Future of National Security! What You'll Do: Be the Security Advocate: Work closely with the Information Systems … Security Manager (ISSM) to drive information assurance initiatives, including security authorization activities, compliance with Risk Management Framework (RMF) policies, and the development of System Security Plans (SSPs). Strengthen Our Defense: Perform Security Technical Implementation Guide (STIG) reviews, self-assessments, and participate in Assessment & Authorization (A&A) testing to ensure our systems stay secure and … compliant. Stay Ahead of Threats: Analyze system audit logs for unusual activity, conduct vulnerability assessments, and implement mitigation strategies to protect against potential risks. Shape Security Policy: Use your expertise to apply a comprehensive range of cybersecurity policies, principles, and techniques to maintain the integrity of systems processing classified information. Drive Risk Management: Perform risk analysis for system changes More ❯

Assisting technical/management leadership on major tasks or technology assignments • Establishing goals and plans that meet project objectives • Assisting in direction and control activities, having overall responsibility for security management, methods, and staffing to ensure that technical requirements are met • Participating in client negotiations and interfacing with senior management • Supporting decision making and domain knowledge that may have … a critical impact on overall project implementation • Providing support to plan, coordinate, and implement a cybersecurity lab's information security - Providing support for facilitating and helping the lab identify its current security infrastructure and define future programs, design and implementation of security related to lab systems • Assisting the efforts of security staff to design, develop … engineer and implement solutions to security requirements • Implementing and development of the DHS IT security standards • Gathering and organizing technical information about the lab's mission goals and needs, existing security products, and ongoing programs • Performing risk analyses which also includes risk assessment • Planning and leading major technology assignments • Evaluating performance results and recommends major changes More ❯

The Information Systems Security Engineer (ISSE) shall perform, or review, technical security assessments of computing environments to identify points of vulnerability, non-compliance with established Information Assurance (IA) standards and regulations, and recommend mitigation strategies. Validates and verifies system security requirements definitions and analysis and establishes system security designs. Designs, develops, implements and/… or integrates IA and security systems and system components including those for networking, computing, and enclave environments to include those with multiple enclaves and with differing data protection/classification requirements. Builds IA into systems deployed to operational environments. Assists architects and systems developers in the identification and implementation of appropriate information security functionality to ensure uniform … application of Agency security policy and enterprise solutions. Supports the building of security architectures. Enforce the design and implementation of trusted relations among external systems and architectures. Assesses and mitigates system security threats/risks throughout the program life cycle. Contributes to the security planning, assessment, risk analysis, risk management, certification and awareness activities for system More ❯

Risk Management Framework (RMF), NMAP, PKI, Wireshark, auditing, penetration testing, scripting, IASAE, CISSP, ISSEP, NISCAP Due to federal contract requirements, United States citizenship and an active TS/SCI security clearance and polygraph are required for the position. Required: Must be a US Citizen Must have TS/SCI clearance w/active polygraph Bachelor's degree in Computer … Science, Information Assurance, Information Security System Engineering, or a related discipline. Must have a minimum of fourteen (14) years of experience performing in an ISSE role or similar. DoD 8570 compliance with IASAE Level 3 is required Both Information Systems Security Engineering Professional (ISSEP) and CISSP Certifications are required. Five (05) years of experience with … Defense in Depth Principals/technology including access control, authorization, identification and authentication, public key infrastructure, network and enterprise security architecture and applying risk assessment methodology to system development. Must have a solid understanding of security practices and policies and hands-on vulnerability testing experience. Must have experience applying Risk Management Framework. Must have experience formulating and assessing More ❯

mission focused IT programs. Our employees are integral players in support of mission-critical programs focused on our National Security. Role Description: This position requires a solid understanding of security practices and policies as well as hands-on vulnerability testing experience. The selected candidate will have numerous responsibilities from day to day drawn from a wide array of activities. … The strongest candidates will have experience working in these areas: Validating and verifying system security requirements and establishing system security designs for large-scale systems, major system elements, and interfacing systems that are part of a large complex network environment with geographically distributed components. Identifying and implementing appropriate information security architectures and functionality to ensure uniform … application of security policy and enterprise solutions. Recommending and developing technical solutions, products, and standards based on current and desired system security architecture. Assessing and mitigating system security threats and risks throughout the program life cycle. Leading and/or contributing to the security planning, assessment, risk analysis, risk management, certification and awareness activities for various More ❯

network you want to login/join with: This is a mid-level position ideal for candidates looking to grow their career in IT Risk Management. Are you an Information Technology (IT) Risk Manager ready for a step-up role with within Amazon’s unique IT environment? We are looking for an experienced IT Risk Manager within the First … transmitter, or payments related e-commerce function. - A good understanding of IT risk and control frameworks: COBIT, NIST, ISO 27001, ITIL or equivalent. - Understanding of SDLC. PREFERRED QUALIFICATIONS - Certified Information Systems Auditor (CISA) or equivalent IT auditing and risk certification. - Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Security Professional (CISSP) or equivalent IT Risk, Governance, Security Strategy certification. - Digital transformations experience to drive process improvements. - A good understanding of regulatory landscape (CSSF, DORA, EBA, NIS2, SOC 2) - Experience with cloud platforms risk management, cloud security, and compliance, including IAM, cloud incident response, and resilience testing. - Master's degree or equivalent. #J More ❯

Team (QRM) provides leadership, guidance, and tools to help partners and staff manage quality and risk matters. The team is comprised of an Advisory and Compliance Team, a Chief Information Security Office Team, an Economic Crime Team, a Legal Team including a Commercial & Contracts Team, the Independence and Ethics Team and the Regulatory Supervisory Team, plus the Quality … for enhancing our delivery and providing additional services to organisations we work with. Role Purpose The Third Party Risk Manager is responsible for implementation of the BDO third party security framework. This includes assessing the information security risks of our 3rd parties , by evaluating the 3rd parties' security controls and ensuring supplier and supply chain information security risks to BDO and BDO client services are identified , assessed and managed. This role reports to the Information Security Manager. Principal Accountabilities Leads in the execution and continuous improvement of the information security supply chain framework , which includes ensuring that security controls are implemented within the supply chain lifecycle at BDO Co More ❯

We are looking for an enthusiastic and detail-oriented Data Protection Manager to join our growing information security and data protection team. This is an ideal opportunity for someone with existing data protection knowledge and experience to further their career in information security and data protection. The Role: The Data Protection Manager will be responsible for … driving the technical implementation of data protection practices across our systems and infrastructure. You will work collaboratively with the wider Information Security team to deliver a consistent and easily understood approach. Reporting to the Director of Information Security and Data Protection Officer, you will play a hands-on role in ensuring that our platforms, applications, and … third-party services are aligned with data protection policies, regulatory requirements, and information security best practices. The ideal candidate is eager to learn and grow within the data protection and information security fields while contributing to the team's efforts to protect our organisation's data and IT infrastructure. This role focusses on the operational aspects More ❯

As the Critical Asset and Classification Lead , you will be part of the Information Security team, focused on identifying, managing, and protecting Thames Water's most critical data assets, often referred to as "crown jewels." This role will also lead the development and implementation of data classification methodologies to ensure appropriate protection based on sensitivity and importance. The … you'll be doing as the Critical Asset and Classification Lead: Critical Asset Framework Development: Lead the development and ongoing refresh of the framework for identifying and protecting critical information systems and data assets. Data Classification Methodology: Design and implement methodologies to classify data assets based on sensitivity, criticality, and business importance. Security Controls Monitoring: Assign and monitor … appropriate security controls aligned with system criticality and data classification standards. Asset Register Management: Maintain and periodically review registers for both critical information systems and information assets. Cross-functional Collaboration: Collaborate with business and digital teams to identify, score, and categorise critical assets and ensure alignment with strategic security objectives. Compliance & Best Practice: Ensure data classification More ❯

development, embraces an inclusive environment, and rewards innovative excellence. If you're as passionate about your future as we are, join our team. Roles & Responsibilities You analyze complex enterprise information security programs and infrastructure in both public and private sector. You assist with assessments of clients' IT and security processes, risk, controls and compliance against leading practices … people models to address key and evolving risks. You are the interface with client executives and hands-on technology practitioners to bring meaningful, strategic change in the areas of information protection, data security and privacy, security operations and business continuity. You articulate business risks of technical vulnerabilities and identify and communicate findings to client personnel. You review … demonstrate excellent project management skills, promote teamwork and individual accountability with engagement team members. Skills & Qualifications You have min. 5 years of experience in the field of cybersecurity and information risk management. You have a master degree or equivalent by experience. Having cybersecurity related certification (e.g. CISSP, CEH, CISM, CISA, GIAC, GSEC) is a plus. Having experience in leading More ❯

self-service capabilities for common support tasks to improve efficiency and user experience. Collaborate with the CTO and technology leaders to align IT strategies with business goals, supporting scalability, security, and regulatory compliance. Manage and optimise hybrid cloud environments (e.g., Azure, AWS, Google Cloud) in support of internal services and business operations. Deliver demonstrable progress in the company's … support team, including recruiting, coaching, performance management, and professional development. Manage relationships with external vendors, MSPs, and technology partners to ensure cost-effective and reliable service delivery. Collaborate with InfoSec and Legal teams to ensure compliance with relevant regulations (e.g., ISO 27001, GDPR). Lead incident response and disaster recovery planning/testing for internal platforms and operational IT. Requirements … Needed: Bachelor's degree in information technology, Computer Science, or related experience. 10+ years of experience in IT operations and support services, with at least 5 years in a leadership role. Proven experience managing enterprise IT systems, cloud platforms, and service desk operations in a 24 7 environment. Strong knowledge of ITSM frameworks and modern collaboration tools (e.g., M365 More ❯

execute innovative compliance testing programs Manage deep-dive investigations into technology processes Conduct regular risk assessments and provide recommendations Prepare and present reports to senior leadership on IT and security risk posture and attack surface Develop and implement innovative IT risk monitoring solutions Partner with first and second line of defence stakeholders, including risk managers and security leads … to effectively address ICT and security risks Leverage data analytics to revolutionize compliance assurance Drive continuous improvement in our Assurance Program Stay up to date with emerging threats, regulations and their impact on IT assurance Basic Qualifications Experience in compliance, audit or risk management Bachelor's degree or equivalent Proven experience in developing and executing compliance or audit testing … frameworks 7+ years of progressive experience within financial services in information security, cybersecurity, operational resilience and/or privacy risk Analytical mindset with a talent for problem-solving Excellence in stakeholder management and communication Ability to thrive in a fast-paced, innovative environment Preferred Qualifications Master's degree or equivalent Highly value payments systems experience Second line risk More ❯

beauty, electronics, Alexa... View all jobs at Amazon.com This is a mid-level position ideal for candidates looking to grow their career in IT Risk Management. Are you an Information Technology (IT) Risk Manager ready for a step-up role with within Amazon’s unique IT environment? We are looking for an experienced IT Risk Manager within the First … transmitter, or payments related e-commerce function. - A good understanding of IT risk and control frameworks: COBIT, NIST, ISO 27001, ITIL or equivalent. - Understanding of SDLC. Preferred Qualifications - Certified Information Systems Auditor (CISA) or equivalent IT auditing and risk certification. - Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Security Professional (CISSP) or equivalent IT Risk, Governance, Security Strategy certification. - Digital transformations experience to drive process improvements. - A good understanding of regulatory landscape (CSSF, DORA, EBA, NIS2, SOC 2) - Experience with cloud platforms risk management, cloud security, and compliance, including IAM, cloud incident response , and resilience testing. - Master's degree or equivalent. Amazon is More ❯

off shift pattern , ensuring sustained SOC coverage across critical hours. You’ll manage, mentor, and train two junior SOC analysts working on your shift, while also delivering advanced security operations services to clients across a range of industries. As a Senior SOC Analyst , you will be central to incident response, threat hunting , and real-time defence management , guiding and … two junior SOC analysts. The SOC team is deeply committed to leveraging the latest in automation and artificial intelligence, including SOAR platforms, to deliver smarter, faster, and more effective security outcomes. This role provides a unique opportunity to help shape the future of a next-gen SOC environment. This role combines hands-on technical expertise with management responsibility, offering … a unique blend and the chance to contribute meaningfully to both team development and cutting-edge security operations. The shift pattern is four days on, four days off, with rotating early (6 am-3 pm), late (2 pm-11 pm), and night (10 pm-7 am) shifts. Key Responsibilities Mentorship & Team Leadership: Guide and support two juniors with ticket More ❯

research and make recommendations on products, services, protocols, and standards in support of all infrastructure procurement and development efforts Assist with the planning and deployment of infrastructure and cloud security measures Develop, implement, and maintain policies, procedures, and associated training plans for cloud administration Ensure services conform to the agreed compliance requirements set forth by current and planned accreditations … to continuously optimise systems and processes, using stakeholder feedback, taking account of technological improvements and new design patterns with cloud technologies Key Working Relationships Internal: Economists/Business Analysts Information Technology/Infrastructure Architects CIO/Head of IT Marketing & Business Development External: As Required Skills, Knowledge & Expertise Required: 6+ years of experience in IT Support and Operations Excellent … communication skills. You will have a natural ability to build rapport with stakeholders at all levels to influence decisions Proven experience in IT infrastructure, Cloud and Security systems planning and development following best practices and information security Significant experience with Microsoft Azure, Intune, PIM and storage accounts Experience in evaluation and decision making Working technical knowledge of More ❯

mechanisms, and control frameworks. Drive engagement and training sessions to enhance risk awareness and best practices. Key Requirements: Proven experience as a Senior Project Manager in Cyber Risk Management , Information Security, or a related field. Strong understanding of cyber risk frameworks (e.g., NIST, ISO 27001, CIS, FAIR). Experience working with risk categorization and governance processes. Demonstrated ability … skills and the ability to drive strategic initiatives. Relevant certifications (e.g., CISSP, CISM, CRISC, PMP, PRINCE2 ) are a plus. Seniority level Mid-Senior level Employment type Contract Job function Information Technology Industries Utilities and Computer and Network Security #J-18808-Ljbffr More ❯

insider threat risks, behaviors, and mitigation strategies in financial institutions. Skills: Exceptional analytical and problem-solving skills. Strong written and verbal communication skills with the ability to present complex information to senior stakeholders. Proficiency in developing metrics, scorecards, and dashboards (e.g., Excel, Power BI, Tableau). Ability to manage multiple priorities and deadlines in a dynamic environment. Preferred Qualifications … groups/Females/Individuals with Disabilities/Protected Veterans. Consults with other IT areas and the businesses and provides professional support for major components of the company's information security infrastructure. Contributes to the development and implementation of security architecture, standards, procedures and guidelines for multiple platforms. Consults with the business and operational infrastructure personnel regarding … new and existing technologies. Recommends new security tools to management and reports and provides guidance and expertise in their implementation. Reviews and analyzes complex data and information to provide insights, conclusions and actionable recommendations provides direction and guidance on reports and analyses and ensures recommendations are aligned with customer/business needs and capabilities. Ensures that all significant More ❯

SOC Analyst Mondas Consulting Mondas are looking for a skilled Security Operations Center (SOC) Analyst to strengthen our security team. The ideal candidate will be responsible for monitoring, detecting, and responding to security incidents, as well as conducting thorough investigations to ensure the security of our clients' IT environments. This role requires a proactive and detail … oriented individual with a deep understanding of Cyber Security threats and defences. About Us Our head office located in central Hampshire is the home of our SOC which is the heart and soul of our business identity as a whole. We strive for excellence and our team is full of ambitious, skilled and hard working professionals who all share … the Mondas vision. We are a Cyber Consultancy that specialises in Security prevention and detection. Mondas delivers bespoke Cyber Security Solutions, helping our clients streamline their incident response and recovery process with our automated approach to SOAR, SIEM & MDR. Responsibilities: ? Respond to and manage security incidents, ensuring timely and eff ective resolution ? Conduct in-depth investigations to More ❯

The IT Security Operations Center's mission is to preserve the confidentiality, integrity, and availability of our assets by identifying operational and security risks and collaborating with business, functional, and customer stakeholders to develop plans that manage risk to acceptable levels. We are currently seeking a Sr. Cyber Incident Response Analyst to join our team. About the Role … Monitor for and investigate suspicious or malicious activity and alerts Review Change Management requests for security relevance and impact Daily review of system, application logs, and custom monitoring tools Malware and Advanced Persistent Threat (APT) analysis and remediation Incident Response and Investigations Availability for rotating on-call shifts (up to 2 - 3 times per year) About You Bachelor's … degree preferred or equivalent related field experience Professional Certifications preferred, including SANS GIAC or CISSP Microsoft, Linux, Networking or related certifications a plus. Experience in Information Technology Extensive experience in information security incident response and operations management Extensive experience of OS, application, and network security weaknesses, vulnerabilities, and remediation Experience researching, analyzing, and resolving complex problems More ❯

the business line is dependent. Projects address Business Development, Underwriting, Management, Housing Stability, and Legal needs. The role is responsible for oversight of all Multifamily business systems including user security administration and support, new user training, data security concerns, cyber security requirements, business system software upgrades, and legacy system maintenance and/or retirement. The position also … new software solutions. The Business Analyst and System Administrator often interfaces with the IT department for internally developed software and acts as a Multifamily representative on the Agency’s security committee and other Agency wide initiatives. The position is an excellent platform for a high-capacity technical individual to learn the business of affordable housing multi-family lending and … effective onboarding, new employees may be required to work in the office more frequently during their first 90 days. Essential Functions Business System Administration and IT Liaison Administer user security for all multifamily software systems and conduct regular review of access Manage software upgrade testing and deployments as necessary Assist with software development/procurement projects on behalf of More ❯

applicable law. We also make reasonable accommodations for applicants’ and employees’ religious practices and beliefs, as well as mental health or physical disability needs. Visit our FAQs for more information about requesting an accommodation. Job Description As a Technology Risk and Controls Lead in our Corporate and Investment Banking division, you will play a crucial role in identifying and … managing data-related risks whilst ensuring alignment to our strategic objectives. You will utilize your expertise in risk management, data protection, and data management to effectively communicate complex technical information to senior management and support global stakeholders in understanding and executing their data related risk and controls obligations. Your ability to influence and collaborate across all organizational levels will … to senior management Process Documentation: Document processes and workflows using MS Office, Lucid, and other relevant tools Workload Management: Independently manage your workload, prioritizing tasks without close supervision Cyber Security Knowledge: Maintain a deep working knowledge of relevant cyber security policies, standards, regulations, frameworks and technologies through continuous learning Risk Analysis and Mitigation: Analyse data, metrics and reporting More ❯

make a difference. Position Summary This is a great opportunity to grow your career and lead enterprise engagements as a Senior Consultant! In this position you will assess the security and compliance of client firms against regulatory and industry requirements and standards, and against security best practice frameworks. You will have a strong understanding of framework requirements, perform … timelines and deliverables. As a Senior Consultant, you will regularly interact with peers and clients as both an auditor and assessor, depending on the engagement. This role will audit information systems with confidence and accuracy to ensure the integrity and effectiveness of security measures. You will test technical controls, policies and procedures, laws, regulations, and industry best practices. … Travel 25-50%. Ability to be successful when working remotely. What You'll Bring Current PCI-QSA certification preferred (will consider former QSA). One of the following Information Security certifications required: CISSP, CISM or ISO 27001 Lead Implementer. One of the following Audit certifications required: CISA, GSNA, CIA, IRCA ISMS Auditor or higher, or ISO More ❯

and evaluate control effectiveness, identify gaps, and recommend enhancements to strengthen risk posture and regulatory compliance Required qualifications, capabilities, and skills Experience or equivalent expertise in technology risk management, information security, or related field, emphasizing risk identification, assessment, and mitigation Familiarity with risk management frameworks, industry standards, and financial industry regulatory requirements Proficient knowledge and expertise in data … security, risk assessment & reporting, control evaluation, design, and governance, with a proven record of implementing effective risk mitigation strategies Knowledge of security controls, and vulnerability management in public cloud environments Knowledge of IT control policies related to the Public Cloud Strong interpersonal skills and a proven ability to work effectively with diverse teams to achieve common goals Demonstrated … and skills CISM, CRISC, CISSP, Cloud or similar industry-recognized risk and risk certifications are preferred Ability to prioritize and work in a global environment, partnering with global cloud-security product management teams to enhance cloud-security products Experience in managing and securing cloud environments, including AWS, Azure, or Google Cloud Platform Proven track record of implementing cloud More ❯

that empower you to own your career. Join MUFG, where being inspired is expected and making a meaningful impact is rewarded. OVERVIEW OF THE DEPARTMENT/SECTION IT Risk, Security & Control department covers cyber security strategy maintenance and tactical planning and operations to provide IT Security protection, governance, risk management and reporting. This includes promoting the global … Information Security Standards and Procedures (ISSP) requirements and local security requirements. The department deploys, supports and monitors security solutions such as virus protection, vulnerability management, compliance monitoring and threat/incident management activities to reduce risk. NUMBER OF DIRECT REPORTS 1-2 MAIN PURPOSE OF THE ROLE To manage the technical delivery of various cybersecurity projects … high degree of difficulty. Experience in managing cybersecurity technology projects such as implementation of DLP, Cyber infrastructure replacement, Cloud monitoring tools etc. Demonstrable proficiency in a wide range of information IT security technologies and embedded security; at the minimum knowledge must cover key cybersecurity domains such as Identity and Access Management, Threat Intelligence, Risk Evaluation, Security More ❯