Fulltime Cloud Security Analyst openings in Austin, United States on September 10, 2022

Senior Cyber Security Analyst at Lower Colorado River Authority

Location: Austin

Are you looking for an exciting career in cybersecurity working with an organization that makes a difference? At LCRA, we improve the quality of life of the Texans we serve.
LCRA Cybersecurity is responsible for protecting critical infrastructure in the electric, water, and telecommunications sectors. To be successful at this, we consistently train, develop, and apply our cybersecurity abilities. Join a team that’s committed to excellence
• You will be trusted to:
• Part of a team to assess cybersecurity capabilities and implementation level of the LCRA CSF for systems throughout the organization.
• Performs risk assessments and recommends security measures.
• Develop and implement adversary emulation and purple teaming capabilities based on MITRE ATT&CK
• Provides technical consulting to other groups on cybersecurity requirements.
• Maintains knowledge of cybersecurity frameworks and standards applicable to LCRA such as the NIST CSF, NIST SP 800-53, SP 800-82, NERC CIP, ISA, MITRE ATT&CK, and IEEE standards.
• Collaborate with team members and business partners to complete assessments, communicate assessment results, and develop mitigation plans
• Provides reports and other information related to information security issues as requested by management and other groups.
• We provide guidance on vulnerability remediation methods and insight into the risk associated with vulnerabilities
• Provides oversight regarding compliance with security regulations, standards and laws.
• Performs work by traveling independently or with a small team to various locations (substations, power plants, water systems, etc.) as scheduled.
• You qualify with:
• Nine or more years of experience in cybersecurity. A degree(s) in information technology, computer science or relevant field may be substituted per LCRA guidelines for certain years of experience.
• Driver’s license
• You are a great fit with:
• CISSP, GIAC or similar certification
• You gain:
• Competitive salary & medical, dental, vision and legal insurance
• Paid time off, including time for vacation, sick and family care leave
• 401(k) match up to 8% that includes a student loan 401(k) contribution program option
• Life and disability insurance
• Wellness program including wellness incentive
• Extensive learning & development programs
And more – all to create a compelling and rewarding work environment.
• Equal Opportunity Employer*LCRA provides equal employment opportunities and a work environment free of discrimination and harassment. All employment decisions at LCRA are based on business need, job requirement and individual qualifications, without regard to race, color, religion, gender identity, national origin, age, disability, sexual orientation, genetic information, or veteran status in accordance with applicable federal and state legal requirements governing nondiscrimination in employment.

Job Type:
Full-time

Pay:
$89,000.00 – $118,733.00 per year

Benefits:
• 401(k) matching
• Dental insurance
• Employee assistance program
• Flexible spending account
• Health insurance
• Health savings account
• Life insurance
• Paid time off
• Vision insurance
Schedule:
• 8 hour shift
Ability to commute/relocate:
• Austin, TX 78703: Reliably commute or planning to relocate before starting work (Preferred)
Education:
• Bachelor’s (Preferred)
Experience:
• Cybersecurity: 9 years (Preferred)
License/Certification:
• CISSP (Preferred)
• GIAC Certification (Preferred)
• Driver’s License (Preferred)
Work Location:
One location
Apply Here
For Remote Senior Cyber Security Analyst roles, visit Remote Senior Cyber Security Analyst Roles

********

Cyber Security Analyst – IT (Remote) at Constellation

Location: Austin

Description

At Constellation, a freshly independent and soon-to-be Fortune 200 company, we’re providing the energy and services to transform our future. Combining next generation technologies and product offerings with the country’s lowest carbon generating fleet, our company is purpose-built to meet the challenges of the climate crisis.

Constellation has been the leader in clean energy production for more than a decade. Now we’re speeding delivery of low-carbon or no-carbon power to help families, communities, governments, and businesses meet their sustainability and decarbonization goals. Constellation provides 10 percent of total clean power and 22 percent of clean baseload power in the United States and is the leading competitive retail supplier of energy products, services and clean energy solutions. The race is on to confront climate change, and no company is more ready to meet that challenge.

We are committed to advancing diversity, equity and inclusion and believe in attracting, retaining and advancing employees who will best serve and represent our customers, partners and communities. We provide a workplace that ensures mutual respect, where each individual has the opportunity to grow and contribute at their greatest potential. Constellation will provide you the tools and resources you need to design, build and power a successful career.

Constellation offers a wide range of benefits, designed to help our employees thrive professionally and personally. In addition to highly competitive salaries, we offer a bonus program, 401(k) with company match, employee stock purchase program; comprehensive medical, dental and vision benefits, including a robust wellness program; paid time off for vacation, holidays and sick days; and much more.

Join us as we accelerate the transition to a carbon-free future. Energize your career with Constellation.

PRIMARY PURPOSE OF POSITION

The Cyber Security Compliance Analyst will exist as part of the broader Cyber Security Governance function and works across Constellation teams to ensure compliance with cyber-specific laws, rules and regulations applicable to the organization. In addition to supporting certain internal and external audit activities in accordance with industry control frameworks such as Sarbanes-Oxley, CISA and NIST, this position is responsible for supporting the identification, evaluation and tracking of requirements related to new control frameworks in scope for Constellation’s cyber security and business programs (e.g., DFARS, CMMC). This role coordinates across teams, including Supply, Legal, Regulatory, Compliance, and business partners.

PRIMARY DUTIES AND ACCOUNTABILITIES
• Support Constellation’s implementation and establishment of sustainment model for new and/or evolving control/policy frameworks that will need to be adopted under the cyber governance team.
• Support coordination between Cyber Security, Legal, and business partners in support of establishing and sustaining Information Protection Governance programs
• Coordinate the establishment of critical data inventories, governing data classifications, and handling standards
• Develop metrics to convey the status and heath of applicable cyber-security compliance initiatives.
• Perform compliance activities including control testing, self-assessments and support engagements with internal and external auditors and support vendors.
• Support business partners and report compliance results with respect to the adherence to and compliance with applicable cyber laws, regulations, and control frameworks
• Read, analyze, and interpret business, professional, technical or government documents.
• Assist in the creation and maintenance of risk assessments, test plans and reports
• Lead the support of compliance data in internal systems like ServiceNow and/or Governance Risk and Compliance (GRC).
• Maintain comprehensive records for all concerns and/or findings during the compliance process; support issues tracking and drive corrective action/remediation efforts.
• Recommend and implement change and process improvements to the cyber compliance areas to ensure sustained compliance and operational efficiencies.
• Write reports, business correspondence and policy/procedural materials regarding applicable cyber compliance matters and guidance.

JOB SCOPE
• Working knowledge of cyber security practices for an enterprise environment
• Working knowledge of computer networking concepts and protocols, and network security methodologies
• Working knowledge of firewall operations
• As assigned, work effectively with other departments and team members
• Promotes and shares professional knowledge via seminars, presentations, and publications within your community (i.e. department, peers, educational institutions), as required

Qualifications

MINIMUM QUALIFICATIONS
• Bachelor’s degree in Computer Science or related discipline and typically 2 to 5 years related experience or 6 to 9 years equivalent combination of education and work experience.
• Ability to solve problems using pre-defined procedures and guidelines.
• Communication skills Able to effectively communicate highly technical information in non-technical terminology (written and verbal)
• Flexible and adaptable to changing priorities, based on business needs
• Working knowledge of Server and Workstation Operating Systems (Windows / Linux), along with command prompt knowledge
• Working knowledgeable in IP based switching, routing, and network environments (ex. Cisco)
• Working knowledge of computer networking concepts and protocols, and network security methodologies.
• Working knowledge of cyber security practices for an enterprise environment
• Working knowledge of firewall operations (ex. Cisco & Checkpoint)
• Working knowledge of cyber security practices for an enterprise environment
• Experience with Implementing and sustaining Cyber Security Frameworks such as NIST 800-171, 172.
• Experience with Federal Gov Compliance in working with FIPS-199, SARS, SSPs, and POAMS.

PREFERRED QUALIFICATIONS
• Working knowledge of cyber security program elements such as Policy Development, Application Security, Information Security, Network Security, Disaster Recovery Planning, Operational Security, Incident Response, and End User Education
• Working knowledge of Security Information Event Management (SIEM) solutions (ex. Splunk, Nitro, Industrial Defender)
• Cisco Certified Network Associate (CCNA) certification acceptable with other network credentials. Security Plus training

Constellation is proud to be an equal opportunity employer and employees or applicants will receive consideration for employment without regard to: age, color, disability, gender, national origin, race, religion, sexual orientation, gender identity, protected veteran status, or any other classification protected by federal, state, or local law.

VEVRAA Federal Contractor

REQNUMBER: 242206-OTHLOC-~~~

Constellation is proud to be an equal opportunity employer and employees or applicants will receive consideration for employment without regard to: age, color, disability, gender, national origin, race, religion, sexual orientation, gender identity, protected veteran status, or any other classification protected by federal, state, or local law.
Apply Here
For Remote Cyber Security Analyst – IT (Remote) roles, visit Remote Cyber Security Analyst – IT (Remote) Roles

********

Info Security Analyst Iv at Change Healthcare

Location: Austin

• Change Healthcare is a leading healthcare technology company with a mission to inspire a better healthcare system.
• We deliver innovative solutions to patients, hospitals, and insurance companies to improve clinical decision making, simplify financial processes, and enable better patient experiences to improve lives and support healthier communities.
• Overview of Position
• Change Healthcare is looking for a Senior Information Security Analyst with a focus on Insider threats, for the Cyber Insider Threat Management team to assist with all aspects of the Insider Threat Program in order to protect Change Healthcare’s critical data and assets.
• The individual will have a solid understanding of the modern cyber security landscape with a strong background in intelligence gathering, data loss risks, and process documentation.
• Effectively defending Change Healthcare in this environment requires an in-depth knowledge of the tools, processes, and regulations surrounding investigations, forensics, data handling, and insider threat techniques.
• What will be my duties and responsibilities in this job?
• + Identifying operational and technical gaps that may result in data loss or compromise.
• + Develop playbooks and operational guidelines for CITM and Incident Response.
• + Provide in-depth analysis of assigned investigations or investigative leads resulting from monitoring tools.
• + Present investigation finds in a concise and easily understandable format
• + Automate process to more efficiently determine insider threats
• + Evaluate DLP alerts for potential insider threats and create policies and rules to identify potential threats.
• + Support the overall operational effort for CITM and incident response.
• + Provide expert in-depth knowledge in collecting, analyzing, and escalating security events; responding to insider incidents, and/or collecting, analyzing, and disseminating insider threat intelligence
• What are the requirements needed for this position?
• + Bachelors degree or equivalent working experience
• + Minimum of six years relevant in cybersecurity and Insider Threats technologies
• + Minimum of three years in use and system administration of insider threat tools such as Splunk, Tanium, McAfee DLP, ZScaler.
• + Proficient with Splunk, Tanium, ZScaler, McAfee, Windows, MAC, Server environments, Network topology, or Palo Alto firewalls,
• + Familiar with insider threat indicators and how to monitor for them
• + Familiar with data classification and discovery tools
• + Ability to qualify for DoD clearance
• What other skills/experience would be helpful to have?
• + Ability to Interaction with all levels of leadership including C-level executives
• + Familiarity with cloud technologies such as Microsoft Azure and Amazon Web Services, Google Cloud
• + Proficient with Python or other relevant programing tools
• + Proficient in Data Loss Prevention and DLP tools
• + Proficient in dealing with ambiguity where all the pieces of an investigation are not revealed.
• + Proficient with end point protection as it pertains to insider threats
• + Ability to develop and track security metrics
• + Proficient in handling highly sensitive situations with discretion and employ high ethical standards.
• + Security Certifications a plus ( CISSP etc)
• + Knowledge of other tools pertaining to Data Loss Prevention a plus.
• + Hands on analysis for insider threat investigations to include evidence collection, forensics, evidence custody, leveraging DLP, UBA, SIEM, EDR and other tools.
• + Self starter with the ability to work independently and interdependently with other team members or groups.
• + Utilizing advanced knowledge of tools, techniques and the environment, represent CITM in incident response triage meetings.
• At Change Healthcare, we include all.
• We celebrate diversity and inclusivity, respect each other and value our unique experiences.
• By being our authentic selves, we bring different perspectives into our work and relationships.
• Business Resource Groups (BRGs) play a central role in advancing diversity and inclusion at Change Healthcare.
• They deepen our understanding of different cultures, people, and experiences, and help foster an inclusive workplace.
• Change offers eight (8) BRGs. Learn more at Feeling Inspired?
• Ready to #MakeAChange?
• COVID Vaccination Requirements
• We remain committed to doing our part to ensure the health, safety, and well-being of our team members and our communities.
• As such, we require all employees to disclose COVID-19 vaccination status prior to beginning employment and, when j ob-related and consistent with business necessity , we may require periodic testing for certain roles.
• Some roles require full COVID-19 vaccination as an essential job function.
• Change Healthcare adheres to COVID-19 vaccination regulations as well as all client COVID-19 vaccination requirements and will obtain the necessary information from candidates prior to employment to ensure compliance.
• Equal Opportunity/Affirmative Action Statement
• Change Healthcare is an equal opportunity employer.
• All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, genetic information, national origin, disability, or veteran status.
• If you need a reasonable accommodation to assist with your application for employment, please contact us by sending an email to applyaccommodations@changehealthcare.com with “Applicant requesting reasonable accommodation” as the subject.
• Resumes or CVs submitted to this email box will not be accepted.
• pdf to view our pay transparency nondiscrimination policy.
• California (US) Residents: By submitting an application to Change Healthcare for consideration of any employment opportunity, you acknowledge that you have read and understood Change Healthcare’s Privacy Notice to California Job Applicants Regarding the Collection of Personal Information (.
• Change Healthcare maintains a drug free workplace and conducts pre-employment drug-testing, where applicable, in accordance with federal, state and local laws.
• All qualified applicant will reveive consideration for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, genetic information, national origin, disability, or veteran status.
Apply Here
For Remote Info Security Analyst Iv roles, visit Remote Info Security Analyst Iv Roles

********

Sr Cybersecurity Analyst at Bank of the West

Location: Austin

Sr Cybersecurity Analyst

Description

At Bank of the West, our people are having a positive impact on the world. We’re investing where we feel we can make the most impact, like advancing diversity and women entrepreneurship programs, financing for more small businesses, and promoting programs for sustainable energy. From our locations across the U.S., Bank of the West is taking action to help protect the planet, improve people’s lives, and strengthen communities. We are part of BNP Paribas, a global leader supporting the UN Sustainable Development Goals (SDGs). Yes, we’re a bank, but as the bank for a changing world, we are continually seeking to improve the ways we help our customers, while contributing to more sustainable and equitable growth.

Job Description Summary

This position is responsible for supporting the Bank’s risk exception program for Information Technology and Security business units ensuring the Bank has accurately and completely recorded it’s IS, Business Continuity and IT controls gaps to provide an accurate view of the Bank’s risk posture to senior leadership.

Essential Job Functions
• Partner with appropriate stakeholders across the Bank to document deviations from Information Technology, Information Security, and business continuity expectations as defined in Policies, Standards and Frameworks
• Ensures all relevant aspect of the risk exceptions are documented in detail to support the inherent and residual risk determination.
• Ensure the risk exceptions are approved by the appropriate individuals based on the nature and severity of the risk.
• Develops and maintains reporting on the status of the program for senior leadership and appropriate oversight committees.
• Ensures work effort dependencies, assumptions, risks and issues are defined, documented and communicated to the appropriate lead and/ stakeholder.

#LI-WJ1

Qualifications

Education
• Bachelor’s Degree Business, Computer Science, Information Assurance, Management Information Systems or related field

Work Experience
• 7 Years in Risk Management, Information Security, IT Audit or related field.
• Prior experience in IT and IS Risk Management process for a large firm or bank highly desired.

Skills
• CISA, CISM, CRISC or CISSP certification(s) required
• MITRE Attack Framework experience a plus
• Strong written and verbal communication skills for report writing, business requirement proposals, technical policies, and methodology documentation.
• Sound interpersonal, negotiation, and influencing skills; ability to facilitate discussions around complex issues and bring them to resolution
• Solid analytical and problem-solving skills coupled with thoroughness and attention to detail is highly desired.
• Thorough knowledge of banking operational risk management and industry practices.
• Ability to adjust to rapidly changing security environment, prioritize deliverables and manage workflow.
• Ability to exercise sound judgment and make effective recommendations to management
• Ability to optimize and condense information and transform data into easily understandable concepts.
• Solid understanding of financial industry, risk management, Information Technology and/or Information Security.
• Knowledgeable in various cybersecurity areas such as: Identity and Access Management, Threat Intelligence, Vulnerability Management, Information Risk and Governance, Security Architecture, Monitoring, Incident Response, Security Strategy, and Cyber – Resiliency.
• Strong knowledge of NIST CSF highly desired.

#LI-Remote

This position has the option to work in one of our key hubs (San Ramon, CA, Tempe, AZ, Omaha, NE) or to work remotely as long as it is in within our 27 state working footprint which includes AZ, CA, CO, FL, GA, ID, IA, IL, KS, MI, MN, MO, NE, NV, NM, NC, ND, OH, OK, OR, SD, TX, UT, WA, WI, WY, NY

Annual Hiring Range:

$75,000 – $170,000

Actual compensation offer to candidate may vary from posted hiring range based upon geographic location, work experience, education, and/or skill level.
• In addition to base salary, this position is eligible for annual incentives.
• The base salary opportunity can vary based on candidate’s geographic location, experience, knowledge, skills, and abilities.

Benefits Link:

~~~

To protect the health and safety of our employees and customers, Bank of the West may require all U.S. employees to provide proof of their vaccination status. Employees who are not fully vaccinated may undergo regular testing.

Equal Employment Opportunity Policy

Bank of the West is an Equal Opportunity employer and proud to provide equal employment opportunity to all job seekers without regard to any status protected by applicable law. Bank of the West is also an Affirmative Action employer – Minority / Female / Disabled / Veteran.

Bank of the West will consider for employment qualified applicants with criminal histories pursuant to the San Francisco Fair Chance Ordinance subject to the requirements of all state and federal laws and regulations.

Job: Security

Location: United States-Nebraska-General NE

Other Locations: United States-Wisconsin-General WI, United States-Missouri-General MO, United States-North Dakota-General ND, United States-Kansas-General KS, United States-Nevada-General NV, United States-Minnesota-General MN, United States-Michigan-General MI, United States-New York-General NY, United States-Ohio-General OH, United States-New Mexico-General NM, United States-South Dakota-General SD, United States-Wyoming-General WY, United States-Arizona-General AZ, United States-Oregon-General OR, United States-Iowa-General IA, United States-Utah-General UT, United States-Georgia-General GA, United States-Washington-General WA, United States-Florida-General FL, United States-Oklahoma-General OK, United States-North Carolina-General NC, United States-Colorado-General CO, United States-Idaho-General ID, United States-Texas-General TX, United States-California-General CA

Requisition ID: 065220
Apply Here
For Remote Sr Cybersecurity Analyst roles, visit Remote Sr Cybersecurity Analyst Roles

********

Senior Security Engineer at Mandiant, Inc.

Location: Austin

Company DescriptionSince 2004, Mandiant has been a trusted partner to security-conscious organizations. Effective security is based on the right combination of expertise, intelligence, and adaptive technology, and the Mandiant Advantage SaaS platform scales decades of frontline experience and industry-leading threat intelligence to deliver a range of dynamic cyber defense solutions. Mandiant’s approach helps organizations develop more effective and efficient cyber security programs and instillsconfidence in their readiness to defend against and respond to cyber threats.

Job Description

The Security Engineer is responsible for enabling the technology and tools required to effectively accomplish daily tasks within a Security Operations Center. The primary role of the SOC Security Engineer is to enable SOCs to effectively utilize technology to accomplish daily tasks.

The Security Engineer will collaborate with Mandiant Architects, Mandiant Analysts, Client Information Technology (IT) resources, as well as other business resource owners, to maintain the operational readiness and appropriate configurations of all technologies required for the client’s SOC to maintain effective incident detection and response capabilities.

Candidates for this position must enjoy working as a member of a highly technical team in a rapidly changing environment, be experienced in administrating a variety of information security technologies, excited to learn new emerging technologies, and passionate about protecting customer data and corporate assets from the diverse threats facing multiple industries.

What You Will Do:
• Implement new tools and technology that can be utilized to accomplish daily tasks within the SOC
• Maintain operational readiness, patch management, and appropriate configurations of all SOC related tools and technologies, including Splunk and CrowdStrike technologies
• Improve and refine security tool rulesets, alert thresholds, and telemetry
• Implement scripts and technology to automate tasks or reduce manual processes

Qualifications

Minimum Requirements:
• 3+ Years of professional information security experience
• 2+ Years of implementing, administering, and maintaining Splunk Enterprise Security
• 2+ Years administering various security technologies such as IDS/IPS, EDR, Firewalls, Web Proxies, DLP, CASB, SIEM, DNS security, DDoS protection, and Active Directory
• 2+ years of experience working with or administering tools used in security event analysis, incident response, computer forensics, malware analysis or other areas of security operations
• 2+ years of experience with networking, including TCP/IP protocols and network topology
• Fundamental understanding of operating systems, including Windows and Linux
• Fundamental understanding of security controls for common platforms and devices, including Windows, Linux and network equipment

Desired Qualifications:
• Strong communication and listening skills, a thorough approach to complex problem solving, decision-making ability, and a high motivation towards setting and delivering “excellence”
• Ability to listen, establish relationships, gain consensus, rapidly establish credibility with and gain confidence of multiple areas across the organization
• Experience with UEBA technologies
• Experience configuring or running SOAR or automation tooling
• Working knowledge of Python, Golang, PowerShell, or other scripting languages
• Experience working with hybrid cloud infrastructure
• Understanding and framing business need and technical imperatives and inspiring confidence with a variety of internal and external stakeholders
• Demonstrate exceptional teamwork and foster collaboration within the organization
• Excellent problem-solving abilities
• Ability to document and explain technical details in a concise and understandable manner
• Demonstrated ability to be flexible, positive, and creative in a dynamic, fast paced and changing environment.
• Demonstrated aptitude and the desire to learning new technologies and services

Additional Information

As a U.S. federal contractor, Mandiant has adopted a COVID-19 Vaccination Policy to comply with our obligations under applicable laws and requirements. This position may be covered under Mandiant’s COVID-19 Vaccination Policy, as required in order to support federal contracts, access company offices and/or attend in-person meetings and work events. If covered under this policy, proof of vaccination against COVID-19 may be required as a condition of hire.

At Mandiant we are committed to our #OneTeam approach combining diversity, collaboration, and excellence. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.

This is aregionally-basedrole that mustbe located in the Central Region of the US.

At FireEye we are committed to our #OneTeam approach combining diversity, collaboration, and excellence. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.
Apply Here
For Remote Senior Security Engineer roles, visit Remote Senior Security Engineer Roles

********

Senior Security Goverance Analyst at Rapid7

Location: Austin

At Rapid7, we’re on a mission to close the security achievement gap for our customers by simplifying the complex through shared visibility, analytics, and automation that unite teams around challenges and successes of cybersecurity. Our products and services empower over 9,100 customers across over 120 countries to seamlessly build security into the heart of their organizations.

Our internal Trust & Security Governance team within our Information Security department plays a crucial role in supporting our mission. We ensure we meet our duty of care to our customers, employees, and shareholders by creating effective governance for upholding internal security policies, distributing foundational security expertise across every department to create a strong security culture, and bolstering customer and community trust by providing accessible and transparent information about our internal security program. This role partners closely with other InfoSec teams, Legal, Procurement, and many other teams at Rapid7.

We’re looking for a Senior Security Governance Analyst to help advance our Trust & Security Governance programs, helping us evolve security policies and standards, streamlining our customer security inquiry response program, and performing security risk assessment activities. We are in search of a team member who can apply their security expertise to rapidly mature a company-wide security governance program. The candidate will be positioned to have a direct impact on customers’ understanding of our information security security program. The candidate should show strong interest in creating a company-wide security culture. Rapid7 fosters a collaborative environment to seek out and embrace feedback from various perspectives.

What you’ll do
• Partner with various business and technical teams to curate content in our customer security inquiry knowledge base
• Coordinate and respond to customer security inquiries, due diligence questionnaires
• Continuously mature Trust processes through automation, self-service functionality, and process streamlining to shorten our Sales cycle and our customers’ due diligence cycles
• Maintain and evolve security whitepapers, security content in product help documentation, and Rapid7’s Trust site to create an excellent experience for customers and the community when trying to gauge our security capabilities
• Assist with implementing the information security continuous control monitoring framework
• Develop broad knowledge on the implementation of Rapid7’s security controls, policies, and processes across our products and corporate environments
• Build positive relationships with partner teams in Marketing, Legal, Sales, Business Operations, People Development, and other teams to continuously improve our internal security culture and external awareness of Rapid7’s security program
• Help create metrics to demonstrate the efficiency and effectiveness of our Trust program and to inform continuous program improvements
• Monitor organizational adherence to various external compliance framework requirements
• Perform risk analysis on various information security topics
• Report and communicate security issues and topics to technical and non-technical audiences, ranging from individual contributors to C-suite executives
What you’ll bring
• Experience working in organizational Governance, Risk, and Compliance (GRC) operations; security trust operations; and/or IT/security audit
• Experience supporting security compliance programs or operations involving frameworks such as ISO 27001, NIST CSF, PCI DSS, FedRAMP, SIG/SCA, SOC 2 Type II, etc.
• Desire to collaborate with internal and cross-functional teams to positively impact organizational objectives
• Excellent time management and prioritization skills with a strong ability to plan, prioritize, and execute projects independently or in coordination with other teams
• Excellent ability to communicate to technical and non-technical audiences with a positive, collaborative, and enablement-focused attitude
• Insatiable curiosity and desire to challenge conventional approaches to solving problems

Pluses
• Experience implementing and operating technical security controls/tools in the context of vulnerability management, incident response, cloud security, application security, etc.

Equal Opportunity Employer

Here at Rapid7, we fundamentally believe that every person deserves an equal opportunity to build an exceptional career! We embrace our similarities, celebrate our differences and strongly believe that EVERYONE has the right to be treated with respect and dignity. We have a ZERO tolerance policy for discrimination based on race, ethnicity, religion, gender, sexual orientation, gender identity, national origin, disability, veteran status, marital status, or any other status protected under federal, state, or local law. More importantly though, we just fundamentally believe it’s the right way to build a business and healthy community. We pride ourselves on our unique culture and our commitment to diversity, equity, and inclusion–it is the stitch that holds the fabric of our culture together!

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.
Apply Here
For Remote Senior Security Goverance Analyst roles, visit Remote Senior Security Goverance Analyst Roles

********

22-105 Security Analyst (Information Security Analyst I) at Texas Water Development Board

Location: Austin

To apply for the following position, you must complete the STATE OF TEXAS application via Work in Texas website, or send the completed STATE OF TEXAS application to the email address: hr@twdb.texas.gov.
A RESUME sent to the email address, INSTEAD OF, or in lieu of the STATE OF TEXAS application, will not be accepted.
Texas Water Development Board’s Mission
Leading the state’s efforts in ensuring a secure water future for Texas and its citizens.
The Texas Water Development Board (TWDB) endorses telecommuting and hybrid workplace plans, in addition to other flexible work alternatives. We offer competitive compensation and benefits package
including medical, dental, vision, 401(k), flexible spending, and flexible work hours so you can have a work/life balance! For more information about these benefits and more visit: http://www.twdb.texas.gov/jobs/benefits.asp.
Veteran’s Preference
Veterans, Reservists or Guardsmen with an MOS or additional duties that fall in the fields of 17C – Cyber Operations Specialist, CT – Cryptologic Technician, IS – Intelligence Specialist, 0631 – Network Administrator, 1B4X1 – Cyber Warfare Operations or other related fields pertaining to the minimum experience requirements may meet the minimum qualifications for this position and are highly encouraged to apply.
Additional Military Crosswalk information can be accessed at https://hr.sao.texas.gov/Compensation/MilitaryCrosswalk/MOSC_InformationTechnology.pdf
Job Description Summary
Performs complex (journey-level) information security analysis work. Work involves planning, implementing, and monitoring security measures for information systems and infrastructure to regulate access to computer data files and prevent unauthorized modification, destruction, or disclosure of information. May train others. Works under general supervision, with moderate latitude for the use of initiative and independent judgment. Reports to the Information Security Officer of the IT Security Department.
Essential Job Functions
Supports the agency risk management program.
Supports the implementation of system security plans with agency personnel and outside vendors.
Supports the implementation of continuous automated security compliance capabilities.
Coordinates with users to discuss issues such as computer data access needs and security violations.
Supports plans to safeguard computer files against accidental or unauthorized modification, destruction, or disclosure.
Maintains policies and procedures to protect data systems and databases from unauthorized users.
May perform technical risk assessments and reviews of new and existing applications and systems, including cloud and data center physical security and environment.
Performs IT security reporting and analysis regarding incidents, threats, network, and user access.
Assists in training users and promoting security awareness.
Performs research of systems and procedures for the prevention, detection, containment, and correction of data security breaches.
Assists in advising management and users regarding security procedures.
May assist in developing information technology disaster recovery and business continuity plans.
Maintains confidential and sensitive information.
Ensures individual and team files (electronic and hard versions) are appropriately maintained and timely disposed of in accordance with the agency’s records retention procedures and schedule.
Maintains required certifications and licenses and meets the continuing education needs and requirements of the position to include, attending mandatory training courses.
May be required to operate a state or personal vehicle for business purposes.
Performs other duties as assigned.
Minimum Qualifications
Graduation from an accredited four-year college or university with major course work in Information Technology Security, Computer Information Systems, Computer Science, Management Information Systems, or a related field; or an IT certification such as CISSP, CISA, CRISC, CompTIA or other security industry accepted certification.
One year of information security analysis management work.
Relevant education and experience can be substituted for each other on a year-for-year basis.
Preferred Qualifications
Experience with the Texas Administrative Code (TAC) Chapter 202, Information Security Standards.
Experience with the National Institute of Standards and Technologies (NIST) Information Security framework.
Certification as a Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Information Systems Manager (CISM), Certified in Risk and Information Systems Control (CRISC), or other security industry accepted certification.
Knowledge, Skills, and Abilities (KSAs)
Knowledge of local, state, and federal laws and regulations relevant to information security, privacy and computer crime to include, but not limited to, the requirements of Texas Administrative Code, Chapter 202 and Texas Government Code; and of the principles and practices of public administration.
Knowledge of government organization and administration.
Knowledge of security governance concepts.
Knowledge of the limitations and capabilities of computer systems.
Knowledge of technology across all network layers and computer platforms.
Knowledge of operational support of networks, operating systems, Internet technologies, databases, and security applications.
Knowledge of risk management policies and objectives.
Knowledge of planning, formulation, coordination, and implementation methodologies.
Knowledge of disaster recovery concepts.
Skills in configuring, deploying, and monitoring security applications and infrastructure.
Skills in using Microsoft Office programs such as Word, Excel, and Access.
Skills in use of internet, email, word processing, spreadsheet, presentation, and database software.
Ability to adhere to work schedules, follow procedures with respect to leave and submit accurate timesheets by prescribed deadlines.
Ability to make mature, objective decisions and identify areas of potential problems.
Ability to perform effectively and willingly when changes occur in scope and nature of the work and work environment.
Ability to perform routine and non-routine work assignments accurately and on-time with little or no supervision.
Ability to perform assigned duties and improve work habits and/or output.
Ability to complete assigned work, on time, neatly and with infrequent errors.
Ability to interpret policies, procedures, and regulations.
Ability to provide prompt, courteous and accurate assistance and clear and concise communication to internal and external stakeholders both verbally and in writing.
Ability to work and cooperate with others in a team environment.
Ability to manage multiple tasks.
Ability to stand/sit/move with no physical limitations or aids to perform activities such as retrieve/replace files in a large file system for boxes up to 30 lbs.
Ability and willingness to travel 5% of the time, primarily within the State of Texas.
Ability to operate a vehicle (state or personal) for state business and maintain a driver’s license and driving record that complies with state and agency requirements.
Ability to workdays that may exceed 8 hours, including early mornings, nights, and weekends.
Ability to train others.
Ability to identify problems, evaluate alternatives, and implement effective solutions.
Ability to develop, implement and evaluate policies and procedures.
Ability to prepare reports.
Ability to communicate effectively.
Remarks
Copy of required academic transcripts and/or licensures and driving record must be submitted at the time of hire. Failure to provide required documentation will result in no further consideration for employment.
Important Notice: Otherwise qualified candidates who are ultimately considered for potential employment with the Texas Water Development Board may be the subject of a request for any criminal history record information maintained by the Texas Department of Public Safety (DPS). Evidence of a criminal conviction or other relevant information obtained from the DPS shall not automatically disqualify an individual from employment with the Texas Water Development Board.
PDN-96f1f3dc-54d5-4d13-80a4-6d0332d3d702
Apply Here
For Remote 22-105 Security Analyst (Information Security Analyst I) roles, visit Remote 22-105 Security Analyst (Information Security Analyst I) Roles

********

Information Assurance Engineer at Galapagos Federal Systems, LLC

Location: Austin

Job Title: Information Assurance Engineer
Location: Austin, TX
Job Summary:
Galapagos Federal Systems, LLC has an immediate opening for an Information Assurance (IA) Engineer to join our rapidly growing team. IA Engineer applies IT security principles, methods, and security products to protect and maintain the availability, integrity, confidentiality, and accountability of information system resources and processed information; plans, implements, and manages a Defense In Depth for the total network and/or enclaves within the network; identifies and analyzes threats and vulnerabilities to the information systems to maintain protection, accomplish risk analysis, security testing, and certification due to modifications or changes, completes computer security plans, and enforces mandatory access control techniques; manages a network security program, reporting all incidents promptly and providing corrective action to prevent further incidents; implements guidance to ensure the protection of Internet information, reduces the risks associated with automated processing of information and data, and trains all personnel in IT security awareness, as required.
Essential Duties and Responsibilities: (Not listed in order of importance; other duties may be assigned) and must be able to perform the following with minimal guidance:
• Work with system owners to close IAVMs/ICVMs and open Plan of Action and Milestones (POA&Ms) in a rapid fashion, in accordance with DoD instructions/directives. Review all POA&MS with the Program Manager on at least a quarterly basis and update the POA&Ms accordingly.
• Provide Defense in Depth principles and technology in security engineering designs and implementation
• Analyze existing and future systems, reviewing security architectures, and developing engineering solutions that integrate information security requirements to proactively manage information protection
• Apply security risk assessment methodology to system development, including assessing and auditing network penetration testing, antivirus deployment, risk analysis
• Conduct Computer Incident Response Team (CIRT) activities, including forensic analysis
• Plan, implement, and manage a Defense In Depth for the total network and/or enclaves within the network to include such items as: scanning, remediation, host and network intrusion detection/prevention, firewalls, proxy servers, web cache, virus programs, vulnerability scanning, content filtering, remote dial in protection, Host Based Security Services, Directory Services, and Certification and Accreditation, DoD Instruction 5200.40, accreditation guidance and advice IAW AR 25-2 and IA Best Business Practices (BBPs). Plan, respond, investigate, and report undisclosed classified incident remediation.
• Assess and mitigate system security threats/risks throughout the program life cycle
• Validate system security requirements definition and analysis and review/approve System Security Plans for enterprise-wide architectures
• Maintain Agency public key infrastructure system Implement security designs in hardware, software, data and procedures
• Provide support for the Department of Defense (DoD) Public Key Infrastructure (PKI) service.
• Responsible for requesting, receiving, installation, and accountability of system (server) PKI certificates and providing technical support for PKI.
• Provide communications security (COMSEC) rekeying support within normal business hours or on-call, as required. Prepare and maintain secure communications devices and crypto keys. Provide Certification and Accreditation, as well as provide Automated Information System Accreditation support
• Provide Security Risk Assessment. Perform risk analysis of resources, controls, vulnerabilities, impact of losing systems’ capabilities and threats to the mission objective; provide analysis to facilitate decisions to implement security countermeasures or mitigate risk; implement countermeasures; periodically review program. Recognize possible threats and review evaluations for compliance and non-compliance.
• Other duties assigned.

Qualifications:
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill and ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Must be a U.S. Citizen.
Education / Experience / Certifications:
• Bachelor’s Degree in Computer Science, Cybersecurity, Computer Engineering, or related discipline. Comparable experience in lieu of degree may be considered.
• 3+ years of experience performing Information Assurance functions and using RMF IT security controls and policies
• Must possess and maintain an IT I level certification IAW AR 25-2 and an IAM II certifications IAW DoD 8570.01-M

Knowledge:
• A track record of progressively responsible information assurance experience in one or more of the following information security areas: certification and accreditation, IA system evaluations, system security penetration testing, and IA security operations/network monitoring, Intrusion Detection Systems, Intrusion Prevention Systems, Security Information Management/Security Event Management, network mapping, vulnerability scanners, firewalls, routers and other security tools
• Candidate must have at least 3 years of experience in the IT industry, and be familiar with the applicable NIST Special Publications 800-37 Revision 1, 800-53 Revision 3 or 4, and 800-53A Revision 1.
• Experience and basic knowledge of networking components and various operating systems in a cloud environment, including UNIX and Microsoft is a plus.
• Expertise in other Security Frameworks (ISO, NIST, COBIT, HIPAA/HITECH, etc.) and regulatory requirements is a plus
• Working knowledge of public key infrastructure and encryption systems
• Experience working on an information security incident response team
• Familiarity with Security Technical Implementation Guides (STIG) and system security processes.
• Experience working in CMMI Level 3 (or higher) environments is a plus

Abilities:
• Ability to organize, prioritize and meet deadlines
• Capable of conveying complex information in a simplistic manner
• Strong critical thinking and problem solving skills
• Strong self-starter requiring minimal supervision
• Able to take proactive measures to prevent problems rather than reactive by nature
• Strong verbal and written communication to effectively express concepts, plans, and proposals

Physical Requirements:
Work may involve sitting or standing for extended periods of time. Position may require typing and reading from a computer screen. Must have sufficient mobility, including but not limited to bending, reaching, and kneeling to complete daily duties in a timely and efficient manner. May include lifting weigh up to thirty (30) pounds as necessary.
Security Clearance:
DoD active security clearance may be required at a high-level security. Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information.
Company Summary:
Headquartered in Hawaii, Galapagos Federal Systems, LLC is a SBA Certified NHO 8(a) Small Business specializing in global information technology and offering professional solutions in IT Design & Installation, Cybersecurity Engineering & Support, Application Integration & Development, Software & Hardware Engineering, Network & Systems Management, Information Systems Security, and Business Management Services.
Leveraging over 30 years of providing IT services to the federal & commercial market with projects located around the world, our team possesses innovative expertise in the development of a wide range of technology solutions. Galapagos Federal Systems, LLC is an equal opportunity employer.
Our service commitment is simple – “Quality IT Solutions… On Time & On Budget.”
Galapagos Federal Systems, LLC reserves the right to change or modify job duties and assignments at any time. The above job description is not all encompassing. Positions functions and qualifications may vary depending on business needs.
Galapagos Federal Systems, LLC is an equal opportunity employer and does not discriminate against applicants based on race, color, creed, religion, medical condition, legally protected genetic information, national origin, sex (including pregnancy, childbirth or related medical condition), sexual orientation, gender identity and expression, age, disability, or Vietnam era, or other eligible veteran status or legally protected characteristics.
Apply Here
For Remote Information Assurance Engineer roles, visit Remote Information Assurance Engineer Roles

********

Security Engineer at Tia

Location: Austin

Tia was born from the realization that the healthcare system is missing just that: a system enabling health & wellbeing. Tia is the answer to the dehumanizing experiences that women of all backgrounds face navigating the healthcare system. We are rethinking the model of healthcare from the ground up – really asking: what does it mean to have a relationship with your care provider? What does it mean to think about your health every day? How can we get back to the basics and also leverage the cutting edge research in women’s preventive care? Tia is on a mission to define answers to these questions through building a whole new, distinctly female model of care.

We are on a mission to enable every female to achieve their own definition of optimal health through science-backed information, access to high-quality care, and community.

We opened our first clinic in 2019 in NYC, with more to follow in New York, Los Angeles, and San Francisco this year. Combining virtual and in-person visits, an unwavering commitment to care and accessibility, substantial growth capital and an incredible mission, Tia is poised for rapid growth over the coming years and is building out a world class team to support this expansion.

Tia is building a culture of excellence — in people, process and product. This is our northstar value;

What is excellence, exactly?

Excellence about constantly elevating yourself, it is the process of constantly striving to perform to the best of your abilities, and identifying your top potential through constant learning, experimentation and evolution. Excellence is not about achieving perfection, as that insinuates a pinnacle. Instead, in our terms, excellence is about the pursuit of constant improvement. We’re looking for people who want to go on that hard journey of constantly setting new personal records, and organizational records.

We practice excellence at Tia by demonstrating the following types of behaviors: We chose (and actively choose) excellence as Tia’s highest order value because it crystalizes into one word several behaviors that we hold dear, specifically:
• A drive to constantly improve through experimentation, reflection. and an insatiable growth mindset — said another way, we’re energized by the possibility of invention, innovation, and iteration
• Being present in and grateful for the journey — not just the goal line. Perfection is static. Excellence is a process (more on this important distinction below)
• Asking why, then why again — because accepting “this is just the way it is” is not good enough
• Grit & perseverance — a maker mentality that involves “rolling up your sleeves”, but also deep care for oneself and for others
• A commitment to uncovering talents to unlock “rock star” potential across every individual

Furthermore, excellence reflects the “bigness” and the “boldness” of Tia’s mission and vision — a world in which every woman can achieve optimal health, as defined by herself.

Said another way, Tia’s mission is NOT to make healthcare incrementally better for women. Instead, we’ve intentionally set out to create a fundamentally new paradigm for modern women’s healthcare that’s truly excellent . We believe that creating a company that operates in a culture of excellence will manifest in our product. Reaching this goal is not an overnight pursuit or a “one and done.” We have not and will not “get it right” with the first swing. Rather, this higher order goal is a moving target — one we have not and will not ever fully “achieve.” By design, we will never be “done” with this work, but instead, we will be continuously in pursuit of our mission. It is this continuous pursuit — the journey, not the finish line — that truly embodies excellence.

Role: Security Engineer (Generalist)

As a fast-growing, cross-functional team, Tia’s core values include:
• Health & Wellbeing
• Compassion
• Individual Agency
• Collaboration
• Aspirational Thinking

Details of the Role
• Type of Work: Full-time
• Location: Remote/San Francisco (USA only – No sponsorship at this time)

Your Opportunity

At Tia we believe that if you want to fix healthcare you have to fix it for patients and providers. Our responsibility is to ensure both patient and provider safety and accessibility.

In this role you will be a technical contributor on the security team building security tools, implementing security controls, building security alerting infrastructure and liaising between technical teams. You will be an active voice in a small but growing security team.

About You
• You have 2+ years of security related experience
• You have experience using infrastructure as code tools such as: CloudFormation or Terraform
• You are comfortable developing code in a high level language such as: Python, NodeJS, Ruby, etc.
• You have experience working with cloud platforms such as AWS, Azure or GCP
• You are familiar with OWASP Top Ten vulnerabilities and how they impact an environment
• You are familiar with building security alerts from multiple data sources
• You have some familiarity with control frameworks such as NIST CSF and ISO 27001
• Your enjoy collaborating with external teams and stakeholders, their success is your success
• You’re passionate about building automated tasks to help efficiency
• You don’t dwell on mistakes, you own them and use them as opportunities to to learn and grow from
• You are an active voice and listener in a small but focused security team
• No matter how large, small, complex, or mundane the task, you follow through to the best of your ability and persevere through challenges

What You’ll Do
• Implement technical security controls into the Tia environment
• Develop tools that assist with identifying and remediating security threats
• Help build our security monitoring infrastructure across our platform
• Ideate, develop and execute technical compliance frameworks into controls
• Review third party applications and tools for security & compliance
• Be a champion of security to stakeholders, team members and outside vendors

Best Parts Of The Job
• You’ll work with a small team that encourages you to learn new things
• You’ll have a wide scope of responsibilities and make impactful change
• You’ll use creativity to solve novel problems and be encouraged to learn new technologies to meet our business goals
• You’ll have an experienced technical manager who deeply cares about your performance and career growth

Worst Parts of the Job
• You’ll have to work with different time zones and environments, such as our engineer team and clinical team
• You’ll spend time helping other team members debug or fix issues
• You’ll be on a small team and you will be solely responsible for the programs you own

Benefits
• Unlimited vacation
• Free Tia membership
• Competitive stock option package
• $300 one-time WFH stipend
• $50/month phone and internet reimbursement
• Medical, dental, and vision benefits
• 401k program (no matching at this time)
• Top of the line 15” Macbook Pro
• Travel stipend for team off-sites

This position may require attendance at company and team off-sites and is subject the Company’s vaccine requirement, as permitted by law and subject to reasonable accommodation.

Tia is an equal opportunity employer. We believe that diversity of experience, perspectives, and background will lead to a better environment for our employees and a better product for our users and patients. We strongly encourage people of color and members of the LGBTQ+ community to apply.

If you are committed to collaborative problem solving, creating high-quality and user-centric products, and want to make waves in women’s healthcare – join us!
Apply Here
For Remote Security Engineer roles, visit Remote Security Engineer Roles

********

Security Analyst at CyberCoders

Location: Austin

If you are a with experience, please read on!With a history of 20 years in the beautiful and fast-growing Austin TX, we are revolutionizing the way Real Estate is priced, managed and financed to unlock opportunities for all market participants. It’s a very exciting time for us as we have $20B in assets under management and advisement, and are in the process of a multi-million dollar digital transformation!Top Reasons to Work with Us1. Great opportunity to work for a top growing real estate technology firm!2. Enjoy a fully remote role!3. Above market rate benefits & bonus structure!What You Will Be DoingYou will be working alongside systems and network engineering, enterprise applications, and software development to design solutions, perform security reviews, develop strategy, and drive security projects in aims to reduce risk. This is a technical role that calls up experience with security tools, system security, secure application design principles, cloud security, compliance, and incident response. Each year you will have the opportunity to attend at least one major training course annually (SANS, etc.), one major security conference (Blackhat, DefCon, etc.), and other events.What You Need for this PositionMust have: – BS/BA degree in a technical field such as Computer Science (or equivalent years of experience); – Strong knowledge of NIST (800-53, CSF) and other information security frameworks; – Knowledge and experience with Identity and Access Management technologies – Experience with Cloud-based platforms (Amazon Web Services, Microsoft Azure, Google Cloud Platform) and technologies – Familiarity with Splunk is a plusWhat’s In It for You- Compensation of $65,000 – $90,000/year + 15 – 20% Annual Bonus- Flexible PTO including 7 paid holidays, 1 floating holiday, and 1 volunteer day – 401k with 4% Match- Employer-paid benefits (medical, dental, vision, health savings account)- Professional career development and reimbursement- Up to 16 weeks paid maternity leave; up to 4 weeks of paid parental leave- Backup childcare offered through Bright Horizons- Relaxed casual environment with virtual office events- Opportunity to join a very fast-growing company with endless career opportunitiesSo, if you are a with experience,
Apply Here
For Remote Security Analyst roles, visit Remote Security Analyst Roles

********

The Tech Career Guru
We will be happy to hear your thoughts

Leave a reply

Tech Jobs Here
Logo