Security Engineer at Webster & Webster Associates
LOCATIONS: San Francisco CA, San Jose CA, Irvine CA, San Diego CA, Portland OR, Seattle WA, Boston MA, or Washington DC
LOCATION TYPE: Remote work available depending on location (require local candidates)
JOB TYPE: Full-Time
Global Cybersecurity startup is seeking an experienced Security Engineer. The ideal candidate is a technical wizard, has strong RTOS and HW platform knowledge, takes pride in tackling challenges and gets motivated about owning critical services.
• 5+ years cloud and systems security experience
• Extensive experience developing in C and C++ programming language
• Experience with several operating systems (Linux, Embedded Linux, Windows, etc.)
• Real-time operating system / RTOS experience (QNX, VxWorks, ThreadX, FreeRTOS, MQX, etc.)
• Experience working with bare-metal programming, low-level systems, system calls, bootloaders, device drivers
• Embedded operating systems
• Hypervisor technologies and microkernel expertise
NICE TO HAVE
• Experience writing an operating system (or a significant part of it)
• Familiarity with ARM, x866 and assembly programming language
• Linux kernel experience
• Bachelor’s degree in Computer Science, Electrical Engineering, Computer Engineering or related field of study
IRM Cyber Security Analyst/Senior IRM Cyber Security Analyst at Portland General Electric
At PGE, our work involves dreaming about, planning for, and realizing a smarter, cleaner, more enduring hborhood. Its core to our DNA and we haven’t stopped since we started in 1888. We energize lives, strengthen communities and drive advancements in energy that promote social, economic and environmental progress. We’re always on the lookout for people passionate about leading and being a part of teams that are advancing innovative clean energy solutions that are also affordable and accessible to all.
• * This position is posted ls, there are two positions.
• *** IRM Cyber Security Analyst / Senior IRM Cyber Security Analyst
• * Evaluates, tests, recommends, develops, coordinates, monitors and maintains information systems (IS) and cyber security policies, procedures and systems, including access management for hardware, firmware and software. Ensures that IS and cyber security architecture/designs, plans, controls, processes, standards, policies and procedures are aligned with IS standards and overall IS and cyber security. Identifies security risks and exposures, determines the causes of security violations and suggests procedures to halt future incidents and improve security.
Develops techniques and procedures for conducting IS and cyber security risk assessments and compliance audits; evaluation and testing of hardware, firmware and software for possible impact on system security; and the investigation and resolution of security incidents. Implements IS and cyber security policies and takes measures against intrusion, frauds, attacks or leaks
• * Job Function – Information Risk Management
• * Design information systems security infrastructure. Develop policies and procedures to prevent unauthorized access. Educate and communicate security requirements and procedures to users and new employees. Ensure compliance with regulations and privacy laws. May oversee internal or external systems security (i.e., cloud services). Needs may include performance in the capacity of analyst, auditor or consultant.
• * This position is posted ls.
• * Key Job Information – IRM Cyber Security Analyst Requires in-depth knowledge and experience.? Uses best practices and knowledge of internal or external business issues to improve products or services. ?
Solves complex problems; takes a new perspective using existing solutions.? Works independently; receives minimal guidance.? Acts as a resource for colleagues with less experience
• * Key
Responsibilities **+ Develop and Communicate Policy and Standards
-Advises internal business and IT stakeholders on information security requirements,policies and standards. Assists in promoting awareness of security issues among management and employees. Explains the purpose of and provides advice and guidance on the application and operation of physical,proceduraland technical security controls. Contributes to the development and update of information security policies and processes+ Risk Assessment – Performs security risk, vulnerability assessments and business impact analysis for medium complexity information systems.
Identifies observed or emerging security exposures that create potential threats to infrastructure,systemsor data. Prepares reports of findings.+ Tracking and Reporting – Monitors and follows up to ensure that appropriate mitigation and remediation actions have been taken on risk-assessment findings. Gathers and creates information security metrics reports for management using appropriate visualization techniques.+ Vendor Risk Management – Conducts technical and policy-based information security risk reviews of third-party vendors.
Reviews RFPs to ensure information security requirements are fully and correctly stated
• * Education / Experience**+ Requires a bachelor’s degree in computer science, information systems or other related field or equivalent experience preferred.+ Typically, five s in related field.
Key Job Information – Senior IRM Cyber Security Analyst Requires specialized depth and/or breadth of expertise. ?
Interprets internal or external business issues and recommends best practices. Solves complex problems; takes a broad perspective to identify innovative solutions. ?
Works independently, with guidance in only the most complex situations. ?
May lead functional teams or projects.
• * Key*
• ** Responsibilities**+ Develop and Communicate Policy and Standards – Advises internal business and IT stakeholders on information security requirements,policies and standards. Promotes awareness of security issues among management and employees. Provides information to management regarding the negative impact of the business caused by noncompliance with security standards and requirements. Contributes to other risk,security and privacy initiatives across the company by providing information risk management expertise.
Contributes to the development and update of information security policies and processes.+ Risk Assessment – Obtains and acts on vulnerability information and conducts security risk…
For Remote IRM Cyber Security Analyst/Senior IRM Cyber Security Analyst roles, visit Remote IRM Cyber Security Analyst/Senior IRM Cyber Security Analyst Roles
Cybersecurity SIEM -Senior Consultant – Location OPEN at EY
At EY, youll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And were counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all.
US – Cybersecurity SIEM -Senior Consultant
Cyber threats, massive data storage, privacy requirements and business continuity require heavy information security measures. In the face of ever-evolving Cyber Security threats, EY’s Cyber Security Event and Incident Management (SIEM) team builds tools and custom integrations in order to mitigate threats to Security Operations. As a member of our SecOps and Infrastructure Protection team, you’ll use your technical and business skills to help us drive this mission and have an impact on cybersecurity at a global level.
As a Cybersecurity SIEM Engineer, you will lead the design and implementation of security incident and event management solutions for our clients. You’ll play a key role in supporting our clients with their most complex information security needs, contributing toward their business resilience, and protecting critical infrastructure.
We will support you with career-long training and coaching to develop your skills. As EY is a global leading service provider in this space, you will be working with the best of the best in a collaborative environment. So, whenever you join, however long you stay, the exceptional EY experience lasts a lifetime.
Your key responsibilities
Our security professionals possess diverse industry knowledge, along with unique technical expertise and specialized skills. You’ll work alongside respected industry professionals, learning about and using the latest tools and techniques to identify and overcome some of the most relevant and pressing security issues in the world.
As a Senior Consultant, you will serve on client engagement teams to assist in delivering the full range of services and work with EY Cybersecurity leadership to further develop our security event and incident management service offering.
Skills and attributes for success
• Possess a proven understanding of SIEM technologies, e.g. Splunk, Azure Sentinel, McAfee, QRadar, LogRhythm, SolarWinds, ArcSight, Fortinet, Elastic, SumoLogic, Rapid7
• Experience creating and fine-tuning SIEM content such as correlation rules, reports, dashboards, filters, channels, and integrating threat intelligence to improve accuracy and visibility to potential threats and alerts.
• Monitoring and managing the health and performance of SIEM platform
• Onboarding log sources and data sources, developing new and custom parses, and designing SIEM architecture reviews
• Creating use cases and correlations alerts in the SIEM for continuous security monitoring
• Security Operations experience with operating systems, or cloud infrastructures and services (Azure/AWS)
• Participating in client meetings to further optimize their specific operational plan based on our best practices and operational learnings
• Conveying complex technical security concepts to technical and non-technical audiences including executives.
To qualify for the role, you must have
• A bachelor’s degree in a related field and approximately 3-5 years of related work experience; or a graduate degree and approximately 2 years of related work experience
• Hands-on experience with common security monitoring technologies including Security Incident Event Management systems (SIEM), Intrusion Detection Systems (IDS), Endpoint Detection & Responses (EDR), Anti-Virus log collection systems for purpose of comprehensive log analysis
• Experience supporting, troubleshooting, and administering a variety of networks, operating systems (OSs), and applications
• Experience with one or more of the following Cybersecurity tools: Splunk ES, Azure Sentinel, FireEye, Tanium, ZScaler, Palo Alto, McAfee, Carbon Black, CrowdStrike, Prisma Cloud, Humio, or ServiceNow SecOps
• Experience in process reengineering, workflow design, process improvement, or process mapping.
• Ability to travel as needed for client-site visits, team on-sites and strategic planning sessions; a driver’s license valid in the U.S
Ideally, you’ll also have
• Excellent analytical and problem-solving abilities
• Strong presentation and communication skills
• Knowledge of concepts and solutions of security services in the Zero-Trust model
• Knowledge of Azure Sentinel, Azure Log Analytics, Microsoft Flow, or Power BI
• Relevant security certifications (e.g., Splunk ES, CEH, CISSP)
What we look for
We’re interested in intellectually curious people with a genuine passion for cyber security. With your specialization in Security incident and event management , we’ll turn to you to speak up with innovative new ideas that could make a lasting difference not only to us but also to the industry. If you have the confidence in both your presentation and technical abilities to grow into a leading expert here, this is the role for you.
What we offer
We offer a competitive compensation package where youll be rewarded based on your performance and recognized for the value you bring to our business. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options. Under our flexible vacation policy, youll decide how much vacation time you need based on your own personal circumstances. Youll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.
• Continuous learning: Youll develop the mindset and skills to navigate whatever comes next.
• Success as defined by you: Well provide the tools and flexibility, so you can make a meaningful impact, your way.
• Transformative leadership: Well give you the insights, coaching and confidence to be the leader the world needs.
• Diverse and inclusive culture: Youll be embraced for who you are and empowered to use your voice to help others find theirs.
If you can demonstrate that you meet the criteria above, please contact us as soon as possible.
The exceptional EY experience. Its yours to build.
EY | Building a better working world
EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.
Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.
Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.
EY is an equal opportunity, affirmative action employer providing equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, national origin, protected veteran status, disability status, or any other legally protected basis, including arrest and conviction records, in accordance with applicable law.
EY is committed to providing reasonable accommodation to individuals with disabilities. If you are a qualified individual with a disability and either need assistance applying online or need to request an accommodation during the interview process, please call 1-800-EY-HELP3, type Option 2 (HR-related inquiries) and then type Option 1 (HR Shared Services Center), which will route you to EYs Talent Shared Services Team or email SSC Customer Support at [Email available when viewing the job] .
For Remote Cybersecurity SIEM -Senior Consultant – Location OPEN roles, visit Remote Cybersecurity SIEM -Senior Consultant – Location OPEN Roles
Cloud Engineer at Navstar Inc.
Would you like to perform rewarding work while contributing to the success of an established, growing company? Navstar is an award-winning organization that has a proven track record of successfully providing IT services and solutions both as a prime and sub-contractor on mission focused IT programs. Our employees are integral players in support of mission-critical programs focused on our National Security.
As a Cloud engineer on our team, you’ll help to create solutions to drive the next wave of innovation. You’ll recommend tools and capabilities based on your research of the current environment and knowledge of various on-premise, Cloud-based, and hybrid resources. You’ll work with our engineering, architecture, and migration teams to inform strategy and architecture design. This is an opportunity to stay on top of the latest Cloud resources as you lead efforts to prototype using multiple techniques and new technologies.
Required Skills and Qualifications:
• This position is a hybrid role with a combination of working at a client site and working remotely.
• Active TS/SCI clearance required in order to be considered.
• 2+ years of experience with design, deployment, and management of Cloud environments, including AWS or Azure.
• Experience in a systems engineering or systems administration role.
• Experience with UNIX/Linux command line and shell scripting.
• Experience with system and network administration.
• Experience with using or migrating continuous integration (CI) and continuous delivery (CD) pipeline solutions or tools, including Jenkins, and Git
• Experience with additional tools, including Docker, Kubernetes, and Ansible.
Desired Skills and Qualifications:
• Experience with implementing and maintaining Jenkins.
• Experience with writing scripts and glue to tie together services, functionalities, and tools using technologies, including Python scripting, Bash, Boto3, PowerShell, and YML and JSON templates.
• Experience with Terraform and Cloud Formation.
• Experience with Agile methodologies.
• Knowledge of Cloud environment fundamentals.
• Ability to use automation tools and Infrastructure-as-Code, such as Terraform or Cloud formation, to manage installations, pipelines, and scriptin.
• AWS Certified Cloud Practitioner or Microsoft Azure Fundamentals certification.
Full vaccination against COVID-19, and compliance with the Company’s vaccination verification procedures, is required for this position, unless the individual is legally entitled to a reasonable accommodation for medical or religious reasons.
For 20 years Navstar has provided high-quality Innovative Technology Services and Solutions throughout the Intelligence Community. We would not have achieved the success we have without the best AllStar team; this is not just a place to work, Navstar is a community. At Navstar everything we do revolves around listening to both our customers and employees, delivering the results they expect, and being a trusted partner as both a prime and subcontractor. We have proven track record of successfully providing innovative technology services and solutions on highly mission-focused programs; all while enjoying what we do at the same time. Security is our priority; together, we will make the nation a safer place.
Benefits at Navstar
• Highly Competitive Health Care Premiums, including 100% employer paid for employee
• Flexible Spending Accounts for Medical and Dependent Care
• Generous PTO and Federal Holiday Paid Leave
• Employer Paid STD/LTD
• Employer Paid Life Insurance
• 401K plan and Employer Match
• Referral and Opportunity Referral Programs
• Professional Development Assistance
Navstar Inc. is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability or veteran status.
For Remote Cloud Engineer roles, visit Remote Cloud Engineer Roles
Information Security Associate (entry-level) – REMOTE! at General Dynamics Information Technology
Type of Requisition: Regular
Clearance Level Must Be Able to Obtain: None
Public Trust/Other Required: MBI (T2)
Job Family: Information Security
GDIT is searching for an entry-level Information Security Associate to work under a Centers for Medicare & Medicaid Services (CMS) contract ensuring the information system is secure.
In this role, you will be performing all procedures necessary to ensure the safety of information systems assets and to protect systems from intentional or inadvertent access or destruction.
THIS ROLE IS FULLY REMOTE AND PERFECT FOR A NEW GRAD!
In this role, a typical day will include:
• Review System Security Plans, Information Security Risk Assessments, Privacy Impact Assessments, Contingency Plans, Incident Response Plans and other CMS security related artifacts.
• Create access reports and review/audit access for the system and applications understanding the concept of least privilege.
• Work daily with technical and non-technical team members to ensure security functions are implemented and documented through CMS system lifecycle.
• Work daily within security monitoring tools such as Nessus, AWS Security Hub, AWS GuardDuty, AWS Inspector, AWS Chef Inspec to translate system security posture to technical and non-technical team members.
• Work in SAFe agile teams, assisting with security-related tasks and deliverables associated with bi-weekly iterations and daily updates for scrum.
• Support audits, assessments and penetration tests through scheduling meetings, evidentiary collection and interviews.
• Documents and maintains Plan of Action and Milestones (POA&Ms) for all weaknesses/findings identified in security audits or self-assessments.
• Implement, document, maintain, and monitor CMS Acceptable Risk Safeguards control requirements.
• 0+ years and a Bachelor’s degree in Cybersecurity, Information Systems or Computer Science or related discipline
• Foundational knowledge related to vulnerability management and/or vulnerability and compliance tools such as Nessus.
• US Citizenship or Permanent Resident is required to be considered for this position.
• Ability to obtain and maintain a Public Trust Clearance.
• Relevant security certifications in any of the following: Network +, Security +, CAP, CSX, SSCP certifications
• Foundational knowledge of cloud computing and cloud services.
• Excellent customer service skills as well as strong communication skills.
COVID-19 Vaccination: GDIT does not have a vaccination mandate applicable to all employees. To protect the health and safety of its employees and to comply with customer requirements, however, GDIT may require employees in certain positions to be fully vaccinated against COVID-19. Vaccination requirements will depend on the status of the federal contractor mandate and customer site requirements.
We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.
For Remote Information Security Associate (entry-level) – REMOTE! roles, visit Remote Information Security Associate (entry-level) – REMOTE! Roles