Information Security Analyst at American Express
You Lead the Way. We’ve Got Your Back. At American Express, we know that with the right backing, people and businesses have the power to progress in incredible ways. Whether we’re supporting our customers’ financial confidence to move ahead, taking commerce to new heights, or encouraging people to explore the world, our colleagues are constantly redefining what’s possible – and we’re proud to back each other every step of the way. When you join #TeamAmex, you become part of a diverse community of over 60,000 colleagues, all with a common goal to deliver an exceptional customer experience every day.
From building next-generation apps and microservices in Kotlin to using AI to help protect our customers from fraud, you could be doing transformational work that brings our iconic, global brand into the future. As a part of our tech team, we could work together to bring ground-breaking and diverse ideas to life that power the digital systems, services, products and platforms that millions of customers around the world depend on. If you love to work with APIs, contribute to open source, or use the latest technologies, we’ll support you with an open environment and learning culture to grow your career.
Responsible for assisting with activities designed to systematically handle information security, such as security investigations, intelligence, assurance, and awareness, and/or other project oversight, including developing standard methodologies for information security standards and handling IT controls and compliance with regulatory guidance.
Works with technology and business partners across business functions/processes to ensure alignment, understanding and ongoing communication on security controls, compliance and information security risk management. Works individually and with teams on both structured and unstructured assignments.
• Through Cloud Security Engineering program, deliver security code elements across private and public multi-cloud
• Provide security and engineering expertise and guidance to the Cloud Programs, including Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Cloud Application Architecture subprograms.
• Collaborate with enterprise architects and SMEs to deliver complete security architecture solutions.
• Own all technical aspects of software development (architecture, design and development of systems) for assigned applications.
• Deliver hands-on software development, typically spending about 80% of time writing code, APIs, doing proof of concepts and conducting code reviews.
• Identify exciting opportunities for adopting new technologies to solve existing needs and predicting future challenges.
Range of Impact/Influence
• Accountable for ensuring security standard methodologies, policies, and procedures are implemented and adhered to
It’s more than protecting systems and data. It’s protecting people. Our Information Security Managers know that security is a top priority for our business and our partners and customers. Today, as cyber-attacks increase and compliance is more rigorously enforced, we look to them to stay ahead of what’s next and to protect our business and our future. So if you are dedicated to the latest technology and motivating others, secure your career here. You won’t just see the problem coming, you’ll see the solution. New threats to our business, our partners and customers appear on the horizon every day, so no two days are the same. But there are some things you can count on doing:
• Providing guidance on information security processes, controls, and compliance, and information security risk management to team members
• Encouraging employee contribution, such as feedback, career development planning, and goal setting
• Developing plans and strategies for infor
As part of our diverse tech team, you can architect, code and ship software that makes us an essential part of our customers’ digital lives. Here, you can work alongside talented engineers in an open, supportive, inclusive environment where your voice is valued, and you make your own decisions on what tech to use to solve challenging problems. Amex offers a range of opportunities to work with the latest technologies and encourages you to back the broader engineering community through open source. And because we understand the importance of keeping your skills fresh and relevant, we give you dedicated time to invest in your professional development. Find your place in technology on #TeamAmex.
• 1 years of experience in Information Security roles with increase of responsibilities and scope.
• 3 years of experience using one or more prominent software frameworks.
• Experience in microservices architecture is required.
• Understanding of classical or cloud-native design patterns is required.
• Experience building and consuming REST or GraphQL APIs is preferred.
• Experience with Docker, Open Containers Initiative, or similar is required.
• Understding of Cloud Fundamentals, including securing public cloud with data protection controls.
We back our colleagues with the support they need to thrive, professionally and personally. That’s why we have Amex Flex, our enterprise working model that provides greater flexibility to colleagues while ensuring we preserve the important aspects of our unique in-person culture. Depending on role and business needs, colleagues will either work onsite, in a hybrid model (combination of in-office and virtual days) or fully virtually.
If the role you are applying for is designated as hybrid or onsite, you will be required to demonstrate that you have completed your primary COVID-19 vaccination series (i.e., 2 doses for Moderna/Pfizer and 1 dose for J&J) and, for medically eligible
• colleagues, a booster shot, in order to work in or visit any of our offices. This requirement is subject to legally required accommodations.
Employment eligibility to work with American Express in the U.S. is required as the company will not pursue visa sponsorship for these positions.
American Express is an equal opportunity employer and makes employment decisions without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, age, or any other status protected by law.
Primary Location: United States
Cybersecurity Infrastructure, Sr Analyst at Cardinal Health
Headquartered in Dublin, Ohio, Cardinal Health, Inc. (NYSE: CAH) is a global, integrated healthcare services and products company connecting patients, providers, payers, pharmacists and manufacturers for integrated care coordination and better patient management. Backed by nearly 100 years of experience, with more than 50,000 employees in nearly 60 countries, Cardinal Health ranks among the top 20 on the Fortune 500.
We currently have a career opening for an Infrastructure Cybersecurity Sr Analyst on the Platform Engineering team within our Information Security department.
The Information Security team is on a tremendous growth journey. Comprised of Operations, Engineering, and a dedicated Purple team, we aim to be a world-class cyber security organization that enables Cardinal Health to be healthcare’s most trusted partner. We boast tremendous opportunities to grow and apply technical skills to meet organizational needs, empowering talented engineers who mentor and uplift others, led by leaders with a maniacal focus on employee development and well-being, dedicated training programs, and a fun, collaborative atmosphere.
The Infrastructure Cybersecurity Sr Analyst is responsible for implementing and supporting critical security platforms. The right person for this role will be an Infrastructure DevOps engineer with a strong passion for Cybersecurity or someone currently in Cybersecurity looking for a new type of role. This role will use a broad set of DevOps, Infrastructure, and Security skills across numerous security platforms in an agile environment.
Job Responsibilities Include:
• Implementing and supporting security platforms related to: Cloud Access Security Broker (CASB), automated Internet of Things (IoT)/Operating Technology (OT) asset discovery, advanced anti-malware, network intrusion detection system (NIDS)/network intrusion prevention system (NIPS), web application firewall (WAF), Data Loss Prevention (DLP)
• Building of Linux servers, dockers, containers, automation in GCP
• Continuous optimization, tuning and monitoring of platforms
• Troubleshooting issues affecting internal customers
• Executing small/medium projects to deploy security platforms into the business to maximize value and enhance security posture
• Integration of platforms into SIEM, SOAR and/or API’s
• Working closely with Security Incident Response, Purple, Threat Intel teams
• Onboarding of new security platforms into an operational model from the Security Architecture team
• Participation in POC/RFP by testing solutions or building test environments
• Managing Open Source, SaaS, and on-premise platforms
• Familiarity with implementing and supporting several infrastructure or security platforms to include optimization, troubleshooting and tuning
• Ability to collaborate with numerous teams and internal customers
• Development of Build/Run processes to ensure systems are properly maintained and operating effectively
• Familiarity with the Linux operating system
• Familiarity with networking principles
• Familiarity with containerization
• SIEM, CASB, WAF, NIPS/NIDS or DLP experience a plus
• Python, BASH, C++ and interfacing with REST API’s is a plus
• Experience with networking, servers, web servers, and firewalls.
• Experience in Linux, GCP, Dockers/containers and GCP automation is desired.
• A good working knowledge of security best practices, defense in depth, or MITRE ATT&CK framework. Security experience or certification is a plus.
• Experience in a large enterprise environment (2000+ users) is a plus
Cardinal Health is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law.
For Remote Cybersecurity Infrastructure, Sr Analyst roles, visit Remote Cybersecurity Infrastructure, Sr Analyst Roles
Cyber Threat Remediation Analyst (Remote) at TEKsystems
TEKsystems is supporting a large automotive manufacturer with a cyber security need. The contract is expected to go into Q2 of 2023 with option for extension or hire.
Works with business units and with other risk functions to identify security requirements, using methods that may include risk and business impact assessments. Components of this activity include but are not limited to:
• Business system analysis.
• Communication, facilitation and consensus building.
Assists in the coordination and completion of information security operations documentation.
Works with information security leadership to develop strategies and plans to enforce security requirements and address identified risks.
Reports to management concerning residual risk, vulnerabilities and other security exposures, including misuse of information assets and noncompliance.
Plays an advisory role in application development or acquisition projects to assess security requirements and controls and to ensure that security controls are implemented as planned.
Collaborates on critical IT projects to ensure that security issues are addressed throughout the project life cycle.
Works with IT department and members of the information security team to identify, select and implement technical controls.
Develops security processes and procedures, and supports service-level agreements (SLAs) to ensure that security controls are managed and maintained.
Advises security administrators on normal and exception-based processing of security authorization requests.
Researches, evaluates and recommends information-security-related hardware and software, including developing business cases for security investments.
Bachelor’s degree in information systems or equivalent work experience.
Desirable: Security Certification
5 to 7 years of combined IT and security work experience with a broad range of exposure to systems analysis, applications development, database design and administration; one to two years of experience with information security
In-depth knowledge and understanding of information risk concepts and principles, as a means of relating business needs to security controls.
Knowledge of and experience in developing and documenting security architecture and plans, including strategic, tactical and project plans.
Experience with common information security management frameworks, such as (International Organization for Standardization (ISO) 2700x and the ITIL, COBIT and National Institute of Standards and Technology (NIST)) frameworks.
Knowledge of the fundamentals of project management, and experience with creating and managing project plans, including budgeting and resource allocation.
In-depth knowledge of risk assessment methods and technologies.
Proficiency in performing risk, business impact, control and vulnerability assessments.
Strong understanding of business applications, including ERP and financial systems.
Excellent technical knowledge of mainstream operating systems (for example, Microsoft Windows and Oracle Solaris) and a wide range of security technologies, such as network security appliances, identity and access management (IAM) systems, anti-malware solutions, automated policy compliance tools, and desktop security tools.
Experience in developing, documenting and maintaining security policies, processes, procedures and standards.
Knowledge of network infrastructure, including routers, switches, firewalls, and the associated network protocols and concepts.
Audit, compliance or governance experience is preferred.
Knowledge, skills, abilities, traits, certifications, years of experience, to successfully perform job function
The Threat Operations Analyst will assist in monitoring, detecting, and preventing cyber-attackers from exploiting security incidents leading to a data breach or operational interruptions across all of businesses in North America Region. This role has the direct responsibility to drive the strategy, processes, execution, and operations as a member of a Regional Security Operation Team. Theyll support and lead: Threat Hunts, Security Incident Response, Threat Assessment Writeups, and Support 24×7 on-call rotation.
We’re partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That’s the power of true partnership. TEKsystems is an Allegis Group company.
The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.
We are an equal opportunity employers and will consider all applications without regard to race, genetic information, sex, age, color, religion, national origin, veteran status, disability or any other characteristic protected by law. To view the EEO is the law poster [Link available when viewing the job]. Applicants with disabilities that require an accommodation or assistance a position, please call [Phone number shown when applying] or email [Email available when viewing the job]. This is a dedicated line designed exclusively to assist job seekers whose disability prevents them from being able to apply online. Messages left for other purposes will not receive a response.
For Remote Cyber Threat Remediation Analyst (Remote) roles, visit Remote Cyber Threat Remediation Analyst (Remote) Roles
Cyber Threat Hunting and Incident Response Analyst at KPMG US
Requisition Number: 93788 – 70
Known for being a great place to work and build a career, KPMG provides audit, tax and advisory services for organizations in today’s most important industries. Our growth is driven by delivering real results for our clients. It’s also enabled by our culture, which encourages individual development, embraces an inclusive environment, rewards innovative excellence and supports our communities. With qualities like those, it’s no wonder we’re consistently ranked among the best companies to work for by Fortune Magazine, Consulting Magazine, Working Mother Magazine, Diversity Inc. and others. If you’re as passionate about your future as we are, join our team.
KPMG is currently seeking a Sr. Associate, Cyber Threat Hunting and Incident Response Analyst to join our Digital Nexus Group organization.This role is a remote work opportunity.
• Perform all phases of incident response life cycle: preparation, analysis, containment, eradication, remediation, recovery and post-incident activity
• Complete threat hunting in both on-premises and cloud environments
• Define, document, test and manage incident response processes, document processes and procedures in the form of playbooks and reference guides
• Evaluate external threat intelligence sources related to zero-day attacks, exploit kits and malware to determine organizational risk and improve threat detection by incorporating into detection tools
• Conduct forensics, host-based disk and memory as well as network; analyze to determine root cause and impact
• Develop security monitoring by using cases and supporting content for security tools such as dashboards, alerts, reports, rules; including but not limited to the configuration and monitor security information and event management (SIEM) platform for security alerts
• Minimum five years of recent security monitoring experience and incident response activities preferably within a professional services firm or similar environment; experience with IT process definition and/or improvement
• Bachelor’s degree from an accredited college/university or equivalent work experience
• Solid understanding of network and system intrusion and detection methods; examples of related technologies include Splunk, Next Generation Endpoint Protection Platforms (EPP), Security information and event management (SIEM), hacking tools techniques and procedures
• Experience with coding and analytics, malware analysis, endpoint lateral movement detection methodologies and host forensic tools
• Understanding of network protocol analysis, public key infrastructure, SSL, Microsoft Windows and Active Directory, Linux, open-source software, scripting, SQL and software programming
• Applicants must be currently authorized to work in the United States without the need for visa sponsorship now or in the future; candidates must be able to perform work during the Eastern or Central time zones regular business hours
KPMG LLP (the U.S. member firm of KPMG International) offers a comprehensive compensation and benefits package. KPMG is an affirmative action-equal opportunity employer. KPMG complies with all applicable federal, state and local laws regarding recruitment and hiring. All qualified applicants are considered for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, citizenship status, disability, protected veteran status, or any other category protected by applicable federal, state or local laws. The attached link contains further information regarding the firm’s compliance with federal, state and local recruitment and hiring laws. No phone calls or agencies please.
KPMG does not currently require partners or employees to be fully vaccinated or test negative for COVID-19 in order to go to KPMG offices, client sites or KPMG events, except when mandated by federal, state or local law. In some circumstances, clients also may require proof of vaccination or testing (e.g., to go to the client site).
For Remote Cyber Threat Hunting and Incident Response Analyst roles, visit Remote Cyber Threat Hunting and Incident Response Analyst Roles
Information Security Analyst Advisor (Top Secret, preferred) – remote at General Dynamics Information Technology
Type of Requisition: Regular
Clearance Level Must Be Able to Obtain: Secret
Public Trust/Other Required: NACLC (T3)
Job Family: Information Security
GDIT is your place. Make it your own by discovering new ways to securely and expertly apply the latest technology. Own your opportunity at GDIT and you’ll be a meaningful part of improving how agencies operate. General Dynamics Information Technology is seeking Information Security Professionals to support a US Air Force program that is playing a major role in strengthening and modernizing America’s Strategic Deterrent Force. GDIT will develop and deliver a digital engineering design solution which enables and integrates the program’s complete set of data, tools, and model-based systems engineering (MBSE) activities, and makes them available to internal and appropriate external engineering and programmatic stakeholders throughout the program’s lifecycle. This effort will culminate in an abstracted, highly transportable Digital Engineering Environment (DEE) delivered to the Government, to be instantiated “virtually” on the Government’s network infrastructure, and updated during the Engineering and Manufacturing Development (EMD) phase of weapon system development.
The Information System Security team is responsible to ensure the DEE system remains in compliance within the Risk Management Framework (RMF) and associated policies, procedures and guidelines; provide technical expertise on system design, implementation, and accreditation, and provide oversight and coordination for multiple contractors supporting program objectives.
• Responsible for developing and maintaining Risk Management Framework (RMF) security, accreditation, and Authorization to Operate (ATO) approval.
• Develops and maintains System Security Plan, Security Assessment Plan and Procedures, Security Assessment Report, RMF System Diagrams, Incident Response Plan, Master Assessment Datasheet, and other RMF artifacts.
• Coordinates and conducts CCRI activities.
• Ensure DEE systems are compliant with DoD Security Standards.
• Ensures the DEE system achieves and maintains RMF ATO status.
• Active Top Secret clearance, preferred
• Familiarity with DoD RMF Processes, DoDI 8510.01/NIST SP 800-53
• 5+ years of cybersecurity-related experience
• Education: B.S., Computer Science, Information Systems, Information Security, Electrical Engineering, or related field
• CompTIA IAT Level II (Security+, Project+, etc)
WHAT GDIT CAN OFFER YOU:
• Full-flex work week
• 401K with company match
• Internal mobility team dedicated to helping you own your career
• Collaborative teams of highly motivated critical thinkers and innovators
• Ability to make a real impact on the world around you
#Defense #kmp #DEE2020 #USAF #remote #ISSO #transitioningmilitary
COVID-19 Vaccination: GDIT does not have a vaccination mandate applicable to all employees. To protect the health and safety of its employees and to comply with customer requirements, however, GDIT may require employees in certain positions to be fully vaccinated against COVID-19. Vaccination requirements will depend on the status of the federal contractor mandate and customer site requirements.
We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.
For Remote Information Security Analyst Advisor (Top Secret, preferred) – remote roles, visit Remote Information Security Analyst Advisor (Top Secret, preferred) – remote Roles
Cyber Defense Analyst Associate at Leidos
Leidos has a current job opportunity for a Cyber Defense Analyst Associate on the DISA GSM-O program in Columbus, OH.
This position provides 24×7 cybersecurity monitoring services for Department of Defense networks. This includes performing real-time cyber threat intelligence analysis, correlating actionable security events, performing network traffic analysis using raw packet data, and participating in the coordination of resources during the incident response process. Times for the three shifts are: 7am-3pm, 3pm-11pm, and 11pm-7am.
Review DoD and open source intelligence for threats and to identify Indicators of Compromise (IOCs) and integrate those into sensors and SIEMs.
Utilize alerts from endpoints, IDS/IPS, netflow, and custom sensors to identify compromises on customer networks/endpoints.
Review massive log files, pivot between data sets, and correlate evidence for incident investigations.
Triage alerts to identify malicious actors on customer networks.
Report incidents to customers and USCYBERCOM.
Bachelor’s degree and less than 2 years of prior relevant experience; additional work experience or Cyber courses/certifications may be substituted in lieu of degree.
Demonstrated understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elements.
Motivated self-starter with strong written and verbal communication skills, and the ability to create complex technical reports on analytic findings
DoD 8570 IAT level II or higher certification such as CompTIA Security+ CE, ISC2 SSCP, SANS GSEC prior to starting.
DoD 8570 CSSP-A level Certification such as CEH, CySA+, GCIA or other certification is required within 180 days of hire.
Demonstrated commitment to training, self-study and maintaining proficiency in the technical cyber security domain and an ability to think and work independently
Strong analytical and troubleshooting skills.
Willing to perform shift work.
Must be a US Citizen.
Must have an active DoD Secret security clearance prior to start on the program.
CND experience (Protect, Detect, Respond and Sustain) within a Computer Incident Response organization.
Advanced understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elements.
Demonstrated hands-on experience analyzing high volumes of logs, network data (e.g. Netflow, Full Packet Capture), and other attack artifacts in support of incident investigations.
Experience and proficiency with any of the following: Anti-Virus, HIPS/HBSS, IDS/IPS, Full Packet Capture, Network Forensics.
Experience with malware analysis concepts and methods.
Unix/Linux command line experience.
Scripting and programming experience.
Motivated self-starter with strong written and verbal communication skills, and the ability to create complex technical reports on analytic findings.
Familiarity or experience in Intelligence Driven Defense and/or Cyber Kill Chain methodology.
Pay Range $50,700.00 – $78,000.00 – $105,300.00
The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.
For Remote Cyber Defense Analyst Associate roles, visit Remote Cyber Defense Analyst Associate Roles
REMOTE Cloud Security or Cyber Security Analyst at CyberCoders
If you are an experienced Cyber Security Analyst looking to join a growing firm with great culture, please read on
Top Reasons to Work with Us
Ranked in Fortunes 100 Best Companies to Work For 2021
What You Will Be Doing
In this fully remote role you will be responsible for analyzing, designing, implementing, and auditing cloud infrastructure, security solutions, and integrated technologies through a lens of security, resiliency, and scalability.
You’ll also collaborate with team members in-person and remotely. Work closely with different business functions to ensure monitoring, logging, and auditing of relevant events and assisting in automation of security controls.
What You Need for this Position
At least 3 years of experience with
• Cyber Security or Cloud Security
• Compliance frameworks
What’s In It for You
• Salary: $100,000-$130,000
• Fully covered benefits for individual and family
• 401k Match up to 6%
• Annual Bonus
• Sabbatical program
• Fully remote
So, if you are a REMOTE Cyber Security Analyst with experience, please apply today
Email Your Resume In Word To
Looking forward to receiving your resume through our website and going over the position with you. Clicking apply is the best way to apply, but you may also:
• Please do NOT change the email subject line in any way. You must keep the JobID: linkedin : JR19-1698578 — in the email subject line for your application to be considered.***
Jimmy Rowland – Recruiter – CyberCoders
Applicants must be authorized to work in the U.S.
CyberCoders, Inc is proud to be an Equal Opportunity Employer
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, protected veteran status, or any other characteristic protected by law.
Your Right to Work – In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification document form upon hire.
For Remote REMOTE Cloud Security or Cyber Security Analyst roles, visit Remote REMOTE Cloud Security or Cyber Security Analyst Roles
Security Analyst Sr at Elevance Health
Security Analyst Sr.
• Job Family: Cyber Security
• Type: Full time
• Date Posted:Aug 17, 2022
• Req #: JR15446
• Indiana, Indiana
• North Carolina, North Carolina
• Virginia, Virginia
• Ohio, Ohio
• Georgia, Georgia
Build the possibilities. Make an extraordinary impact:
Responsible for managing the delivery of information and network security systems and/or technology services, which may include server, desktop, software, network, database, helpdesk components. Responsible for evaluating, guiding and executing long term SOC projects and solutions.
How you will make an impact:
• Develop and maintain long term projects within the department.
• Knowledge of SOC workflows, incident response, and incident investigation processes.
• Provide documentation related to external and internal audit process.
• Assist in identifying potential improvements related to detection logic, case management, and processes.
• Analyze and report on metrics for cyber security events.
• Provides trouble resolution on complex problems and leads implementations for system and network security technologies.
• Develops testing plans to ensure quality of implementation.
• Coordinates and prepares the reporting of data security events and incidents. Provides system and network architecture support for information and network security technologies.
• Provides technical support to business and technology associates in risk assessments and implementation of appropriate information security procedures, standards and technologies.
• Represents major upgrades and reconfigurations in change control.
• Design & analyze mix of vendor services meeting business and information security requirements.
• Maintains relationship with key vendors.
• Determine and perform complex configuration changes to meet business and information security requirements.
• Represents infrastructure security support in significant projects and performs the most complex operations and administration tasks.
• Respond to level 3 & 4 change and problem requests without supervision.
• Lead level 1 & 2 incident recoveries and root cause analysis.
• Requires a minimum of 3 years experience in a support & operations or design & engineering role in any of the following areas: access management or network security technologies, servers, networks, Network communications, telecommunications, operating systems, middleware, disaster recovery, collaboration technologies, hardware/software support or other infrastructure services role; or any combination of education and experience, which would provide an equivalent background.
• Requires experience providing top-tier support for 3 or more of the information security technology areas: 1) Access Control, 2) Application Security, 3) Business Continuity and Disaster Recovery Planning, 4) Cryptography, 5) Information Security and Risk Management 6) Legal, Regulations, 7) Compliance and Investigations, 8) Operations Security, 9) Physical (Environmental) Security, 10) Security Architecture and Design, 11) Telecommunications and Network Security.
• Technical security certifications (e.g. Systems Security Certified Practitioner) strongly preferred.
• BA/BS degree in Information System and Computer Science or related field of study strongly preferred.
Preferred Skills, Capabilities and Experience:
• Build relationships with other business units to strengthen security posture throughout the organization.
• Review and advise on current security trends which could impact the organization
• Effectively and professionally collaborate with company stakeholders and business partners
• Experience with the following tools is preferred; EDR, SIEM, SOAR, IDS/IPS, Antivirus and Email Protection.
Please Note: Associates in this job working from a California location are subject to California’s salary threshold guidelines.
If this job is assigned to any Government Business Division entity, the applicant and incumbent fall under a ‘sensitive position’ work designation and may be subject to additional requirements beyond those associates outside Government Business Divisions. Requirements include but are not limited to more stringent and frequent background checks and/or government clearances, segregation of duties principles, role specific training, monitoring of daily job functions, and sensitive data handling instructions. Associates in these jobs must follow the specific policies, procedures, guidelines, etc. as stated by the Government Business Division in which they are employed.
Please be advised that Elevance Health only accepts resumes from agencies that have a signed agreement with Elevance Health. Accordingly, Elevance Health is not obligated to pay referral fees to any agency that is not a party to an agreement with Elevance Health. Thus, any unsolicited resumes, including those submitted to hiring managers, are deemed to be the property of Elevance Health.
Be part of an Extraordinary Team
Elevance Health is a health company dedicated to improving lives and communities and making healthcare simpler. Previously known as Anthem, Inc., we have evolved into a company focused on whole health and updated our name to better reflect the direction the company is heading.
We are looking for leaders at all levels of the organization who are passionate about making an impact on our members and the communities we serve. You will thrive in a complex and collaborative environment where you take action and ownership to solve problems and lead change. Do you want to be part of a larger purpose and an evolving, high-performance culture that empowers you to make an impact?
We offer a range of market-competitive total rewards that include merit increases, paid holidays, Paid Time Off, and incentive bonus programs (unless covered by a collective bargaining agreement), medical, dental, vision, short and long term disability benefits, 401(k) +match, stock purchase plan, life insurance, wellness programs and financial education resources, to name a few.
The health of our associates and communities is a top priority for Elevance Health. We require all new candidates to become vaccinated against COVID-19. If you are not vaccinated, your offer will be rescinded unless you provide and Elevance Health approves a valid religious or medical explanation as to why you are not able to get vaccinated that Elevance Health is able to reasonably accommodate. Elevance Health will also follow all relevant federal, state and local laws.
Elevance Health has been named as a Fortune Great Place To Work in 2021, is ranked as one of the 2021 Worlds Most Admired Companies among health insurers by Fortune magazine, and a Top 20 Fortune 500 Companies on Diversity and Inclusion. To learn more about our company and apply, please visit us at Elevance Health is an Equal Employment Opportunity employer and all qualified applicants will receive consideration for employment without regard to age, citizenship status, color, creed, disability, ethnicity, genetic information, gender (including gender identity and gender expression), marital status, national origin, race, religion, sex, sexual orientation, veteran status or any other status or condition protected by applicable federal, state, or local laws. Applicants who require accommodation to participate in the job application process may contact for assistance.
EEO is the Law
Equal Opportunity Employer / Disability / Veteran
Please use the links below to review statements of protection from discrimination under Federal law for job applicants and employees.
• EEO Policy Statement
• EEO is the Law Postero
• EEO Poster Supplement-English Version
• Pay Transparency
• Privacy Notice for California Residents
Elevance Health, Inc. is an E-verify Employer
Database Security Engineer at SonicJobs
The Cybersecurity & Technology Controls group aligns the firm’s cybersecurity, access management, controls and resiliency teams. The group proactively and strategically partners with all lines of business and functions to enable them to design, adopt and integrate appropriate controls; deliver processes and solutions efficiently and consistently; and drive automation of controls. The group’s number one priority is to enable the business by keeping the firm safe, stable and resilient.
Database Security Controls Engineer’s primary responsibility is to insure the firms databases have security embedded into the platform. You will determine the right control settings requirements for database to balance security and developer friction while meeting industry best practices and regulatory requirements. You will play an important role in securely enabling the firm through managing the risk profile, and aligning cyber security and technology controls requirements and product capabilities. This role engages in areas of development, design, and monitoring of corporate and global control programs, and acts as a liaison between management, the Lines of Business, internal and external audit, and regulators.
• Have in depth knowledge of industry best practice and control guidance provided by NIST, CIS, DISA and others.
• Design and development of control settings requirements based on new and emerging technological solutions in a measurable way
• Ensure existing and new solutions are designed to be continuously compliant with company policies and standards
• Collaborate with team members and stakeholders on firm-mandated, cross-LOB, and regional audits
• Provide strategic drive for engagement efficiency, effectiveness and transparent, measurable, sustainable control improvements, including process enhancements and use of automated data collection techniques
This role requires a wide variety of strengths and capabilities, including:
• Detail oriented with ability to evaluate processes, controls and issues to determine the risks
• Understanding database security setting and base knowledge across database platforms
• Familiarity with CIS Benchmark and DISA STIG
• Base understanding of Agile and can work with at least one of the common frameworks
• Experience with implementation and oversight of technology risk and controls, coordination of activities for audits and assessing an IT controls environment
• Bachelor’s degree preferably in Computer Science or Information Technology or equivalent
• CISSP/CRISC/CISM or equivalent industry certifications is a plus
• Subject matter expert in database security
For Remote Database Security Engineer roles, visit Remote Database Security Engineer Roles
IT Security Analyst at Comtech Global Inc
Job Descriptionfamily:Calibri,sans-serif”>Role: IT Security Analystfamily:Calibri,sans-serif”>Location: Columbus, OHfamily:Calibri,sans-serif”>Duration: Long termfamily:Calibri,sans-serif”>Direct Clientfamily:Calibri,sans-serif”>Complete Descriptionfamily:Calibri,sans-serif”>SCOPE OF WORK summary:family:Calibri,sans-serif”>This position will be responsible for managing and overseeing Ohio Department of Medicaid (ODM) Office of Information & Technology Services (ITS) Security activities for Ohio Medicaid Enterprise Systems (OMES) modules, various ODM ITS projects, software development projects, IT infrastructure projects, and COTS product implementation; security framework and compliance, risk management and updating/writing agency policies. The position will function as a member of the ITS team.family:Calibri,sans-serif”>Responsibilities and Detailed Day-To-Day Job Duties to be performed: family:Calibri,sans-serif”>• Provides security oversight for ITS projects. family:Calibri,sans-serif”>• Analyzes security risks and plans controlsfamily:Calibri,sans-serif”>• Coordinate the implementation of Security Controlsfamily:Calibri,sans-serif”>• Collaborates and coordinates effort for OMES projects, monitoring, tracking, and reporting project progress when appropriate.family:Calibri,sans-serif”>• Provides overall direction, guidance, communication, and facilitation of assigned projects, including working with cross-functional teams at ODM, contracted vendor and external stakeholders (as required). family:Calibri,sans-serif”>• Creates, executes, and updates agency policies.family:Calibri,sans-serif”>• Schedules and facilitates meetings with business stakeholders (ODM, other state agencies, external entity users), ODM ITS, DAS/OIT and/or external system vendors.family:Calibri,sans-serif”>• Coordinates and manages work of both technical and business workstreams.family:Calibri,sans-serif”>• Ensure the protection of information/data systems.family:Calibri,sans-serif”>• Develop and implement safeguards for agency information/data systemsfamily:Calibri,sans-serif”>• Monitor vendors security processes and standardsfamily:Calibri,sans-serif”>• Monitors compliance with security policies and proceduresfamily:Calibri,sans-serif”>• Develop/implement risk managementfamily:Calibri,sans-serif”>• Educate staff and ensure security awareness through communications, notifications, and trainingfamily:Calibri,sans-serif”>• Other Security duties as assigned.family:Calibri,sans-serif”>REQUIRED Skill Sets: family:Calibri,sans-serif”>• Required Education: BS/BA degree or combination of education & experience.family:Calibri,sans-serif”>• 8+ years of experience as an Information Technology (IT) Security Analyst, experience working with security frameworks (NIST SP 800-53, ISO 27001, NERT, etc).family:Calibri,sans-serif”>• Experience with computer network penetration testing and techniquesfamily:Calibri,sans-serif”>• Proven ability to work in an ambiguous environment and collaborate across multiple areas to achieve a common business objective.family:Calibri,sans-serif”>• Excellent interpersonal and written/oral communication skills, including ability to negotiate compromise and demonstrate diplomacy in sensitive situations as well as interact effectively with peers and management across diverse cultures and fast-paced environment.family:Calibri,sans-serif”>DESIRED Skill Sets: family:Calibri,sans-serif”>• 10+ years Information Technology technical experience.family:Calibri,sans-serif”>• 1+ year procurement and vendor management experience.family:Calibri,sans-serif”>• Demonstrate effective leadership, analytical and problem-solving skills.family:Calibri,sans-serif”>• Recognize patterns and opportunities for improvement throughout the entire organization.family:Calibri,sans-serif”>• Establish facts and draw valid conclusions.
For Remote IT Security Analyst roles, visit Remote IT Security Analyst Roles