Fulltime Information Security Analyst openings in Columbus, Ohio on September 09, 2022

IT Security Analyst at Leidos

Location: Columbus

Description Job Description:

Leidos has a current job opportunity for a Cyber Security Analyst on the DISA GSM-O program in Columbus, OH.

POSITION SUMMARY:
This position provides 24×7 cybersecurity monitoring services for Department of Defense networks. This includes performing Real Time cyber threat intelligence analysis, correlating actionable security events, performing network traffic analysis using raw packet data, and participating in the coordination of resources during the incident response process. There are three available shifts where you can state your preference: 7am-3pm, 3pm-11pm, and 11pm-7am.

PRIMARY RESPONSIBILITIES:
• Review DoD and open source intelligence for threats.
• Identify Indicators of Compromise (IOCs) and integrate those into sensors and SIEMs.
• Triage alerts to identify malicious actors on customer networks.
• Assist T1 analysts with triage and analysis.
• Complete moderate-level cyber analysis of potential events.
• Report incidents to customers and USCYBERCOM.
• Motivated self-starter with strong written and verbal communication skills and the ability to create complex technical reports on analytic findings.

BASIC QUALIFICATIONS:
• Bachelor’s degree and 2+ years of prior relevant experience; additional work experience or Cyber courses/certifications may be substituted in lieu of degree.
• Demonstrated understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elements.
• Motivated self-starter with strong written and verbal communication skills, and the ability to create complex technical reports on analytic findings
• DoD 8570 IAT level II or higher certification such as CompTIA Security+ CE, ISC2 SSCP, SANS GSEC prior to starting.
• DoD 8570 CSSP-A level Certification such as CEH, CySA+, GCIA or other certification is required within 180 days of hire.
• Demonstrated commitment to training, self-study and maintaining proficiency in the technical cyber security domain and an ability to think and work independently
• Strong analytical and troubleshooting skills.
• Willing to perform shift work.
• Must be a US Citizen.
• Must have an active DoD Secret security clearance and be able to possess a Top-Secret w/SCI clearance.

PREFERRED QUALIFICATIONS:
• CND experience (Protect, Detect, Respond and Sustain) within a Computer Incident Response organization.
• Demonstrated understanding of the life cycle of network threats, attacks, attack vectors and methods of exploitation with an understanding of intrusion set tactics, techniques and procedures (TTPs).
• Advanced understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elements.
• Demonstrated hands-on experience analyzing high volumes of logs, network data (eg Netflow, Full Packet Capture), and other attack artifacts in support of incident investigations.
• In-depth knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform (eg ArcSight, Splunk, Nitro/McAfee Enterprise Security Manager, QRadar, LogLogic).
• Experience and proficiency with any of the following: Anti-Virus, HIPS/HBSS, IDS/IPS, Full Packet Capture, Network Forensics.
• Experience with malware analysis concepts and methods.
• Unix/Linux command line experience.
• Scripting and programming experience.
• Motivated self-starter with strong written and verbal communication skills, and the ability to create complex technical reports on analytic findings.
• Familiarity or experience in Intelligence Driven Defense and/or Cyber Kill Chain methodology.
• Existing 8570 CSSP Analyst Certifications (CEH), CySA+ etc. Pay Range: Pay Range $60,450.00 – $93,000.00 – $125,550.00

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.
Apply Here
For Remote IT Security Analyst roles, visit Remote IT Security Analyst Roles

********

Cyber Security Analyst at Leidos

Location: Columbus

Description

Job Description:

Leidos has a current job opportunity for a Cyber Security Analyst on the DISA GSM-O program in Columbus, OH.

POSITION SUMMARY:

This position provides 24×7 cybersecurity monitoring services for Department of Defense networks. This includes performing real-time cyber threat intelligence analysis, correlating actionable security events, performing network traffic analysis using raw packet data, and participating in the coordination of resources during the incident response process. There are three available shifts where you can state your preference: 7am-3pm, 3pm-11pm, and 11pm-7am.

PRIMARY RESPONSIBILITIES:

Review DoD and open source intelligence for threats.

Identify Indicators of Compromise (IOCs) and integrate those into sensors and SIEMs.

Triage alerts to identify malicious actors on customer networks.

Assist T1 analysts with triage and analysis.

Complete moderate-level cyber analysis of potential events.

Report incidents to customers and USCYBERCOM.

Motivated self-starter with strong written and verbal communication skills and the ability to create complex technical reports on analytic findings.

BASIC QUALIFICATIONS:

Bachelor’s degree and 2+ years of prior relevant experience; additional work experience or Cyber courses/certifications may be substituted in lieu of degree.

Demonstrated understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elements.

Motivated self-starter with strong written and verbal communication skills, and the ability to create complex technical reports on analytic findings

DoD 8570 IAT level II or higher certification such as CompTIA Security+ CE, ISC2 SSCP, SANS GSEC prior to starting.

DoD 8570 CSSP-A level Certification such as CEH, CySA+, GCIA or other certification is required within 180 days of hire.

Demonstrated commitment to training, self-study and maintaining proficiency in the technical cyber security domain and an ability to think and work independently

Strong analytical and troubleshooting skills.

Willing to perform shift work.

Must be a US Citizen.

Must have an active DoD Secret security clearance and be able to possess a Top-Secret w/ SCI clearance.

PREFERRED

QUALIFICATIONS:

CND experience (Protect, Detect, Respond and Sustain) within a Computer Incident Response organization.

Demonstrated understanding of the life cycle of network threats, attacks, ods of exploitation with an understanding of intrusion set tactics, techniques and procedures (TTPs).

Advanced understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elements.

Demonstrated hands-on experience analyzing high volumes of logs, network data (e.g. Netflow, Full Packet Capture), and other facts in support of incident investigations.

In-depth knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform (e.g. Arc Sight, Splunk, Nitro/McAfee Enterprise Security Manager, QRadar, Log Logic).

Experience and proficiency with any of the following:
Anti-Virus, HIPS/HBSS, IDS/IPS, Full Packet Capture, Network Forensics.

Experience with malware analysis concepts and methods.

Unix/Linux command line experience.

Scripting and programming experience.

Motivated self-starter with strong written and verbal communication skills, and the ability to create complex technical reports on analytic findings.

Familiarity or experience in Intelligence Driven Defense and/or Cyber Kill Chain methodology.

Existing 8570 CSSP Analyst Certifications (CEH), CySA+ etc.

Pay Range:

Pay Range $60,450.00 – $93,000.00 – $125,550.00

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.
Apply Here
For Remote Cyber Security Analyst roles, visit Remote Cyber Security Analyst Roles

********

Cybersecurity Consultant at SonicJobs

Location: Columbus

Position – Cybersecurity Consultant
Location – Columbus, OH (Hybrid)

EXP – 15+

JD

Develop business domain expertise to inform the cybersecurity and compliance risk management strategy

Assist with ODA ISD leadership team to establishing security roadmap, developing an effective strategy to assess and mitigate risk, establish appropriate standard and associated risk controls based in compliance with NIST 800-53.

Ensure technology risk impacting the business is effectively identified, quantified, communicated and managed, including recommendations for resolution and identifying the root cause/key themes.

Develops, implements, and maintains security controls, processes, and procedures to manage risk across all information system environments (infrastructure, network, and applications) with the assistance of the application and infrastructure management teams;

Establishes and maintains a security risk governance framework; publishes and disseminates security policies, standards, and supporting materials to reduce risk through security awareness with the assistance of the Director of Technology;

Determining how mainstream and emerging technologies can be safely and securely used to advance business strategy

Assist and direct organization in the daily execution of identifying, developing, implementing, and maintaining processes to reduce strategic business and information risks.

Develops overall Program plans, guidance, and procedures necessary to effectively execute diverse technical, administrative and program functions.

REQUIRED SKILLS:

4-year college degree or equivalent technical study

Proven experience leading and managing innovative teams of highly technical professionals 15+ years in privacy, security, or a related field

One or more Information Security Certifications preferred: CISSP, CSSLP, CISM, CCSP, GSLC, GSEC, CISA

Strong experience in developing cybersecurity roadmap and strategy

Demonstrate clear and concise writing, and verbal skills to communicate complex issues and solutions in simple terms to all levels of the organization

Strong experience in cybersecurity strategic planning, NIST compliance, CMMC or CMMI maturity models

Strong experience in Program Management or experience planning and leading a team to achieve a technical goal.

Demonstrated experience with collaborating in a highly matrixed environment which involves multiple internal and external stakeholders to gather data that enables prioritization and action

Experience with developing key metrics reports, tracking project, develop corrective action project plans as required Experience with developing key metrics reports, tracking project, develop corrective action project plans as required

Excellent analytical, project management and organizational skills with a keen attention to detail.

Solid analytical/problem-solving skills with the ability to identify solutions to unusual and complex problems.

Excellent written and verbal communication skills.

Position – Cybersecurity Consultant
Location – Columbus, OH (Hybrid)

EXP – 15+

JD

Develop business domain expertise to inform the cybersecurity and compliance risk management strategy

Assist with ODA ISD leadership team to establishing security roadmap, developing an effective strategy to assess and mitigate risk, establish appropriate standard and associated risk controls based in compliance with NIST 800-53.

Ensure technology risk impacting the business is effectively identified, quantified, communicated and managed, including recommendations for resolution and identifying the root cause/key themes.

Develops, implements, and maintains security controls, processes, and procedures to manage risk across all information system environments (infrastructure, network, and applications) with the assistance of the application and infrastructure management teams;

Establishes and maintains a security risk governance framework; publishes and disseminates security policies, standards, and supporting materials to reduce risk through security awareness with the assistance of the Director of Technology;

Determining how mainstream and emerging technologies can be safely and securely used to advance business strategy

Assist and direct organization in the daily execution of identifying, developing, implementing, and maintaining processes to reduce strategic business and information risks.

Develops overall Program plans, guidance, and procedures necessary to effectively execute diverse technical, administrative and program functions.

REQUIRED SKILLS:

4-year college degree or equivalent technical study

Proven experience leading and managing innovative teams of highly technical professionals 15+ years in privacy, security, or a related field

One or more Information Security Certifications preferred: CISSP, CSSLP, CISM, CCSP, GSLC, GSEC, CISA

Strong experience in developing cybersecurity roadmap and strategy

Demonstrate clear and concise writing, and verbal skills to communicate complex issues and solutions in simple terms to all levels of the organization

Strong experience in cybersecurity strategic planning, NIST compliance, CMMC or CMMI maturity models

Strong experience in Program Management or experience planning and leading a team to achieve a technical goal.

Demonstrated experience with collaborating in a highly matrixed environment which involves multiple internal and external stakeholders to gather data that enables prioritization and action

Experience with developing key metrics reports, tracking project, develop corrective action project plans as required Experience with developing key metrics reports, tracking project, develop corrective action project plans as required

Excellent analytical, project management and organizational skills with a keen attention to detail.

Solid analytical/problem-solving skills with the ability to identify solutions to unusual and complex problems.

Excellent written and verbal communication skills.
Apply Here
For Remote Cybersecurity Consultant roles, visit Remote Cybersecurity Consultant Roles

********

IT Security Analyst (remote) at BlueOrange Compliance

Location: Columbus

Remote Work Opportunity About us BlueOrange Compliance is a national provider of security and privacy risk assessments, analysis, corrective action plans and guidance to healthcare clients and business associates. We are looking for a high energy individual to complement our innovative and fast growing team! About this Position This position is responsible for evaluating client environment for compliance within recognized security frameworks and regulations.

While most of the duties are performed remotely, up to 25% travel is required. Essential Duties Work with healthcare clients to understand, assess, and analyze their technical infrastructure, configuration, and processes Analyze and evaluate client supporting documentation including administrative, technical, physical, and organizational controls Guide alignment of client technical environment with regulations and frameworks; Provide remediation strategies and project guidance Prepare for and participate in regular project calls Required Skills 2 -5 years’ experience with Microsoft Server based networks (or other common enterprise configurations) as an administrator or support provider of the network, security, servers or other systems Strong organizational skills Ability to organize and align tasks, time and resources Effective prioritization of project details against project timelines Strong quality and detail focus Excellent follow-up and follow-thru skills Excellent verbal and written communications skills Ability to develop and maintain positive relationships with our client partners and internal team Any of the following are a plus: 2 – 5 years’ experience in the information security field Computer security certification (CISSP, CISM, GIAC, Security+, CISA) Technical certification (Microsoft, Cisco, etc.) Familiarity with industry standards and frameworks (COBIT, ISO, NIST) Familiarity with security and privacy compliance regulations (HIPAA, PCI, NERC CIP, SOX) To be considered for this excellent new opportunity, please send a resume with salary history directly to joan.

elewski@blueorangecompliance.com Your response will be held in strictest confidence

Web Reference : AJF/425394674-764
Posted Date : Fri, 09 Sep 2022

To apply for this position you will complete an application form on another website provided by or on behalf of BlueOrange Compliance. Please note IT Jobs for ColU Fans is not responsible for the application process on any external website.
Apply Here
For Remote IT Security Analyst (remote) roles, visit Remote IT Security Analyst (remote) Roles

********

Sr. IAM Engineer at SonicJobs

Location: Columbus

Position: Sr. IAM Engineer

Location: Hybrid in Columbus, OH

Deadline: 8/31/22

Click here to Apply

The Ohio Department of Aging (ODA) is looking for an experienced, skilled, and motivated Sr. Identity Management Engineer to join the team. As Sr. Identity Management Engineer contractor, she or he is responsible for implementing, managing, support and troubleshoot ODA’s identity management, infrastructure, unified communication as well as managing system/application user accounts and access.

This position will function as a highly skilled Sr. Identity Management Engineer that include:

Install, configure, support, triage and troubleshoot ODA’s endpoints, infrastructure, and network connection.

Provide technical support for Microsoft Office 365, Microsoft Teams and other video conferencing tools.

Works closely with application and infrastructure team to design, develop, build, and deliver the future state Identity and Access Management (IAM) process and solutions.

Manage system and application user accounts and access.

Solid hands-on experience with Identity Management Platform and identity lifecycle

Work closely with internal and external users, and outside vendors to effectively provisioning and de-provisioning system/user accounts.

Ensures that solutions protect information resources against unauthorized use, inappropriate degrees of access, disclosure, damage and/or loss.

Designs reusable strategies, decisions, service components, libraries and frameworks to support Agency-level IAM services

Assists in evaluating and implementing IAM products and services required to meet business and technology requirements, which includes directory services (e.g., AD), identity federation (e.g., SAML, SSO and ADFS), Multi-Factor Authentication (MFA), and Identity Management (IdM)

Lead and test new applications and creates identify management workflows, rules, and reports based on business requirements

Creates documentation of process, guidelines, standards, technical specifications, as well as drawing network & system architecture diagrams

Strong presentation development and delivery skills

Work closely with other business units/organizations to implement and complete projects and tasks

Participates in assignments and projects with minimal direction from higher level resources

Provide network data collection to support application troubleshooting

Provide configuration recommendations and assistance to include troubleshooting and de-bugging support for implementation projects and initiatives.

Write and edit automation scripts to increase systems and task efficiency

Performs other duties as assigned

EXPERIENCE:

Excellent knowledge of Identity Management Platform

Excellent knowledge of Multi-Factor Authentication

Demonstrated experience in Identity and Access Management (IAM) concepts and associated technologies

Excellent knowledge of Contact Center infrastructure

Excellent knowledge of wireless access points, network administration and security concepts and technology

Strong knowledge of user account and access management and Identity Management Platform

Strong knowledge of helpdesk process and ticking system

Ability to drive results with a sense of urgency relative to the end user

Ability to work independently as well as with a team

Ability to break down required tasks in project deployment

Must have strong oral, written, and interpersonal communication skills

Exceptional analytical and conceptual thinking skills

Experience working with cross-functional teams

REQUIRED SKILLS:

4-year college degree or equivalent technical study

10+ years of system/server engineer experience

10+ years of Engineering and architectural experience in medium to large organization

10+ years of Microsoft Office Product supports

5+ years of SFTP and secure file transfer

Professional Certification in server, and/or network, and/or endpoint or is desired

Expertise in Single Sign-On (SSO), and Multi-Factor Authentication (MFA) and password less authentication technologies and products.

Experience with cryptography, encryption and related data protection concepts and technologies.

Experience with data modelling and both LDAP and relational data schema design and implementation.

Knowledge of global regulatory and privacy requirements as they relate to financial services enterprises.

Position: Sr. IAM Engineer

Location: Hybrid in Columbus, OH

Deadline: 8/31/22

Click here to Apply

The Ohio Department of Aging (ODA) is looking for an experienced, skilled, and motivated Sr. Identity Management Engineer to join the team. As Sr. Identity Management Engineer contractor, she or he is responsible for implementing, managing, support and troubleshoot ODA’s identity management, infrastructure, unified communication as well as managing system/application user accounts and access.

This position will function as a highly skilled Sr. Identity Management Engineer that include:

Install, configure, support, triage and troubleshoot ODA’s endpoints, infrastructure, and network connection.

Provide technical support for Microsoft Office 365, Microsoft Teams and other video conferencing tools.

Works closely with application and infrastructure team to design, develop, build, and deliver the future state Identity and Access Management (IAM) process and solutions.

Manage system and application user accounts and access.

Solid hands-on experience with Identity Management Platform and identity lifecycle

Work closely with internal and external users, and outside vendors to effectively provisioning and de-provisioning system/user accounts.

Ensures that solutions protect information resources against unauthorized use, inappropriate degrees of access, disclosure, damage and/or loss.

Designs reusable strategies, decisions, service components, libraries and frameworks to support Agency-level IAM services

Assists in evaluating and implementing IAM products and services required to meet business and technology requirements, which includes directory services (e.g., AD), identity federation (e.g., SAML, SSO and ADFS), Multi-Factor Authentication (MFA), and Identity Management (IdM)

Lead and test new applications and creates identify management workflows, rules, and reports based on business requirements

Creates documentation of process, guidelines, standards, technical specifications, as well as drawing network & system architecture diagrams

Strong presentation development and delivery skills

Work closely with other business units/organizations to implement and complete projects and tasks

Participates in assignments and projects with minimal direction from higher level resources

Provide network data collection to support application troubleshooting

Provide configuration recommendations and assistance to include troubleshooting and de-bugging support for implementation projects and initiatives.

Write and edit automation scripts to increase systems and task efficiency

Performs other duties as assigned

EXPERIENCE:

Excellent knowledge of Identity Management Platform

Excellent knowledge of Multi-Factor Authentication

Demonstrated experience in Identity and Access Management (IAM) concepts and associated technologies

Excellent knowledge of Contact Center infrastructure

Excellent knowledge of wireless access points, network administration and security concepts and technology

Strong knowledge of user account and access management and Identity Management Platform

Strong knowledge of helpdesk process and ticking system

Ability to drive results with a sense of urgency relative to the end user

Ability to work independently as well as with a team

Ability to break down required tasks in project deployment

Must have strong oral, written, and interpersonal communication skills

Exceptional analytical and conceptual thinking skills

Experience working with cross-functional teams

REQUIRED SKILLS:

4-year college degree or equivalent technical study

10+ years of system/server engineer experience

10+ years of Engineering and architectural experience in medium to large organization

10+ years of Microsoft Office Product supports

5+ years of SFTP and secure file transfer

Professional Certification in server, and/or network, and/or endpoint or is desired

Expertise in Single Sign-On (SSO), and Multi-Factor Authentication (MFA) and password less authentication technologies and products.

Experience with cryptography, encryption and related data protection concepts and technologies.

Experience with data modelling and both LDAP and relational data schema design and implementation.

Knowledge of global regulatory and privacy requirements as they relate to financial services enterprises.
Apply Here
For Remote Sr. IAM Engineer roles, visit Remote Sr. IAM Engineer Roles

********

IAM Engineer at SonicJobs

Location: Columbus

Title: IAM Engineer
THIS POSITION IS HYBRID (FEW DAYS IN A WEEK ONSITE)
Location: Columbus, OH
MANDATORY SKILLS:
• 12 years of system/server engineer experience
• 12 years of Engineering and architectural experience in medium to large organization
• Professional Certification in server, and/or network, and/or endpoint or is desired
• Expertise in Single Sign-On (SSO), and Multi-Factor Authentication (MFA)
• Experience with LDAP and relational data schema design and implementation.
JOB DESCRIPTION:

This position is looking for an experienced, skilled, and motivated Sr. Identity and Access Management Engineer to join the team. She or he is responsible for implementing, managing, supporting and troubleshooting client’s identity management, infrastructure as well as managing system/application user accounts and access.

EXPERIENCE:
• Excellent knowledge of Identity Management Platform (MIM preferred)
• Excellent knowledge of Multi-Factor Authentication (DUO preferred)
• Demonstrated experience in Identity and Access Management (IAM) concepts and associated technologies
• Excellent knowledge of network administration and security concepts and technology
• Strong knowledge of user account and access management and Identity Management Platform
• Strong knowledge of help desk process and ticking system (ServiceNow)
• Must have strong oral, written, and interpersonal communication skills
• Exceptional analytical and conceptual thinking skills

Title: IAM Engineer
THIS POSITION IS HYBRID (FEW DAYS IN A WEEK ONSITE)
Location: Columbus, OH
MANDATORY SKILLS:
• 12 years of system/server engineer experience
• 12 years of Engineering and architectural experience in medium to large organization
• Professional Certification in server, and/or network, and/or endpoint or is desired
• Expertise in Single Sign-On (SSO), and Multi-Factor Authentication (MFA)
• Experience with LDAP and relational data schema design and implementation.
JOB DESCRIPTION:

This position is looking for an experienced, skilled, and motivated Sr. Identity and Access Management Engineer to join the team. She or he is responsible for implementing, managing, supporting and troubleshooting client’s identity management, infrastructure as well as managing system/application user accounts and access.

EXPERIENCE:
• Excellent knowledge of Identity Management Platform (MIM preferred)
• Excellent knowledge of Multi-Factor Authentication (DUO preferred)
• Demonstrated experience in Identity and Access Management (IAM) concepts and associated technologies
• Excellent knowledge of network administration and security concepts and technology
• Strong knowledge of user account and access management and Identity Management Platform
• Strong knowledge of help desk process and ticking system (ServiceNow)
• Must have strong oral, written, and interpersonal communication skills
• Exceptional analytical and conceptual thinking skills
Apply Here
For Remote IAM Engineer roles, visit Remote IAM Engineer Roles

********

Senior IS Security Risk Analyst at Nationwide Children’s Hospital

Location: Columbus

The Security & Risk Senior Analyst is responsible for the development, implementation, maintenance and monitoring of the information security and risk program. The senior analyst is responsible for working with accountable teams and appropriate management to develop and implement effective information security capabilities.

Schedule: (Full-time, Benefits Eligible)

Why Nationwide Childrens Hospital?

The moment you walk through our doors, you feel it. When you meet our patient families, you believe it. And when you talk with anyone who works here, you want to be part of it. Welcome to Nationwide Children’s Hospital, Where Passion Meets Purpose.

Here, Diversity, Equity and Inclusion are integrated into our core values and practices. We are passionate about building, sustaining and evolving an inclusive and equitable environment. We are seeking individuals who live these values and want to share their experiences and efforts in support of our collective mission.

We’re 14,000 strong. And it takes every one of us to improve the lives of the kids we care for, and the kids around the world we’ll never meet. Kids who live healthier, fuller lives because of the knowledge we share. We know it takes a Collaborative Culture to deliver on our promise to provide the very best, innovative care and to foster new discoveries, made possible by the most groundbreaking research. Anywhere.

Ask anyone with a Nationwide Children’s badge what they do for a living. They’ll tell you it’s More Than a Job. It’s a calling. It’s a chance to use and grow your talent to make an impact that truly matters. Because here, we exist simply to help children everywhere.

Nationwide Children’s Hospital. A Place to Be Proud.

Responsibilities

Provides subject matter expertise on the development and maintenance of information security policies, standards and procedures.

Participates in the development and implementation of information security strategies, priorities and goals.

Oversees execution of information security processes including security assessment, incident response, third party risk management, vulnerability management reporting, security awareness training, and disaster recovery.

Provides subject matter expertise in the risk analysis process. Identifies and articulating risk and potential risk treatments with the goal of managing to acceptable levels of risk.

Effectively communicates with business owners to assist in making sound information security and risk decisions.

Leads information security and risk continuous process improvement initiatives.

Provides consultation to IS project teams in the design of systems and security components.

Provides project management related to the support and implementation of new risk and security initiatives.

Participates in cross functional teams for projects and operational processes that support information security initiatives.

Mentors junior staff in relation to information security and risk processes and procedures.

Monitors advancements in information security technologies and changes in industry trends and legislation.

KNOWLEDGE, SKILLS AND ABILITIES REQUIRED:

Education :

BS in Computer Science or equivalent experience required

Continues to stay actively involved in outside education advancement

Certifications :

CISSP or equivalent preferred

Experience :

6+ years of experience in IT;

4+ years in information security; experience in healthcare preferred
Apply Here
For Remote Senior IS Security Risk Analyst roles, visit Remote Senior IS Security Risk Analyst Roles

********

Cyber Security Advisor, GRC at OhioHealth

Location: Columbus

We are more than a health system. We are a belief system. We believe wellness and sickness are both part of a lifelong partnership, and that everyone could use an expert guide. We work hard, care deeply and reach further to help people uncover their own power to be healthy. We inspire hope. We learn, grow, and achieve more – in our careers and in our communities.

Job Description Summary:

The CyberSecurity Advisor designs security controls of high complexity and advises IT technology owners on security controls and approaches to ensure the security of the OhioHealth technology environment. In addition, the CyberSecurity Advisor will provide an escalation point for support teams.

Minimum Qualifications:

Bachelor’s Degree

SPECIALIZED KNOWLEDGE
• Working knowledge of layer 2 and 3 technologies
• Working knowledge of link state routing protocols, (OSPF, BGP, etc)
• Working knowledge of common security controls and associated industry standard controls and frameworks
• Working knowledge of system and application security threats and vulnerabilities (e. g. , buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).
• Knowledge of information assurance (IA) principles and organizational requirements to protect confidentiality, integrity, availability, authenticity, and non-repudiation of information and data.
• Knowledge of network protocols (e. g. , Transmission Critical Protocol/Internet Protocol [TCP/IP], Dynamic Host Configuration Protocol [DHCP], domain name Service (dNS))
• Working knowledge of Palo Alto, Checkpoint, Cisco Firewalls and networking devices
• Working knowledge of IaaS, SaaS, PaaS, and other cloud related cloud structures
• Working knowledge of Cloud Coding best practices
• Working knowledge of encryption methodologies.
• Working knowledge of Linux Operating System and Linux administration best practices
• Working knowledge of Windows Operating System and Windows administration best practices
• Working knowledge of regulatory and contractual compliance, including PCI, and HIPAA requirements for information systems, security and privacy.
• Knowledge of cyber threats and vulnerabilities.
• Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity. Knowledge of cybersecurity principles.
• Knowledge of information security principles and processes-
• Working knowledge of IT Risk Assessment techniques, tools, and methodologies
• Working knowledge of Identity Management (SSO, MFA)

Work Shift:

Day

Scheduled Weekly Hours :

40

Department

IS Security Engineering

Join us
… if your passion is to work in a caring environment
… if you believe that learning is a life-long process
… if you strive for excellence and want to be among the best in the healthcare industry

Equal Employment Opportunity

OhioHealth is an equal opportunity employer and fully supports and maintains compliance with all state, federal, and local regulations. OhioHealth does not discriminate against associates or applicants because of race, color, genetic information, religion, sex, sexual orientation, gender identity or expression, age, ancestry, national origin, veteran status, military status, pregnancy, disability, marital status, familial status, or other characteristics protected by law. Equal employment is extended to all person in all aspects of the associate-employer relationship including recruitment, hiring, training, promotion, transfer, compensation, discipline, reduction in staff, termination, assignment of benefits, and any other term or condition of employment

DIVERSITY AND EQUAL EMPLOYMENT OPPORTUNITY OhioHealth actively promotes diversity in our workforce at all levels of the organization. We are committed to providing an inclusive work environment where everyone is treated with fairness, dignity and respect. We will make ourselves accountable to one another for the manner in which we treat one another and for the manner in which people around us are treated. We are committed to recruiting and retaining a diverse staff reflective of the patients and communities we serve. We regard laws, regulations and policies relating to diversity as a minimum standard. We strive to create and maintain a setting in which we celebrate cultural and other differences and consider them core strengths of OhioHealth. OhioHealth is an equal opportunity workforce and no one shall discriminate against any individual with regard to race, color, religion, sex, national origin, ancestry, age, disability, sexual preference, veteran status, pregnancy or other characteristics protected by law, with respect to any offer, term or condition of employment. We make reasonable accommodations to the known physical and mental limitations of qualified individuals with disabilities It is the responsibility of every person working within OhioHealth, in any capacity, to support and comply with OhioHealth’s policy of equal opportunity employment.
Apply Here
For Remote Cyber Security Advisor, GRC roles, visit Remote Cyber Security Advisor, GRC Roles

********

Cyber Analyst at GAF

Location: Columbus

Come Build Your Career Under OUR Roof

Job Description:

The Cyber Analyst will report to the Director of Cybersecurity.

What Part Will You Play?
• This Cyber Analyst will be part of the Global Cyber Security Team tasked with supporting the Global Application Security and Vulnerability Program
• S/he will be developing Key Performance Indicators for Vulnerability Management, coordinating scanning schedules and reporting on remediation activities

What Will You Be Doing?
• This individual will ensure that vulnerabilities (infrastructure, network and endpoint) are properly identified and remediated in a timely manner in accordance with the established SLAs and with the goal of keeping GAF’s application portfolio secure.
• Partnering with the Global Cyber Security Team and IT infrastructure professionals to assess potential impact and likelihood of application vulnerabilities and prioritize remediation activities
• Driving program maturity, reducing the time to vulnerability remediation by integrating technology platforms and automating processes

What Do We Require From You?
• Knowledge of industry standards relating to Vulnerability Management including:
• Common Vulnerabilities and Exposures (CVEs),
• Common Vulnerability Scoring System (CVSS),
• Open Web Application Security Project (OWASP)
• Strong written and verbal communication skills with the ability to collaborate through all parts of the business.
• Establish rapport and credibility with key stakeholders for effective oversight of remediation activities

Responsibilities:

The Cyber Analyst’s job is composed of a variety of activities, centered primarily around improving overall vulnerability management security posture:
• Lead the execution of vulnerability detection capabilities for on-premise and cloud environments
• Partner with the Cybersecurity Operations team to deliver shared outcomes that improve effectiveness to detect and respond to vulnerabilities and threats
• Perform application security assessments (dynamic application security testing) for new and existing applications
• Work with the security architecture and engineering teams to develop and implement controls and configurations aligned with security policies and report key performance metrics.
• Provide metrics reporting the state of the vulnerability management program and the performance of stakeholders against requirements

LEVEL BASED COMPETENCIES:
• Good verbal, written and interpersonal communication skills
• Detailed knowledge of the Vulnerability Management life-cycle including vulnerability identification, false negative/positive identification, and elimination
• Experience developing and maintaining policies, procedures, standards and guidelines.
• Knowledge of:
• deployment in cloud environments: Azure, GCP (preferred), AWS, etc
• bonus points for containerization
• vulnerability management tools: Qualys, Nessus, Rapid7, etc
• OWASP Top 10 (Open Web Application Security Project)
• Cyber Security frameworks: MITRE ATT&CK, NIST, etc
• Excellent analytical and organizational skills
• Previous experience in an information security role, preferably vulnerability management.
• A bachelor’s degree in information systems or equivalent work experience

Dimensions

No of direct reports: 0

No of indirect reports: n/a

Budget Responsibility: no

Travel Requirements: 10%

GAF is an equal opportunity employer.

We are taking a responsible approach to creating environments that allow us to do what we do best – Protect what matters most.

As part of our commitment to health and safety, COVID-19 vaccines are required for all candidates and employees in this position. Proof of vaccination is required. Should you require accommodation for medical or religious needs, GAF will engage in an interactive process with you to determine if a reasonable accommodation can be provided in accordance with applicable state and federal law.

We believe our employees are our greatest resource. We offer competitive salary, benefits, 401k, and vacation packages for all full time permanent positions. We are proud to be an equal opportunity workplace and GAF, Standard Logistics, SGI, and Siplast are proud to be affirmative action employers. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, or Veteran status. If you have a disability or special need that requires accommodation, please let us know. If applying for positions in the U.S., must be eligible to work in the U.S. without need for employer sponsored visa (work permit).

With 130+ years in the industry, GAF is the leading roofing manufacturer in North America. As a member of the Standard Industries family of companies, we are also part of the largest roofing and waterproofing business in the world.

Our communities help give our work meaning and the products we manufacture help protect what matters most. The shingles help to shelter the families living in the homes in our towns. The TPO helps protect what is under that hospital’s roof. In addition to quality products, we make sure they are installed by quality craftsmen and women. The full GAF portfolio of solutions is supported by an extensive national network of factory-certified contractors.

GAF continues to be the leader in quality and offers comprehensive warranty protection on its products and systems. Our success is driven by a commitment to empowering our people to deliver advanced quality and purposeful innovation and the desire to protect what matters most. ?
Apply Here
For Remote Cyber Analyst roles, visit Remote Cyber Analyst Roles

********

Senior Security Administrator at SonicJobs

Location: Columbus

Manifest Solutions is currently seeking a Senior Security Administrator for a position in Columbus, OH.
• Installs, administers, and troubleshoots network and system security solutions.
• Updates organizational software with the latest security patches and ensures the proper defenses are present for each network resource.
• Performs vulnerability and penetration tests, identifies and defends against threats, and develops disaster recovery plans.
• Configures security systems, analyzes security requirements, and recommends improvements.
• Monitors network traffic for suspicious behavior.
• Creates network policies and authorization roles and defends against unauthorized access,modifications, and destruction.
• Consults with team members and executives about the best security practices and provides technical advice.
• Configures and supports security tools, such as firewalls and anti-virus software.
• Implements email security standards such as DKIM, SPF and DMARC.
• Trains and maintains team member knowledge surrounding how to use and follow security protocols.
• Provides a secure environment by implementing policies and controls to manage and mitigate risks
• Completes other projects as directed or assigned

Preferred Education and Experience
• Bachelor’s degree in Computer Science or Information Technology or equivalent work experience preferred.
• A minimum of five (5) years of previous professional work experience in a security administrator role or a combination of education and/or experience.
• Experience with Amazon Web Services (AWS) in an enterprise environment is required.
• Knowledge of PKI systems (Certificates & Certificate Authorities) is required.
• Candidates must have a passion for Information Technology and have strong customer service skills.
• Candidates must possess strong analytical and problem-solving skills

Manifest Solutions is currently seeking a Senior Security Administrator for a position in Columbus, OH.
• Installs, administers, and troubleshoots network and system security solutions.
• Updates organizational software with the latest security patches and ensures the proper defenses are present for each network resource.
• Performs vulnerability and penetration tests, identifies and defends against threats, and develops disaster recovery plans.
• Configures security systems, analyzes security requirements, and recommends improvements.
• Monitors network traffic for suspicious behavior.
• Creates network policies and authorization roles and defends against unauthorized access,modifications, and destruction.
• Consults with team members and executives about the best security practices and provides technical advice.
• Configures and supports security tools, such as firewalls and anti-virus software.
• Implements email security standards such as DKIM, SPF and DMARC.
• Trains and maintains team member knowledge surrounding how to use and follow security protocols.
• Provides a secure environment by implementing policies and controls to manage and mitigate risks
• Completes other projects as directed or assigned

Preferred Education and Experience
• Bachelor’s degree in Computer Science or Information Technology or equivalent work experience preferred.
• A minimum of five (5) years of previous professional work experience in a security administrator role or a combination of education and/or experience.
• Experience with Amazon Web Services (AWS) in an enterprise environment is required.
• Knowledge of PKI systems (Certificates & Certificate Authorities) is required.
• Candidates must have a passion for Information Technology and have strong customer service skills.
• Candidates must possess strong analytical and problem-solving skills
Apply Here
For Remote Senior Security Administrator roles, visit Remote Senior Security Administrator Roles

********

The Tech Career Guru
We will be happy to hear your thoughts

Leave a reply

Tech Jobs Here
Logo