Job Summary: 

• Provide expertise and technical leadership while collaborating with security, compliance, product managers, and developers to improve the security of applications, software code, and infrastructure
• Develop and manage security policies, procedures, standards, and best practices
• Evaluate the implementation of technical controls for efficacy and compliance with established policy and best practices
• Monitor networks for security breaches and investigate a violation when one occurs
• Report on security breaches and the extent of the damage caused by the breaches
• Conduct tests and scans of technical infrastructure and systems to identify technical vulnerabilities
• Respond to information security, privacy, and compliance inquiries
• Participate in the certification process for security and privacy-related regulations or standards
• Assist with communication and awareness efforts with internal audiences as they relate to security and privacy
• Collaborate with contractors, assisting with the execution of any related work efforts

Skills on Resume:

• Application Security (Hard Skills)
• Policy Management (Hard Skills)
• Compliance Knowledge (Hard Skills)
• Network Monitoring (Hard Skills)
• Incident Response (Hard Skills)
• Vulnerability Testing (Hard Skills)
• Collaboration (Soft Skills)
• Communication (Soft Skills)

Job Summary: 

• Audit network, user, file changes such as updates, deletion, additions and moving
• Monitor cloud Infrastructure for potential threats, changes and policy implications
• Assist and monitor penetration testing of current digital assets in all environments
• Define alerts and alert content
• Perform risk analysis to identify any security issues that could lead to lost or stolen data
• Monitor current security alerts to patch software such as operating systems, databases, and libraries with the latest versions
• Participate in both the Product CIRT team as well as the incident response process
• Identify potential security breaches and take action to prevent them in the future
• Implement technical security controls to protect users, systems, and data
• Monitor Endpoints, Network traffic, User access and authentication for security threats
• Participate in change control monitoring in support of production
• Analyze IT requirements and provide objective advice on the use of IT security requirements
• Validate threat intelligence feeds and reports for Devo and customer domains
• Test and evaluate new technologies, curiosity and an appetite for both solving problems and defining coverage to prevent them from appearing again

Skills on Resume:

• Network Auditing (Hard Skills)
• Cloud Monitoring (Hard Skills)
• Penetration Testing (Hard Skills)
• Risk Analysis (Hard Skills)
• Incident Response (Hard Skills)
• Threat Detection (Hard Skills)
• Problem Solving (Soft Skills)
• Analytical Thinking (Soft Skills)

Job Summary: 

• Analyze information systems, and their supporting IT infrastructure (Operating Systems, Databases and Network Devices), to identify risks and points for improvements
• Participate in understanding of clients’ processes and procedures in various industries
• Use knowledge of the current IT environment and industry IT trends to identify the engagement and client issues
• Serve as a key resource in delivering quality client services on IT control projects and attestation engagements
• Apply EY key principles, practices and techniques
• Engage in constant communication with clients’ personnel
• Document the outcome of the work performed
• Communicate work status and issues to the team on a timely basis
• Focused on providing information security consulting to the business and IT clients
• Accountable for information security risk assessments
• Leads security awareness activities
• Conducts threat analysis, including researching evolving threats and providing recommendations
• Develops and conducts vulnerability assessments, penetration tests and documents findings in reports
• Work collaboratively in an unconventional and non/linear way to problem solve unique solutions
• Be customer-focused and delivery-oriented to drive change in ambiguous situations
• Work proactively with internal clients to understand their needs and deliver creative solutions

Skills on Resume:

• System Analysis (Hard Skills)
• Risk Assessment (Hard Skills)
• Vulnerability Testing (Hard Skills)
• Threat Analysis (Hard Skills)
• Client Engagement (Soft Skills)
• Security Consulting (Hard Skills)
• Communication (Soft Skills)
• Problem Solving (Soft Skills)

Job Summary: 

• Work with Kemper’s business and IT partners to ensure that security controls are managed and maintained in line with Kemper’s Information Security Program
• Support management’s monthly reporting by analyzing and reporting on IT security controls and risk exposure
• Confirm that all applicable regulatory requirements are addressed, and security controls are managed and maintained
• Assess and continuously monitor the appropriateness and effectiveness of security measures and recommend enhancements in line with Kemper’s Security Controls Framework and regulatory requirements
• Perform information security risk evaluations on reported IT issues
• Advise and guide the business and IT partners on the appropriateness of security measures to mitigate risk and reduce risk exposure
• Provide expert guidance to IT and business counterparts on the identification, analysis, evaluation, and treatment of the information security risks
• Coordinate the information security assessments of the Company's critical projects
• Coordinate and conduct the information security due diligence of the suppliers
• Support the IT systems and services assessment against the Company requirements in the Information Technology
• Security and Data Privacy domains
• Conduct information security training and awareness campaigns

Skills on Resume:

• Security Controls (Hard Skills)
• Risk Evaluation (Hard Skills)
• Regulatory Compliance (Hard Skills)
• Risk Mitigation (Hard Skills)
• Security Assessment (Hard Skills)
• Supplier Due Diligence (Hard Skills)
• Guidance (Soft Skills)
• Training Delivery (Soft Skills)

Job Summary: 

• Oversee threat and vulnerability assessment and provide subject matter expertise on appropriate threat mitigation
• Provide, track and report security requirements throughout the project life cycle of all projects
• Guiding data protection based on data sensitivity and associated business risk
• Collaborate with senior management stakeholders 
• Identify requirements and drive compliance with approved standards
• Guide the effective implementation of policies, standards, procedures, and technical guidance to protect systems, personnel, and information
• Performs cyber incident trend analysis and reporting
• Support system installation and configuration maintenance
• Continuously update all documentation
• Develop information security standards, policies, procedures, and best practices
• Implement security measures and perform application security assessments
• Perform vendor security assessments
• Deliver security awareness training
• Assesses the appropriateness and effectiveness of security measures, and recommends enhancements
• Research the latest information security trends and emerging threats
• Support the information security program's mission by completing related tasks

Skills on Resume:

• Threat Mitigation (Hard Skills)
• Data Protection (Hard Skills)
• Compliance Management (Hard Skills)
• Policy Development (Hard Skills)
• Incident Analysis (Hard Skills)
• Application Security (Hard Skills)
• Vendor Assessment (Hard Skills)
• Stakeholder Collaboration (Soft Skills)

Job Summary: 

• Works with limited supervision and oversees the installation, configuration, and maintenance of security-related information systems
• Monitors and provides advice on information security issues related to the systems and workflow
• Ensure the internal security controls for the business are appropriate
• Serves as a team member for projects/programs within a defined area of responsibility and/or on a cross-functional team
• Supports day-to-day administration of various security-related infrastructure solutions including Firewalls, VPN, LAN / WAN equipment, Anti-Virus, Encryption, and related services
• Identifies, diagnoses, and resolves network and security problems
• Prepares status reports on security matters to develop security risk analysis scenarios and response procedures
• Resolves security-related and assigned work tasks
• Proactively assesses potential items of risk and opportunities of vulnerability in the network
• Creates and maintains comprehensive documentation for all implemented networks
• Configures, implements, tests, and maintains Anti-Virus, IDS, and related services
• Coordinates and executes security projects
• Coordinates response to information security incidents
• Assists with the development and publishing of Information Security policies, procedures, standards, and guidelines based on knowledge of best practices and compliance requirements
• Collaborates with IT management, the Law department, Safety and Security, and law enforcement agencies to manage security vulnerabilities
• Conducts security research to stay abreast of current security issues

Skills on Resume:

• System Administration (Hard Skills)
• Network Security (Hard Skills)
• Firewall Management (Hard Skills)
• Risk Analysis (Hard Skills)
• Incident Response (Hard Skills)
• Policy Development (Hard Skills)
• Problem Solving (Soft Skills)
• Cross-Functional Collaboration (Soft Skills)

Job Summary: 

• Works daily and collaborates with MSSP and Firm TSS teams to monitor, identify, and resolve risks and anomalous and/or suspicious activity from log analysis or daily/weekly/monthly reports, and follow up on alerts generated
• Assists in providing first-level support and analysis during and after a security incident
• Researches and assesses new threats and vulnerabilities, and recommends and takes actions to mitigate risk
• Performs regular checking of security systems for updates, performance, and availability, and conducts disciplined testing of technical controls
• Collaborates on IT and security projects to ensure that security issues are addressed throughout the project life cycle
• Works closely with other information security team members to respond to and improve incident remediation plans
• Regular and close collaboration with the Infrastructure team
• Advises TSS management on issues concerning residual risk, vulnerabilities, and other security exposures, including misuse of information assets and policy noncompliance
• Assists in developing security processes and procedures, and supports service-level agreements (SLAs)
• Performs vulnerability assessments to identify control weaknesses and assess the effectiveness of existing controls, and recommends remedial action
• Proactively identifies and recommends improvements to the Vulnerability Management program and related processes, including report generation and consumption
• Plays a supporting role in the execution of risk assessment activities, analyzing the results of audits (performed by other groups) to produce recommendations of acceptable risk and risk mitigation strategies

Skills on Resume:

• Log Analysis (Hard Skills)
• Incident Support (Hard Skills)
• Threat Research (Hard Skills)
• Control Testing (Hard Skills)
• Vulnerability Assessment (Hard Skills)
• Risk Mitigation (Hard Skills)
• Team Collaboration (Soft Skills)
• Process Improvement (Soft Skills)

Job Summary: 

• Assist with the development and implementation of the cybersecurity framework, programs, policies, and procedures
• Assist with the design, implementation, and management of the cybersecurity incident response plan and execution
• Assist with the development of processes and procedures to ensure compliance with information security standards
• Assist with the periodic audits of information security policies
• Assist with the design and implementation of IT security systems to protect against cybersecurity attacks
• Assist with the development of organization-wide IT security best practices
• Implement and maintain information security and monitoring technologies
• Participate in application and system implementations, and business integration projects
• Assist with review of applications and system architectures, providing information security guidance to software engineering and infrastructure teams
• Assist with the evaluation of emerging cybersecurity trends and threats, and the implementation of effective security controls to mitigate risks
• Assist with the development and management of the security awareness and training program
• Assist with third-party vendor security risk assessments
• Identify and assess potential security risks, and recommend possible solutions
• Execute periodic internal and external vulnerability scans, and assess the level of risk
• Conduct periodic technical assessments and provide recommendations for corrective actions for all findings and vulnerabilities
• Assist with the execution of security enhancements and remediation projects
• Work with software engineering and infrastructure to mitigate and remediate security vulnerabilities

Skills on Resume:

• Cybersecurity Framework (Hard Skills)
• Incident Response (Hard Skills)
• Compliance Auditing (Hard Skills)
• IT Security Design (Hard Skills)
• Vulnerability Scanning (Hard Skills)
• Risk Assessment (Hard Skills)
• Security Awareness (Soft Skills)
• Vendor Assessment (Hard Skills)

Job Summary: 

• Manage day-to-day and ongoing technical compliance measures, including firewalls, vulnerability monitoring, access controls, and infrastructure security initiatives
• Assist in the development, implementation, and review of security-related policies and procedures
• Serve as the primary interface between external and internal auditors for the Technology department,
• Responding to all technical-related evidence requests from auditors
• Serve as the technical resource for security assessments and Requests for Proposals
• Ensure the technology team is trained on the change management process, and monitor compliance with the process
• Conduct regular internal audits of production to be compliant with processes and procedures, and communicate to stakeholders on non-adherence
• Conduct regular vulnerability assessment reviews, and develop, track, and execute a plan to remediate any actions identified during reviews
• Manage audit logging and monitoring of the platform database
• Stay current with industry trends, threats and remediations for a proactive security posture for Unite Us
• Gather feedback from end-users to continue to improve systems
• Design, analyze and implement efficient technological security systems

Skills on Resume:

• Compliance Management (Hard Skills)
• Access Controls (Hard Skills)
• Audit Coordination (Hard Skills)
• Security Assessment (Hard Skills)
• Change Management (Hard Skills)
• Vulnerability Review (Hard Skills)
• Stakeholder Communication (Soft Skills)
• System Improvement (Soft Skills)

Job Summary: 

• Review and evaluate computer equipment and network architecture in an effort to ensure optimized digital security
• Identify areas of potential risk and develop plans and procedures to mitigate those risks
• Coordinate with system administrators to ensure computer systems are maintained and comply with basic security standards
• Create and update access control matrices for applications, databases, servers, and underlying infrastructure
• Identify possible dangerous combinations of roles in different assets that can lead to malicious activities
• Ensure approval from relevant asset owners for all access matrices
• Ensure proper review from timeline perspective, according to the Minimum Standard
• Ensure adequate data quality based on the information provided by each asset
• Partner with the business and IT stakeholders to ensure that IT security and data privacy risks are clearly articulated in a manner that is understood by business and technology audiences
• Oversee IT systems risk assessments and control validation
• Assist in coordinating stakeholders to socialize and drive change regarding IT compliance, IT risk management, and data privacy
• Assist in vendor due diligence, questionnaires, and contracts
• Provide security architectural advice and guidance
• Provide threat and vulnerability management oversight and communicate threat and vulnerability observations clearly to leaders and subject matter experts, properly relaying risk factors
• Initiate, facilitate, and promote activities to create information security awareness within the company
• Prepare IT security reports, trackers, and dashboards

Skills on Resume:

• Network Security (Hard Skills)
• Risk Mitigation (Hard Skills)
• Access Control (Hard Skills)
• Data Quality (Hard Skills)
• Risk Assessment (Hard Skills)
• Vendor Due Diligence (Hard Skills)
• Security Awareness (Soft Skills)
• Stakeholder Engagement (Soft Skills)

Job Summary: 

• Use automated and manual tools to monitor assigned environments and/or technical assets and detect behavior outside of established standards
• Partner with other support teams and vendors to resolve problems
• Escalate key security issues to the appropriate team(s)
• Monitor compliance with information security policies and practices and any applicable security regulations
• Assist with internal and external security risk assessments, risk analysis, and application or system-level vulnerability testing
• Monitor and document vendor compliance with Bio-Techne's security requirements
• Assist with the research, development, implementation, and continuous improvement of security policies, procedures, standards, and processes based on compliance requirements and industry best practices
• Document the Bio-Techne information security requirements, processes, and procedures
• Enforce information security policies and procedures by reviewing security violation reports, investigating possible security exceptions, and documenting security controls
• Work with senior technical staff to validate and track security breaches, along with substantial threats to Bio-Techne’s information, while still allowing for appropriate access and business processes
• Coordinate responses to information security incidents
• Work to reduce information security risks by effectively administering the information security processes across vulnerability scanning, anomaly detection, intrusion detection, security policy, and forensic functions
• Work with end-users and end-user computing staff to review suspected cybersecurity incidents, reinforce training on cybersecurity best practices and assist in resolving situations where cybersecurity exceptions are requested

Skills on Resume:

• Security Monitoring (Hard Skills)
• Compliance Tracking (Hard Skills)
• Risk Analysis (Hard Skills)
• Vulnerability Testing (Hard Skills)
• Incident Coordination (Hard Skills)
• Vendor Compliance (Hard Skills)
• Policy Enforcement (Hard Skills)
• Team Collaboration (Soft Skills)

Job Summary: 

• Assist in the execution of the cybersecurity education and awareness program
• Partnering across the ESS Outreach team to execute monthly employee phishing tests and associated follow-up reports
• Gathering metrics from various systems to create various ESS reports
• Provide accurate and timely delivery of ESS reports
• Provide suggestions for continuous improvement of processes
• Documenting various processes and procedures for ESS reports and the SE&A program
• Maintain the vulnerability management program (configuration of scans, reporting, and assist system owners on patching procedures)
• Monitor alerts from security tools 
• Administer security tools (SIEM, AV, Web filter, firewall, vulnerability scanner, etc.) and augment detection capabilities within the tools
• Participate in incident response procedures
• Maintain accurate documentation of security tools and procedures
• Creation of security awareness campaigns/training

Skills on Resume:

• Security Awareness (Soft Skills)
• Phishing Testing (Hard Skills)
• Report Generation (Hard Skills)
• Process Improvement (Soft Skills)
• Vulnerability Management (Hard Skills)
• Security Monitoring (Hard Skills)
• Tool Administration (Hard Skills)
• Incident Response (Hard Skills)

Job Summary: 

• Participate in the development of the annual IT Risk and Governance design
• Develop and implement internal policies and procedure documents to support IT compliance initiatives
• Analyze the IT environment to evaluate application and infrastructure risks and controls
• Coordinate, execute and manage the assessment and reporting phases for multiple concurrent IT Risk and Third Party Assessments
• Design, review and approve tests that identify IT Risks, and provide strategic recommendations to enhance business operations
• Present risks to senior management and negotiate suggested action plans
• Promote a risk-aware culture
• Ensure efficient and effective risk and compliance management practices by adhering to required standards and practices
• Participate in a primary capacity in supporting compliance and regulatory activities, including PCI, SSAE16, Regulatory, Sarbanes-Oxley (SOX 404), ISO27001/9001
• Manage the ongoing effectiveness of information security controls (automated, manual, and needing development)
• Working with a variety of control owners within the Information, Security and Technology organizations, and evaluating control design and standards in a variety of program areas
• Support business initiatives with respect to resilience and Disaster Recovery and BIA
• Conduct research and make recommendations on products, services, protocols and standards in support of procurement and development efforts
• Develop, implement and maintain change control and testing processes for service, application and infrastructure modifications
• Establish appropriate end-user access controls, best practices and perform transaction and security assessments
• Maintain up-to-date knowledge of the FinTech and Payments Industry and IT developments
• Build and maintain strong internal relationships by demonstrating detailed knowledge of the client’s business environment
• Maintain and increase personal knowledge of the Bottomline solutions and services to enable better execution of the role

Skills on Resume:

• Risk Governance (Hard Skills)
• Policy Development (Hard Skills)
• Risk Assessment (Hard Skills)
• Third-Party Assessment (Hard Skills)
• Compliance Management (Hard Skills)
• Disaster Recovery (Hard Skills)
• Regulatory Knowledge (Hard Skills)
• Stakeholder Communication (Soft Skills)

Job Summary: 

• Serve as a security expert on change programmes, providing guidance and support to enable change delivery teams to comply with enterprise and technology security policies, industry regulations and best practices
• Analyse security needs based on the sensitivity or proprietary nature of the data, business and technology functional and non-functional requirements
• Work with the appropriate teams to develop and execute new or existing security technologies or processes
• Conduct risk analysis and contribute to the prioritisation of information security initiatives based on risk and business need
• Vulnerability management monitoring, review and follow-up
• Supervise current and trending remediation efforts
• Report to customers on the security status of the environment, including trend analysis, remediation efforts, and newly discovered vulnerabilities
• Frequently document and communicate product security risks, collaborating with internal and external partners
• Serve as a technical specialist for analysing and identifying security vulnerabilities in web applications, operating systems, and networks
• Review security events that are populated in a Security Information and Event Management (SIEM) system to develop accurate remediation actions
• Review, respond, and build alerts
• Conduct proactive threat research using real-world security data and systems automation

Skills on Resume:

• Security Guidance (Soft Skills)
• Risk Analysis (Hard Skills)
• Vulnerability Management (Hard Skills)
• Remediation Oversight (Hard Skills)
• Security Reporting (Hard Skills)
• SIEM Monitoring (Hard Skills)
• Threat Research (Hard Skills)
• Collaboration (Soft Skills)

Job Summary: 

• Works with managed security service providers to analyse and respond to security events
• Supports IT service delivery teams to resolve security-related tickets
• Ensures appropriate secure access to resources across technology environments to meet compliance requirements
• Provides training and support to regional IT teams to support security operations
• Supports E-Discovery and forensic computer examination for legal disclosures
• Supports the vulnerability management program to ensure IT performs appropriate remediations
• Conducts information security investigations and breach management activities utilizing approved processes and techniques on electronic audits, security logs review, and to gather forensic evidence
• Maintains clear, concise, objective and complete documentation regarding all details of information security breaches and investigations
• Ensure actions taken to contain and remediate these events are formally recorded
• Monitors and maintains security tracking tools and associated databases
• Prepares reports and presentations on metrics and risk trends
• Conducts security, vulnerability, and risks assessments related to the information security features of the systems, networks, and related administrative activities
• Develops reports and recommends mitigation strategies
• Responds to and manages customer security-related requests based on risk and urgency analysis to ensure appropriate prioritization and timely response to high-priority events

Skills on Resume:

• Security Event Analysis (Hard Skills)
• Access Management (Hard Skills)
• Vulnerability Management (Hard Skills)
• Forensic Investigation (Hard Skills)
• Incident Management (Hard Skills)
• Report Preparation (Hard Skills)
• Training Support (Soft Skills)
• Risk Assessment (Hard Skills)

Job Summary: 

• Assist with adherence to regulatory requirements regarding the development, implementation, and maintenance of the firm's Information Security Program
• Protect against unauthorized access, disclosure, modification, or destruction of information assets and data
• Support in reviewing, updating, and enforcing policies and procedures to ensure compliance and data security
• Monitor various security tools and systems, including but not limited to Security Incident and Event Management (SIEM), security logs and exceptions reports, firewall reports, patch management, encryption, and detect and investigate violations and security exposures
• Conduct vulnerability scanning and assessments, research and assess potential threats, report potential issues, and assist with remediation activities
• Assist with implementing and monitoring security measures to protect computer systems, networks, and information
• Review information security tools and controls to ensure optimal efficiency and adherence to information security standards
• Assist with information security risk assessment to identify exposures, assess mitigating controls, and recommend/implement action plans to minimize risk
• Assist in performing User Access Reviews, controls testing, and track and recommend mitigating actions
• Work with IT to investigate, resolve and respond to all information security incidents
• Assist in reviewing SOC/SSAE-16 reports, DR plans, test results, and conduct vendor security assessments
• Assist with developing and implementing a security awareness program to improve the firm's security posture
• Monitor threat intelligence feeds and subscriptions for applicable threats to the firm
• Support internal and external auditors during reviews and assist in addressing audit recommendations
• Support the overall security of the environment by keeping up to date with laws and regulations, cybercrime, security threats, and trends
• Adhere to confidentiality policy, code of ethics, other firm policies/procedures, and compliance policies/procedures

Skills on Resume:

• Regulatory Compliance (Hard Skills)
• Policy Enforcement (Hard Skills)
• SIEM Monitoring (Hard Skills)
• Vulnerability Scanning (Hard Skills)
• Risk Assessment (Hard Skills)
• Access Review (Hard Skills)
• Incident Response (Hard Skills)
• Security Awareness (Soft Skills)

Job Summary: 

• Engage Engineering leaders across SCB Group to ensure that technology risks are understood and managed in line with group policies
• Support new technology initiatives through incorporating and representing risk requirements and liaising with Tech Risk SME's 
• Support the Head of Technology Risk for all technology incidents within T&I, from risk identification, prioritization, remediation, documentation, and tracking
• Leverage TPU-defined risk metrics to assess, discuss and document risk
• Identify and drive new and additional risk mitigating activities
• Partner with Group / Region Tech Risk, risk program owners and other TROs in a collaborative manner
• Help manage risk consistently and transparently and provide challenge within and across T&I
• Help with awareness and prioritization of risk-related work programs within the group and across BUs, and approach this from a risk perspective
• Identify risks within the T&I that may have a broader impact and escalate these to the appropriate risk committees
• Provide an analytical focus when reviewing metrics/programs, etc., and be comfortable delving into details to gain further understanding and review at the relevant level of detail
• Keep risk at the forefront when reviewing metrics/programs, etc. and challenge
• Engage in and complete relevant training curriculum for the continued development of risk and technical skillsets

Skills on Resume:

• Risk Management (Hard Skills)
• Technology Risk (Hard Skills)
• Incident Remediation (Hard Skills)
• Risk Metrics (Hard Skills)
• Mitigation Planning (Hard Skills)
• Analytical Thinking (Soft Skills)
• Collaboration (Soft Skills)
• Stakeholder Engagement (Soft Skills)

Job Summary: 

• Analyzing security alerts like virus alerts and reacting accordingly
• Implementing and optimizing security alerts
• Running security scans to identify vulnerabilities on IT systems and applications
• Dispatching of tickets/emails sent to the Information Security team
• Conducting technical security compliance checks and security tests
• Implementing and maintaining security tools
• Maintaining of Information Security Database
• Providing training to chosen groups, improving Swarovski’s Information Security
• Managing compliance requirements by Betterfly clients and partners in relation to the implementation of Information Security controls in the company's systems, processes and services
• Training and making employees aware of the Information Security culture throughout the organization

Skills on Resume:

• Security Monitoring (Hard Skills)
• Vulnerability Scanning (Hard Skills)
• Compliance Checks (Hard Skills)
• Tool Implementation (Hard Skills)
• Database Management (Hard Skills)
• Ticket Handling (Hard Skills)
• Security Training (Soft Skills)
• Awareness Promotion (Soft Skills)

Job Summary: 

• Support the development and maintenance of the Information Security policy framework in line with risk appetite, legislation and industry best practices
• Provide Information Security advice and guidance
• Maintain an awareness of the existing and emerging threat landscape
• Support the response to security incidents and vulnerabilities
• Support the Information Security awareness training programme
• Support the response to client Information Security enquiries
• Work closely with colleagues across the business to promote and strong Information Security culture and ensure compliance with Information Security policies and procedures
• Curate and maintain Duco’s Information Security knowledge base in support of Duco Customer Success and Pre-Sales teams
• Maintain Duco’s customer-facing Information Security documentation and content
• Support maintenance and compliance of ISO27001 and SOC1/2 accreditation
• Provide initial point of contact and triage for Information Security requests from across the business
• Support Information Security risk assessments across the technology stack and at physical locations

Skills on Resume:

• Policy Framework (Hard Skills)
• Security Guidance (Soft Skills)
• Threat Awareness (Hard Skills)
• Incident Response (Hard Skills)
• Security Training (Soft Skills)
• Risk Assessment (Hard Skills)
• Compliance Management (Hard Skills)
• Documentation Management (Hard Skills)

Job Summary: 

• Conducting Information Security third-party assessments as part of the overall TPM process
• Identification of gaps against the bank's control framework
• Describing risks related to identified gaps
• Performing Gap Analysis of Third Party InfoSec implementations against bank's control standards
• Constant communication with involved stakeholders (internal and external)
• Guiding external stakeholders and the internal team to improve the overall control framework (e.g., new controls, enhancement of existing controls)
• Promptly respond to all security incidents and provide thorough post-event analysis
• Participate in security tool tuning and improvement to minimize false positives and maximize detection and prevention of threats
• Participate in growing and maturing SOC processes
• Provide support for IT audits

Skills on Resume:

• Third-Party Assessment (Hard Skills)
• Gap Analysis (Hard Skills)
• Risk Identification (Hard Skills)
• Control Framework (Hard Skills)
• Incident Response (Hard Skills)
• SOC Processes (Hard Skills)
• Audit Support (Hard Skills)
• Stakeholder Communication (Soft Skills)

Job Summary: 

• Guide stakeholders within defined parameters related to specific Technology Controls and Information Security programs, policies, standards and incidents
• Assist with assessments related to risk, controls, implemented control procedures, vulnerability, etc
• Contribute to risk and control design assessments for an assigned business application, business portfolio, articulate and document control gap impact both to the business and enterprise-wide
• Participate in security management strategy and framework development
• Support technology processes, help launch governance practices to monitor, detect, prevent and react to current and emerging security threats to TD
• Support the development of technology risk reporting, monitoring key trends and defining metrics to measure control effectiveness for own area
• Apply a teamwork philosophy with technology and partners, service or platform owners, to integrate all technology security components and address control gaps
• Research and investigate regulatory compliance requirements, reporting and questions, and support the team in resolving compliance, audit and regulatory issues
• Participate in computer security incident responses relevant to business (or enterprise-wide), represent respective position to the business while conveying their needs to the incident response team
• Adhere to policies, procedures, technology control standards and regulatory guidelines
• Contribute to internal activity and process review, flag windows for improvement
• Follow relevant enterprise frameworks and methodologies
• Influence behavior to reduce risk, foster a strong technology risk management culture
• Support development and/or implementation of standards, policies, procedures, and solutions that mitigate risk and maximize security, service availability, efficiency and effectiveness
• Assess, identify and escalate issues appropriately 

Skills on Resume:

• Technology Controls (Hard Skills)
• Risk Assessment (Hard Skills)
• Control Design (Hard Skills)
• Security Framework (Hard Skills)
• Risk Reporting (Hard Skills)
• Regulatory Compliance (Hard Skills)
• Incident Response (Hard Skills)
• Team Collaboration (Soft Skills)

Job Summary: 

• Keep up to date with the latest security and technology developments
• Research/evaluate emerging cybersecurity threats and ways to manage them
• Plan for disaster recovery and create contingency plans in the event of any security breaches
• Monitor for attacks, intrusions and unusual, unauthorized or illegal activity
• Test and evaluate security products
• Design new security systems or upgrade existing ones
• Use advanced analytic tools to determine emerging threat patterns and vulnerabilities
• Engage in 'ethical hacking', for example, simulating security breaches
• Identify potential weaknesses and implement measures, such as firewalls and encryption
• Investigate security alerts and provide incident response
• Monitor identity and access management, including monitoring for abuse of permissions by authorized system users
• Liaise with stakeholders in relation to cybersecurity issues and provide future recommendations
• Generate reports for both technical and non-technical staff and stakeholders
• Maintain an information security risk register and assist with internal and external audits relating to information security
• Monitor and respond to 'phishing' emails and 'pharming' activity
• Assist with the creation, maintenance, and delivery of cybersecurity awareness training for colleagues
• Give advice and guidance to staff on issues such as spam and unwanted or malicious emails

Skills on Resume:

• Threat Research (Hard Skills)
• Disaster Recovery (Hard Skills)
• System Design (Hard Skills)
• Ethical Hacking (Hard Skills)
• Incident Response (Hard Skills)
• Access Management (Hard Skills)
• Security Reporting (Hard Skills)
• Awareness Training (Soft Skills)

Job Summary: 

• Identify and implement appropriate corrective measures as gaps are recognized
• Proactively assess systems for risks or violations and work with related colleagues to mitigate, control, and/or monitor
• Develop strategies to address awareness, training, and/or reporting for all stakeholders
• Develop and deploy targeted training for direct employees regarding Compliance, Security, Risk and Governance topics and security awareness training to the wider Teladoc user community
• Develop, own, and monitor/ensure adherence to policy/procedure about User Access and Terminations reviews, security awareness training, Risk Management and Continuous assessment areas
• Ensure coordination of SMEs (including schedule management and status meetings) and GRC-related due diligence via assessments and re-assessments
• Ensure a high-performing team through recruitment, coaching, performance management and continuous colleague development
• Maintain excellent relationships with the business stakeholders, Internal and External Audit teams and ensure a unified Teladoc perspective is always understood and applied
• Deliver on-time, on-scope responses to projects, tasks and audit findings

Skills on Resume:

• Risk Mitigation (Hard Skills)
• System Assessment (Hard Skills)
• Policy Management (Hard Skills)
• Access Reviews (Hard Skills)
• Security Training (Soft Skills)
• GRC Management (Hard Skills)
• Team Leadership (Soft Skills)
• Stakeholder Relations (Soft Skills)

Job Summary: 

• Deploy, tune and optimize security systems, including encryption key management, web and e-mail gateways, data loss prevention, CASB, centralized logging, IDS, application vulnerability scanning, vulnerability management, and virtualization platforms
• Conduct research and design on new security technologies/implementations and existing architectures
• Perform system administration for data center-based production and test systems in conjunction with the Global System Administration team
• Review system alerts and perform investigations into the nature of the alerts
• Review system logs and reports for interesting behaviors and unusual trends that may indicate compromise
• Implement system and device hardening standards
• Participate as a member of the Information Security team in developing and maintaining the organization’s security strategies
• Assist in third-party vendor management and oversight
• Perform security validation of hosted environments during build-out / deployment
• Participate in Incident Response investigations as a member of the CIRT

Skills on Resume:

• Security Systems (Hard Skills)
• Vulnerability Management (Hard Skills)
• System Administration (Hard Skills)
• Log Analysis (Hard Skills)
• System Hardening (Hard Skills)
• Security Strategy (Hard Skills)
• Vendor Management (Hard Skills)
• Incident Response (Hard Skills)

Job Summary: 

• Work with team members on key projects related to cybersecurity initiatives
• Review and respond to security logs through SIEM, analyzing incidents and coordinating response
• Improve the overall security program including policies, standards and processes
• Work across engineering and ops teams on security projects
• Track metrics to ensure the security controls are effective
• Work collaboratively with key stakeholders (e.g., IT, Data Privacy, etc.) at Solera to respond to security requests from customers
• Actively follow up on customers' security requests, ensuring proper and timely response
• Assist with the coordination and evidence collection for customer security audits
• Support the creation of a knowledge database of the security controls implemented at the different companies and products within Solera
• Follow-up security risks stemming from the customer’s security assessments
• Develop and deliver reports to provide the status of the customer relationship process
• Support the improvement of the overall customer relationship process

Skills on Resume:

• SIEM Analysis (Hard Skills)
• Incident Response (Hard Skills)
• Policy Development (Hard Skills)
• Security Metrics (Hard Skills)
• Stakeholder Collaboration (Soft Skills)
• Customer Support (Soft Skills)
• Audit Coordination (Hard Skills)
• Report Generation (Hard Skills)

Job Summary: 

• Monitor information security requirements, policies, and compliance
• Document and communicate security incidents, vulnerabilities and the current state of the system
• Facilitate security risk management activities, advise on threats, vulnerabilities, and mitigation strategies
• Daily scanning, implementing and maintaining information security tools and documentation
• Provide support to internal teams with security concerns
• Responsible for spam prevention and monthly vulnerability Scanning
• Responsible for updating Blocklists, Allowlists for various in-house RBLs
• Working with 3rd party companies to resolve spam complaints, backlisting
• Supporting the annual external audit

Skills on Resume:

• Policy Compliance (Hard Skills)
• Incident Documentation (Hard Skills)
• Risk Management (Hard Skills)
• Security Tools (Hard Skills)
• Spam Prevention (Hard Skills)
• Vulnerability Scanning (Hard Skills)
• Audit Support (Hard Skills)
• Team Support (Soft Skills)

Job Summary: 

• Coordinate the development of client information security policies, standards and procedures
• Work with key IT offices, data custodians and governance groups in the development of such policies
• Ensure that company policies support compliance with external requirements
• Oversee the dissemination of policies, standards and procedures to the user community 
• Coordinate the development and delivery of an education and training program on information security and privacy matters for employees, other authorized users, and vendors
• Serve as the company compliance officer with respect to state and federal information security policies and regulations
• Work with the client -designated internal audit, SOX compliance, legal, and HR on compliance issues
• Prepare and submit and submit required reports to external agencies
• Develop and implement an Incident Reporting and Response System to address client security incidents (breaches), respond to alleged policy violations, or complaints from external parties
• Serve as the official company contact point for information security, privacy and copyright infringement incidents, including relationships with law enforcement entities
• Develop and implement an ongoing risk assessment program targeting information security and privacy matters
• Recommend methods for vulnerability detection and remediation, and oversee vulnerability testing

Skills on Resume:

• Policy Development (Hard Skills)
• Compliance Management (Hard Skills)
• Training Delivery (Soft Skills)
• Incident Response (Hard Skills)
• Risk Assessment (Hard Skills)
• Vulnerability Testing (Hard Skills)
• Audit Coordination (Hard Skills)
• Stakeholder Engagement (Soft Skills)

Job Summary: 

• Contribute to the implementation of the global ISMS (based on ISO27001) in the region
• Evaluate the compliance status of processes and technology implementations and plan actions to align with the security framework
• Identify risk related to information security in the technical environment, the relationships with third parties or any component of the company's context
• Understand technical and administrative controls in the different areas such as networking, operations, access management, SSDLC, cloud security, end-point protection, physical security, third-party risk assessment, organization security and legal compliance
• Act as a point of contact for third-party questions regarding information security
• Analyze clients' requirements regarding information security and evaluate their accuracy
• Follow up on the actions to comply with those requirements
• Identify security threats and risks over processes, conducts, technology and context which may affect the information confidentiality, integrity or availability
• Assist in the definition and construction of security measures to lower the risks identified
• Solve low-complex issues independently with minimum supervision and escalate more complex issues to the appropriate staff
• Contribute to the development of awareness material and the process of delivery and measurement
• Perform routine activities to ensure compliance with security frameworks and legislation
• Investigate technologies that could improve the security baseline and the compliance (e.g., DLP, endpoint protection, network security, security and vulnerabilities assessment)

Skills on Resume:

• ISMS Implementation (Hard Skills)
• Compliance Evaluation (Hard Skills)
• Risk Identification (Hard Skills)
• Access Management (Hard Skills)
• Third-Party Assessment (Hard Skills)
• Threat Analysis (Hard Skills)
• Awareness Training (Soft Skills)
• Security Technologies (Hard Skills)

Job Summary: 

• Guide product and engineering teams on adopting recommended security standards
• Educate and train staff on security best practices
• Determine Cloud Security requirements to provide services securely by evaluating business strategies and threat landscapes
• Develop technical solutions and implement security tools to help mitigate security vulnerabilities and automate repeatable tasks
• Stay up-to-date with trends in the information security community, including new vulnerabilities, methodologies, and products
• Inform and respond to all security incidents
• Perform security event triage and initial incident response to detected threats
• Implement and review metrics for security events
• Identify potential threat vectors across all product offerings
• Write comprehensive reports including assessment-based findings, outcomes and propositions for further system security enhancement
• Create and maintain documentation for security best practices

Skills on Resume:

• Security Standards (Hard Skills)
• Cloud Security (Hard Skills)
• Tool Implementation (Hard Skills)
• Incident Response (Hard Skills)
• Threat Detection (Hard Skills)
• Security Metrics (Hard Skills)
• Training Delivery (Soft Skills)
• Documentation (Soft Skills)

Job Summary: 

• Assist with the development and ongoing management of the Cybersecurity Governance, Risk and Compliance program
• Maintain the Security Standards, process documentations and control objectives
• Mature and enhance the information security awareness and training program
• Monitor and Escalate unresolved security exposures, misuse, policy violations and other non-compliance situations to Security Leadership
• Monitor industry regulatory environment for impact on security programs and changes to security compliance standards
• Monitoring and analysis of cybersecurity events with the use of FortiSIEM, Sentinel and EDR
• Security Event Correlation, as received from L2 SOC/L1 SOC or Incident Response staff or relevant sources, to determine increased risk to the business
• Recognize potential, successful, and unsuccessful intrusion attempts/compromises thorough review and analysis of relevant event detail and summary information
• Triage security events and incidents, detect anomalies, and report/direct remediation actions
• Plan and orchestrate reviews of IT applications and infrastructure systems for compliance against PMI’s IT Policy Framework requirements
• Collaborate with security champions embedded in project teams to ensure that new IT applications and infrastructure systems are “secure by design” 
• Monitor IT risks owned by IT Platform Enablers and ensure they are treated on a timely basis and in accordance with the defined risk tolerance levels
• Periodically report IT risks to senior management and contribute to the continuous improvement of the IT risk management practice
• Support the delivery of PMI’s information security and cyber risk programs and objectives in collaboration with colleagues in the wider Information Security team

Skills on Resume:

• GRC Management (Hard Skills)
• Security Standards (Hard Skills)
• Awareness Training (Soft Skills)
• Regulatory Monitoring (Hard Skills)
• SIEM Analysis (Hard Skills)
• Incident Triage (Hard Skills)
• Risk Reporting (Hard Skills)
• Collaboration (Soft Skills)

Job Summary: 

• Working closely with the Compliance Program Manager and third-party auditors, coordinate and facilitate audit testing, documentation, testing, and remediation activities
• Work with technical and non-technical employees to educate, inform, and ensure all compliance activities and associated evidence are performed and appropriately documented
• Update and maintain internal-facing security documentation including security policies, compliance findings, issues, and risks
• Review responses to third-party risk questionnaires for existing Apptio vendors and new and existing suppliers
• Participate in Apptio’s Risk Management system including performing user access management, implementing workflow improvements, updating the third-party risk questionnaires, etc.
• Assist with information security awareness training, administration and phishing testing campaigns for employees
• Act as an advocate and brand evangelist for security-focused solutions throughout the organization
• Contribute to building the Information Security brand with employees and contractors
• Respond to general internal information security team queries and requests in accordance with the Apptio core values
• Ensure compliance with security controls, such as encryption, data loss protection, and endpoint security
• Contribute to cyber incident table-top exercises to ensure Apptio is prepared for the latest cyber threats
• Conduct security research to keep abreast of the latest cyber threat news and intelligence

Skills on Resume:

• Audit Coordination (Hard Skills)
• Compliance Documentation (Hard Skills)
• Risk Management (Hard Skills)
• Vendor Assessment (Hard Skills)
• Access Management (Hard Skills)
• Awareness Training (Soft Skills)
• Phishing Testing (Hard Skills)
• Security Advocacy (Soft Skills)

Job Summary: 

• Accountability for driving the resolution of technology caused OREs and CAPs impacting International customers, working across global Business and Technology teams
• Accountability for supporting International business partners on the resolution of their OREs and CAPs, working across global Business and Technology teams
• Learning and utilizing the Cornerstone big data environment to drive faster resolution and enable the detection of issues
• Participate in Issue Management growth initiatives, including Tableau development, Business and Technical Process Development, Machine Learning opportunities and Artificial Intelligence
• Challenging the status quo to drive incremental improvements in resolution performance
• Driving a global mindset, partnering with colleagues across the globe to drive a consistent team experience
• Provide project or program-level guidance to business unit stakeholders and oversee global security services
• Develop relationships cross-functionally and guide business units in developing and implementing security controls, ensuring that the business products are aligned with cybersecurity standards, policies, and guidelines
• Collaborate with internal governance, risk and compliance teams, IT program managers, and internal auditors, acting as a point of contact for information security governance, risk, compliance, assurance, and enterprise resiliency matters
• Ensure business-driven information security by promoting information security awareness and creating linkages between the appropriate level of security with the risks technology poses to business units
• Support the provisioning of central global security and resiliency services to support business units’ security goals
• Present metrics and dashboards that deliver information security risk and compliance insights to stakeholders

Skills on Resume:

• Issue Management (Hard Skills)
• Data Analysis (Hard Skills)
• Process Development (Hard Skills)
• Machine Learning (Hard Skills)
• Security Controls (Hard Skills)
• Risk Compliance (Hard Skills)
• Global Collaboration (Soft Skills)
• Stakeholder Guidance (Soft Skills)

Job Summary: 

• Performs security analysis of operational and development environments, threats, vulnerabilities, and internal interfaces to define and assess compliance with accepted industry and government standards
• Ensures the rigorous application of cybersecurity policies, principles, and practices in the delivery of all Information Technology (IT) and cybersecurity services
• Uses the Risk Managed Framework (RMF) to contribute to the Authorization and Assessment (A&A) process for new and existing information systems
• Facilitating Memorandums of Understanding (MOU), Interconnection Security Agreements (ISA), Risk Acceptance Letters (RAL) and Continuous Monitoring (CONMON)
• Reviews various operating systems such as Windows and Linux, for compliance with governing requirements
• Assess and document test or analysis data to show compliance with security requirements
• Direct, conduct and mitigate risk assessments and investigations, and oversee activities of incident response
• Assesses present levels of cybersecurity and possesses knowledge of proper cybersecurity practices
• Plans and schedules the installation of new or modified security hardware, operating systems, and software applications
• Ensures the assessment and implementation of identified computer and network environment fixes such as system patches and fixes associated with specific technical vulnerabilities as part of the Cybersecurity Vulnerability Management program
• Guides the implementation of appropriate operational structures and processes to ensure an effective cybersecurity program, including boundary defense, incident detection, and response

Skills on Resume:

• Security Analysis (Hard Skills)
• Policy Enforcement (Hard Skills)
• RMF Compliance (Hard Skills)
• System Review (Hard Skills)
• Risk Assessment (Hard Skills)
• Incident Response (Hard Skills)
• Vulnerability Management (Hard Skills)
• Process Implementation (Hard Skills)

Job Summary: 

• Support and maintain all security tools
• Keep up to date on the latest vulnerabilities and fixes
• Assist in the security awareness and culture within the M&C Saatchi Group
• Assist in the coordination and completion of information security documentation and reporting
• Working with the information security leadership to develop strategies and plans to reduce risks and meet organisational requirements
• Assist with risk assessments and Business Impact assessments
• Collaborate on critical IT projects to ensure that security issues are addressed throughout the project life cycle
• Work with the IT and IS teams to identify, select and implement technical controls
• Develop security processes and procedures supporting SLA’s to ensure that security controls are managed and maintained
• Research, evaluate and recommend information security-related changes, including developing business cases for security investments
• Support the relationship with third-party security vendors
• Support maintenance and training for the ISMS in line with ISO27001, NIST 800-171 and applicable legislation, e.g, Data Protection Act, Computer Misuse Act, etc.
• Provide second/third line support and analysis during and after a security incident

Skills on Resume:

• Security Tools (Hard Skills)
• Vulnerability Tracking (Hard Skills)
• Awareness Training (Soft Skills)
• Risk Assessment (Hard Skills)
• Technical Controls (Hard Skills)
• Process Development (Hard Skills)
• Vendor Management (Hard Skills)
• Incident Support (Hard Skills)

Job Summary: 

• Support the development of system modernization plans for surveillance, EMR, and LIMS information systems in an international setting
• Apply knowledge from Federal cybersecurity and privacy regulations, policies, laws, and requirements towards information security and protection best practices for international systems assessment, design, and development
• Tailor information security engineering techniques, methods, and practices for international systems based on local country regulations and policies
• Work extensively with multiple senior-level stakeholders (system owners, mission leads, IT Governance, and the Information Systems Security Officer (ISSO)) in the conduct of system compliance and protection activities for international projects
• Work with mission / technical teams to perform security analysis on in-development technical solutions and provide security compliance and guidance input 
• Evaluate international systems (either in development or in production) for compliance and/or adherence with security requirements and best practices
• Develop corresponding documentation to align with the risk management framework (RMF), or other security standards and frameworks such as the Cybersecurity Maturity Model Certification (CMMC)
• Assist system owners with identifying and utilizing relevant enterprise shared services and solutions to enable compliance and security activities
• Become a trusted security subject matter expert supporting various mission leaders and activities
• Perform technical IT system security/vulnerability assessments using the provided tools
• Interpret results and manage remediations 

Skills on Resume:

• System Modernization (Hard Skills)
• Regulatory Knowledge (Hard Skills)
• Security Engineering (Hard Skills)
• Stakeholder Management (Soft Skills)
• Compliance Evaluation (Hard Skills)
• RMF Framework (Hard Skills)
• Vulnerability Assessment (Hard Skills)
• Remediation Management (Hard Skills)

Job Summary: 

• Performing risk assessments, identifying, reporting and tracking any risks or issues across all aspects of information security including technical, physical, business process and third parties
• Managing and delivering the testing of security controls, working with the business to maintain the ISMS
• Working with the IT teams to build security design into project templates
• Perform security assurance testing across all areas of the Group
• Developing processes and configuration documents to be followed by IT operations and/or third-party suppliers in line with Information Security standards
• Provide security input for all change activities including projects, implementing the principles and standards for the Group
• Undertake technology evaluations and provide recommendations aligned to existing standards and best practices for the security aspects of new applications
• Interpreting the Information Security policy and liaising with all stakeholders across the Group
• Identify, engage and manage third-party organisations to ensure appropriate security assurance activities are conducted to ensure the rigour of security processes and systems
• Contribute towards the design and operation of related compliance monitoring and improvement activities to ensure compliance with both internal security policies, etc., and applicable laws and regulations
• Contribute to the production and circulation of reports to demonstrate the effectiveness of Information Security controls and processes
• Develop and deliver tailored Security Awareness and educational activities across the organisation
• Provide appropriate levels of documentation on security controls, incidents and risks

Skills on Resume:

• Risk Assessment (Hard Skills)
• Control Testing (Hard Skills)
• Security Design (Hard Skills)
• Assurance Testing (Hard Skills)
• Process Development (Hard Skills)
• Technology Evaluation (Hard Skills)
• Policy Interpretation (Soft Skills)
• Security Awareness (Soft Skills)

Job Summary: 

• Support the Information Security Manager in the development of new information and cybersecurity policies, processes, and procedures
• Collaborate with stakeholders across Canary Wharf Group and get involved with interesting projects to embed existing information security policies, processes, and procedures
• Support the review of proposed technology solutions to improve the maturity of information and cybersecurity across the organisation
• Work closely with IT to help improve technical information and cyber security controls, performing Cloud Security Assessments
• Perform reviews of the security of third-party suppliers
• Take ownership of the information and cybersecurity education and awareness programme for the group, which may include in-person training of colleagues
• Further professional development and understanding of information and cybersecurity through the completion of training and attendance at industry conferences
• Collaborate with the Intelligence team to understand current and emerging cyber threats that could impact the security of CWG
• Assist the Information Security Manager with the implementation of the ISO 27001 Information Security Management System and Cyber Essentials Plus requirements
• Collaborate with the Resilience team to develop Information Security-related incident exercises and scenarios
• Assist the data protection team with Data Privacy Impact Assessments and related tasks
• Cover for other team members including the Information Security Manager

Skills on Resume:

• Policy Development (Hard Skills)
• Cloud Security (Hard Skills)
• Third-Party Review (Hard Skills)
• Security Awareness (Soft Skills)
• Threat Intelligence (Hard Skills)
• ISO27001 Implementation (Hard Skills)
• Incident Exercises (Hard Skills)
• Stakeholder Collaboration (Soft Skills)

Job Summary: 

• Performs daily log monitoring, detection of abnormal activities, and threat hunting (Proactive mode) to ensure 24/7 protection of the business
• Uses prescribed guidelines or policies to analyse and timely resolve raised incidents
• Ensures that requests are timely responded to and delivered
• Provides L2 support for Security Operation Services (with minimal guidance and direction from seniors) to ensure that an incident is timely escalated to L3
• Assesses detected security/risk within the network, systems and applications
• Continues to build documentation and review operational processes and procedures to ensure that it is up to date and still applicable to the business
• Maintains knowledge in security-related technologies, trends, cybersecurity threats, issues, and solutions to ensure awareness of the fast evolution of Security threats
• Maintains knowledge of state-of-the-art information technology, equipment, and systems to ensure awareness of the fast evolution of technology
• Collaborate with employees to ensure Security controls are implemented by design and by default
• Be the first line of support for Security-related requests incoming from the Company
• Assisting with the creation and maintenance of Security procedures/processes, policies, and standards
• Conducting Security assessments of business systems and operations compliance with required security controls on an ongoing basis
• Research security trends, new methods, and techniques that represent threats to the business
• Support Customer relationship efforts through responding to compliance requests delivered by customers

Skills on Resume:

• Log Monitoring (Hard Skills)
• Incident Analysis (Hard Skills)
• L2 Support (Hard Skills)
• Risk Assessment (Hard Skills)
• Process Documentation (Hard Skills)
• Security Controls (Hard Skills)
• Trend Research (Hard Skills)
• Customer Support (Soft Skills)

Job Summary: 

• Providing guidance on secure configurations for Linux/Unix platforms, controls, and compliance, and information security risk management to team members
• Troubleshooting and investigating issues as they arise from scan findings
• Assist Server Management Groups in prioritization of remediation to minimize potential for impact
• Performing root cause analysis for server misconfigurations in the environment
• Performing as a high-level technical, subject matter expert on various Linux/Unix Systems and Information Security principles, with the ability to troubleshoot various configuration issues as they arise
• Develops specific work products that are used in scanning to identify misconfigurations
• Responding to changes in the regulatory environment and assisting other organizations in doing the same
• Making strategic recommendations to enhance secure server configuration, including processes, procedures, governance approaches, and compliance with the CIS Benchmarks
• Performing end-to-end consultation for remediation from tactical to strategic efforts
• Takes the lead with server groups to convey the program goals and updates including scheduling updates and managing daily remediation updates

Skills on Resume:

• Secure Configuration (Hard Skills)
• Issue Troubleshooting (Hard Skills)
• Remediation Prioritization (Hard Skills)
• Root Cause (Hard Skills)
• Linux Expertise (Hard Skills)
• Regulatory Compliance (Hard Skills)
• Strategic Recommendations (Soft Skills)
• Stakeholder Communication (Soft Skills)

Job Summary: 

• Protect assets and information systems against unauthorized access, modification and destruction
• Interact with system owners to plan and assess information systems for vulnerability and risks
• Plan, implement, and upgrade security measures and controls to remediate or mitigate risk
• Investigate confidentiality, integrity, and availability incidents, communicate with the team, document and report
• Stay current on IT security trends and news
• Manage theScore Security Operations Center and provide a report
• Conduct Observations and Monitoring for theScore Information Systems
• Provide information regarding security events or any activities that indicate an effort by a threat agent to gain unauthorized access to organizations’ Information Systems
• Manage security incidents throughout their life-cycle
• Conduct cybersecurity and privacy risk assessment and management

Skills on Resume:

• Access Protection (Hard Skills)
• Vulnerability Assessment (Hard Skills)
• Risk Mitigation (Hard Skills)
• Incident Investigation (Hard Skills)
• SOC Management (Hard Skills)
• Security Monitoring (Hard Skills)
• Incident Management (Hard Skills)
• Risk Assessment (Hard Skills)

Job Summary: 

• Monitoring and initial response for all incoming security alerts
• Monitoring and escalation of all network and server infrastructure operational alerts
• Follow documented processes and technical references
• Document all findings and response actions in the ticketing system
• Confer with users to gather information related to security incidents
• Review and analyze email phishing attacks
• Correlate disparate security indicators to find attack patterns
• Provide input and recommendations for process and documentation improvements
• Maintain updated knowledge on the latest information security technology trends
• Escalate issues to InfoSec, Network, and Server Engineers
• Participate in security incident response activities with senior staff 

Skills on Resume:

• Alert Monitoring (Hard Skills)
• Incident Response (Hard Skills)
• Process Adherence (Hard Skills)
• Ticket Documentation (Hard Skills)
• User Communication (Soft Skills)
• Phishing Analysis (Hard Skills)
• Attack Correlation (Hard Skills)
• Process Improvement (Soft Skills)

Job Summary: 

• Perform vulnerability scans, analysis, and prioritise identified weaknesses, working with the IT Team to remediate identified issues
• Collate alerts from security tooling, perform triage, prioritise and escalate for further action
• Act as the first point of contact for security incidents, providing timely responses, coordination, and communication throughout all stages
• Perform hands-on investigations to analyse incidents, identify suspicious behaviour, gather evidence, and build on lessons learned to prevent their recurrence
• Research and implement new security technologies to better protect company information and assets
• Participate in the response to RFPs/audits
• Provide ‘hands-on’ assistance, particularly in technical control implementation or administration
• Work as part of a team to communicate ideas, suggestions and solutions that achieve the firm’s long-term objectives
• Operate as a member of a frontline team in a high-tempo security operation, monitoring and analyzing custom alerts and dashboards
• Provides feedback in assessing new threat vectors and the effectiveness of controls
• Leverages advanced investigative skills using best-in-class data correlation and network/packet analysis tools
• Partner with senior leaders from lines of business organizations to triage security events and report on impacting security incidents

Skills on Resume:

• Vulnerability Scanning (Hard Skills)
• Incident Response (Hard Skills)
• Alert Triage (Hard Skills)
• Forensic Investigation (Hard Skills)
• Security Technologies (Hard Skills)
• Audit Support (Hard Skills)
• Threat Analysis (Hard Skills)
• Team Collaboration (Soft Skills)

Job Summary: 

• Integrating multiple disciplines (e.g., business/systems process analysis, data analysis, data informatics, risk management, regulatory requirements, and technology) for strategic and operational planning
• Applying problem-solving methods, planning techniques, continuous improvement, project management, and analytical tools and methodologies to achieve Mayo's goals
• Conducting information security assessments
• Collaborating with others to address security questions and responding to customer inquiries
• Ensuring appropriate treatment of cybersecurity risk and monitoring compliance with Mayo's Information Security policies, processes and procedures
• Creating, supporting, and evaluating security prototypes
• Administering Information Security processes and tools that enable the organization to operate effectively and efficiently
• Creating, coordinating, conducting and/or evaluating training courses within the pertinent subject domain
• Drafting policies, processes and procedures
• Managing a varied workload of projects with multiple priorities
• Staying current on information security, technology and healthcare trends and institutional changes
• Developing interpersonal skills to include presentation, negotiation, influencing, team facilitation and written communications

Skills on Resume:

• Risk Management (Hard Skills)
• Process Analysis (Hard Skills)
• Security Assessment (Hard Skills)
• Policy Development (Hard Skills)
• Tool Administration (Hard Skills)
• Training Delivery (Soft Skills)
• Project Management (Hard Skills)
• Collaboration (Soft Skills)

Job Summary: 

• Performs enterprise systems security operations to ensure 100% effective NNSA security status across the enterprise
• Develop Red Teaming, Penetration Testing, Code Scanning, and Vulnerability Management policies and procedures
• Synthesize and report findings, develop remediation recommendations and track implementation to completion
• Build and develop a team to provide Red Teaming, Penetration Testing, Code Scanning, and Vulnerability Management services to the organization
• Research and identify threat vectors and zero days that may apply to the NNSA environment
• Develop testing plans to identify vulnerabilities
• Define and maintain a rules of engagement plan for the NNSA enterprise environment as Red Team services are performed
• Identify, collect, and report metrics related to program progress, operations, and findings
• Develop DLP policies, response rules and allow/block lists based on business requirements
• Identify policy tuning/enhancement opportunities to reduce false positives
• Analyze, define and interpret business needs and issues by gathering, analyzing, documenting and validating the business requirements
• Documents the existing process in technical model format
• Lead testing efforts by defining, developing and implementing practices and procedures for complete end-user test plans
• Facilitate the implementation of approved IS tools and identify/recommend new or improved security solutions or emerging technologies
• Mitigate risk by analyzing the root cause of issues, impacts to business, and required corrective actions and develop security solutions
• Ensure IS compliance and seek opportunities to enhance the efficiency of IS policies and procedures

Skills on Resume:

• Penetration Testing (Hard Skills)
• Vulnerability Management (Hard Skills)
• Red Teaming (Hard Skills)
• Threat Research (Hard Skills)
• DLP Policies (Hard Skills)
• Risk Mitigation (Hard Skills)
• Team Leadership (Soft Skills)
• Process Analysis (Hard Skills)

Job Summary: 

• Coordinate and perform information system and third-party risk assessments, following a NIST-based methodology
• Use initiative in seeking process and workflow improvements
• Train junior risk assessors
• Assist in guiding business owners and end-users on the implementation of solutions that comply with IS security policies and standards
• Assist in prioritizing departmental tasks including new risk assessments and cybersecurity variance requests, according to departmental processes
• Clearly document assessments, variances, findings, and remediation plans in Archer
• Maintain a current knowledge of applicable federal and state privacy laws and accreditation standards, and monitor advancements in information privacy and security technologies to ensure adaptation and compliance
• Maintain awareness of new technologies and related opportunities for impact on system or application security
• Conduct information security research in keeping abreast of the latest security issues and keep abreast of testing tools, techniques, and process improvements in support of security event detection and analysis
• Support platform certification workflow and system configuration development work

Skills on Resume:

• Risk Assessment (Hard Skills)
• Process Improvement (Soft Skills)
• Staff Training (Soft Skills)
• Policy Compliance (Hard Skills)
• Task Prioritization (Soft Skills)
• Documentation Skills (Hard Skills)
• Regulatory Knowledge (Hard Skills)
• Security Research (Hard Skills)

Job Summary: 

• Provides identity and entitlement management functions for centralized business applications and infrastructure technologies residing on mainframe and distributed network platforms
• Completes security access requests consistently and thoroughly within the stated turnaround time with minimal mistakes
• Completes setup, transfer, and termination of security access
• Applies research, troubleshooting, problem analysis, and existing knowledge of security and enterprise infrastructure to independently identify and resolve security issues
• Identifies and presents all possible solutions and recommends a course of action for security requests and issues that require management escalation
• Identify and address non-compliance with security policies and standards when processing requests and providing security consulting
• Effectively communicates with the requestor and Security Coordinators thoroughly and courteously, providing clear security explanation and guidance regardless of the associate's seniority or technical level
• Responds to time-critical security technology processing with a sense of urgency
• Prioritizes urgent requests accordingly and appropriately
• Provides after-hours (24x7) on-call security support on a rotational basis for the enterprise network via cellular phone and mobile computer
• Completes team projects and participates in enterprise-wide projects
• Independently manages the execution and completion of assigned projects of medium to high complexity and wide-ranging scope (e.g., implementation of new enterprise software, significant upgrade of existing software)

Skills on Resume:

• Identity Management (Hard Skills)
• Access Provisioning (Hard Skills)
• Problem Analysis (Hard Skills)
• Policy Compliance (Hard Skills)
• Issue Resolution (Hard Skills)
• Communication Skills (Soft Skills)
• Request Prioritization (Soft Skills)
• Project Management (Hard Skills)

Job Summary: 

• Provides security administration and knowledge of existing processes and procedures to support project work being completed by senior members of Information Security or IT
• Adding new security technologies, upgrades and enhancements, or retirement of existing security technologies and processes
• Provides mentoring and training
• Maintains the Information Security Services training curriculum and resources to ensure they remain in line with an ever-changing environment
• Provides emergency or escalated support of security functions for associates, select subsidiaries, and external contractors
• Effectively diagnose problems by asking relevant questions and actively listening to the facts communicated
• Applies research, problem analysis, and existing knowledge to resolve incidents and consults with other support teams 
• Acts on behalf of the customer to ensure that incidents are resolved, communicating status updates to all customers promptly
• Contributes to the integrity and validity of security access for business applications and infrastructure technologies residing on the mainframe, distributed network platforms
• Performs periodic security monitoring and maintenance on existing systems and technologies in a consistent and thorough manner
• Helps ensure that security access is appropriately granted and removed, such that the integrity of supported systems is maintained

Skills on Resume:

• Security Administration (Hard Skills)
• Technology Upgrades (Hard Skills)
• Mentoring (Soft Skills)
• Training Management (Hard Skills)
• Incident Support (Hard Skills)
• Problem Analysis (Hard Skills)
• Customer Focus (Soft Skills)
• Security Monitoring (Hard Skills)

Job Summary: 

• Lead Third Party assessments and follow-up activities with strategic Third Party relationships
• Communicate professionally with third-party stakeholders/end users through multiple communication methods, building a trusting relationship
• Understand and enforce General Computing Controls of the third-party organization structure
• Identify security administration deficiencies, recommend improvements, and assist in implementing corrective action
• Develop and maintain procedure documentation
• Understand and scope properly the Third Party organization structure to apply necessary controls to be assessed
• Perform and manage Control/Risk Assessment and remediation of identified findings as per process documents
• Ensure third-party compliance with the business agreement, policies, procedures, and regulations, along with the ability to map controls and compliance requirements
• Review Third Party supplied policies and procedures, internal/external assessment reports, agreements and provide feedback
• Executive summaries with recommendations and direction regarding remediation efforts and disposition of the third party
• Communicate, escalate, and track third-party remediation progress on assessment remediation activities
• Understand information security risks that are inherent to a business and articulate those risks in business terms
• Maintain current knowledge on information security topics and their applicability to program requirements
• Engage on-shore leadership regarding any escalation/delays/deviations during assessment/remediation
• Work and Coach assigned analysts/mentees in terms of operational processes/ competencies
• Serves as POC (Point of Contact) in the lead’s absence
• Conducts quality checks and provides feedback
• Create reports and presentations for the operational process

Skills on Resume:

• Third-Party Assessment (Hard Skills)
• Stakeholder Communication (Soft Skills)
• Control Enforcement (Hard Skills)
• Risk Assessment (Hard Skills)
• Compliance Management (Hard Skills)
• Procedure Documentation (Hard Skills)
• Coaching (Soft Skills)
• Report Generation (Hard Skills)

Job Summary: 

• Support execution of information security assessments for in-scope suppliers (e.g., support with security assessments, assess the quality of IS/IT assessments conducted by other assessors, define risk ratings to the control failures, treatment for risk mitigation, etc.)
• Help the team in tracking overall assessment activities end-to-end (toll-gates, current status, IS critical assessments progress) against existing milestones and report regularly
• Help in coordinating InfoSec gap remediation with stakeholders, e.g., with BU relation managers, External Assessors, and third parties, etc.
• Review control evidence and provide suitable suggestions to the Business Partners
• Contribute to understanding and improving Standard Operating Procedures/Policies for the TSM
• Coordinate and help in drafting training materials (e.g., TSM or TRM Trainings, etc.).
• Acting as a process champion (buddy) for new person onboarding, e.g., training, access needs, etc.
• Schedule, execute and document critical meeting minutes for both internal and external stakeholders (e.g., Team meetings, Operation/Calibration calls with Assessors, gap remediation calls, etc.)
• Finding and driving process efficiencies, optimal usage of resources, contributing to automation, etc.
• Implement information security measures to resolve vulnerabilities, mitigate risks, and recommend security changes to the system or system components
• Analyze and report on organizational information security posture trends
• Coordinate and conduct vendor risk assessments to ensure alignment with third-party risk management security standards
• Recommend mitigation of security deficiencies identified during security or certification testing and recommend risk acceptance to the appropriate senior leader or authorized representative
• Work with stakeholders to resolve information security vulnerability mitigation and compliance

Skills on Resume:

• Security Assessment (Hard Skills)
• Risk Rating (Hard Skills)
• Gap Remediation (Hard Skills)
• Policy Improvement (Hard Skills)
• Training Support (Soft Skills)
• Process Efficiency (Hard Skills)
• Vendor Assessment (Hard Skills)
• Stakeholder Coordination (Soft Skills)

Job Summary: 

• Corporate-wide Information Security GRC program
• Assessing IT and Cybersecurity risks and identifying emerging cybersecurity threats
• Vendor risk management program
• Manage, maintain, and administer the Information Security Education program
• Maintains knowledge of best practice security frameworks, industry-recognized information technology control standards, and other industry resources and translates them into educational formats.
• Performs security compliance assessments on new and existing systems, processes, and technology
• Collaborates to define IT security standards and develop supporting organizational policies
• Partners with various business units to ensure controls are adequate, appropriate, and effective
• Supports Vendor Risk Management and overall Third-Party Risk Management programs
• Assists in Data Classification and Rights Management roll-out, adoption and support
• Actively participates and leads in security-related planning meetings, project teams and workgroups
• Performs risk assessments and gap analysis to assist with the development of a Risk Register
• Develops, leads, coordinates, and presents security education training and awareness program materials
• Participates in internal and external security audits and compliance efforts
• Promotes a strong security culture throughout the organization
• Develops routine reports in accordance with GRC metrics
• Stays informed on developing regulatory and industry requirements and information security trends

Skills on Resume:

• GRC Management (Hard Skills)
• Risk Assessment (Hard Skills)
• Vendor Management (Hard Skills)
• Security Compliance (Hard Skills)
• Policy Development (Hard Skills)
• Data Classification (Hard Skills)
• Security Training (Soft Skills)
• Audit Support (Hard Skills)

Job Summary: 

• Characterize and analyze network traffic, logs, and endpoint activity to identify anomalies, malicious or potential threats to McAfee’s assets
• Perform event correlation using information gathered from a variety of sources (network and endpoint logs) to gain situational awareness to detect, confirm, contain, remediate, and recover from attacks
• Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities
• Analyze identified malicious activity to determine weaknesses exploited, exploitation methods, effects on the system and information
• Determine tactics, techniques, and procedures (TTPs) for intrusions
• Isolate assets and remove malware
• Reconstruct a malicious attack or activity based on malicious samples seen on endpoints, phishing emails or in network traffic
• Perform root cause analysis
• Develop content for cyber defense tools
• Assist in the construction of signatures or indicators of compromise (IOCs) which can be implemented on cyber defense network tools in response to new or observed threats within the network environment or enclave
• Notify SOC managers and cyber incident responders of suspected cyber incidents and articulate the event's history, status, and potential impact for further action in accordance with the cyber incident response plan and procedures

Skills on Resume:

• Traffic Analysis (Hard Skills)
• Event Correlation (Hard Skills)
• Threat Detection (Hard Skills)
• Malware Removal (Hard Skills)
• Root Cause (Hard Skills)
• Attack Reconstruction (Hard Skills)
• IOC Development (Hard Skills)
• Incident Reporting (Soft Skills)

Job Summary: 

• Exercise a user-oriented approach while handling security incidents to ensure that user impact is minimized, and the situation is well articulated to users
• Document ongoing incidents, after-action reports and escalate incidents (including the event’s history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment
• Provides cybersecurity recommendations to leadership based on significant threats and vulnerabilities
• Work with cross-functional teams to resolve computer security incidents and vulnerability compliance
• Monitor external data sources (e.g., cyber defense vendor sites, Computer Emergency Response Teams, Security Focus)
• Maintain currency of cyber defense threat conditions and determine which security issues may have an impact on the enterprise
• Support Incident Response efforts - evidence collection, documentation, communications, and reporting
• Responsible for the enforcement of corporate information security policies to protect McAfee's information assets and intellectual property
• Lead or contribute to security risk assessments that determine threats, consequences, and vulnerabilities to key assets, products, and services
• Recommend and drive additional security controls to meet current and future needs

Skills on Resume:

• Incident Handling (Hard Skills)
• Incident Documentation (Hard Skills)
• Threat Analysis (Hard Skills)
• Cross-Functional Collaboration (Soft Skills)
• Threat Monitoring (Hard Skills)
• Policy Enforcement (Hard Skills)
• Risk Assessment (Hard Skills)
• Security Recommendations (Soft Skills)

Job Summary: 

• Support the principal Security Engineer on all matters (technical and otherwise) involving the security posture of the information system
• Coordinate with the team’s Teams Tech Leads to provide technical direction and guidance to software developers and systems administrators for security-related development and engineering tasks
• Responsible for managing entire platforms
• Solve technical issues as they arise, occasionally providing direction to other team members
• Assist the ISSO in gathering, preparing, and maintaining the information systems Body of Evidence (Systems Security Plans (SSP)) and other security-related documentation
• Support the Achievement of Authority to Operate (ATO) through the development and execution of security policies, plans, and procedures
• Initiate creation of A&A packages to support receipt of Authorizations to Operate (ATOs), collaborate with Engineers to gather information for A&A packages, and update A&A packages
• Develop and implement Continuous Monitoring processes by managing all artifacts within the system of record
• Implement Assured Compliance Assessment Solution (ACAS), while maintaining all plugins and scan policies
• Review and manage alerts within the logging mechanisms of the information system

Skills on Resume:

• Platform Management (Hard Skills)
• Technical Guidance (Soft Skills)
• Issue Resolution (Hard Skills)
• Security Documentation (Hard Skills)
• ATO Support (Hard Skills)
• Continuous Monitoring (Hard Skills)
• Vulnerability Scanning (Hard Skills)
• Alert Management (Hard Skills)

Job Summary: 

• Evaluate and determine the applicability of IAVAs that are distributed by DISA and the Intel Community
• Assist the project team with creating/maintaining and running automation scripts or manual steps for securely configuring systems, testing and ensuring cyber compliance of all systems
• Propose mitigation strategies for vulnerabilities identified in the system
• Investigate and mitigate cybersecurity incidents
• Verify and maintain security and technical configurations
• Interpret and propose technical solutions for security requirements/controls
• Assess the impacts of system modifications and technological advances
• Manage and review security logs and take actions
• Design a computer security architecture and develop a detailed cybersecurity design
• Prepare and document standard operating procedures and protocols
• Participate in the change management process

Skills on Resume:

• Vulnerability Mitigation (Hard Skills)
• Automation Scripting (Hard Skills)
• Incident Response (Hard Skills)
• System Configuration (Hard Skills)
• Security Architecture (Hard Skills)
• Change Management (Hard Skills)
• Log Management (Hard Skills)
• Technical Solutions (Hard Skills)

Job Summary: 

• Perform daily monitoring tasks and detail-oriented investigation of security issues
• Responds to incidents, performs forensic investigations and assists with eDiscovery tasks
• Identify, evaluate, and communicate cloud-related risks and vulnerabilities, and propose recommended remediation
• Contribute to the development of operational and security automation and integration processes and procedures
• Track and report on the effectiveness of cloud information security technology, controls and processes and polices using visualization tools
• Review, triage, and respond to service requests from stakeholders
• Keeps abreast of the latest security and privacy legislation, regulations, advisories, alerts, and vulnerabilities about the organization
• Research and track current security threats
• Collect, consolidate, research, analyze, and correlate internal (firewalls, network devices, servers, databases, applications) and external threat intelligence to detect anomalies
• Identify risks and mitigation for those risks to help protect the power grid
• Identify and develop threat signatures and analyze log data
• Respond to high-urgency and high-severity threat indicators and communicate actionable information, guidance, and other relevant information
• Interact with outside agencies, law enforcement, and the FBI

Skills on Resume:

• Forensic Investigation (Hard Skills)
• Cloud Security (Hard Skills)
• Security Automation (Hard Skills)
• Risk Mitigation (Hard Skills)
• Threat Intelligence (Hard Skills)
• Log Analysis (Hard Skills)
• Incident Response (Hard Skills)
• Stakeholder Communication (Soft Skills)

Job Summary: 

• Participates in the design, engineering, implementation and operation of information security processes, policies, procedures, standards, systems and controls based on business and technical requirements
• Frequently contributes to the development of new theories and methods
• Develops resolutions to complex problems that require frequent use of creativity
• Analyzes and correlates data from information security technology sources, such as endpoint protection, intrusion detection, security event monitors and secure proxies, to identify potential threats and defend PeaceHealth against threats
• Protects PeaceHealth’s information and information systems by analyzing public and private information sources to develop effective defensive techniques, policies, procedures and standards
• Collaborates with information security, technology teams and business stakeholders to respond to and remediate identified vulnerabilities and gaps in security controls, policies, procedures and standards
• Contributes to the design and implementation of security response automation, integrating various information and information security tools to create fast, intelligent responses to common and/or critical cyber incidents
• Effectively communicates technical issues and investigative findings to technical and non-technical audiences in written and verbal form
• Supports information sharing and integration procedures across information security through the exchange of threat intelligence and cybersecurity vulnerability assessment data
• Provides information relative to information security assessment activities in collaboration with technical and non-technical teams across the organization
• Provides recommendations related to information security gaps and vulnerabilities in collaboration with stakeholders across the organization

Skills on Resume:

• Security Engineering (Hard Skills)
• Problem Solving (Soft Skills)
• Data Correlation (Hard Skills)
• Threat Analysis (Hard Skills)
• Vulnerability Remediation (Hard Skills)
• Response Automation (Hard Skills)
• Technical Communication (Soft Skills)
• Threat Intelligence (Hard Skills)

Job Summary: 

• Serves as an advisor and subject matter expert on complex information security issues, projects, or any other PeaceHealth initiative that may have an information security implication
• Facilitates information security work groups, including project management, scheduling, coordination, follow-up, status reports and report-outs
• Responds to security-related investigations and other information security requests across PeaceHealth
• Contributes to information security intellectual capital by making process or procedure improvements and enhancing team documentation
• Promotes and implements information security education and awareness policies, procedures, standards and controls in collaboration with stakeholders across the organization
• Contributes to the analysis, design, build and management of role-based access controls for users of applications and systems
• Coordinates and supports user access review processes
• Generates reports and metrics (e.g., system/control metrics, status updates, risk assessment reports, remediation reports) to support information security measurement and reporting objectives
• Provides support and assistance to caregivers across the organization related to information security related technology and programs
• Provides on-call after-hours support on a rotational basis, including evenings, weekends, and holidays

Skills on Resume:

• Security Advisory (Hard Skills)
• Project Coordination (Soft Skills)
• Incident Response (Hard Skills)
• Process Improvement (Hard Skills)
• Security Awareness (Soft Skills)
• Access Control (Hard Skills)
• Report Generation (Hard Skills)
• On-Call Support (Soft Skills)

Job Summary: 

• Assists in developing, implementing and monitoring compliance with AXP and Information security policies, standards and procedures, and other policies and standards
• Implements security policies by administering and monitoring profiles, reviewing violation reports and investigating possible exceptions
• Prepares materials (reports, presentations, spreadsheets, etc) on information security to help develop scenarios, response procedures, and enable informed decision-making
• Verify completeness, accuracy and relevance of data captured
• Utilizes tools and documented processes to ensure consistency and optimization of information security processes
• Work in support of efforts to measure and improve information security processes
• Prepares status reports on information security, or other matters, to help develop, track, monitor and report on projects and initiatives
• Consults on controls, processes, and procedures
• Facilitates meetings to capture and document products/services or generic process changes
• Maintains internal documentation library, ensuring that process and other documentation is regularly updated to reflect the latest operational processes and requirements
• Provides root cause analysis assistance for incident management or post-implementation efforts
• Provides analytical support for issue management, project assessments, and reporting
• Participates in the evaluation of products and/or procedures to improve productivity and effectiveness
• Supports the analysis of underlying trends and action plans associated with information security and other domains
• Maintains records to allow for historical trending analysis

Skills on Resume:

• Policy Compliance (Hard Skills)
• Profile Administration (Hard Skills)
• Report Preparation (Hard Skills)
• Data Verification (Hard Skills)
• Process Optimization (Hard Skills)
• Root Cause (Hard Skills)
• Issue Analysis (Hard Skills)
• Documentation Management (Hard Skills)

Job Summary: 

• Building trust at all levels among internal and external teams
• Shifting resources to match the needs of the project effectively
• Coordinating third-party support as a seamless extension of the team
• Leading the development of business policies and procedures
• Managing deadlines and moving deliverables forward
• Monitoring project tasks against budget and scope creep
• Balancing perspectives to drive consensus and decision-making
• Presenting and defending design decisions across teams
• Proactively communicating requirements and changes to minimize surprises
• Collaborating with partners for a smooth hand-off
• Conducting post-mortem analysis and presenting recommendations to senior leadership
• Rousing passion for delivering positive customer experiences

Skills on Resume:

• Trust Building (Soft Skills)
• Resource Management (Hard Skills)
• Third-Party Coordination (Soft Skills)
• Policy Development (Hard Skills)
• Deadline Management (Hard Skills)
• Consensus Building (Soft Skills)
• Communication Skills (Soft Skills)
• Customer Focus (Soft Skills)

Job Summary: 

• Assist the operations team in defining current baselines for the secure configuration of all devices (e.g., Servers, workstations, network devices)
• Maintain operational configurations of all security solutions as per the established baselines
• Review logs and reports of all installed devices, whether they be under direct control (i.e., security tools) or not (i.e., workstations, servers, network devices, etc.). 
• Interpret the implications of that activity and devise plans for appropriate resolution
• Participate in investigations into problematic activity
• Participate in the design and execution of vulnerability assessments, penetration tests and information security audits
• Participate in the planning and design of enterprise security architecture, under the direction of the Director, Information Security
• Participate in the creation of enterprise security documents (policies, standards, baselines, guidelines and procedures) under the direction of the Corporate Information Security Officer
• Provide oversight and contribute to the design and deployment of application solutions within Central 1 to ensure they are carried out following industry-standard best practices
• Maintain up-to-date detailed knowledge of the information security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors
• Recommend additional security solutions or enhancements to existing security solutions to improve overall enterprise security

Skills on Resume:

• Configuration Management (Hard Skills)
• Log Analysis (Hard Skills)
• Incident Investigation (Hard Skills)
• Vulnerability Testing (Hard Skills)
• Security Architecture (Hard Skills)
• Policy Development (Hard Skills)
• Application Oversight (Hard Skills)
• Threat Awareness (Hard Skills)

Job Summary: 

• Provide operational and technical application support for onboarding integration requests
• Following and developing procedures for operational support
• Responsible for managing and reviewing application integration requests and assisting support teams during the onboarding process (i.e., DEV/UAT/PROD/COB)
• Communicate across organizations at all levels
• Responsible for assessing the risk and associated impact of all operational issues, change events, and reacting quickly to escalate to technology management promptly 
• Work closely with the development team to ensure the operational requirements are met during the project transition
• Coordinate, triage and troubleshoot activities with support teams. (i.e., Application/SA/DBA/GIDA/CATE)
• Responsible for identifying trends and escalating issues to the appropriate manager
• Perform accurate and precise analysis and correlation of logs/alerts from a multitude of sources, determining security incidents
• Carry out in-depth technical investigations to support incident response activities
• Deliver real-time proactive monitoring and response
• Utilize Threat Intelligence to identify potential new threats and develop new mitigations
• Maximize the effectiveness of technical security controls through the creation and continued maintenance of detection use cases
• Identify opportunities within existing processes and procedures to increase the efficiency of the Security Operations team
• Deliver and maintain integrations with hosts and platforms for automation, orchestration, or security monitoring purposes
• Execute threat hunts capability which matures the security monitoring service that is delivered
• Audit and review current security policies

Skills on Resume:

• Application Support (Hard Skills)
• Risk Assessment (Hard Skills)
• Incident Investigation (Hard Skills)
• Threat Intelligence (Hard Skills)
• Security Monitoring (Hard Skills)
• Process Improvement (Hard Skills)
• Cross-Organization Communication (Soft Skills)
• Automation Integration (Hard Skills)

Job Summary: 

• Analyze, process, and compare data to produce tactical intelligence products
• Author tactical assessments on cyber threats, attacks, and incidents of interest to AXP
• Provide subject matter expertise on cyber threats to support current analytic operations and initiatives
• Create written and verbal intelligence products for internal AXP customers to assist in proactively addressing threats
• Perform open source threat collection and analysis activities, identifying indications of cyber threats
• Identify malicious code, websites, and vulnerabilities through automated and manual analysis using existing and purpose-built tools
• Analyzing malware/hacking tools and threat actor tactics, techniques, and procedures to characterize threat actors’ technical methods for accomplishing their missions
• Collect, analyze, catalog, and store indicators of compromise (IOCs) in partnership with the Fusion Center to help refine detection and response efforts
• Conduct intrusion analysis to ascertain the impact of an attack and develop threat trends to develop mitigation techniques and countermeasures that can prevent future attacks
• Identify credible new intelligence and subject matter resources relative to current/emerging threats

Skills on Resume:

• Threat Analysis (Hard Skills)
• Intelligence Reporting (Hard Skills)
• Open Source Collection (Hard Skills)
• Malware Analysis (Hard Skills)
• IOC Management (Hard Skills)
• Intrusion Analysis (Hard Skills)
• Mitigation Development (Hard Skills)
• Subject Expertise (Soft Skills)

Job Summary: 

• Review, validate, classify, and respond to security events
• Analyze security and traffic logs to determine “what happened” and document findings
• Analyze packets to recreate an attack and carve out files from packet captures
• Analyze a variety of network and host-based alerts
• Perform initial triage of security events
• Determine the correct remediation actions or escalation of incidents
• Document investigations to support the event conclusion
• Maintain awareness of real-world cybersecurity threats and support cyber intelligence capabilities
• Identify trends in events and incidents and make recommendations to improve risk posture
• Perform root-cause analysis of security-related events

Skills on Resume:

• Event Analysis (Hard Skills)
• Log Review (Hard Skills)
• Packet Analysis (Hard Skills)
• Alert Triage (Hard Skills)
• Incident Escalation (Hard Skills)
• Root Cause (Hard Skills)
• Threat Awareness (Hard Skills)
• Risk Improvement (Soft Skills)

Job Summary: 

• Contribute to the development of the company-wide information security requirements, threat modeling, secure design, cryptography standards, third-party component selection of approved tools, secure implementation, and system monitoring
• Identify gaps in the security posture and work with the team to mitigate or remediate them
• Leverage attack and vulnerability scanning tools to test, and enable the various teams to test the organization’s assets for vulnerabilities
• Manage information security-related projects to completion, exerting influence and inspiring enthusiastic participation
• Facilitate audit activities as initiated by internal and external entities, following established policies and procedures
• Perform evidence gathering for compliance, certification and baseline controls testing
• Maintain awareness and insight into internal and external software and systems
• Ensure the provisioning and management of credentials across multiple systems maintains alignment with the provisions of the information security management system (ISMS)
• Undertake regular supervisory inspections for non-compliant accounts (non-expiring passwords, stale/locked-out accounts, etc.)
• Take the lead in regular IAM reviews, including quarterly employment verification and privilege revalidation exercises
• Customer engagement on security questionnaires, contracts, and assessments
• Align with corporate information security on roadmap and strategy

Skills on Resume:

• Threat Modeling (Hard Skills)
• Vulnerability Testing (Hard Skills)
• Project Management (Hard Skills)
• Audit Support (Hard Skills)
• Compliance Testing (Hard Skills)
• Identity Management (Hard Skills)
• Customer Engagement (Soft Skills)
• Security Strategy (Hard Skills)

Job Summary: 

• Performs all procedures necessary to ensure the safety of information systems assets and to protect systems from intentional or inadvertent access or destruction
• Collect and review information regarding security impacts and issues to identify security shortfalls and software updates that are relevant
• Ensure that security patches are made available for new vulnerabilities and are applied in accordance with the suspense dates or sooner, per operational directives
• Utilize the DOD and Army-approved repository, Enterprise Mission Assurance Support Service (eMASS), to document compliance status of security controls, assessment data and plan of action and milestones (POAMs)
• Perform all requisite activities to obtain and maintain ATO by the assigned authorizing official and assess compliance of all authorization decisions, including denial of authorization to operate
• Monitoring and Oversight of the Third Party Risk Management Program compliance activities within Wells Fargo Technology
• Providing subject matter expertise as it relates to program requirements, policy changes, or changes to Third Party Management methodology and tools
• Identifying and reporting key risk issues
• Ensure Third Party issues and concerns (e.g., oversight deficiencies, program concerns, and open risk items) are reported and escalated
• Manage and track those deliverables effectively
• Establish connections with different stakeholders to seek feedback
• Conduct periodic reviews and assessments of Third Parties
• Document all key information and methods in the system of record as per the process
• Manage large data sets and perform analysis to get positive outcomes
• Drive the end-to-end process of Third Party Management activities
• Recommend changes to processes for continuous improvement

Skills on Resume:

• System Protection (Hard Skills)
• Patch Management (Hard Skills)
• eMASS Compliance (Hard Skills)
• ATO Maintenance (Hard Skills)
• Third-Party Oversight (Hard Skills)
• Risk Reporting (Hard Skills)
• Data Analysis (Hard Skills)
• Stakeholder Engagement (Soft Skills)

Job Summary: 

• Daily monitoring of events from Data Loss Prevention (DLP) and other information security tools
• Assess and determine appropriate next steps using knowledge of Corning businesses/processes
• Proactively identify opportunities to improve MT&E information security processes, configure rule sets and policies for security tools/systems
• Develop new tools and processes
• Analyze DLP incidents to identify common issues, trends and identify root cause(s)
• Summarize and report information security incident findings to MT&E management
• Mine data, conduct analysis and prepare reports based on event trends for MT&E management
• Inform MT&E management of all potential IA losses and/or threats
• Escalate information security risks to the Information Security management promptly
• Assist with the creation, modification, and review of MT&E information security documentation
• Ensure procedures followed are documented and repeatable, updating documentation when material changes are made
• Collaborate with Corning Information Security, Global Security, and IT resources supporting information security tools/systems
• Self-direct and work independently and clearly articulate technical concepts/ issues to both technical and non-technical peers and management
• Participate in the implementation of information security programs, projects and initiatives

Skills on Resume:

• DLP Monitoring (Hard Skills)
• Process Improvement (Hard Skills)
• Tool Development (Hard Skills)
• Incident Analysis (Hard Skills)
• Data Reporting (Hard Skills)
• Risk Escalation (Hard Skills)
• Documentation Management (Hard Skills)
• Independent Work (Soft Skills)

Job Summary: 

• Assist in developing, implementing, and supervising compliance with AXP and Information security policies, standards and procedures, and other policies and standards
• Implement security policies by coordinating and monitoring profiles, reviewing violation reports and investigating possible exceptions
• Prepare materials (reports, presentations, spreadsheets, etc.) to help develop scenarios, response procedures, and enable informed decision-making
• Verifying the completeness, accuracy, and relevance of data gathered
• Use tools and detailed processes to ensure consistency and optimization to work in support of efforts to measure and improve information security processes
• Prepare status reports on information security or other matters, to help develop, supervise, monitor, and report on projects and initiatives
• Facilitate meetings to collect and document products/services or generic process changes
• Maintain the internal documentation library by ensuring that processed and other documentation are regularly updated
• Provide root cause analysis assistance for incident management or post-implementation efforts
• Provide analytical support for issue management, project assessments, and reporting
• Participate in the evaluation of products and/or procedures to improve efficiency
• Support the analysis of underlying trends and action plans associated with information security and other domains
• Maintain records to allow for historical trending analysis

Skills on Resume:

• Policy Compliance (Hard Skills)
• Profile Monitoring (Hard Skills)
• Report Preparation (Hard Skills)
• Data Verification (Hard Skills)
• Process Optimization (Hard Skills)
• Root Cause (Hard Skills)
• Issue Analysis (Hard Skills)
• Documentation Management (Hard Skills)

Job Summary: 

• Participate in technical security testing and analysis of proposed and existing technology solutions
• Maintain system and network inventory for internal and cloud-based resources
• Work with DevOps team(s) and Application Security team to maintain up-to-date versions of libraries or third-party code used in applications/websites
• Assist in the design and conduct of red team/blue team activities
• Participate in the development of technical security standards, particularly for networks, servers, and cloud platforms
• Provide advice and consultation for staff on information security-related policies, procedures, and best practices
• Write technical documentation for and deliver technical presentations to IT staff
• Conduct routine network scanning and assessment of results
• Responsible for comprehensive Information security risk assessments of a variety of Information asset classes 
• Determine the impact levels on 5 key aspects such as Regulatory, Financial, Operational, Consumer and Reputational
• Determine Transactional risk levels and analyze supplemental risk assessments such as Code review, Site review, Penetration testing and FFIEC scans
• Responsible for the analysis of high risks and communicating the results and risk treatment options to appropriate levels of management
• Demonstrate good knowledge and technical skills in multiple information security domains

Skills on Resume:

• Security Testing (Hard Skills)
• Inventory Management (Hard Skills)
• DevOps Collaboration (Soft Skills)
• Red Teaming (Hard Skills)
• Security Standards (Hard Skills)
• Risk Assessment (Hard Skills)
• Network Scanning (Hard Skills)
• Technical Communication (Soft Skills)

Job Summary: 

• Perform comprehensive third-party supplier information security due diligence assessments promptly, report on results and recommend remediation actions
• Perform information security risk assessments and risk management activities
• Manage and support information security events and incidents through to resolution
• Manage the information security awareness training program
• ensure all employees develop and maintain an awareness of and comply with all applicable Information security policies, procedures, laws and regulations
• Support corporate compliance with the General Data Protection Regulation (GDPR) from an information security perspective
• Support the information security / IT audit processes for ISO 27001 and other compliance requirements
• Support the creation, implementation and maintenance of IT/information security standards, policies, processes and procedures in accordance with the IT/information security control frameworks such as ISO 27001
• Monitor, analyse and report on information security-based management metrics, in many cases using information security technologies such as DLP and SIEM
• Maintain awareness of new and changed security threats through review of specialist sites such as NCSC, CERT, etc
• Provide information security consultation, advice and guidance for EMEA business activities and projects
• Collaborate with global and regional compliance and information security teams on information security and data privacy initiatives and events

Skills on Resume:

• Third-Party Assessment (Hard Skills)
• Risk Management (Hard Skills)
• Incident Management (Hard Skills)
• Awareness Training (Soft Skills)
• GDPR Compliance (Hard Skills)
• ISO27001 Support (Hard Skills)
• Security Metrics (Hard Skills)
• Consultation (Soft Skills)

Job Summary: 

• Develop and support security solutions that integrate and interface with customers
• Influence senior management and security tool development using data to drive business decisions and improve Intel's security posture
• Analyze data from any IT or InfoSec source, including assets, vulnerabilities, patching, compliance, network, waivers, workers, and locations
• Assist with ongoing capability development on Intel's big bet platforms (SEER, Vulnerability Checker, Kafka, Splunk) including future integrations/development
• Work closely with software development engineers, system engineers, and other information security teams in supporting information security projects and initiatives
• Complete ad-hoc reporting and data requests
• Support and work in an Agile and DevOps team focused on security analytics and solution development
• Prepare reports that take note of security breaches and the extent of the damage caused by these breaches
• Install software that is created to protect sensitive information, such as firewalls and data encryption programs
• Monitor the networks to keep an eye out for any security breaches and investigate them if one does occur
• Research the latest information technology security trends to keep up to date with the subject and use the latest technology to protect information
• Develop a security plan for the best standards and practices for the company
• Conduct frequent testing of simulated cyber attacks to look for vulnerabilities in the computer systems and take care of these before an outside cyber attack
• Make recommendations to Government customers and senior executives about security advancements to best protect the supported systems

Skills on Resume:

• Security Solutions (Hard Skills)
• Data Analysis (Hard Skills)
• Tool Development (Hard Skills)
• Agile Collaboration (Soft Skills)
• Incident Reporting (Hard Skills)
• Network Monitoring (Hard Skills)
• Vulnerability Testing (Hard Skills)
• Security Planning (Hard Skills)

Job Summary: 

• Assists in assuring that all the information and systems under the control of Liberty Healthcare Management stay confidential, maintain their integrity, and they remain available for their intended use
• Monitor and maintain endpoint management tools for endpoint detection and response (EDR), including antivirus, anti-malware, host encryption and content filtering
• Monitor computer enterprise networks for security issues and investigate security breaches and other cybersecurity incidents when they occur, based on established policies and protocols
• Install security measures, authentication protocols, hardware, and software to protect systems and information infrastructure, including firewalls and data encryption programs
• Conduct security assessments through vulnerability testing and risk analysis and perform both internal and external security audits, as directed
• Analyze security breaches to identify their root cause and then document findings and assess the damage they cause
• Work with other security team members and department heads to formulate and perform tests, audit protocols, and other techniques to uncover infrastructure vulnerabilities
• Review the latest security alerts, both internal and external, to determine relevancy and urgency regarding the company and established policies
• Support the development and implementation of systems, policies, and protocols to scrutinize the network infrastructure and operating environment for vulnerabilities, weaknesses, flaws, and deviations from policy and standard
• Assist security team members and department heads with IT troubleshooting and enterprise security support
• Support the development of metrics that can be used to measure security capability and performance
• Ensure that digital assets are protected from unauthorized access including both cloud and on-premises infrastructures and public-facing or internal systems, through monitoring and analysis of alerts
• Provide reports and other documentation for IT administrators, managers, and security team members to use to evaluate the efficacy of the security policies in place
• Support the development of organization-wide best practices for IT security policies, protocols, and procedures and perform assessment and testing of existing security controls to assess the performance of those best practices
• Support LHM's third-party vendor risk management program by verifying the security procedures and systems of third-party vendors and collaborating with them to meet security and regulatory compliance requirements
• Research security enhancements, innovations, and industry improvements and then make recommendations to management based on that research
• Stay up to date on emerging information technology trends and security standards
• Educate security team members, supervisors, executives, and other stakeholders to help integrate system security best practices into the company’s access procedures

Skills on Resume:

• Endpoint Management (Hard Skills)
• Network Monitoring (Hard Skills)
• Vulnerability Testing (Hard Skills)
• Risk Analysis (Hard Skills)
• Incident Investigation (Hard Skills)
• Policy Development (Hard Skills)
• Vendor Assessment (Hard Skills)
• Security Training (Soft Skills)

Job Summary: 

• Active participation in the 24/7 operations of the BD Security Operations Center
• Proactively monitoring and providing cybersecurity status and reports to enable timely decision-making
• Operate within direction to investigate and escalate in accordance with protocols
• Perform host-based analysis, artifact analysis, network packet analysis, and malware analysis in support of security investigations and incident response
• Provide direction to the managed service provider to triage alerts
• Collect related data from various network analysis systems
• Review available open and closed source information on related threats and vulnerabilities
• Diagnose observed activity for the likelihood of system infection, compromise or unintended/high-risk exposure
• Proactively threat hunt by performing analysis of events in the current SIEM and other SOC tools, looking for malicious activity and other security-related events that were not identified by the automated processes
• Develop content and action tuning requests to improve alert fidelity and reduce false positives
• Ensure all incidents are supported with evidence and artifacts derived from analysis
• Provide clear and actionable event notifications
• Recommend detection and prevention/mitigation signatures and actions as part of a layered defensive strategy leveraging multiple capabilities and data types.
• Identify advanced anomaly detection strategies and instrument systems to automate detections
• Develop program metrics and reporting, compile and analyze data for accurate and timely reporting of activity

Skills on Resume:

• SOC Operations (Hard Skills)
• Threat Hunting (Hard Skills)
• Malware Analysis (Hard Skills)
• Packet Analysis (Hard Skills)
• SIEM Analysis (Hard Skills)
• Incident Response (Hard Skills)
• Alert Tuning (Hard Skills)
• Reporting (Soft Skills)

Job Summary: 

• Assessing the applicability of newly identified vulnerabilities or non‐compliance and identifying the appropriate party for remediation
• Developing or updating processes and procedures to ensure effective and consistent operations that adhere to requirements and IS standards, and follow IS policy and/or IS risk compliance regulations
• Reporting and analysis to assist in executing solutions and provide consultation to customers, colleagues and management, participation in cross‐functional linked teams to address IS policy/risk or compliance issues
• Providing input on best practices and how to improve current practices and/or monitoring
• Performs analysis of business issues utilizing established methodology and tools within information security areas
• Works with the customers and other resources to assess current capabilities, identify the customer needs and assist in recommending process improvements within information security areas
• Provides basic support and collaboration in completing analysis, providing ad‐hoc reports, information, or process mapping, and/or alignment of the business and related resources
• Contributes to process improvement and solution discussions and may contribute some outcomes in written and verbal formats to management
• Assists in the development and design of new business processes and the elaboration and updating of existing business processes within information security areas
• Participates in cross‐functional team initiatives and process improvement projects within the information security area

Skills on Resume:

• Vulnerability Assessment (Hard Skills)
• Process Development (Hard Skills)
• Compliance Reporting (Hard Skills)
• Best Practices (Hard Skills)
• Business Analysis (Hard Skills)
• Process Improvement (Hard Skills)
• Customer Consultation (Soft Skills)
• Cross-Functional Collaboration (Soft Skills)

Job Summary: 

• Perform tasks associated with access management functions- account creation, account de-provisioning, access changes, researching access events, generating access reports, providing audit evidence for access, etc.
• Review security access changes to determine if changes are approved and appropriate based on least privileges and proper segregation of duties
• Support a company-wide certification management program encompassing any SOX-relevant access to system resources and applications
• Ensure compliance and adherence with Information Security controls and standards
• Conduct phishing simulations and assign security training for repeat offenders
• Perform internal security controls reviews, identify gaps, and monitor remediation activities through completion
• Help manage the security awareness training program
• Develop dashboards to showcase the Information Security maturity progression
• Assist with the implementation of various security toolsets
• Assist the Cyber Security Manager in developing annual phishing campaigns
• Keep up to date with legislation to ensure compliance in all areas including Data Protection and Information Security, in liaison with the organisations, and a dedicated Data Protection Officer
• Work with Supply Chain to manage the integration of new and updated applications
• Maintain the recertification of key business systems including ISO27001, Cyber Essentials and Cyber Essentials Plus
• Develop 'security information packs' to be used by the Client Solutions and Bid teams, to improve the consistency of tender and bid responses
• Assist in internal and external Audits
• Contribute to security incident management

Skills on Resume:

• Access Management (Hard Skills)
• SOX Compliance (Hard Skills)
• Phishing Simulation (Hard Skills)
• Security Awareness (Soft Skills)
• Control Review (Hard Skills)
• Dashboard Development (Hard Skills)
• Audit Support (Hard Skills)
• Incident Management (Hard Skills)

Job Summary: 

• Assist and support in the implementation of Information Security-related projects
• Install and use software, such as antivirus and data encryption programs, to protect sensitive information
• Responsible for guiding security tool configuration, daily maintenance of security tools, updating of antivirus/malware monitoring tools, detection and response to security alerts, and other various information security measures
• Ensure that security findings and issues are followed up on and closed out
• Provide system-level logs and details related to potential security investigations
• Investigate Information security-related incidents as reported to the organization or identified with security tools
• Research the latest information security trends and recommend security enhancements to management
• Ensure users understand and adhere to the necessary procedures to maintain security
• Assists in the development and periodic review of security procedures to ensure compliance with Information Security defined policies
• Ensures systems and software configurations comply with Information Security Requirements, Policies, and Standards
• Assist in troubleshooting and solving a wide variety of security issues
• Promote security awareness and provide training/communications to internal end-users

Skills on Resume:

• Security Tools (Hard Skills)
• Incident Investigation (Hard Skills)
• Log Analysis (Hard Skills)
• Trend Research (Hard Skills)
• Policy Compliance (Hard Skills)
• Troubleshooting (Hard Skills)
• Security Awareness (Soft Skills)
• User Training (Soft Skills)

Job Summary: 

• Leads and performs activities required to obtain FISMA Authority to Operate
• Responsible for the development and maintenance of the System Security Plan, Information System Risk Assessment, Privacy Impact Assessment, and Incident Response Plan
• Responsible for the development and maintenance of Business Impact Analysis and Information System Contingency Plan
• Acts as contingency plan coordinator and facilitates functional and tabletop exercises
• Performs web application security assessments
• Responsible for planning and coordinating of third-party security assessments
• Responsible for managing the Plan of Action and Milestones (POA&M) for identified vulnerabilities
• Recognizes potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information
• Evaluates firewall change requests and assesses organizational risk
• Communicates alerts to agencies regarding intrusions and compromises to their network infrastructure, applications, and operating systems
• Assists with the implementation of countermeasures or mitigating controls
• Conducts regular audits to ensure that systems are being operated securely, and information systems security policies and procedures are being implemented as defined in security plans

Skills on Resume:

• FISMA Compliance (Hard Skills)
• Security Documentation (Hard Skills)
• Contingency Planning (Hard Skills)
• Web Assessment (Hard Skills)
• Third-Party Assessment (Hard Skills)
• POA&M Management (Hard Skills)
• Intrusion Detection (Hard Skills)
• Audit Execution (Hard Skills)

Job Summary: 

• Safeguards the network against unauthorized infiltration, modification, destruction, or disclosure
• Researches, evaluates, tests, and implements new security software or devices
• Conducts investigations of information systems security violations and incidents, reporting to management
• Implements, enforces, communicates, and develops security policies or plans for data, software applications, hardware, telecommunications, and information systems security education/awareness programs
• Performs periodic and on-demand system audits and vulnerability assessments, including user accounts, application access, file system and external Web integrity scans to determine compliance
• Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information
• Provides information assurance project management, technical security staff oversight, and development of mission-critical technical documents
• Ensure compliance with regulations and privacy laws
• Develops materials for computer security education/awareness programs
• Responds to queries and requests for computer security information and reports

Skills on Resume:

• Network Protection (Hard Skills)
• Security Research (Hard Skills)
• Incident Investigation (Hard Skills)
• Policy Development (Hard Skills)
• Vulnerability Assessment (Hard Skills)
• Project Management (Hard Skills)
• Regulatory Compliance (Hard Skills)
• Security Awareness (Soft Skills)

Job Summary: 

• Perform application user access and permission reviews, make or request changes, and adhere to minimal conduct of job functions
• Maintain and monitor system controls in accordance with the Bank’s selected security framework and systems, including review of log files from various tools such as firewalls, IDS/IPS, EDR/NGAV, SIEM, Active Directory event log monitoring and alerting
• Log, track and report security events and/or incidents that may occur within IT systems, vendor systems, or across Bank business units
• Investigate, document and action any issues
• Identify security vulnerabilities and remediate them with strategic solutions that increase data security
• Assist with firewall operating procedures and controls
• Participate in completing required regulatory activities such as risk assessments, incident response exercises, GLBA reporting, audit testing, the Ransomware Self-Assessment Tool, Cybersecurity Assessment Tool, etc.
• Collaborate with the IT Director to make recommendations on the selection of security products and solutions and review, implement, and configure approved solutions with the assistance of the vendor/service provider
• Assist the IT Director in developing and maintaining the Threat Intelligence program and in identifying and enhancing key performance and key risk indicators and other security metrics
• Work with IT personnel and service providers to ensure servers, desktops and other devices are optimally configured, hardened, and patched to protect information assets
• Work with independent vendors to scope and carry out vulnerability assessment, penetration testing, and other IT assurance testing activities
• Participate in and/or create and refine applicable information security policies and procedures, including those related to vulnerability management, configuration management, incident management, and business continuity and disaster/recovery planning
• Work with internal staff on an information and cybersecurity training curriculum in an effort to educate employees on attack vectors that may indirectly or directly target employees
• Participate in or complete IT audit, risk assessment, and network testing remediation plans, depending on the disciplines in which changes are required
• Complete ongoing activities articulated in the Bank’s information security program
• Develop security standards, procedures, and guidelines for multiple platforms

Skills on Resume:

• Access Review (Hard Skills)
• Log Monitoring (Hard Skills)
• Incident Management (Hard Skills)
• Vulnerability Remediation (Hard Skills)
• Regulatory Compliance (Hard Skills)
• Threat Intelligence (Hard Skills)
• Policy Development (Hard Skills)
• Security Training (Soft Skills)

Job Summary: 

• Manage and analyze monitoring data on a day-to-day basis for various security-related events and activities via several information security systems and tools
• Detect any unauthorized attempts to access the system
• Collaborate with the technical services team and cross-functional departments to remediate security risks
• Administrate security toolsets and handle vulnerability scans
• Assist in working with external security vendors and the Gundersen Health System technical systems team in defining the scope of internal and external vulnerability scans and penetration tests
• Performs periodic reviews of firewall rules
• Conducts comprehensive risk assessments of various security controls
• Create specific protocols that audit file changes such as updates, deletions, additions and moving
• Penetration testing and monitoring of current technology assets
• Prevent intrusions using current security hardware and software
• Proactively assess potential items of risk and opportunities of vulnerability in the Gundersen Health System network
• Monitors and provides consultation on projects in a manner that promotes information security best practices

Skills on Resume:

• Security Monitoring (Hard Skills)
• Unauthorized Detection (Hard Skills)
• Vulnerability Scanning (Hard Skills)
• Penetration Testing (Hard Skills)
• Firewall Review (Hard Skills)
• Risk Assessment (Hard Skills)
• Intrusion Prevention (Hard Skills)
• Cross-Functional Collaboration (Soft Skills)

Job Summary: 

• Ensures compliance with all information security policies and procedures
• Performs regular information security assessments
• Assists in the evaluation of hardware and software products to ensure compliance with information security policies can be adhered to
• Develops and maintains all information security documents and implements recommended solutions
• Trains all employees on processes related to the Gundersen Health System information security program
• Identify security breaches and take action to stop and prevent them
• Conducts routine information security risk assessments
• Identifies and tracks risk mitigation plans through completion
• Interview employees to assess current security procedures and identify gaps that require remediation and/or mitigation
• Provides first-level security incident response for incidents reported by monitoring systems
• Coordinates with all Information Systems departments and teams to gather all data and resolve issues or develop an action plan
• Perform root cause analysis

Skills on Resume:

• Policy Compliance (Hard Skills)
• Security Assessment (Hard Skills)
• Product Evaluation (Hard Skills)
• Documentation Management (Hard Skills)
• Employee Training (Soft Skills)
• Incident Response (Hard Skills)
• Risk Mitigation (Hard Skills)
• Root Cause (Hard Skills)

Job Summary: 

• Staying current with all matters relating to application, database, and network security
• Ensuring data privacy and security
• Evaluating output from various security monitoring tools
• Planning and implementing remediation and/or mitigating controls
• Carrying out security-based risk assessments
• Planning and implementing remediation and/or mitigating controls
• Advising on any potential risk acceptance
• Identity and access management
• Implementing controls and working with other teams to ensure appropriate access to corporate assets
• Maintaining knowledge of security/regulatory concepts such as least privilege
• Incident response and management
• Providing security feedback and expertise
• Implementing any controls to end the current incident and protect against future occurrences
• Maintaining security-related documentation, processes, and procedures
• Designing, implementing, and maintaining secure system configurations
• Addressing the security questions and concerns of both external and internal stakeholders

Skills on Resume:

• Data Privacy (Hard Skills)
• Risk Assessment (Hard Skills)
• Access Management (Hard Skills)
• Incident Management (Hard Skills)
• System Hardening (Hard Skills)
• Regulatory Knowledge (Hard Skills)
• Stakeholder Communication (Soft Skills)
• Documentation Management (Hard Skills)

Job Summary: 

• Provide recommendations for comprehensive strategies to manage risk to the organization and its assets
• Provide a concept of operations for evaluating risk across the agency with respect to risk tolerance
• Provide support to ensure consistent, agency-wide application of the risk management strategy
• Develop a plan for implementing the DoD RMF and assist in implementation using eMASS or other DoD/Army systems of record
• Provide a quarterly update of the agency RMF
• Conduct RMF assessments in coordination with Government leads
• Handle alerts from information security logging and monitoring systems by analyzing their severity, remediating, and escalating the event to the appropriate team for remediation
• Conduct periodic internal audits and assessments of the organization’s compliance with its information security policies and standards
• Assist with information security risk assessments
• Communicate and work with Technical and Support IT staff
• Provide input during Information Security huddles on work and current security events

Skills on Resume:

• Risk Management (Hard Skills)
• RMF Implementation (Hard Skills)
• eMASS Compliance (Hard Skills)
• Audit Execution (Hard Skills)
• Log Analysis (Hard Skills)
• Incident Escalation (Hard Skills)
• Risk Assessment (Hard Skills)
• IT Collaboration (Soft Skills)

Job Summary: 

• Identify and centralize existing report generation
• Work with existing data sources to collect, scrub and enhance available data to ensure it’s consistent and precise for use in both internal and external reporting
• Identify opportunities for improving efficiency and streamlining the process of report and presentation input compilation
• Implement automation for manual efforts
• Take responsibility for producing quality data output and professional-standard Information Security client reporting
• Take ownership of ongoing management reporting activities and ensure that it stays in line with Information Security standards and client requirements
• Take ownership in following up with all clients on completeness of data in such systems and processes, such as entitlement reviews, issue management process, transfer repository and local admin access request
• Take ownership of data quality and output by identifying and influencing all data source owners to produce data of consistently high quality and with tangible value to clients
• Assist in growing the centralized team to take on activities where a tangible benefit can be documented and submitted to Information Security Management for approval
• Embed quality control measures in all processes and activities to ensure a robust and sustainable data integrity review that can adapt to meet the dynamic requirements of the Information Security organization
• Embracing new technologies, actively seek out opportunities to enhance reporting and key data delivery to encourage a strong behaviour of many uses for data collected or generated

Skills on Resume:

• Data Management (Hard Skills)
• Report Generation (Hard Skills)
• Process Automation (Hard Skills)
• Quality Control (Hard Skills)
• Client Reporting (Hard Skills)
• Data Integrity (Hard Skills)
• Team Collaboration (Soft Skills)
• Technology Adoption (Hard Skills)