Due to these struggling times, we are offering 50% off to employers with the code: STAY50

Save Time On Your Cyber Security Job Hunt

100% Focused on Cybersecurity & IT Security Jobs

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Application Security Jobs

Auth0

Software Engineer, Platform Tools

Remote
Application Security
FULL-TIME
Oct 28
Premier
Auth0 is a unicorn that just closed a $120M Series F round of funding, with total capital raised to date of $330M and valuation of nearly $2B. We are growing rapidly and looking for exceptional new team members to add to our exceptional talent pool - and who will help take us to the next level of success. One team, one score. 
 
Our vision is to provide people with secure access to any application in one click or less. And our promise is to make identity work for everyone—whether you’re a developer looking to innovate, or a security professional looking to mitigate. We are looking for curious, excited, boundary-pushing team members. So, if you’re a big thinker who is nimble and adaptable, Auth0 may be an ideal place for you to shine.
 
The Platform Tools team mission is to make the life of Auth0’s engineers easier and more productive by providing a frictionless interface to Auth0’s internal platform. 
 
We are looking for senior software engineers to help us achieve the level of excellence that our teams need to make their day-to-day work easier and enjoyable.

You will:

  • Design, build and maintain tools and a toolchain to improve the development lifecycle.
  • Help build and scale our development environment as engineering teams grow.
  • Research and build prototypes using new technologies.
  • Investigate, discuss and propose new engineering productivity practices and tools.
  • Collaborate with fellow team members on priorities, specifications, and progress communication.
  • Evangelize Auth0 engineers about our new tools offering.

You are a good fit if you:

  • Have excellent communication and collaboration skills.
  • Love to work with cutting edge technologies.
  • Enjoy solving chores through automation.
  • Have experience with Go, Node.js or similar.
  • Have experience with container technology such as Docker, Kubernetes, ECS, etc.
  • Have experience with distributed systems, software architectures and authentication.
  • Are autonomous and have a continuous improvement mindset.
  • Pay attention to details and keep user experience a top priority.
  • Enjoy being part of a highly collaborative, remote first environment.
  • Timezone: we are giving preference to candidates located between GMT -3 and GMT +2.

You might work on:

  • Open source tools, integrations, CLIs, and frameworks.
  • API and CLI interface to our internal platform.
  • Vivaldi, our Docker-based development environment.
  • Bots and scripts to automate common tasks.
  • IDE and browser extensions.
  • Pull Requests flow automation.

Preferred Locations:

  • #US; #CA; #AR;

 

Auth0 safeguards more than 4.5 billion login transactions each month and its top priorities are availability and security.
 
We like to think that we are helping make the internet safer. Our team is spread across more than 35 countries and we are proud to continually be recognized as a great place to work. Culture is critical to us, and we are transparent about our vision and principles
 
Auth0 is an Equal Employment Opportunity employer. Auth0 conducts all employment-related activities without regard to race, religion, color, national origin, age, sex, marital status, sexual orientation, disability, citizenship status, genetics, or status as a Vietnam-era special disabled and other covered veteran status, or any other characteristic protected by law. Auth0 participates in E-Verify and will confirm work authorization for candidates residing in the United States.
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
CyberArk

Software Engineer Intern

Newton, MA
Application Security
INTERN
Aug 22
Premier

Job Description:

We are looking for software engineering interns to join the Conjur Community and Integrations (C&I) team at CyberArk! Our team delivers high-quality open source software and more to CyberArk’s customers. We know that our community is best served when:
- Our projects are active, maintained, well organized, and superbly documented
- We discuss, plan, design, and build in the open
- Contributions from community members are solicited, welcomed, and reviewed

The intern will play an important role in helping us grow and maintain our suite of tools and integrations that work with Conjur open source. During the internship, the intern will work with the community and integrations team to extend our Conjur SDK from a handful of client libraries to a complete OpenAPI implementation. There will also be opportunities to write tutorials, blog posts, and provide code samples that community members can use to understand how to use our software. In creating this content, interns will get hands-on experience with bash, Docker, interacting with a REST API, and some of the most popular modern DevOps tools and platforms for deploying software.

 

Responsibilities
The Conjur C&I team are responsible for many features and initiatives within the CyberArk portfolio, including:
- Features within the Conjur open source product
- Integrations for the Conjur and DAP products with popular open DevOps tools
- Connectors and enhancements for the revolutionary Secretless Broker
- APIs and SDKs for the above

 

Requirements:

- Senior currently enrolled in a University/ College

- Major studies focused in Computer Science, Information System Security, etc or prior industry software development experience 

- Experience with Docker, Bash, Golang, Ruby is a plus

- Capable of understanding the technical aspects of a complex system.

- Must have excellent communication skills and a passion for providing world-class service.

- Experience of directly supporting enterprise-level customers is a plus.

- Ability and desire to learn products and technologies.

- Must be able to work independently as well as with others, as part of a domestic and international team.

- Excellent time management, decision making, prioritization and organization skills.

- Experience developing on Unix/Linux based system is a plus

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
HP

Application Security Engineer

Spring, TX
Application Security
FULL-TIME
Aug 20
Premier

We are seeking a Product Security consultant within Personal PC organization. We are looking for an innovative and motivated candidate who under general direction and with a high level of autonomy, will use extensive knowledge and skills obtained through education and experience to perform the services.

The candidate will be required to work on multiple products and must have the ability to develop and present secure solutions and remediation advice to leadership and technical teams. The candidate will be required to assess risks imposed by technical solutions and advise product teams of security standards, best practices and solutions to address risk, while maintaining security quality and customer satisfaction.

 

Primary responsibilities of this role are:

  • Work closely with Business Team and product development team to:
  • Drive Security Development Lifecycle activities (architecture review, threat modeling, security code reads)
  • Align security solution to overall HP Inc. product.
  • Certify the product HP Inc. ship are align with cyber security standard.
  • Apply security throughout the product development lifecycle using Secure Development Lifecycle processes and techniques
  • Gain and maintain a working knowledge of the HP Inc. portfolio of products.
  • Continually review and enhance existing knowledge of security aspects of HP Inc. product sets and technologies.
  • Partner with product development teams in order to remediate risks identified by Product Security.
  • Capture Remediation data to provide dashboard and metrics to senior management
  • Provide 'soft' consultancy skills and a proactive approach to earn the trust of product teams.

Requirements and Desirable Qualities:

  • Strong engineering background preferred
  • Application architecture experience preferred
  • Advanced knowledge of Windows platforms
  • Advanced knowledge of application mobile security tools
  • Strong technical acumen securing software and hardware
  • Excellent analytical and problem solving skills
  • Good understanding of software development and working experience with any one of the higher level programing languages or scripting
  • Typically 5 or more years of related work experience
  • Experience leading security efforts and/or teams
  • Good analytical and problem solving skills.
  • Good communication skills

 

Experience:

  • Typically 7 or more years of related work experience
  • Typically 5 years’ experience in vulnerability research analyst, pen testing, security researcher, Windows, Linux.
  • Strong engineering and development background in software are preferred.
  • Open Source Contributor
  • Strong knowledge to perform below tests:
    • Penetration Testing
    • Static Analysis/ Static Application Security Testing
    • Vulnerability Assessment/Scanning
    • Dynamic Analysis/Dynamic Application Security Testing (DAST)
    • Malicious Software Analysis
    • SDL (architecture review, code reads, threat modeling)

 

 

Preferred Certifications:

  • CEH: Certified Ethical Hacker
  • CCNP Security: Cisco Certified Network Professional Security
  • GSEC / GCIH / GCIA: GIAC Security Certifications
  • CISSP: Certified Information Systems Security Professional
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Leidos

Jr Cybersecurity Application Developer

Washington, DC
Application Security
FULL-TIME
Jul 29
Premier

Job Description:

Leidos has an immediate need for a Junior Cybersecurity Application Developer to support this DHS SOC Program. The Application Developer will join a multidisciplinary team and needs to be a self-starter with excellent technical planning, system design, analytical and problem-solving skills, flexibility, good judgement and the ability to coordinate multiple, concurrent tasks in an effective manner. The applications developed will be used to collect and process data and improve the DHS Enterprise Security Operations Center capabilities. The Application Developer will work under the direction of senior staff on tasks to maintain existing applications and infrastructure, plan and install new hardware/software, assist with ATO compliance, help ensure the integrity and security of enterprise-wide cyber systems and networks, etc. The multidisciplinary nature of the team provides opportunities to work on a variety of applications and hardware that the team supports.

Primary Responsibilities

  • Develop and support capabilities on the RSA Archer platform as well as a variety of other platforms.
  • Assist with Server admin, account maintenance, upgrades and related Change Management requirements
  • Conduct POAM remediation, system support/maintenance.
  • Break/Fix System support and ticket resolution support.
  • Review, debug, and resolve technical issues throughout all stages development and support
  • Assist with process development and process improvement for Security Operations to include creation/modification of SOPs, Playbooks, and Work instructions
  • Perform integration activities to connect with 3rd party software APIs
  • Design, implement, and maintain efficient and reusable Python code
  • Work with stakeholders to develop requirements and deliverables

Basic Qualifications

  • The candidate shall have bachelor’s degree in Computer Science, Engineering, or related field and a minimum of 2 years of experience in system administration, database administration, network engineering, software engineering, or software development, with a concentration in cybersecurity
  • At least one of the following certifications: CASP, Security+, GCIH, GCWN, GISF, GSSP, GICSP, SEI, CCSP, CISSP, CSSLP, SSCP, CCNP, CCNP Security, CCIE Security, CEH, ECSP, MCSE, RHCA, RHCE, VCP, VCAP, VCIX, VCDX, Splunk Enterprise Certified Architect
  • Proficient in the use of all Microsoft Office tools
  • Demonstrated ability to adapt to new technologies and learn quickly
  • Ability to work independently on assigned tasking
  • Experience with Python and Shell Scripting
  • Experience with RedHat Linux
  • Department of Homeland Security ESOC employees are required to obtain an Entry on Duty (EOD) clearance to support this program.

Preferred Qualifications

  • Experience with VMware & Ansible/Ansible Tower and/or Terraform
  • Experience working in AWS and Azure
  • Experience working in an Agile environment
  • Experience as a SOC Analyst and/or Incident Responder

Experience and knowledge with designing, building, deploying, and maintaining infrastructure in cloud environments

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
CrowdStrike

Sr. Software Engineer

Remote
Application Security
FULL-TIME
Jul 16
Premier

We're building the next-generation infrastructure and security platform for CrowdStrike. The Managed Services Development (MSD) team builds the platform and tools for our analysts on the OverWatch team to process and hunt (identify potentially harmful activity) through hundreds of billions of events per day, and growing. MSD build and maintain the platform and tools for Falcon Complete analysts to run customer's security operations in our production cloud environment.

We are looking for an engineer who wants to help move the MSD platform forward as we scale even further. Someone with a broad range of computer skills throughout the software stack and clear communication skills would thrive in this environment. You should love working on large- scale, distributed, cloud-based, highly available systems that can efficiently operate over hundreds of billions events a day.

You will...

  • Be comfortable with projects to build new components and extend the current system. You would need to gather requirements, plan, code, test, and deploy to completion.
  • Help the OverWatch team become more effective in their analysis and hunting by improving the platform and tools.
  • Help the Falcon Complete team become more effective and efficient in their mission to support customer's security operations large and small.
  • Work closely with cloud architects to evolve our systems for future growth and platform development.
  • Bring research projects into production environments and integrate them with the MSD systems.
  • Work in a devops environment where you (and your team) are responsible for the systems you deploy.
  • Be an energetic ‘self-starter’ with the ability to take ownership and be accountable for deliverables.
  • Have a desire for quality and understand what tools and processes you need to reach that level and help the team reach a higher bar.
  • Be an adaptable and flexible engineer who is constantly learning and enjoys tackling complex and novel challenges.
  • Work as part of a distributed team of remote workers across timezones.
  • Use and give back to the open source community.

You'll use...

  • Go (Golang)
  • Python
  • AWS
  • Postgres
  • ElasticSearch
  • Kafka
  • Kubernetes/Spinnaker You have...
  • Degree in Computer Science (or commensurate experience).
  • ·Experience with Golang or another language for developing web backends and pipelines (such as Python/Ruby/etc).
  • Built web-services with data processing pipelines and the concepts required.
  • Experience with relational and noSQL databases (Redis, Postgres, Cassandra, ElasticSearch a plus).
  • Understanding of messaging or queueing software, Kafka experience highly desirable.
  • Linux skills and experience with large-scale, business-critical Linux environments.
  • Understanding of distributed systems and scalability challenges, particularly in Cloud environments such as AWS.
  • The ability to thrive in a fast paced, test-driven, collaborative and iterative programming environment.
  • A thorough understanding of engineering best practices from appropriate testing paradigms to effective peer code reviews and resilient architecture.

Bonus points awarded for...

  • Authored and lead successful open source libraries and projects.
  • Contributions to the open source community (GitHub, Stack Overflow, blogging).
  • Existing exposure to Go, AWS, Cassandra, Kafka, Elasticsearch...
  • Prior experience in the cybersecurity or intelligence fields.

Bring your experience in distributed technologies and algorithms, your great API and systems design sensibilities, and your passion for writing code that performs at extreme scale. You will help build a platform that scales to millions of events per second and Terabytes of data per day. If you want a job that makes a difference in the world and operates at high scale, you’ve come to the right place.

#LI-JF1

​#LI-Remote

#Stack

Benefits of Working at CrowdStrike:

  • Market leader in compensation and equity awards
  • Competitive vacation policy
  • Comprehensive health benefits + 401k plan
  • Paid parental leave, including adoption
  • Flexible work environment
  • Wellness programs
  • Stocked fridges, coffee, soda, and lots of treats

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
See More Application Security Jobs

Network Security Jobs

GSK

Network Security Specialist

Multiple
Network Security
FULL-TIME
Aug 23
Premier

Site Name: USA - Massachusetts - Waltham, USA - North Carolina - Research Triangle Park, USA - Pennsylvania - Philadelphia, USA - Pennsylvania - Upper Providence, USA - Texas - Richardson, UK - Hertfordshire - Stevenage
Posted Date: Aug 18 2020

This role is an exciting opportunity within GSK Tech Security & Risk (TSR) organisation who provide services and expertise to enable a risk based, compliant, efficient, secure and value driven Technology Delivery. As GSK continues its digital transformation, the security of platforms for infrastructure, data and applications must be elevated to utilize the latest and most effective capabilities available. The successful candidate will have strong technical & consultative skills as well as relevant experience in IT Security Architecture & Engineering. The successful candidate will be required to collaborate with technologists within GSK and other business entities.

 

This role will report to the Director of App & Infrastructure within the Architecture team of the Security & Risk Organisation. The Network Security Specialist will lead on developing the network security architecture and strategy. The candidate will support the GSK cyber security program team, as a technical leader architecting modern network paradigms including Software-Defined Networking, Zero-trust networking, Micro segmentation, Network Access Control, network security and monitoring solutions and secure remote access. The candidate will act as an interface with technical experts in the Platforms, Consumer, Pharma, Vaccines Technology teams as they build out internal & external capabilities on behalf of GSK and our customers. The candidate must be capable of understanding the threats to our platforms from internal and external sources, be able to direct and coach team members on mitigation solutions.  The candidate will ensure processes and technology align with the Tech Transformation Strategy within GSK and it complement the other functions within TSR. The candidate must ensure the deployment and operational security requirements are modern and scalable, align with the vision of the GSK Chief Digital Officer and Chief Information Security Officer. 

 

This role will provide YOU the opportunity to lead key activities to progress YOUR career, these responsibilities include some of the following:

  • Closely collaborate with the Tech Security & Risk peers and the wider Tech organisation within GSK to identify key business drivers, risks and security capability requirements
  • Develop GSK's network security architecture and strategy, fit for purpose for a large pharmaceutical with a global footprint
  • Present the architecture and strategy to stakeholders across the Tech organisation to get buy-in for the vision and roadmap
  • Provide input and direction for technology decisions and investments related to the strategy
  • Closely collaborate Tech Security & Risk peers and the wider Tech organisation within GSK to incrementally deliver against the strategy
  • Support Tech Security & Risk peers in delivery of their own security strategies
  • Support the wider Tech organisation to enable them to deliver their network related initiatives in a secure manner

Basic Qualifications:

 

We are looking for professionals with these required skills to achieve our goals:

  • Experience architecting and deploying networks and network security solutions in large enterprise organisations
  • Experience of modern network paradigms/technologies including: Software-Defined Networking, zero-trust networking, micro-segmentation, network access control, network security monitoring and secure remote access
  • Experience with building solutions on cloud platforms (Azure, GCP and AWS)
  • Experience in maintaining and enhancing security standards to align to industry best practice in relation to emerging technologies
  • Experience with Architecture frameworks such as SABSA, TOGAF etc.
  • 7-10 years experience in Information Security
  • 10+ years experience in Information Technology

 

 

Preferred Qualifications:

 

If you have the following characteristics, it would be a plus:

  • CISSP/ISSAP or other industry network, security and cloud certifications desirable
  • Proven experience working and influencing cross functionally
  • Pragmatic and focused on delivering value to the business
  • Strong and clear communication skills – verbal and written
  • Ability to engage with leadership teams
  • Highly self-motivated, directed, and can work independently without supervision
  • Prepared to work at a low level of detail where necessary
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
See More Network Security Jobs

Cloud Security Jobs

CrowdStrike

Software Engineer - Cloud Security

Remote
Cloud Security
FULL-TIME
Aug 19
Premier

About the Role

Cloud Security Posture Management (CSPM) is a new and complementary product area for CrowdStrike. We’re extending CrowdStrike’s mission of “stopping breaches” into the public cloud control plane and native cloud resources. CrowdStrike’s CSPM offering will give customers visibility into both the (mis)configuration and compliance of native cloud resources, and potential adversary activity involving those resources. When coupled with Falcon, CrowdStrike’s endpoint security offering, our CSPM offering will provide a more comprehensive perspective on how the adversary is targeting key customer infrastructure.

 

What You’ll Need 

  • Lead backend engineering efforts from rapid prototypes to large-scale applications across CrowdStrike products.
  • Leverage and build cloud based systems to detect targeted attacks and automate cyber threat intelligence production at a global scale.
  • Brainstorm, define, and build collaboratively with members across multiple teams.
  • Obsess about learning, and champion the newest technologies & tricks with others, raising the technical IQ of the team.
  • Be mentored and mentor other developers on web, backend and data storage technologies and our system.
  • Constantly re-evaluate our product to improve architecture, knowledge models, user experience, performance and stability.
  • Be an energetic ‘self-starter’ with the ability to take ownership and be accountable for deliverables.
  • Use and give back to the open source community.

 

You’ll use

  • Go (Golang)
  • AWS/GCP/Azure/Kubernetes
  • Kafka
  • GIT
  • Cassandra
  • ElasticSearch
  • Redis
  • ZMQ

 

Key Qualifications

  • Degree in Computer Science (or commensurate experience in data structures/algorithms/distributed systems).
  • The ability to scale backend systems – sharding, partitioning, scaling horizontally are second nature to you.
  • The desire to ship code and the love of seeing your bits run in production.
  • Deep understanding of distributed systems and scalability challenges.
  • Deep understand multi-threading, concurrency, and parallel processing technologies.
  • Team player skills – we embrace collaborating as a team as much as possible.
  • A thorough understanding of engineering best practices from appropriate testing paradigms to effective peer code reviews and resilient architecture.
  • The ability to thrive in a fast paced, test-driven, collaborative and iterative programming environment.
  • The skills to meet your commitments on time and produce high quality software that is unit tested, code reviewed, and checked in regularly for continuous integration.

 

Bonus points awarded for…

  • Authored and lead successful open source libraries and projects.
  • Contributions to the open source community (GitHub, Stack Overflow, blogging).
  • Existing exposure to Go, Scala, AWS, Cassandra, Kafka, Elasticsearch...
  • Prior experience in the cybersecurity or intelligence fields

 

Bring your experience in distributed technologies and algorithms, your great API and systems design sensibilities, and your passion for writing code that performs at extreme scale. You will help build a platform that scales to millions of events per second and Terabytes of data per day. If you want a job that makes a difference in the world and operates at high scale, you’ve come to the right place.

 

#LI-DK1

#LI-Remote

 

Benefits of Working at CrowdStrike:

  • Market leader in compensation and equity awards
  • Competitive vacation policy
  • Comprehensive health benefits + 401k plan 
  • Paid parental leave, including adoption
  • Flexible work environment
  • Wellness programs
  • Stocked fridges, coffee, soda, and lots of treats
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
IHS Markit

Junior Cloud Security Engineer

Remote
Cloud Security
FULL-TIME
Jul 8
Premier

Your role 

Reporting to the global head of cloud security at IHS Markit, your work will focus primarily on AWS with a secondary focus on VMC, Azure and/or GCP as needed. You will mentor and guide junior members of the cloud security team and partner with stakeholders across information security and other IHS Markit organizations to deliver solutions that harden IHS Markit’s cloud security posture.

 

Emphasis will be on the following objectives: 

·       Creating security automation for response and remediation of compliance findings and hardening of AWS and VMWare Cloud on AWS (VMC) environments primarily, and Azure or GCP secondarily

·       Onboard corporate and open-source security tools into build pipelines including SAST, DAST, TVM and anti-virus tools using Cloud native and open-source tooling and create custom tooling where needed to fill in gaps

·       Partner with the cybersecurity operations center (CSOC), offensive security operations and threat intelligence teams to onboard new services for the purpose of detection and predication of events

 

Your expertise 

·       0 – 2 years of experience of cloud security engineering on AWS 

·       Basic understanding of security requirements, best practices and execution in various cloud implementation scenarios: IaaS, PaaS, SaaS 

·       Basic understanding of Lockheed Martin’s Kill Chain or MITRE ATT&CK 

·       Basic understanding and exposure to automation using scripts and CI/CD pipelines with cloud native or open-source technologies 

·       Basic experience with a scripting language such as Bash or Python 

·       Basic understanding of Windows and Linux platforms in the lens of investigations, configuration management and patch management 

·       Knowledge of Google Cloud Platform (GCP) or Microsoft Azure security concepts in a secondary capacity is strongly desired, but not required 
 

You are 

·       A naturally curious self-starter - you can deliver on requirements with some limited guidance or supervision, as needed by you and the team 

·       A relentless learner - you actively seek to add to your skillset and knowledge base while challenging the status quo to drive efficiency in the team 

·       Strong interpersonal skills – you can communicate with a wide range of technical and non-technical teams 

·       Insist on the highest standards within the team and actively share your perspectives with the team and the larger information security organization 

 

What we offer: 

·       Access to the most interesting information technologies 

·       The ability to implement your own ideas and solutions 

·       Participation in conferences and training for Information Security qualifications 

 

Flexible Working  

We pride ourselves on our agility and diversity, and we welcome requests to work flexibly. For most roles, flexible hours and/or an element of remote working are usually possible. Please talk to us during the interview about the type of arrangement that is best for you. We will always try to be adaptable wherever we can and in accordance with local and regional practices.   

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Excelicon

Cloud Risk Analyst

Washington, DC
Cloud Security
CONTRACTOR
Jun 25
Premier

The reesource shall provide the organization risk guidance on existing and emerging cloud technologies.

Excelicon seeks a resource to support and execute the following tasks:

 

  • Evaluate technologies and determine risk of technology architecture, implementation and

suitability for the client. This may require interaction with vendors to gather product security

features, research vulnerabilities/weaknesses, and provide implementation recommendations to Senior Management.

  • Support the development of the client’s A&A strategy for Cloud based systems.
  • Provide technical writing support and guidance to system owners in the development, and
  • technical review of System Security Plans (SSPs).
  • Conduct in-depth technical security reviews, risk assessments, and architecture reviews for
  • Cloud based technologies to ensure alignment with House information security policies
  • and technical guidelines.
  • Develop recommendations for decision briefs for Senior Management to use in making
  • ATO and other security decisions.
  • Provide technical guidance in the development and revision of client’s information security policies to incorporate Cloud technologies.
  • The Contractor shall provide risk management guidance and advisement to CAO teams for

emerging technologies to include new cloud, mobile and desktop application work products.

  • Provide technical support for responding to and implementing recommendations of the Office of Inspector General and Internal Controls/Internal Audit.
  • Provide analysis and reporting on the cloud products currently in use at the client site to include high-risk services, data usage, and threats.
  • Other duties as assigned.

 

 

The Contractor shall provide individuals with the following knowledge, skills and abilities:

 

  • Bachelor’s degree in a related field.
  • Knowledge and expertise in cloud computing, virtualization, Platform as a Service (PaaS),
  • Infrastructure as a Service (IaaS), Software as a Service (SaaS).
  • Demonstrated experience in conducting technical risk assessments for various Cloud platforms.
  • Experience working with Cloud Security Alliance (CSA) guidelines and security guidance from

the National Institute of Standards and Technology (NIST) to include SP-800-53A: Assessing

Security and Privacy Controls in Federal Information Systems and Organizations: Building

Effective Assessment Plans, NIST SP 800-144: Guidelines on and Security and Privacy in Public

Computing Cloud, NIST SP 800-145: The NIST Definition of Cloud Computing, NIST SP 800-

146: Cloud Computing Synopsis and Recommendations; Federal Risk and Authorization

Management Program (FedRAMP) security control baselines and security guides.

  • Demonstrated understanding and/or experience of various Cloud environments.
  • Demonstrated experience supporting a CASB tool.
  • Strong familiarity with FedRAMP and Federal Cloud guidelines.
  • Achievement of CCSP (Certified Cloud Security Professional), CISSP (Certified Information
  • Systems Security Professional) and/or CRISC (Certified in Risk and Information Systems Control)
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Humana

Sr. Cloud Security Engineer

Arlington, VA
Cloud Security
FULL-TIME
Jun 21
Premier
  • Description

     

    The Senior Cloud Security Engineer designs, develops, and architects cloud security products and automated capabilities to support the expanding Cloud use with Humana’s engineering and business teams. We deliver cloud security using modern technologies like functions and Kubernetes in each of our cloud environments. This role requires a strong grasp of cloud engineering principles and practices using DevOps, Agile development, and continuous integration.

     

    Responsibilities: 

    • Build a very close working relationship with DevOps, cloud platform engineering, application security, and enterprise security teams 

    • Participate in designing IT and Cloud security strategy, system security controls and secure configuration 

    • Automate prevention, detection, and remediation processes of security controls to improve security agility in Humana's cloud environments

    • Implement automation for security alerts, IAM provisioning, and incident response remediation 

    • Develop and deploy Policy as Code for Cloud Service Providers 

    • Identify and develop new capabilities to improve our user experience and security 

    • partial remote/flexibility available

     

    Role Essentials 

    • Bachelor’s Degree in Computer Science (or other technical Bachelor's Degree)

    • 5+ years of experience in design, development, and engineering 

    • Strong experience with Microsoft Azure or Google Cloud Platform 

    • Experience with software design and development, including Agile development methodologies 

    •  

     

    Desired Qualifications 

    • Applied knowledge of healthcare industry 

    • Currently has or is eligible for an ADP II security clearance 

    • Master’s Degree in related field preferred 

    • Security engineering experience 

    • Experience with Kubernetes 

    • Advanced knowledge of security capabilities and constraints related to deploying cloud native and multi cloud applications and infrastructure

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
See More Cloud Security Jobs

Threat Intelligence Jobs

FireEye

Associate Security Consultant - Entry Level

New York, NY
SOC / Threat Intel
FULL-TIME
Oct 23
Premier

 

 

Associate Security Consultant - Entry Level 2021

Company Description

FireEye is the intelligence-led security company. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant® consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. FireEye has over 9,000 customers across 103 countries, including more than 50 percent of the Forbes Global 2000.

Job Description

Do you love the challenge of figuring out solutions to intricate technology puzzles? 

Do you like to help others solve their network and information security issues? 

If you answered YES, then consider a career at Mandiant as an Associate Consultant! 

We have the expertise and experience in information security. This is our focus.

You’re not just a number and you won’t get lost in the shuffle. 

You will be working on challenging technical projects that make an impact. You’ll be visible.

You’ll be exposed to many different environments and technologies.

You’ll learn from our best incident responders and red teamers.

We investigate breaches that make headlines (and many more that don’t), as well as break into applications and systems to identify security gaps for our clients.  We find evil and solve crime, and are seeking candidates who possess the ability to think like an attacker and stay one step ahead of the game. 

Find your niche among the cool projects you'll be involved with, such as:

  • Incident Response
  • Host and network forensics
  • Network traffic analysis
  • Malware analysis and reverse engineering
  • Penetration testing and Red Team
  • Network, web and mobile application security assessments
  • Source code reviews
  • And more...

Responsibilities:

  • Conduct host forensics, network forensics, log analysis, and malware triage in support of incident response investigations
  • Recognize and codify attacker tools, tactics, and procedures in indicators of compromise (IOCs) that can be applied to current and future investigations
  • Perform network penetration, web and mobile application testing, source code reviews, threat analysis, wireless network assessments and social engineering assessment
  • Build internal scripts, tools and methodologies to enhance our capabilities
  • Develop comprehensive and accurate reports and presentations for both technical and executive audiences
  • Work with security and IT operations at clients to implement remediation plans

Qualifications

Requirements:

  • Technical skills in at least two of the following areas: 
    • Strong knowledge of Windows OS and networking protocols
    • Basic knowledge of tools used for forensic collection and analysis
    • Knowledge of application testing and network security concepts
    • Experience with programming/scripting languages such as Python
  • A technical security-related internship or other professional experience
  • Must be able to travel 20-30%
  • Must be eligible to work in the US without sponsorship

Additional Qualifications:

  • Strong technical acumen and ability to quickly assimilate new information
  • Ability to successfully interface with clients (internal and external) and manage expectations of others
  • Ability to document and explain technical details in a concise, understandable manner

Additional Information

At FireEye we are committed to our #OneTeam approach combining diversity, collaboration, and excellence. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability. Requests for accommodation due to disability can be sent directly to HR-Accommodations@FireEye.com.
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Blackbaud

Red Team Security Engineer

New York, NY
SOC / Threat Intel
FULL-TIME
Oct 23
Premier

The NYC Red Team Security Engineer reports to the Senior Manager of Information Security and is responsible for testing and validating all facets of information security controls including networks, servers and web applications. The Red Team Security Engineer carries out attacks and perform security assessments to uncover vulnerable areas of systems and applications and to test defensive security measures using common as well as unique methods and practices.

What You’ll Do

  • Participate in Red/Blue Team exercises on a periodic basis so that management can assess effectiveness of security controls.
  • Conduct penetration testing for the red team which includes network, system, application, mobile, traditional web and wireless penetration testing.
  • Writing exploit code for local testing.
  • Perform thorough penetration testing that includes the identification, reporting, and recommendations for security vulnerabilities while adhering to management driven scope and deadlines.
  • Identify, prove, and report vulnerabilities that cannot be identified by scanners or tools
  • Develop, extend, or modify exploits, shellcode or exploit tools.
  • Develop applications in C#, ASP, .NET, ObjectiveC, Go, or Java (J2EE).
  • Reverse engineering malware, data obfuscators, or ciphers.
  • Source code review for control flow and security flaws.
  • Develop attack vectors, conduct reconnaissance, collect Open-source intelligence, enumeration, and foot printing of target networks and services, and develop exploit payloads and system backdoors.
  • Simulate malicious tactics of a motivated adversary with the intent of achieving a specific goal or access.
  • Develop on-going Technology Risk reporting, monitoring key trends and defining metrics to regularly measure control effectiveness for own area.
  • Influence behavior to reduce risk and foster a strong technology risk management culture throughout the enterprise.
  • Obtain threat intelligence from white hat sources and stay up to date on the latest exploits and security trends
  • Advise Incident Response on defensive and monitoring process design.
  • Deliver clear and coherent written reporting and remediation guidance.

What We’ll Want You To Have

  • College degree in Computer Information Systems, Computer Science, Information Systems Management, or equivalent professional experience.
  • 5+ years (in excess of degree requirements stated above) of experience with technical Cyber Security and 3+ years with Red Team or penetration testing experience.
  • Demonstrates broad subject matter expertise of web, network, and system security.
  • Certification in highly technical information security disciplines such as: CISM, CISSP, CCSP, CCNP, CCDE, CCIE Security, GIAC, CEH, GPEN, GWAPT, GXPN or OSCP certification(s)
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Palo Alto Networks

Security Systems Engineer - Intern

Santa Clara, CA
SOC / Threat Intel
INTERN
Sep 28
Premier

Your Career

As a Systems Engineer Intern, you will quickly ramp on Palo Alto Networks technology and will be assigned to multiple SEs. You will work together to complete critical work that supports customers in the pre-sales process. In this role, you will also work with sales on customer engagements and establish relationships with customers with the goal of helping them detect and prevent advanced cyberattacks and breaches. 

Upon completion of your summer internship, you will be required to do a final presentation on your contribution to getting a successful technical sell  (i.e. collect customer environment information, heat map, POC deployment, success criteria definition, recommended architecture/solution, and much more). 

Our global internship program trains the next generation of cybersecurity talent across a range of specializations, from threat intelligence to information security, engineering, and marketing. Interns and recent graduates can learn about the network security industry from leading thinkers, grow their professional networks, and be part of a career-defining experience.

Our Summer Internship Program from May-August or June-September provides you: 

  • 1:1 mentorship

  • Fun and engaging events that inspire your intellectual curiosity

  • The opportunity to expand your knowledge and work on challenging projects

  • Connections to other recent grads, and employees across the company as well as our leaders

Your Impact

  • Establish yourself as a trusted team member to SE leadership and colleagues and contribute to sales wins throughout the program 

  • Architect and propose solutions which address the identified cybersecurity problems in each customer’s unique environment 

  • Ensure ongoing customer happiness, support, and adoption of cybersecurity solutions

  • Act as the customer advocate for any issues that require technical assistance and follow up with the customer until the issue is resolved 

  • Continuous self-improvement and learning to maintain technical leadership of applicable technologies (data center, SDN, public cloud, security, networking, etc.) 

Your Experience

  • BS in Computer Science, technical cybersecurity or networking program

  • Experience with systems installation, UNIX/Linux, and Windows-based systems 

  • Experience with cloud networking services such as AWS, Azure, GCP is a plus – not required.

  • Understand and effectively present complex technical concepts to technical and non-technical audiences 

  • Strong analytical skills to evaluate complex problems and a systematic approach to create solutions

  • Mature and effective time-management skills

  • Knowledge and desire to learn of modern network threats and malware, network forensics, automation tools and technologies, and endpoint security technologies

Requirements – To apply, you must be pursuing a 4-year Undergraduate Degree with a GPA of 3.0 or above, a 2-year Master’s Degree or a Doctorate degree and returning to school in the fall. You must have the authorization to work within the United States.

Our Commitment

We’re trailblazers that dream big, take risks, and challenge cybersecurity’s status quo. It’s simple: we can’t accomplish our mission without diverse teams innovating, together.

We are committed to providing reasonable accommodations for all qualified individuals with a disability. If you require assistance or accommodation due to a disability or special need, please contact us at accommodations@paloaltonetworks.com.

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Varonis

Security Analyst

New York, NY
SOC / Threat Intel
FULL-TIME
Sep 7
Premier

Summary

The Varonis Security Analyst will develop solutions for customers and prospects to assist in gaining visibility into security events affecting their environment. They will have intimate knowledge of Varonis products and knowledge of other Security products, specifically SIEM products.  They will develop expertise in security domains to build new/develop existing integrations.  They will analyze and respond to threats, report on their impact, develop remediation capabilities, and educate both customers and employees. 

 

Responsibilities

  • Consult with customers to ensure that Varonis products are a major component in their Security Operations Center and Incident Response Methodologies.
  • Simultaneously drive revenue growth and the maturity of customer security programs
  • Integrate Varonis products with SIEM technologies.
  • Analyze both Varonis metadata streams and streams from other product for use in incident response.
  • Develop Security expertise in at least one domain (Network, Host, Windows, Cloud, Mobile, etc.)

 

Qualifications

  • 1+ Years of working with Varonis
  • Experience with SIEM tools performing deployment, configuration, and maintaining operations, content development.
  • Experience with security tool administration (e.g. firewalls, IDS, end-point protection, content filtering, IAM, DLP).
  • Experience with operational information security disciplines (e.g. incident response, security infrastructure management or monitoring services).
  • Proven experience in Cyber Security Operations (Monitoring, Detection, Incident Response, Forensics).
  • Experience with a diverse range of customers including financial, manufacturing, chemical, healthcare, and state and local government.
  • Proven success in contributing to a team-oriented environment.
  • Proven ability to work creatively and analytically in a problem-solving environment.
  • Excellent communication (written and oral) and interpersonal skills.

Requirements

  • Proven success in contributing to a team-oriented environment.
  • Sales oriented.
  • Proven ability to work creatively and analytically in a problem-solving environment.
  • Excellent communication (written and oral) and interpersonal skills.
  • Demonstrated leadership in professional setting; e
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Gieco

Cybersecurity Intern - Summer

Chevy Chase, MD
SOC / Threat Intel
INTERN
Sep 2
Premier

 During your paid 10-week internship, you will:

  • Have the unique opportunity to utilize your skills through individual assignments and team projects
  • Work on systems that defend GEICO, attend meetings, and give presentations to senior management
  • Receive mentoring and coaching from members of Cybersecurity management
  • Interact with associates at all levels of our cybersecurity organization-even our CISO!
  • Develop your technical, project management, communication, and leadership skills

GEICO's Cybersecurity teams have positioned our company as a leader amongst its peers in the Cybersecurity space.  Being a summer intern at GEICO has the potential to lead to a full-time IT career upon graduation.

 

Check out this video to see what it's like: GEICO’s IT Internship.

 

Required Candidate Qualifications

  • Currently pursuing a Bachelor's degree in Information Security, Cybersecurity, Computer Science, Computer Engineering, Business Information Technology, Information Systems, or a related major
  • Current junior or senior status (i.e., class of December 2020 or May 2021)
  • GPA of at least a 3.0 both overall and in major
  • Coursework or related work/internship experience using various Cybersecurity technologies.  Experience with programming and scripting languages like Python, Bash, Java, .NET, or C# technologies with well-rounded experiences outside of the classroom
  • Strong analytical, problem-solving, and communication skills
  • Preferred candidates will have demonstrated leadership potential
  • Ability to live and work in the Washington DC area

 

About GEICO 
 
For more than 75 years, GEICO has stood out from the rest of the insurance industry! We are one of the nation's largest and fastest-growing auto insurers thanks to our low rates, outstanding service and clever marketing. We're an industry leader employing thousands of dedicated and hard-working associates. As a wholly owned subsidiary of Berkshire Hathaway, we offer associates training and career advancement in a financially stable and rewarding workplace.

Our associates' quality of life is important to us. Full-time GEICO associates are offered a comprehensive Total Rewards Program*, including:

  • 401(k) and profit-sharing plans
  • Medical, dental, vision and life insurance
  • Paid vacation, holidays and leave programs
  • Tuition reimbursement
  • Associate assistance program
  • Flexible spending accounts
  • Business casual dress
  • Fitness and dining facilities (at most locations)
  • Associate clubs and sports teams
  • Volunteer opportunities
  • GEICO Federal Credit Union

* Benefit offerings for positions other than full-time may vary.

GEICO is an equal opportunity employer. GEICO conducts drug screens and background checks on applicants who accept employment offers.
 
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Home Depot

Cybersecurity Intern

Atlanta, GA
SOC / Threat Intel
INTERN
Sep 1
Premier

The goal of this 12-week summer internship program is to recruit and attract top talent to The Home Depot in order to provide a best-in-class experience for students of our company, our business and our culture. Our goal at the end of the internship is to extend full-time offers to top-performing interns upon receiving undergraduate and post-graduate degrees.

As part of the 12-week summer internship program, interns will have the opportunity to work on value-add business projects, have assigned managers, teams and mentors, learn from the executive leadership team during mentoring sessions, present to leadership on their project, gain exposure to the in-store environment, tour distribution facilities, and network with other Home Depot interns and associates through various social and business networking events.  

MAJOR TASKS, RESPONSIBILITIES AND KEY ACCOUNTABILITIES

  • Use strategic thinking to approach problems and create solutions
  • Responsible for the accuracy and quality of work performed
  • Develop and implement project plans; determine requirements, deliverables, resources, timing/milestones, and risks
  • Communicate findings and project status clearly and professionally through presentations
  • Make recommendations to upper management
  • Provide comprehensive report out to senior leaders on assignments and other related projects
  • Partner cross-functionally to achieve goals


NATURE AND SCOPE

  • Typically reports to Manager or Sr. Manager in the Home Depot PRO Organization
  • No direct responsibility for supervising others.

ENVIRONMENTAL JOB REQUIREMENTS
ENVIRONMENT: 
Located in a comfortable indoor area. Any unpleasant conditions would be infrequent and not objectionable.
TRAVEL: 
Typically requires overnight travel less than 10% of the time.

MINIMUM QUALIFICATIONS

  • Must be eighteen years of age or older.
  • Must be legally permitted to work in the United States.

EDUCATION REQUIRED:
The knowledge, skills and abilities typically acquired through the completion of a high school diploma and/or GED.

YEARS OF RELEVANT WORK EXPERIENCE: 0 years

PHYSICAL REQUIREMENTS:
Most of the time is spent sitting in a comfortable position and there is frequent opportunity to move about. On rare occasions there may be a need to move or lift light articles.

PREFERRED QUALIFICATIONS:

  • Strong analytical skills
  • Process/detail oriented
  • Excellent communication skills (written and verbal)
  • Time Management
  • Planning, organization
  • Ability to multi-task and prioritize in a fast paced environment
  • Proven leadership abilities
  • Currently pursuing a Bachelor’s degree in Cybersecurity, Engineering, Management Information Systems

KNOWLEDGE, SKILLS, ABILITIES AND COMPETENCIES:

  • Ability to communicate issues and recommend solutions in a timely manner.

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
IBM

Cyber Security Apprentice, NYC

New York, NY
SOC / Threat Intel
FULL-TIME
Aug 29
Premier

Introduction
Information and Data are some of the most important organizational assets in today’s businesses. As a Cyber Security Apprentice, you will be an advisor for IBM’s clients, analyzing business requirements to design and implement the best security solutions for their needs. You will apply your technical skills to find the balance between enabling and securing the client's organization with the cognitive solutions that are making IBM the fastest-growing enterprise security business in the world.


Your Role and Responsibilities
What is an Apprenticeship?
IBM Apprenticeship Program is an official registered apprenticeship recognized by the Department of Labor (DOL). Every graduate of a Registered Apprenticeship program receives a nationally-recognized credential from the DOL.

During the apprenticeship duration, you will be required to complete specific learning hours and on the job training that has been outlined to ensure you are developing the skills and competencies essential to the role. You will be able to learn and grow at your own pace, but we expect most apprentices will complete their learning within 12 months. Once you graduate and receive your certificate from our apprentice program, you will be eligible to apply to available full-time roles at IBM.

Who you are
An apprenticeship is about learning. We’re seeking candidates who have the following requirements, but we know you’re just getting your career started, and we’re committed to helping you learn and grow. If you’ve had some experience with data analysis or simply working in a team oriented environment in the past, you’re exactly the type of candidate we’re looking for.

To be successful, you need:

  • Drive and eagerness to learn
  • Ability to work independently, and in an efficient and organized manner
  • Ability to work collaboratively as part of a team
  • Strong verbal communication skills
  • Attention to detail
  • Strong troubleshooting
  • Knowledge or some experience in any one of the following:
    • Operating Systems like Windows, Linux
    • General networking and infrastructure fundamentals
    • Cyber security fundamentals
    • Perl, PHP, Python and/or other scripting languages
    • Ability to obtain and maintain a DoD Secret Clearance

What’s the experience?
As an apprentice, you'll join with other apprentices in a local cohort. You'll go through your first few weeks together, learning about IBM and the skills you'll be attaining throughout your apprenticeship. Then, you'll work with your managers and mentors to progress through your personal skills roadmap, learning and demonstrating new knowledge and competencies through hands-on application with your project teams.

No relocation is available for this position.


Required Technical and Professional Expertise

 
  • Willingness to complete the requirements of the apprenticeship program
  • Some knowledge or experience with any of the following:
    • Operating Systems like Windows, Linux
    • General networking and infrastructure fundamentals
    • Perl, PHP, Python and/or other scripting languages
    • Cyber security fundamentals
    • Ability to obtain and maintain a DoD Secret Clearance

Preferred Technical and Professional Expertise

  • Successful completion of an IBM Pre-Apprenticeship Program and/or approved equivalent prior to start date
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
See More Threat Intelligence Jobs
Governance Risk & Compliance Jobs
Boeing

Cyber Security Specialist

Los Angeles, CA
Risk & Compliance
FULL-TIME
Sep 28
Premier

Job Description

At Boeing, we innovate and collaborate to make the world a better place. From the seabed to outer space, you can contribute to work that matters with a company where diversity, equity and inclusion are shared values. We’re committed to fostering an environment for every teammate that’s welcoming, respectful and inclusive, with great opportunity for professional growth. Find your future with us.

Boeing Security is seeking a detail-oriented and self-motivated Mid-Level Cyber Security Specialist to support Department of Defense (DoD) and Special Access Program (SAP) activities. This position will be located in El Segundo, CA, Seal Beach, CA, or Huntington Beach, CA.

Position Responsibilities

  • Contributes to the development and deployment of program information security for assigned systems to meet the program and enterprise requirements, policies, standards, guidelines and procedures.
  • Implements Assessment and Authorization (A&A) processes under the Risk Management Framework (RMF), as well as product development and product maintenance for assigned systems.
  • Performs security compliance continuous monitoring (CONMON).
  • Participates in security assessments and audits.

Additional Responsibilities

  • Prepares and presents technical reports and briefings.
  • Contributes to the identification of root causes, the prioritization of threats, and recommends/ implements corrective action.
  • Provides mentoring and technical leadership within the information security program team.
  • Explores the enterprise and industry for the evolving state of industry knowledge and methods regarding information security best practices.
  • Supports development of enterprise-wide information security policies, standards, guidelines and procedures that may reach across multiple stakeholder organizations.

This position requires an active Secret U.S. Security Clearance. (A U.S. Security Clearance that has been active in the past 24 months is considered active.)

Basic Qualifications (Required Skills/Experience):

  • Current IAM Level 1 DoD 8140.01 (previously 8570.01) compliant certification or higher (i.e. CAP, GSLC, Security+ CE, CISSP, CASP, CISM, GSLC)
  • 1+ years of experience in utilizing security relevant tools, systems, and applications in support of Risk Management Framework (RMF) to include: NESSUS, ACAS, DISA STIGs, SCAP, Audit Reduction, and HBSS

Preferred Qualifications (Desired Skills/Experience):

  • Experience working within the National Industrial Security Procedures and Operations Manual (NISPOM)
  • Experience in policies and implementation of Risk Management Framework (RMF)

Typical Education & Experience:

Education/experience typically acquired through advanced technical education (e.g. Bachelor) and typically 5 or more years' related work experience or an equivalent combination of technical education and experience (e.g. Masters with 3 years' related work experience, PhD with 1+ years' related work experience, etc.).

Relocation:

This position does not offer relocation.  Candidates must live in the immediate area or relocate at their own expense.

Employee Referral:

Referral to this job is eligible for bonus.

Drug Free Workplace:

Boeing is a Drug Free Workplace where post offer applicants and employees are subject to testing for marijuana, cocaine, opioids, amphetamines, PCP, and alcohol when criteria is met as outlined in our policies.


Experience Level
Individual Contributor
Contingent Upon Program Award
No, this position is not contingent upon program award

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Church Mutual Insurance

Cybersecurity Intern

Merrill, WI
Risk & Compliance
INTERN
Aug 30
Premier

Overview

Church Mutual's Internship Program runs the day after Memorial Day through mid August, when students return to school. During the 12 week internship, the Cybersecurity Intern will have the opportunity to work on important assignments, gain insight into the business of Cybersecurity, and use your academic knowledge and match your interests to a job.  As an Cybersecurity intern at Church Mutual, you will work alongside our trained professionals, learning and applying valuable skills. 

 

Responsibilities

The typical Intern is an undergraduate who will handle projects normally performed by an entry-level, professional employee.  Assignments can include: identity governance, security risk analysis and assessment, network boundary defense and intrusion detection, security awareness campaigns, vulnerability assessment, process management, and security incident handling.  As an intern, you will have the opportunity to network with senior leaders and participate in a variety of training and development activities.  Interns are valued members of our team and will make immediate and lasting contributions to our company’s success

Qualifications

  • Working towards a Bachelor's Degree in Computer Science, Computer Engineering, Computer Information Systems, Management Information Systems, Information Technology, Mathematics, or other related technical programs
  • Strong technical, analytical, communication, and organizational skills
  • At least one course in, or equivalent knowledge of, the Java programming language
  • Minimum 3.0 cumulative GPA
  • Preferred candidates will be entering Junior or Senior year status in Fall of 2021
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
FireEye

Compliance Analyst Intern

Reston, VA
Risk & Compliance
INTERN
Aug 29
Premier

Company Description

FireEye is the leader in intelligence-led security-as-a-service. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant® consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. FireEye has over 7,500 customers across 67 countries, including more than 50 percent of the Forbes Global 2000.

Job Description

The Governance and Compliance team is a critical part of the larger FireEye Security team. The team is responsible for performance of internal audits and assessments, external audit coordination, policy management, business continuity management and third-party management.

As a Compliance Analyst on the Governance and Compliance team, you will use your acumen, customer service skills, and cybersecurity knowledge to assess the internal control environments within FireEye and participate in vendor management due diligence activities. You will work with a great team of professionals who will provide you the guidance and support you will need to be successful in our shared goal of supporting our internal and external customers to meet today’s complex regulatory and security requirements.

What You Will Do:

·       Interact with our internal customers, internal and external auditors to identify, scope, and evaluate the effectiveness of internal controls

·       Conduct vendor risk assessments

·       Assist with business continuity and disaster recovery documentation and associated testing exercises

·       Be responsible for documenting and tracking your work within internal web-based tools

·       Develop a deep understanding of FireEye products and services

·       Exemplify industry-leading customer support skills and deliver positive customer experience

Qualifications

Requirements:

·       Bachelor’s degree in a technical field or working toward such degree, with at least 3 years of completed post-secondary education

·       Experience with cyber security tools, technology and best practices

·       Experience working in customer facing environment

·       Experience fielding questions and requests from customers, and providing timely and comprehensive responses

 

Additional Qualifications:

·       Demonstrated aptitude and desire to learn new technologies and services

·       Ability to ramp up quickly in learning the portfolio of FireEye services and products

·       Problem solver with keen attention to detail

·       Excellent written and verbal communication skills

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Grant Thornton

IT Audit Associate

New York, NY
Risk & Compliance
FULL-TIME
Aug 23
Premier

Description

IT Audit Associate - NYC

Grant Thornton LLP (Grant Thornton) is the U.S. member firm of Grant Thornton International Ltd, one of the world’s leading organizations of independent audit, tax and advisory firms. We’ve never been a typical professional services firm. We put people first, and that is what sets us apart.

As one of the fastest-growing professional services firms in the world, Grant Thornton LLP is continuously seeking top talent. Discover a place where you’ll work with a team of professionals dedicated to providing bold leadership and distinctive client service. Spend each day engaged in meaningful and challenging work. Be supported in your professional growth and recognized for your contributions.


Position Summary

An IT Assurance Associate is responsible for delivering a full range of IT audit services to our clients. Responsibilities include testing and assessment of information systems control review engagements in support of financial statement audits.

Qualifications

 Essential Duties and Responsibilities

  • Evaluate and test IT controls and identify areas of risk.
  • Apply current knowledge of IT trends and systems processes to identify security and risk management issues, as well as other opportunities for overall process improvement.
  • Maintain professionalism and rapport with the client. Proactively interact with key client management to manage expectations, help ensure client satisfaction, meet client deadlines, and resolve any problems.
  • Gain a comprehensive understanding of assigned client operations, processes and business objectives, and then utilize that knowledge on assigned engagements.
  • Participate in recruiting efforts as needed.
  • Meet or exceed IT Assurance metrics (e.g. – billable hours, CPE, time delinquencies, etc…)
  • Participate in other business development activities as appropriate
  • Other duties as assigned.

Experience Requirements

  • Bachelor's degree in Accounting, Finance, Information Technology, MIS or related field. A Master’s degree is a plus.
  • Desire to pursue CPA, CISA, CISSP, CIA or CISM license/certification.
  • Some related work experience in public accounting or equivalent delivering controls based services, auditing Information Technology General Controls (ITGC’s.) in support of financial statement audits to cross-industry clients and technologies. An understanding of generally accepted practices for testing Key Reports, and Application Controls a plus.
  • Information Security experience or information security training is required.
  • Exceptional client service and communication skills.
  • Strong technical aptitude and problem solving skills
  • Excellent analytical, communication (written and verbal) and interpersonal skills.
  • Effective project and time management skills for handling multiple priorities and simultaneous projects
  • Enthusiasm to learn through a combination of structured, on-the-job and self-directed training
  • Ability to work efficiently and effectively in a complex team environment
  • Strong computer skills including proficiency in Microsoft Office suite applications.
  • Ability to work additional hours and/or travel as needed.
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Focal Point Data Risk LLC

IT Audit Intern

Orlando, FL
Risk & Compliance
INTERN
Aug 4
Premier

Overview

At Focal Point, we’re committed to ensuring the health and safety of our employees, clients, and communities. At the moment, our interview and employee onboarding processes are entirely virtual, as all of our offices are temporarily closed. As conditions change, we will update our process to ensure that our job candidates and employees can have a safe, productive, and mutually beneficial interview experience. To learn more about Focal Point’s response to the current public health crisis, please visit: https://focal-point.com/covid-19-response/.

 

Who We’re Searching For: 

The IT Audit Intern is responsible for the execution of field work on client engagements. Working within the practice office, the IT Audit Intern will collect data, test audit evidence and processes, and document the associated procedures according to Internal Audit guidance. This role interacts with various team members and requires attention to audit details and will work closely with Managers and Directors to keep projects focused and on schedule.

Responsibilities

What You’ll Get to Do:

  •  Assist team members in documenting IT processes, compliance with policies and procedures, and comparison to leading practices within IT departments
  • Perform specific audit procedures, tests and analyses, including those that support requirements regarding Sarbanes-Oxley (SOX) compliance
  • Assist in the execution of an audit program for the testing of IT controls across various platforms and application environments
  • Gain exposure to Internal Audit methodology and standards through participation at various project activities
  • Interacts effectively with co-workers at all levels, to foster and maintain strong working relationships
  • Gain exposure to compliance (Sarbanes-Oxley, PII, etc) and Information Technology technical and operational areas.

Qualifications

What You’ll Need to Succeed:

Minimum Qualifications:

  • Recently graduated with a degree in one of the following:
    • Information Technology
    • Accounting
    • Finance
    • Concentrations in Information Security, Data Analytics, Information Technology
  • Must be available during standard business hours, M-F

         

Preferred Qualifications

  • Holds, or working toward a related professional certification (CIA, CISA, Accounting Designations, etc.)
  • Intermediate to Advanced knowledge of Microsoft Office Suite
  • Strong written and oracle communication skills
  • Strong problem-solving and analytical skills
  • Previous experience as an audit intern, or related role
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
RSM

2021 Security & Risk Intern

New York, NY
Risk & Compliance
INTERN
Jul 29
Premier

We are currently looking for Consultants for our Security, Privacy and Risk Consulting practice. The candidate will work with teams of security and privacy staff in a wide variety of systems environments.  Our Security, Privacy and Risk Consulting team serves the Information Security and Data Privacy related needs of our clients. This team assists clients with selecting, improving, controlling, securing, managing and monitoring the appropriate systems to address their information needs.  We serve a diverse base of clients in a variety of industries, and understanding how technology impacts the operation and growth of organizations is what we do best. 

As a Consulting Associate, you will jump start your career through a comprehensive training and development program where you will be exposed to all our Consulting Solution Practices. This training will include:  

Consulting process, tools and methods 
Client engagement economics 
Presentation and business writing skills 
Examples of candidate's responsibilities include: 
Assess security of client networks, hosts, and applications 
Determine technical, business impact and likelihood of identified security issues and provide remediation guidance to clients 
Perform analysis and testing to verify the strengths and weaknesses of mobile and web applications and web services (SOAP, WSDL, UDDI) 
Perform Internet penetration testing using blackbox and whitebox methodologies 
Review application code, system configurations and device configurations using manual and automated techniques 
Measure and report clients’ compliance with established industry or government requirements 
Work with RSM consulting professionals with a variety of credentials including Certified Ethical Hacker (CEH), Certified Information Systems Security Professionals® (CISSP®); Certified Information Systems Auditor® (CISA®) and Certified Information Security Manager® (CISM®) 

Basic Qualifications: 

Minimum B.A. or B.S. degree or equivalent from an accredited university by the time employment commences with a major in Computer Science, Information Technology, Information Systems Management, Information Security or other similar degrees 
Technical background in computer science and related fields 
Strong knowledge  of computer network technologies, protocols and topologies 
Software development, programming and/or scripting experience (Perl, Python, C, Java, PHP, ASP, etc.) 
The ability to interpret and convey technical information through written and oral communications to all levels of technical aptitude, including senior management 
High degree of integrity and confidentiality, as well as ability to adhere to company policies and best practices 
Possess a strong internal drive and motivation for continuous improvement 
A minimum 3.0 GPA is preferred 

Preferred Qualifications: 

Practical hands-on or lab experience with IT infrastructure components such as servers, firewalls, IDS systems and other network infrastructure components 
Practical hands-on or lab experience  with security applications, such as a AppScan, Metasploit, BurbSuite, Nessus, Social Engineering Toolkit, Kali Linux, etc., or other commercial and public domain security tools 
Operating system configuration and security experience (HP-UX, Linux, Solaris, AIX, etc.) 
Configuration and security experience with web servers and web applications (Apache HTTP/Tomcat, Microsoft IIS, Sun One, Oracle iPlanet, IBM WebSphere, etc.) 
Database Configuration and Security experience (MySQL, Microsoft SQL, IBM DB2, Sybase, Oracle, etc.) 
Familiar with security testing techniques such as network discovery, port and service identification, vulnerability scanning, network sniffing, fuzzing, penetration testing, configuration reviews, firewall rule reviews, social engineering, wireless penetration testing and password cracking 

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Paypal

Risk Management Intern

New York, NY
Risk & Compliance
INTERN
Jul 29
Premier

Fueled by a fundamental belief that having access to financial services creates opportunity, PayPal (NASDAQ: PYPL) is committed to democratizing financial services and empowering people and businesses to join and thrive in the global economy. Our open digital payments platform gives PayPal’s 305 million active account holders the confidence to connect and transact in new and powerful ways, whether they are online, on a mobile device, in an app, or in person. Through a combination of technological innovation and strategic partnerships, PayPal creates better ways to manage and move money, and offers choice and flexibility when sending payments, paying or getting paid. Available in more than 200 markets around the world, the PayPal platform, including Braintree, Venmo and Xoom enables consumers and merchants to receive money in more than 100 currencies, withdraw funds in 56 currencies and hold balances in their PayPal accounts in 25 currencies.

At PayPal, we’re literally reinventing how the world pays and gets paid. We understand that it’s about people. We connect individuals to let them shop, get paid, donate, and send money using today’s technology with the confidence that comes from the security and control PayPal enables. Are you ready to help us change the world? The world’s leading payments company, PayPal, brings together a family of brands that are revolutionizing the way people move money. At PayPal, you will be immersed in an amazing community with a vibrant culture that thrives on innovation, collaboration, inclusion, and wellness. A successful candidate will join the world’s top risk talents in solving some of the most challenging problems in a collaborative global environment that promotes learning and rewards innovation.

Risk Management Professionals at PayPal are highly motivated team players who specialize in analyzing fraud patterns and creating and adapting advanced fraud prevention mechanisms while focusing on the customer’s experience. Our scientists overcome challenges presented by big data, evolving fraud techniques and new payment technologies, by leveraging deep expertise in data analysis, advanced algorithms and story-based analytics. Ideal candidates are problem solvers, equipped with strong analytical skills, suited to approach varied challenges in complex environments. Adept at creative and critical thinking, they can deconstruct problems and transform personal insights into large scale, state-of-the-art solutions.

We work in a space that looks deeply into emerging fraud trends and the facilitation of opportunities that help the business in fueling growth and strategic decisions. You will be able to do it all in a collaborative environment that values your insight, encourages you to take on new responsibility, promotes continuous learning, and rewards innovation. You will join a global team that is multi-disciplinary with a broad spectrum of industry experiences and deep analytical and quantitative expertise.

Key Responsibilities:

  • Provide analytical insights into emerging problems, trends and portfolios
  • Work closely with business partners and stakeholders to determine how to design analysis and measurement approaches that will significantly improve our ability to understand and address emerging business issues
  • Bring data to life making it actionable and relevant to stakeholders through exploratory analysis of internal and external data sources using advanced and innovative analytical techniques, algorithms, and tools
  • Provide regular updates to leadership, peers and other stakeholders that will simplify and clarify complex concepts and results of analyses with emphasis on actionable outcomes and impact on the business

Basic Requirements:

  • Must be pursuing a Bachelor’s or Master’s degree in Computer Science, Math or related field from an accredited college or university
  • Proven ability to work independently and make good decisions with minimal direction
  • Strong communication skills (both verbal and written)
  • Strong analytical skills – analyze complex data, draw accurate conclusions, and make business recommendations
  • Strong working knowledge of Microsoft applications, Excel, PowerPoint, Access and Word – familiarity working with SQL
  • Experience in at least one data visualization tool (Tableau, Qlikview) will be a plus
  •  Proven ability to lead project(s) to conclusion within assigned timelines
  • Ability to approach problems in a quantitative and qualitative manner, and partner with the business to understand their needs and drive solutions
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
See More Governance Risk & Compliance Jobs
Auth0

Software Engineer, Platform Tools

Remote
Application Security
FULL-TIME
Oct 28
Premier
Auth0 is a unicorn that just closed a $120M Series F round of funding, with total capital raised to date of $330M and valuation of nearly $2B. We are growing rapidly and looking for exceptional new team members to add to our exceptional talent pool - and who will help take us to the next level of success. One team, one score. 
 
Our vision is to provide people with secure access to any application in one click or less. And our promise is to make identity work for everyone—whether you’re a developer looking to innovate, or a security professional looking to mitigate. We are looking for curious, excited, boundary-pushing team members. So, if you’re a big thinker who is nimble and adaptable, Auth0 may be an ideal place for you to shine.
 
The Platform Tools team mission is to make the life of Auth0’s engineers easier and more productive by providing a frictionless interface to Auth0’s internal platform. 
 
We are looking for senior software engineers to help us achieve the level of excellence that our teams need to make their day-to-day work easier and enjoyable.

You will:

  • Design, build and maintain tools and a toolchain to improve the development lifecycle.
  • Help build and scale our development environment as engineering teams grow.
  • Research and build prototypes using new technologies.
  • Investigate, discuss and propose new engineering productivity practices and tools.
  • Collaborate with fellow team members on priorities, specifications, and progress communication.
  • Evangelize Auth0 engineers about our new tools offering.

You are a good fit if you:

  • Have excellent communication and collaboration skills.
  • Love to work with cutting edge technologies.
  • Enjoy solving chores through automation.
  • Have experience with Go, Node.js or similar.
  • Have experience with container technology such as Docker, Kubernetes, ECS, etc.
  • Have experience with distributed systems, software architectures and authentication.
  • Are autonomous and have a continuous improvement mindset.
  • Pay attention to details and keep user experience a top priority.
  • Enjoy being part of a highly collaborative, remote first environment.
  • Timezone: we are giving preference to candidates located between GMT -3 and GMT +2.

You might work on:

  • Open source tools, integrations, CLIs, and frameworks.
  • API and CLI interface to our internal platform.
  • Vivaldi, our Docker-based development environment.
  • Bots and scripts to automate common tasks.
  • IDE and browser extensions.
  • Pull Requests flow automation.

Preferred Locations:

  • #US; #CA; #AR;

 

Auth0 safeguards more than 4.5 billion login transactions each month and its top priorities are availability and security.
 
We like to think that we are helping make the internet safer. Our team is spread across more than 35 countries and we are proud to continually be recognized as a great place to work. Culture is critical to us, and we are transparent about our vision and principles
 
Auth0 is an Equal Employment Opportunity employer. Auth0 conducts all employment-related activities without regard to race, religion, color, national origin, age, sex, marital status, sexual orientation, disability, citizenship status, genetics, or status as a Vietnam-era special disabled and other covered veteran status, or any other characteristic protected by law. Auth0 participates in E-Verify and will confirm work authorization for candidates residing in the United States.
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
CyberArk

Software Engineer Intern

Newton, MA
Application Security
INTERN
Aug 22
Premier

Job Description:

We are looking for software engineering interns to join the Conjur Community and Integrations (C&I) team at CyberArk! Our team delivers high-quality open source software and more to CyberArk’s customers. We know that our community is best served when:
- Our projects are active, maintained, well organized, and superbly documented
- We discuss, plan, design, and build in the open
- Contributions from community members are solicited, welcomed, and reviewed

The intern will play an important role in helping us grow and maintain our suite of tools and integrations that work with Conjur open source. During the internship, the intern will work with the community and integrations team to extend our Conjur SDK from a handful of client libraries to a complete OpenAPI implementation. There will also be opportunities to write tutorials, blog posts, and provide code samples that community members can use to understand how to use our software. In creating this content, interns will get hands-on experience with bash, Docker, interacting with a REST API, and some of the most popular modern DevOps tools and platforms for deploying software.

 

Responsibilities
The Conjur C&I team are responsible for many features and initiatives within the CyberArk portfolio, including:
- Features within the Conjur open source product
- Integrations for the Conjur and DAP products with popular open DevOps tools
- Connectors and enhancements for the revolutionary Secretless Broker
- APIs and SDKs for the above

 

Requirements:

- Senior currently enrolled in a University/ College

- Major studies focused in Computer Science, Information System Security, etc or prior industry software development experience 

- Experience with Docker, Bash, Golang, Ruby is a plus

- Capable of understanding the technical aspects of a complex system.

- Must have excellent communication skills and a passion for providing world-class service.

- Experience of directly supporting enterprise-level customers is a plus.

- Ability and desire to learn products and technologies.

- Must be able to work independently as well as with others, as part of a domestic and international team.

- Excellent time management, decision making, prioritization and organization skills.

- Experience developing on Unix/Linux based system is a plus

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
HP

Application Security Engineer

Spring, TX
Application Security
FULL-TIME
Aug 20
Premier

We are seeking a Product Security consultant within Personal PC organization. We are looking for an innovative and motivated candidate who under general direction and with a high level of autonomy, will use extensive knowledge and skills obtained through education and experience to perform the services.

The candidate will be required to work on multiple products and must have the ability to develop and present secure solutions and remediation advice to leadership and technical teams. The candidate will be required to assess risks imposed by technical solutions and advise product teams of security standards, best practices and solutions to address risk, while maintaining security quality and customer satisfaction.

 

Primary responsibilities of this role are:

  • Work closely with Business Team and product development team to:
  • Drive Security Development Lifecycle activities (architecture review, threat modeling, security code reads)
  • Align security solution to overall HP Inc. product.
  • Certify the product HP Inc. ship are align with cyber security standard.
  • Apply security throughout the product development lifecycle using Secure Development Lifecycle processes and techniques
  • Gain and maintain a working knowledge of the HP Inc. portfolio of products.
  • Continually review and enhance existing knowledge of security aspects of HP Inc. product sets and technologies.
  • Partner with product development teams in order to remediate risks identified by Product Security.
  • Capture Remediation data to provide dashboard and metrics to senior management
  • Provide 'soft' consultancy skills and a proactive approach to earn the trust of product teams.

Requirements and Desirable Qualities:

  • Strong engineering background preferred
  • Application architecture experience preferred
  • Advanced knowledge of Windows platforms
  • Advanced knowledge of application mobile security tools
  • Strong technical acumen securing software and hardware
  • Excellent analytical and problem solving skills
  • Good understanding of software development and working experience with any one of the higher level programing languages or scripting
  • Typically 5 or more years of related work experience
  • Experience leading security efforts and/or teams
  • Good analytical and problem solving skills.
  • Good communication skills

 

Experience:

  • Typically 7 or more years of related work experience
  • Typically 5 years’ experience in vulnerability research analyst, pen testing, security researcher, Windows, Linux.
  • Strong engineering and development background in software are preferred.
  • Open Source Contributor
  • Strong knowledge to perform below tests:
    • Penetration Testing
    • Static Analysis/ Static Application Security Testing
    • Vulnerability Assessment/Scanning
    • Dynamic Analysis/Dynamic Application Security Testing (DAST)
    • Malicious Software Analysis
    • SDL (architecture review, code reads, threat modeling)

 

 

Preferred Certifications:

  • CEH: Certified Ethical Hacker
  • CCNP Security: Cisco Certified Network Professional Security
  • GSEC / GCIH / GCIA: GIAC Security Certifications
  • CISSP: Certified Information Systems Security Professional
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Leidos

Jr Cybersecurity Application Developer

Washington, DC
Application Security
FULL-TIME
Jul 29
Premier

Job Description:

Leidos has an immediate need for a Junior Cybersecurity Application Developer to support this DHS SOC Program. The Application Developer will join a multidisciplinary team and needs to be a self-starter with excellent technical planning, system design, analytical and problem-solving skills, flexibility, good judgement and the ability to coordinate multiple, concurrent tasks in an effective manner. The applications developed will be used to collect and process data and improve the DHS Enterprise Security Operations Center capabilities. The Application Developer will work under the direction of senior staff on tasks to maintain existing applications and infrastructure, plan and install new hardware/software, assist with ATO compliance, help ensure the integrity and security of enterprise-wide cyber systems and networks, etc. The multidisciplinary nature of the team provides opportunities to work on a variety of applications and hardware that the team supports.

Primary Responsibilities

  • Develop and support capabilities on the RSA Archer platform as well as a variety of other platforms.
  • Assist with Server admin, account maintenance, upgrades and related Change Management requirements
  • Conduct POAM remediation, system support/maintenance.
  • Break/Fix System support and ticket resolution support.
  • Review, debug, and resolve technical issues throughout all stages development and support
  • Assist with process development and process improvement for Security Operations to include creation/modification of SOPs, Playbooks, and Work instructions
  • Perform integration activities to connect with 3rd party software APIs
  • Design, implement, and maintain efficient and reusable Python code
  • Work with stakeholders to develop requirements and deliverables

Basic Qualifications

  • The candidate shall have bachelor’s degree in Computer Science, Engineering, or related field and a minimum of 2 years of experience in system administration, database administration, network engineering, software engineering, or software development, with a concentration in cybersecurity
  • At least one of the following certifications: CASP, Security+, GCIH, GCWN, GISF, GSSP, GICSP, SEI, CCSP, CISSP, CSSLP, SSCP, CCNP, CCNP Security, CCIE Security, CEH, ECSP, MCSE, RHCA, RHCE, VCP, VCAP, VCIX, VCDX, Splunk Enterprise Certified Architect
  • Proficient in the use of all Microsoft Office tools
  • Demonstrated ability to adapt to new technologies and learn quickly
  • Ability to work independently on assigned tasking
  • Experience with Python and Shell Scripting
  • Experience with RedHat Linux
  • Department of Homeland Security ESOC employees are required to obtain an Entry on Duty (EOD) clearance to support this program.

Preferred Qualifications

  • Experience with VMware & Ansible/Ansible Tower and/or Terraform
  • Experience working in AWS and Azure
  • Experience working in an Agile environment
  • Experience as a SOC Analyst and/or Incident Responder

Experience and knowledge with designing, building, deploying, and maintaining infrastructure in cloud environments

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
CrowdStrike

Sr. Software Engineer

Remote
Application Security
FULL-TIME
Jul 16
Premier

We're building the next-generation infrastructure and security platform for CrowdStrike. The Managed Services Development (MSD) team builds the platform and tools for our analysts on the OverWatch team to process and hunt (identify potentially harmful activity) through hundreds of billions of events per day, and growing. MSD build and maintain the platform and tools for Falcon Complete analysts to run customer's security operations in our production cloud environment.

We are looking for an engineer who wants to help move the MSD platform forward as we scale even further. Someone with a broad range of computer skills throughout the software stack and clear communication skills would thrive in this environment. You should love working on large- scale, distributed, cloud-based, highly available systems that can efficiently operate over hundreds of billions events a day.

You will...

  • Be comfortable with projects to build new components and extend the current system. You would need to gather requirements, plan, code, test, and deploy to completion.
  • Help the OverWatch team become more effective in their analysis and hunting by improving the platform and tools.
  • Help the Falcon Complete team become more effective and efficient in their mission to support customer's security operations large and small.
  • Work closely with cloud architects to evolve our systems for future growth and platform development.
  • Bring research projects into production environments and integrate them with the MSD systems.
  • Work in a devops environment where you (and your team) are responsible for the systems you deploy.
  • Be an energetic ‘self-starter’ with the ability to take ownership and be accountable for deliverables.
  • Have a desire for quality and understand what tools and processes you need to reach that level and help the team reach a higher bar.
  • Be an adaptable and flexible engineer who is constantly learning and enjoys tackling complex and novel challenges.
  • Work as part of a distributed team of remote workers across timezones.
  • Use and give back to the open source community.

You'll use...

  • Go (Golang)
  • Python
  • AWS
  • Postgres
  • ElasticSearch
  • Kafka
  • Kubernetes/Spinnaker You have...
  • Degree in Computer Science (or commensurate experience).
  • ·Experience with Golang or another language for developing web backends and pipelines (such as Python/Ruby/etc).
  • Built web-services with data processing pipelines and the concepts required.
  • Experience with relational and noSQL databases (Redis, Postgres, Cassandra, ElasticSearch a plus).
  • Understanding of messaging or queueing software, Kafka experience highly desirable.
  • Linux skills and experience with large-scale, business-critical Linux environments.
  • Understanding of distributed systems and scalability challenges, particularly in Cloud environments such as AWS.
  • The ability to thrive in a fast paced, test-driven, collaborative and iterative programming environment.
  • A thorough understanding of engineering best practices from appropriate testing paradigms to effective peer code reviews and resilient architecture.

Bonus points awarded for...

  • Authored and lead successful open source libraries and projects.
  • Contributions to the open source community (GitHub, Stack Overflow, blogging).
  • Existing exposure to Go, AWS, Cassandra, Kafka, Elasticsearch...
  • Prior experience in the cybersecurity or intelligence fields.

Bring your experience in distributed technologies and algorithms, your great API and systems design sensibilities, and your passion for writing code that performs at extreme scale. You will help build a platform that scales to millions of events per second and Terabytes of data per day. If you want a job that makes a difference in the world and operates at high scale, you’ve come to the right place.

#LI-JF1

​#LI-Remote

#Stack

Benefits of Working at CrowdStrike:

  • Market leader in compensation and equity awards
  • Competitive vacation policy
  • Comprehensive health benefits + 401k plan
  • Paid parental leave, including adoption
  • Flexible work environment
  • Wellness programs
  • Stocked fridges, coffee, soda, and lots of treats

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
GSK

Network Security Specialist

Multiple
Network Security
FULL-TIME
Aug 23
Premier

Site Name: USA - Massachusetts - Waltham, USA - North Carolina - Research Triangle Park, USA - Pennsylvania - Philadelphia, USA - Pennsylvania - Upper Providence, USA - Texas - Richardson, UK - Hertfordshire - Stevenage
Posted Date: Aug 18 2020

This role is an exciting opportunity within GSK Tech Security & Risk (TSR) organisation who provide services and expertise to enable a risk based, compliant, efficient, secure and value driven Technology Delivery. As GSK continues its digital transformation, the security of platforms for infrastructure, data and applications must be elevated to utilize the latest and most effective capabilities available. The successful candidate will have strong technical & consultative skills as well as relevant experience in IT Security Architecture & Engineering. The successful candidate will be required to collaborate with technologists within GSK and other business entities.

 

This role will report to the Director of App & Infrastructure within the Architecture team of the Security & Risk Organisation. The Network Security Specialist will lead on developing the network security architecture and strategy. The candidate will support the GSK cyber security program team, as a technical leader architecting modern network paradigms including Software-Defined Networking, Zero-trust networking, Micro segmentation, Network Access Control, network security and monitoring solutions and secure remote access. The candidate will act as an interface with technical experts in the Platforms, Consumer, Pharma, Vaccines Technology teams as they build out internal & external capabilities on behalf of GSK and our customers. The candidate must be capable of understanding the threats to our platforms from internal and external sources, be able to direct and coach team members on mitigation solutions.  The candidate will ensure processes and technology align with the Tech Transformation Strategy within GSK and it complement the other functions within TSR. The candidate must ensure the deployment and operational security requirements are modern and scalable, align with the vision of the GSK Chief Digital Officer and Chief Information Security Officer. 

 

This role will provide YOU the opportunity to lead key activities to progress YOUR career, these responsibilities include some of the following:

  • Closely collaborate with the Tech Security & Risk peers and the wider Tech organisation within GSK to identify key business drivers, risks and security capability requirements
  • Develop GSK's network security architecture and strategy, fit for purpose for a large pharmaceutical with a global footprint
  • Present the architecture and strategy to stakeholders across the Tech organisation to get buy-in for the vision and roadmap
  • Provide input and direction for technology decisions and investments related to the strategy
  • Closely collaborate Tech Security & Risk peers and the wider Tech organisation within GSK to incrementally deliver against the strategy
  • Support Tech Security & Risk peers in delivery of their own security strategies
  • Support the wider Tech organisation to enable them to deliver their network related initiatives in a secure manner

Basic Qualifications:

 

We are looking for professionals with these required skills to achieve our goals:

  • Experience architecting and deploying networks and network security solutions in large enterprise organisations
  • Experience of modern network paradigms/technologies including: Software-Defined Networking, zero-trust networking, micro-segmentation, network access control, network security monitoring and secure remote access
  • Experience with building solutions on cloud platforms (Azure, GCP and AWS)
  • Experience in maintaining and enhancing security standards to align to industry best practice in relation to emerging technologies
  • Experience with Architecture frameworks such as SABSA, TOGAF etc.
  • 7-10 years experience in Information Security
  • 10+ years experience in Information Technology

 

 

Preferred Qualifications:

 

If you have the following characteristics, it would be a plus:

  • CISSP/ISSAP or other industry network, security and cloud certifications desirable
  • Proven experience working and influencing cross functionally
  • Pragmatic and focused on delivering value to the business
  • Strong and clear communication skills – verbal and written
  • Ability to engage with leadership teams
  • Highly self-motivated, directed, and can work independently without supervision
  • Prepared to work at a low level of detail where necessary
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
CrowdStrike

Software Engineer - Cloud Security

Remote
Cloud Security
FULL-TIME
Aug 19
Premier

About the Role

Cloud Security Posture Management (CSPM) is a new and complementary product area for CrowdStrike. We’re extending CrowdStrike’s mission of “stopping breaches” into the public cloud control plane and native cloud resources. CrowdStrike’s CSPM offering will give customers visibility into both the (mis)configuration and compliance of native cloud resources, and potential adversary activity involving those resources. When coupled with Falcon, CrowdStrike’s endpoint security offering, our CSPM offering will provide a more comprehensive perspective on how the adversary is targeting key customer infrastructure.

 

What You’ll Need 

  • Lead backend engineering efforts from rapid prototypes to large-scale applications across CrowdStrike products.
  • Leverage and build cloud based systems to detect targeted attacks and automate cyber threat intelligence production at a global scale.
  • Brainstorm, define, and build collaboratively with members across multiple teams.
  • Obsess about learning, and champion the newest technologies & tricks with others, raising the technical IQ of the team.
  • Be mentored and mentor other developers on web, backend and data storage technologies and our system.
  • Constantly re-evaluate our product to improve architecture, knowledge models, user experience, performance and stability.
  • Be an energetic ‘self-starter’ with the ability to take ownership and be accountable for deliverables.
  • Use and give back to the open source community.

 

You’ll use

  • Go (Golang)
  • AWS/GCP/Azure/Kubernetes
  • Kafka
  • GIT
  • Cassandra
  • ElasticSearch
  • Redis
  • ZMQ

 

Key Qualifications

  • Degree in Computer Science (or commensurate experience in data structures/algorithms/distributed systems).
  • The ability to scale backend systems – sharding, partitioning, scaling horizontally are second nature to you.
  • The desire to ship code and the love of seeing your bits run in production.
  • Deep understanding of distributed systems and scalability challenges.
  • Deep understand multi-threading, concurrency, and parallel processing technologies.
  • Team player skills – we embrace collaborating as a team as much as possible.
  • A thorough understanding of engineering best practices from appropriate testing paradigms to effective peer code reviews and resilient architecture.
  • The ability to thrive in a fast paced, test-driven, collaborative and iterative programming environment.
  • The skills to meet your commitments on time and produce high quality software that is unit tested, code reviewed, and checked in regularly for continuous integration.

 

Bonus points awarded for…

  • Authored and lead successful open source libraries and projects.
  • Contributions to the open source community (GitHub, Stack Overflow, blogging).
  • Existing exposure to Go, Scala, AWS, Cassandra, Kafka, Elasticsearch...
  • Prior experience in the cybersecurity or intelligence fields

 

Bring your experience in distributed technologies and algorithms, your great API and systems design sensibilities, and your passion for writing code that performs at extreme scale. You will help build a platform that scales to millions of events per second and Terabytes of data per day. If you want a job that makes a difference in the world and operates at high scale, you’ve come to the right place.

 

#LI-DK1

#LI-Remote

 

Benefits of Working at CrowdStrike:

  • Market leader in compensation and equity awards
  • Competitive vacation policy
  • Comprehensive health benefits + 401k plan 
  • Paid parental leave, including adoption
  • Flexible work environment
  • Wellness programs
  • Stocked fridges, coffee, soda, and lots of treats
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
IHS Markit

Junior Cloud Security Engineer

Remote
Cloud Security
FULL-TIME
Jul 8
Premier

Your role 

Reporting to the global head of cloud security at IHS Markit, your work will focus primarily on AWS with a secondary focus on VMC, Azure and/or GCP as needed. You will mentor and guide junior members of the cloud security team and partner with stakeholders across information security and other IHS Markit organizations to deliver solutions that harden IHS Markit’s cloud security posture.

 

Emphasis will be on the following objectives: 

·       Creating security automation for response and remediation of compliance findings and hardening of AWS and VMWare Cloud on AWS (VMC) environments primarily, and Azure or GCP secondarily

·       Onboard corporate and open-source security tools into build pipelines including SAST, DAST, TVM and anti-virus tools using Cloud native and open-source tooling and create custom tooling where needed to fill in gaps

·       Partner with the cybersecurity operations center (CSOC), offensive security operations and threat intelligence teams to onboard new services for the purpose of detection and predication of events

 

Your expertise 

·       0 – 2 years of experience of cloud security engineering on AWS 

·       Basic understanding of security requirements, best practices and execution in various cloud implementation scenarios: IaaS, PaaS, SaaS 

·       Basic understanding of Lockheed Martin’s Kill Chain or MITRE ATT&CK 

·       Basic understanding and exposure to automation using scripts and CI/CD pipelines with cloud native or open-source technologies 

·       Basic experience with a scripting language such as Bash or Python 

·       Basic understanding of Windows and Linux platforms in the lens of investigations, configuration management and patch management 

·       Knowledge of Google Cloud Platform (GCP) or Microsoft Azure security concepts in a secondary capacity is strongly desired, but not required 
 

You are 

·       A naturally curious self-starter - you can deliver on requirements with some limited guidance or supervision, as needed by you and the team 

·       A relentless learner - you actively seek to add to your skillset and knowledge base while challenging the status quo to drive efficiency in the team 

·       Strong interpersonal skills – you can communicate with a wide range of technical and non-technical teams 

·       Insist on the highest standards within the team and actively share your perspectives with the team and the larger information security organization 

 

What we offer: 

·       Access to the most interesting information technologies 

·       The ability to implement your own ideas and solutions 

·       Participation in conferences and training for Information Security qualifications 

 

Flexible Working  

We pride ourselves on our agility and diversity, and we welcome requests to work flexibly. For most roles, flexible hours and/or an element of remote working are usually possible. Please talk to us during the interview about the type of arrangement that is best for you. We will always try to be adaptable wherever we can and in accordance with local and regional practices.   

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
FireEye

Associate Security Consultant - Entry Level

New York, NY
SOC / Threat Intel
FULL-TIME
Oct 23
Premier

 

 

Associate Security Consultant - Entry Level 2021

Company Description

FireEye is the intelligence-led security company. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant® consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. FireEye has over 9,000 customers across 103 countries, including more than 50 percent of the Forbes Global 2000.

Job Description

Do you love the challenge of figuring out solutions to intricate technology puzzles? 

Do you like to help others solve their network and information security issues? 

If you answered YES, then consider a career at Mandiant as an Associate Consultant! 

We have the expertise and experience in information security. This is our focus.

You’re not just a number and you won’t get lost in the shuffle. 

You will be working on challenging technical projects that make an impact. You’ll be visible.

You’ll be exposed to many different environments and technologies.

You’ll learn from our best incident responders and red teamers.

We investigate breaches that make headlines (and many more that don’t), as well as break into applications and systems to identify security gaps for our clients.  We find evil and solve crime, and are seeking candidates who possess the ability to think like an attacker and stay one step ahead of the game. 

Find your niche among the cool projects you'll be involved with, such as:

  • Incident Response
  • Host and network forensics
  • Network traffic analysis
  • Malware analysis and reverse engineering
  • Penetration testing and Red Team
  • Network, web and mobile application security assessments
  • Source code reviews
  • And more...

Responsibilities:

  • Conduct host forensics, network forensics, log analysis, and malware triage in support of incident response investigations
  • Recognize and codify attacker tools, tactics, and procedures in indicators of compromise (IOCs) that can be applied to current and future investigations
  • Perform network penetration, web and mobile application testing, source code reviews, threat analysis, wireless network assessments and social engineering assessment
  • Build internal scripts, tools and methodologies to enhance our capabilities
  • Develop comprehensive and accurate reports and presentations for both technical and executive audiences
  • Work with security and IT operations at clients to implement remediation plans

Qualifications

Requirements:

  • Technical skills in at least two of the following areas: 
    • Strong knowledge of Windows OS and networking protocols
    • Basic knowledge of tools used for forensic collection and analysis
    • Knowledge of application testing and network security concepts
    • Experience with programming/scripting languages such as Python
  • A technical security-related internship or other professional experience
  • Must be able to travel 20-30%
  • Must be eligible to work in the US without sponsorship

Additional Qualifications:

  • Strong technical acumen and ability to quickly assimilate new information
  • Ability to successfully interface with clients (internal and external) and manage expectations of others
  • Ability to document and explain technical details in a concise, understandable manner

Additional Information

At FireEye we are committed to our #OneTeam approach combining diversity, collaboration, and excellence. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability. Requests for accommodation due to disability can be sent directly to HR-Accommodations@FireEye.com.
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Blackbaud

Red Team Security Engineer

New York, NY
SOC / Threat Intel
FULL-TIME
Oct 23
Premier

The NYC Red Team Security Engineer reports to the Senior Manager of Information Security and is responsible for testing and validating all facets of information security controls including networks, servers and web applications. The Red Team Security Engineer carries out attacks and perform security assessments to uncover vulnerable areas of systems and applications and to test defensive security measures using common as well as unique methods and practices.

What You’ll Do

  • Participate in Red/Blue Team exercises on a periodic basis so that management can assess effectiveness of security controls.
  • Conduct penetration testing for the red team which includes network, system, application, mobile, traditional web and wireless penetration testing.
  • Writing exploit code for local testing.
  • Perform thorough penetration testing that includes the identification, reporting, and recommendations for security vulnerabilities while adhering to management driven scope and deadlines.
  • Identify, prove, and report vulnerabilities that cannot be identified by scanners or tools
  • Develop, extend, or modify exploits, shellcode or exploit tools.
  • Develop applications in C#, ASP, .NET, ObjectiveC, Go, or Java (J2EE).
  • Reverse engineering malware, data obfuscators, or ciphers.
  • Source code review for control flow and security flaws.
  • Develop attack vectors, conduct reconnaissance, collect Open-source intelligence, enumeration, and foot printing of target networks and services, and develop exploit payloads and system backdoors.
  • Simulate malicious tactics of a motivated adversary with the intent of achieving a specific goal or access.
  • Develop on-going Technology Risk reporting, monitoring key trends and defining metrics to regularly measure control effectiveness for own area.
  • Influence behavior to reduce risk and foster a strong technology risk management culture throughout the enterprise.
  • Obtain threat intelligence from white hat sources and stay up to date on the latest exploits and security trends
  • Advise Incident Response on defensive and monitoring process design.
  • Deliver clear and coherent written reporting and remediation guidance.

What We’ll Want You To Have

  • College degree in Computer Information Systems, Computer Science, Information Systems Management, or equivalent professional experience.
  • 5+ years (in excess of degree requirements stated above) of experience with technical Cyber Security and 3+ years with Red Team or penetration testing experience.
  • Demonstrates broad subject matter expertise of web, network, and system security.
  • Certification in highly technical information security disciplines such as: CISM, CISSP, CCSP, CCNP, CCDE, CCIE Security, GIAC, CEH, GPEN, GWAPT, GXPN or OSCP certification(s)
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Palo Alto Networks

Security Systems Engineer - Intern

Santa Clara, CA
SOC / Threat Intel
INTERN
Sep 28
Premier

Your Career

As a Systems Engineer Intern, you will quickly ramp on Palo Alto Networks technology and will be assigned to multiple SEs. You will work together to complete critical work that supports customers in the pre-sales process. In this role, you will also work with sales on customer engagements and establish relationships with customers with the goal of helping them detect and prevent advanced cyberattacks and breaches. 

Upon completion of your summer internship, you will be required to do a final presentation on your contribution to getting a successful technical sell  (i.e. collect customer environment information, heat map, POC deployment, success criteria definition, recommended architecture/solution, and much more). 

Our global internship program trains the next generation of cybersecurity talent across a range of specializations, from threat intelligence to information security, engineering, and marketing. Interns and recent graduates can learn about the network security industry from leading thinkers, grow their professional networks, and be part of a career-defining experience.

Our Summer Internship Program from May-August or June-September provides you: 

  • 1:1 mentorship

  • Fun and engaging events that inspire your intellectual curiosity

  • The opportunity to expand your knowledge and work on challenging projects

  • Connections to other recent grads, and employees across the company as well as our leaders

Your Impact

  • Establish yourself as a trusted team member to SE leadership and colleagues and contribute to sales wins throughout the program 

  • Architect and propose solutions which address the identified cybersecurity problems in each customer’s unique environment 

  • Ensure ongoing customer happiness, support, and adoption of cybersecurity solutions

  • Act as the customer advocate for any issues that require technical assistance and follow up with the customer until the issue is resolved 

  • Continuous self-improvement and learning to maintain technical leadership of applicable technologies (data center, SDN, public cloud, security, networking, etc.) 

Your Experience

  • BS in Computer Science, technical cybersecurity or networking program

  • Experience with systems installation, UNIX/Linux, and Windows-based systems 

  • Experience with cloud networking services such as AWS, Azure, GCP is a plus – not required.

  • Understand and effectively present complex technical concepts to technical and non-technical audiences 

  • Strong analytical skills to evaluate complex problems and a systematic approach to create solutions

  • Mature and effective time-management skills

  • Knowledge and desire to learn of modern network threats and malware, network forensics, automation tools and technologies, and endpoint security technologies

Requirements – To apply, you must be pursuing a 4-year Undergraduate Degree with a GPA of 3.0 or above, a 2-year Master’s Degree or a Doctorate degree and returning to school in the fall. You must have the authorization to work within the United States.

Our Commitment

We’re trailblazers that dream big, take risks, and challenge cybersecurity’s status quo. It’s simple: we can’t accomplish our mission without diverse teams innovating, together.

We are committed to providing reasonable accommodations for all qualified individuals with a disability. If you require assistance or accommodation due to a disability or special need, please contact us at accommodations@paloaltonetworks.com.

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Varonis

Security Analyst

New York, NY
SOC / Threat Intel
FULL-TIME
Sep 7
Premier

Summary

The Varonis Security Analyst will develop solutions for customers and prospects to assist in gaining visibility into security events affecting their environment. They will have intimate knowledge of Varonis products and knowledge of other Security products, specifically SIEM products.  They will develop expertise in security domains to build new/develop existing integrations.  They will analyze and respond to threats, report on their impact, develop remediation capabilities, and educate both customers and employees. 

 

Responsibilities

  • Consult with customers to ensure that Varonis products are a major component in their Security Operations Center and Incident Response Methodologies.
  • Simultaneously drive revenue growth and the maturity of customer security programs
  • Integrate Varonis products with SIEM technologies.
  • Analyze both Varonis metadata streams and streams from other product for use in incident response.
  • Develop Security expertise in at least one domain (Network, Host, Windows, Cloud, Mobile, etc.)

 

Qualifications

  • 1+ Years of working with Varonis
  • Experience with SIEM tools performing deployment, configuration, and maintaining operations, content development.
  • Experience with security tool administration (e.g. firewalls, IDS, end-point protection, content filtering, IAM, DLP).
  • Experience with operational information security disciplines (e.g. incident response, security infrastructure management or monitoring services).
  • Proven experience in Cyber Security Operations (Monitoring, Detection, Incident Response, Forensics).
  • Experience with a diverse range of customers including financial, manufacturing, chemical, healthcare, and state and local government.
  • Proven success in contributing to a team-oriented environment.
  • Proven ability to work creatively and analytically in a problem-solving environment.
  • Excellent communication (written and oral) and interpersonal skills.

Requirements

  • Proven success in contributing to a team-oriented environment.
  • Sales oriented.
  • Proven ability to work creatively and analytically in a problem-solving environment.
  • Excellent communication (written and oral) and interpersonal skills.
  • Demonstrated leadership in professional setting; e
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Gieco

Cybersecurity Intern - Summer

Chevy Chase, MD
SOC / Threat Intel
INTERN
Sep 2
Premier

 During your paid 10-week internship, you will:

  • Have the unique opportunity to utilize your skills through individual assignments and team projects
  • Work on systems that defend GEICO, attend meetings, and give presentations to senior management
  • Receive mentoring and coaching from members of Cybersecurity management
  • Interact with associates at all levels of our cybersecurity organization-even our CISO!
  • Develop your technical, project management, communication, and leadership skills

GEICO's Cybersecurity teams have positioned our company as a leader amongst its peers in the Cybersecurity space.  Being a summer intern at GEICO has the potential to lead to a full-time IT career upon graduation.

 

Check out this video to see what it's like: GEICO’s IT Internship.

 

Required Candidate Qualifications

  • Currently pursuing a Bachelor's degree in Information Security, Cybersecurity, Computer Science, Computer Engineering, Business Information Technology, Information Systems, or a related major
  • Current junior or senior status (i.e., class of December 2020 or May 2021)
  • GPA of at least a 3.0 both overall and in major
  • Coursework or related work/internship experience using various Cybersecurity technologies.  Experience with programming and scripting languages like Python, Bash, Java, .NET, or C# technologies with well-rounded experiences outside of the classroom
  • Strong analytical, problem-solving, and communication skills
  • Preferred candidates will have demonstrated leadership potential
  • Ability to live and work in the Washington DC area

 

About GEICO 
 
For more than 75 years, GEICO has stood out from the rest of the insurance industry! We are one of the nation's largest and fastest-growing auto insurers thanks to our low rates, outstanding service and clever marketing. We're an industry leader employing thousands of dedicated and hard-working associates. As a wholly owned subsidiary of Berkshire Hathaway, we offer associates training and career advancement in a financially stable and rewarding workplace.

Our associates' quality of life is important to us. Full-time GEICO associates are offered a comprehensive Total Rewards Program*, including:

  • 401(k) and profit-sharing plans
  • Medical, dental, vision and life insurance
  • Paid vacation, holidays and leave programs
  • Tuition reimbursement
  • Associate assistance program
  • Flexible spending accounts
  • Business casual dress
  • Fitness and dining facilities (at most locations)
  • Associate clubs and sports teams
  • Volunteer opportunities
  • GEICO Federal Credit Union

* Benefit offerings for positions other than full-time may vary.

GEICO is an equal opportunity employer. GEICO conducts drug screens and background checks on applicants who accept employment offers.
 
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Home Depot

Cybersecurity Intern

Atlanta, GA
SOC / Threat Intel
INTERN
Sep 1
Premier

The goal of this 12-week summer internship program is to recruit and attract top talent to The Home Depot in order to provide a best-in-class experience for students of our company, our business and our culture. Our goal at the end of the internship is to extend full-time offers to top-performing interns upon receiving undergraduate and post-graduate degrees.

As part of the 12-week summer internship program, interns will have the opportunity to work on value-add business projects, have assigned managers, teams and mentors, learn from the executive leadership team during mentoring sessions, present to leadership on their project, gain exposure to the in-store environment, tour distribution facilities, and network with other Home Depot interns and associates through various social and business networking events.  

MAJOR TASKS, RESPONSIBILITIES AND KEY ACCOUNTABILITIES

  • Use strategic thinking to approach problems and create solutions
  • Responsible for the accuracy and quality of work performed
  • Develop and implement project plans; determine requirements, deliverables, resources, timing/milestones, and risks
  • Communicate findings and project status clearly and professionally through presentations
  • Make recommendations to upper management
  • Provide comprehensive report out to senior leaders on assignments and other related projects
  • Partner cross-functionally to achieve goals


NATURE AND SCOPE

  • Typically reports to Manager or Sr. Manager in the Home Depot PRO Organization
  • No direct responsibility for supervising others.

ENVIRONMENTAL JOB REQUIREMENTS
ENVIRONMENT: 
Located in a comfortable indoor area. Any unpleasant conditions would be infrequent and not objectionable.
TRAVEL: 
Typically requires overnight travel less than 10% of the time.

MINIMUM QUALIFICATIONS

  • Must be eighteen years of age or older.
  • Must be legally permitted to work in the United States.

EDUCATION REQUIRED:
The knowledge, skills and abilities typically acquired through the completion of a high school diploma and/or GED.

YEARS OF RELEVANT WORK EXPERIENCE: 0 years

PHYSICAL REQUIREMENTS:
Most of the time is spent sitting in a comfortable position and there is frequent opportunity to move about. On rare occasions there may be a need to move or lift light articles.

PREFERRED QUALIFICATIONS:

  • Strong analytical skills
  • Process/detail oriented
  • Excellent communication skills (written and verbal)
  • Time Management
  • Planning, organization
  • Ability to multi-task and prioritize in a fast paced environment
  • Proven leadership abilities
  • Currently pursuing a Bachelor’s degree in Cybersecurity, Engineering, Management Information Systems

KNOWLEDGE, SKILLS, ABILITIES AND COMPETENCIES:

  • Ability to communicate issues and recommend solutions in a timely manner.

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
IBM

Cyber Security Apprentice, NYC

New York, NY
SOC / Threat Intel
FULL-TIME
Aug 29
Premier

Introduction
Information and Data are some of the most important organizational assets in today’s businesses. As a Cyber Security Apprentice, you will be an advisor for IBM’s clients, analyzing business requirements to design and implement the best security solutions for their needs. You will apply your technical skills to find the balance between enabling and securing the client's organization with the cognitive solutions that are making IBM the fastest-growing enterprise security business in the world.


Your Role and Responsibilities
What is an Apprenticeship?
IBM Apprenticeship Program is an official registered apprenticeship recognized by the Department of Labor (DOL). Every graduate of a Registered Apprenticeship program receives a nationally-recognized credential from the DOL.

During the apprenticeship duration, you will be required to complete specific learning hours and on the job training that has been outlined to ensure you are developing the skills and competencies essential to the role. You will be able to learn and grow at your own pace, but we expect most apprentices will complete their learning within 12 months. Once you graduate and receive your certificate from our apprentice program, you will be eligible to apply to available full-time roles at IBM.

Who you are
An apprenticeship is about learning. We’re seeking candidates who have the following requirements, but we know you’re just getting your career started, and we’re committed to helping you learn and grow. If you’ve had some experience with data analysis or simply working in a team oriented environment in the past, you’re exactly the type of candidate we’re looking for.

To be successful, you need:

  • Drive and eagerness to learn
  • Ability to work independently, and in an efficient and organized manner
  • Ability to work collaboratively as part of a team
  • Strong verbal communication skills
  • Attention to detail
  • Strong troubleshooting
  • Knowledge or some experience in any one of the following:
    • Operating Systems like Windows, Linux
    • General networking and infrastructure fundamentals
    • Cyber security fundamentals
    • Perl, PHP, Python and/or other scripting languages
    • Ability to obtain and maintain a DoD Secret Clearance

What’s the experience?
As an apprentice, you'll join with other apprentices in a local cohort. You'll go through your first few weeks together, learning about IBM and the skills you'll be attaining throughout your apprenticeship. Then, you'll work with your managers and mentors to progress through your personal skills roadmap, learning and demonstrating new knowledge and competencies through hands-on application with your project teams.

No relocation is available for this position.


Required Technical and Professional Expertise

 
  • Willingness to complete the requirements of the apprenticeship program
  • Some knowledge or experience with any of the following:
    • Operating Systems like Windows, Linux
    • General networking and infrastructure fundamentals
    • Perl, PHP, Python and/or other scripting languages
    • Cyber security fundamentals
    • Ability to obtain and maintain a DoD Secret Clearance

Preferred Technical and Professional Expertise

  • Successful completion of an IBM Pre-Apprenticeship Program and/or approved equivalent prior to start date
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
EY

Cyber Threat Intelligence Analyst

New York, NY
SOC / Threat Intel
FULL-TIME
Aug 25
Premier
The opportunity
 As a CTI analyst in the Cyber Threat Intelligence team in Cyber Defense, the candidate will identify, research, and report on emerging threats to EY to strategically shape and guide the approach the firm takes to protect its people and assets.  The position offers a unique opportunity to inform and influence leadership with creative, thought provoking approaches to detect and defeat complex threats facing the firm. This position requires a balance of traditional analytical skills and developing technical skills to encourage the greatest potential for success for the candidate and the team.
 
Your key responsibilities
This role will be responsible for providing analytic expertise and critical feedback on team reporting to assure proper analytical tradecraft is applied. The analyst will conduct independent collection, analysis, and production of finished Cyber Threat Intelligence in support of EY Cyber Defense, EY Technology, and additional lines of business.  CTI analysts maintain awareness of the global threat landscape to influence a strong EY security posture.  The CTI analyst will review open source, third-party, and proprietary threat information and enrich it with contextual analysis that will result in finished strategic intelligence.  Significant time will be spent conducting strategic, predictive analysis around emerging trends and threat actor developments to aid senior decision makers.
 
Skills and attributes for success
  • Strong technical writing skills
  • Extensive experience with analytical tradecraft
  • Thorough understanding of cybersecurity principles
  • High degree of proficiency with Microsoft Excel and PowerBI
  • Expert use of estimative language
  • Attention to detail
  • Proofreading skills
  • Critical thinking skills 
To qualify for the role you must have
  • 7+ years of intelligence community experience collecting, analysing, proofing, and/or producing intelligence OR
  • 5+ years producing written products in a security related discipline.
  • A background in international relations with an emphasis in global economics.
  • Extensive experience conveying complex information in simple, succinct explanations.
  • Proven experience reviewing large data sets such as Intelligence Information Report repositories and enterprise-wide metrics to derive analytical conclusions.
  • A thorough understanding of the intelligence lifecycle.
  • An expert understanding of analytical bias.
  • An interest in conducting detailed trend analysis. 
Ideally, you’ll also have
  • Experience in Cyber Threat Intelligence.
  • Experience in Information Security.
  • Experience as a Reports Officer, Intelligence Officer, or Intelligence Analyst.
  • Exposure and understanding of the Diamond Threat Model. 
What we look for

We are looking for an experienced, self-driven analyst that can operate independently and improve the team as a whole.  The ideal candidate will seek to improve others while continuously learning and identifying ways to strengthen the team’s analytical tradecraft and advance our Cyber Threat Intelligence Program.

 
What working at EY offers
We offer a competitive remuneration package where you’ll be rewarded for your individual and team performance. Our comprehensive Total Rewards package includes support for flexible working and career development, and with FlexEY you can select benefits that suit your needs, covering holidays, health and well-being, insurance, savings and a wide range of discounts, offers and promotions. Plus, we offer: 
  • Support, coaching and feedback from some of the most engaging colleagues around.
  • Opportunities to develop new skills and progress your career.
  • The freedom and flexibility to handle your role in a way that’s right for you. 
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
FireEye

Information Security Consultant

Remote
SOC / Threat Intel
FULL-TIME
Aug 24
Premier
Company DescriptionFireEye is the intelligence-led security company. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant® consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. FireEye has over 9,000 customers across 103 countries, including more than 50 percent of the Forbes Global 2000.

Job Description

FireEye is seeking a Senior Information Security Consultant to join our Mandiant Consulting team .  As part of the Mandiant Security Consulting Services team, you will ensures the long-term success of our clients by providing specialized security monitoring, threat intelligence, and incident management consulting expertise. We are looking for motivated and experienced consultants with great customer service skills to help customers assess, design, and build their own advanced threat detection capability and help to continually improve our own program methodology. The successful candidate will possess strong consulting skills, be adept in leading multiple projects under tight deadlines, and possess in-depth experience in security event monitoring, cyber threat intelligence, and/or computer incident response.

What You Will Do:

  • Provide guidance on building and/or maturing information security programs, detecting and responding to computer security incidents, and implementation of tools and technologies used for enterprise security
  • Evaluate client needs, coordinate design for a solution, and clearly communicate the value proposition of complex and highly technical subjects
  • Implement and/or assess existing security controls
  • Provide expert level knowledge of tools and technologies used for enterprise security
  • Interface with clients to address concerns, issues or escalations; track and drive to closure any issues that impact the service and its value to clients
  • Provide expert in-depth knowledge in collecting, analyzing, and escalating security events; responding to computer security incidents, and/or collecting, analyzing, and disseminating cyber threat intelligence
  • Quickly master, simplify, and communicate the value proposition of complex subjects to clients
  • Use formal project management skills in planning, tracking, and reporting on project progress
  • Codify customer needs across accounts and use them to drive FireEye Mandiant Strategic Solutions methodology

Qualifications

  • Experience with the critical tools used in security event analysis, incident response, computer forensics, malware analysis, or other areas of security operations. 
  • Thorough understanding of cyber security operations, event monitoring, and SIEM tools
  • Fundamental understanding of network protocols
  • Familiarity with Unix and Windows operating systems and administrative tools
  • Understanding of security controls for common platforms and devices, including Windows, Unix, Linux, and network equipment
  • Minimum of three years of experience in information security
  • Must be eligible to work in the US without sponsorship
Additional Qualifications:
  • Ability to travel up to 50%
  • Provide expert level knowledge of tools and technologies used for enterprise security
  • Proven ability and understanding of the components that comprise a successful information security program
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Realogy

Remote Threat Analyst

Remote
SOC / Threat Intel
FULL-TIME
Aug 24
Premier
Position Summary:

We are currently seeking an Analyst, Threat & Vulnerability Management. This position will report to the Manager, Threat & Vulnerability Management of Realogy’s Cyber Security & Incident Response Team.
 
 
The Analyst, Threat & Vulnerability Management will ensure that vulnerabilities are properly and timely identified with the goal of keeping Realogy’s infrastructure secure. This includes monitoring Vulnerability Management processes for performance, coordinating scanning schedules, risk acceptances, and serving as an administrator of the Vulnerability Management tool.
 
 
Responsibilities: 
  • Understands and advises on enterprise policies and technical standards with specific regard to vulnerability management and secure configuration.
  • Able to successfully partner with other security and IT infrastructure professionals to assess potential impact from vulnerabilities specific to Realogy’s environment and determine appropriate mitigating controls.
  • Using a risk based approach, analyze Realogy’s vulnerability data against open / closed information sources to best prioritize vulnerability hygiene activities.
  • Identify and recommend appropriate measures to manage and remediate vulnerabilities with the focus on reducing potential impacts on information resources to a an acceptable level based upon Realogy’s policies and standards.
  • Understands basic network terminology and common protocols.
  • Assist the team with Application and Penetration Testing coordination.
  • Build strong partnerships with technical teams to promote best practices for managing vulnerabilities in an agile manner; across traditional infrastructure and in cloud environments.
  • Ability to fully understand business requirements and work with business partners to define appropriate solutions; meeting both security mandates and business needs.
  • Review and/or escalate exception requests submitted to the TVM team.
  • Develop and improve KPIs, metrics, and trend analysis for vulnerability management functions.
  • Assist the team to maintain appropriate documentation that defines the Threat & Vulnerability Management Program, policies, and procedures.
 
 
 
Qualifications:
  • B.S. in Computer Science or equivalent field.
  • CISSP, GCTI, or similar industry certification.
  • 3-5 years of experience in Vulnerability Management or related field.
  • Strong knowledge of Qualys, including configuration and maintenance, scan execution, cloud agent deployment and oversight.
  • Detailed knowledge of the Vulnerability Management process including vulnerability identification, false negative/positives identification & elimination.
  • Knowledge of industry standards relating to Vulnerability Management including Common Vulnerabilities and Exposures (CVE), Common Vulnerability Scoring System (CVSS) and Open Web Application Security Project (OWASP).
  • Basic knowledge of Security Standards/Controls specified under various IT governance and compliance models (NIST, HIPAA, PCI, GDPR, ISO 27001&27002).
  • Knowledge of technology and security topics including operating systems, network security, protocols, application security, infrastructure hardening and security baselines.
  • Knowledge of Cloud technologies such as AWS and Azure a plus.
  • Previous experience working in large scale environments with diverse technologies is a plus.
  • Knowledge of applicable scripting languages desired.
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
VMware

Entry-Level Security Solutions Engineer

Waltham, MA
SOC / Threat Intel
FULL-TIME
Aug 24
Premier

As part of a highly collaborative sales team, the Solutions Engineer works closely with sales, marketing, and product management to demonstrate product capability, inspire confidence, and effectively communicate the power of Carbon Black solutions. A majority of time will be spent delivering product demonstrations to remote prospective clients to illustrate how Carbon Black’s solutions provide direct value to their business and technical requirements.

What You’ll Do
Evangelize and demonstrate Carbon Black's products via presentations and product demos
Involvement in prospect evaluation process
Build and maintain prospect and partner relationships
Ensure a smooth and successful transition (externally and internally) from sales process to service delivery
Assist in developing and evolving standard methodologies for Sales Engineering activities
Provide product feature input to product management
Apprise Sales Engineering management of overall health of prospects (technical, organizational, operational and sponsorship)

What You’ll Bring
Technical degree from four year college (or equivalent)
Entry-level (0- 2 years of experience) with technical experience gained through recent Security-related employment, classwork, or internships
Ability to influence cross-functional teams without formal authority
Ability to present to technical audiences and be able to gracefully handle objections
Ability to effectively and quickly assess client/prospect needs
Dedication to quality work, attention to detail and sense of urgency and ownership of work deliverables
Experience with endpoint and server security
Experience with Windows 2000, XP,7, 8, 2003/2008/2012 application server and supporting technologies/products
Knowledge of Microsoft Windows configuration and management
Shown technical track record with securing Windows, Linux, and Mac operating systems

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
BlueVoyant

Remote SOC Tech Advisor

Remote
SOC / Threat Intel
FULL-TIME
Aug 22
Premier

BlueVoyant is looking for a Security Operations Center (SOC) Technical Advisor / Security Engineer to help our global customers manage their IT security utilizing Microsoft solutions. You will be part of a fast-paced team that helps customers to reduce the impact of security incidents and ensures that critical business operations continue unhindered. This position is fully remote.

 

Key Responsibilities

•    Provide security and technical leadership to the SOC team and provide senior support to help respond and remediate security incidents utilizing BlueVoyant toolset.
•    Provide the SOC with realistic scenarios and simulations for the purpose of advanced training, understanding, and practice, in the following areas:
o    Red vs blue scenarios
o    Purple teaming concepts
o    Tools / capabilities exploration
•    Contribute to technical strategy, draft requirements for product and engineering teams for SOC specific toolset needs.
•    Contribute to technical strategy and technical thought leadership
•    Delivery of functional value resulting from the research in the form of queries, signatures, rules, and contextual information (knowledge base articles)
•    Serve as a technical liaison on behalf of the SOC for matters involving other BlueVoyant teams
•    Provide (and coordinate) the SOC with deep technical and low-level training
•    Serve as a Technical SOC SME in support to customers (customer facing) and support to sales and marketing
•    Provide technical leadership to the SOC, as well as to BlueVoyant leadership
•    Lead technically challenging projects with complex technology stacks across multiple modalities
•    Supplemental in-depth research of exploits and vulnerabilities which have a high likelihood of occurring within BlueVoyant customer environments
•    Serve as an active participant within the security community for the purpose of capturing bleeding edge research around exploits, vulnerabilities, and operations
•    Provide technical feedback on the needs of the SOC and technical thought leadership
•    Participate in the response, investigation, and resolution of security incidents
•    Create knowledge base articles for handling medium and high severity incidents
•    Assist in the advancement of security policies, procedures, and automation
•    Develop incident response reporting and policy updates as needed
•    Serve as the technical escalation point and mentor for lower-level analysts and SOC team members
•    Regularly communicate with customer IT teams to inform them of issues, help them remediate, and ensure that they continue to operate business as usual
•    Assist with advancing security standard operating procedures and incident response reporting.

 

Qualifications

•    Excellent teamwork skills
•    Hands-on experience with Microsoft Azure Sentinel, Defender ATP, O365 ATP, and other Microsoft security suites.
•    Hands-on experience with Microsoft Azure Sentinel, Microsoft Threat Protection suite of security solutions (Defender ATP, Azure ATP, Office 365 ATP, Microsoft Cloud Application Security), Azure Active Directory, Azure Security Center, Azure Log Analytics, and M365 suite of solutions.
•    Hands-on experience for the following:
o    Configure data digestion types and connectors
o    Analytic design and configuration of the events and logs being digested
o    Develop, automate, and orchestrate tasks(playbooks) with logic apps based on certain events
o    Create incident categorization and threat management plan
o    Configure Sentinel Incidents, Workbooks, Hunt queries, Notebooks
o    Support ongoing development and troubleshooting of Azure Sentinel
o    Advise and develop Azure Sentinel adoption migration roadmap for clients
o    Ability to advise customers on the Microsoft Cloud Security capabilities across the Azure platform.
o    Kusto Query Language (KQL).
•    Strong experience with scripting languages (Python, PowerShell, others)
•    Familiarity with other high level languages (C, C++, Go, Java, other)
•    Strong experience with digital forensic analysis (host, network, other) and blue team operations
•    A thorough understanding of purple team operations and the ability to conceptually apply this in an advanced manner
•    Advanced knowledge and understanding of network protocols and devices.
•    Advanced experience with Mac OS, Windows, and Unix systems.
•    Ability to analyze event logs and recognize signs of cyber intrusions/attacks
•    Ability to handle high pressure situations in a productive and professional manner.
•    Ability to work directly with customers to understand requirements for and feedback on security services
•    Advanced written and verbal communication skills and the ability to present complex technical topics in clear and easy-to-understand language
•    Strong teamwork and interpersonal skills, including the ability to work effectively with a globally distributed team
•    Skilled in the creation of signatures for security tools
•    Familiarity with tools such as Wireshark, TCP Dump, Security Onion, and Splunk
•    Strong knowledge of the following:
o    SIEM
o    Packet Analysis
o    SSL Decryption
o    Malware Detection
o    HIDS/NIDS
o    Network Monitoring Tools
o    Case Management System
o    Knowledge Base
o    Web Security Gateway
o    Email Security
o    Data Loss Prevention
o    Anti-Virus
o    Network Access Control
o    Encryption
o    Vulnerability Identification

Preferred Qualifications

•    Experience in network/host vulnerability analysis, intrusion analysis, digital forensics, penetration testing, or related areas
•    10+ years of experience in information technology or information security, 4 of which were spent dealing directly with Security Operations or in a Security Operations Center (SOC)
•    Microsoft 365 Certified: Security Administrator Associate and GCFA, GCFE, or OSCP required. Certifications (2 or more of): OSCE, GCFA, GCFE, GNFA, GREM preferred
•    Familiarity with tools such as IDA Pro, PEiD, PEview, Procmon, Snort, Bro, Kali Linux, Metasploit, NMAP, and Nessus
•    Familiarity with Azure, AWS, and GCP cloud environments.

Education

•    Minimum bachelor’s degree in Information Security, Computer Science, or other IT-related field. Master’s degree in cyber security, computer science, information assurance, or similarly technical degree preferred. Exceptional candidates with proven experience in security/network operations will also be considered.

About BlueVoyant

BlueVoyant combines world-class cyber defense talent with unique threat intelligence data to provide real-time, external, threat-monitoring services and comprehensive Managed Security Services. BlueVoyant’s distinctive Managed Security Service combines advanced endpoint protection, network monitoring, and remote remediation. In addition, BlueVoyant’s Managed Security Service are closely linked to its uniquely comprehensive and actionable real-time Threat Intelligence data, which combines internet traffic, Dark Web intelligence, and host-based threat data.

By working with BlueVoyant, companies can gain unique and far-reaching visibility into malicious activity on their networks, in the dark web and across the internet, as well as real-time, automatable remediation services. Through our unique real-time external threat monitoring, predictive human and machine-sourced intelligence, and proactive managed security and incident response, BlueVoyant offers the private sector exceptional cyber defense capabilities.

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
HP

Cybersecurity Intern

Spring, TX
SOC / Threat Intel
INTERN
Aug 20
Premier

HPinvents. We never stand still. We look for new things to do, and new ways to do things we've done before. Cybersecurity enables HP's businesses by optimizing the balance between business priorities and effective security posture to support HP's position as industry leader. Excellence is the minimum standard acceptable. Job Description/Responsibilities This opportunity will entail the exploration and deployment of appropriate automation within Cybersecurity GRC process and tool sets, potentially including scripting/programming, utilization of API's, RPA. and other technologies. Also included is contribution to structured data management and analytics. Exploration of other areas of Cybersecurity will also be considered. Through this assignment the successful candidate will gain exposure and contribute to key elements of a successful cyber security program. Education and Experience Required: • Pursing a Bachelor's (undergraduate) degree or Masters (graduate) degree in Computer Science, Information Systems, Electrical Engineering, or equivalent experience • Good communication and collaboration skills • Strong technical abilities with some experience in application development • Ability to quickly adapt to new technology and apply learnings • Possess creative ability, consulting skills, leadership qualities, credibility, and self-confidence

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Raven Industries

Information Security Intern

Sioux Falls, SD
SOC / Threat Intel
INTERN
Jul 29
Premier

Purpose:

The IT Security Intern will assist the information security team in operational work and compliance-oriented projects. Assist in assuring a stable and secure information technology environment.

Essential Functions:

  • Working with enterprise grade tools for alarm triage and analysis.
  • Assistant in operations of Raven Industries’ security program.
  • Operational work in email protection solutions.
  • Execute internal phishing campaigns, administer training courses, and track phishing campaign and awareness results.
  • Stay up to date on the latest IT Security news and announcements.
  • Communicate security updates and awareness to Raven employees.
  • Documentation of compliance and security operations.
  • Generate reports on various security information.
  • Working with security team to provide solutions to various security challenges.

Qualifications:

  • Obtained or working towards a degree related to Information Security.
  • Knowledge of Linux operating systems.
  • Knowledge of networking concepts, technologies, and protocols.
  • Scripting and programming knowledge.
  • Experience or knowledge in basic security solutions.
  • Basic knowledge of red/blue team techniques, tactics, and procedures.
  • Basic problem analysis and problem-solving techniques.
  • Team player who is self-motivated and has ability to work with minimal supervision.
  • Strong written & verbal communication skills.
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
ASRC Federal

Jr. Cyber Security Analyst

Moffett Field, CA
SOC / Threat Intel
FULL-TIME
Jul 24
Premier
ASRC Federal Research and Technology Solutions (ARTS) is seeking an entry level Cyber Security Analyst to join our growing team in supporting NASA's Security Operations Center (SOC) at Ames Research Center in Mountain View, CA. As a member of our SOC Team, your goal will be to detect, analyze, and respond to cybersecurity incidents using a combination of technology solutions and a strong set of processes.
 
Responsibilities
  • Monitor NASA agency reports and SOC (Security Operations Center) systems for incidents and malicious activity
  • Analyze security events and identify relevant incidents
  • Correlate and discover relationships between events and incidents
  • Produce high quality reports
  • Perform relevant incident data analysis and correlate with multiple sources for mitigation
  • Provide incident handling and response support for the agency
  • Contribute to process improvement and efficiency
 
Requirements:
  • Associate degree in relevant field/technology or 2 years of experience in lieu of degree, additional years of related experience a plus
  • Process oriented individual excelling in a team environment
  • Knowledge of common enterprise applications, e-mail, web, cloud, client/server applications
  • Excellent communication and interpersonal skills
  • Ability to work in a 24/7/365 shift environment
  • Ability to obtain a government clearance (US Citizenship is required)
 
Desired Skills
  • Experience with customer service coordinating with team activities
  • Scripting
  • Experience reviewing and analyzing log data
  • Familiarity in a command line environment
  • CEH, Security+ are desired certifications
 
ARTS provides comprehensive IT services to NASA Ames Research Center located in Mountain View, CA. From cloud computing & network/information security to systems administration and technology development, we are encouraging talented IT professionals to explore the vast opportunities available on this NASA contract in the heart of Silicon Valley.
 
ASRC Federal and its Subsidiaries are Equal Opportunity / Affirmative Action employers. All qualified applicants will receive consideration for employment without regard to race, gender, color, age, sexual orientation, gender identification, national origin, religion, marital status, ancestry, citizenship, disability, protected veteran status, or any other factor prohibited by applicable law.

 

  • Associate degree in relevant field/technology or 2 years of experience in lieu of degree, additional years of related experience a plus
  • Process oriented individual excelling in a team environment
  • Knowledge of common enterprise applications, e-mail, web, cloud, client/server applications
  • Excellent communication and interpersonal skills
  • Ability to work in a 24/7/365 shift environment
  • Ability to obtain a government clearance (US Citizenship is required)
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Nu Skin

Threat & Vulnerability Mgmt. Intern

Provo, UT
SOC / Threat Intel
INTERN
Jul 22
Premier

The Threat and Vulnerability Management (TVM) Intern will work directly with the Technology Risk arm of Nu Skin’s greater Information Security Program and will get TVM program management experience with Nu Skin’s Global Threat and Vulnerability management program.

This position will collaborate with leadership, technical and security operations and other groups to proactively identify, quantify, react and report vulnerabilities and threats. This role will also get exposure participating in the preparation and presentation of threat intelligence detail, vulnerability posture, and current exposure landscape.

What you will do

  • Working with the broader InfoSec team, Identify and articulate risks and remediation in a relevant and approachable manner with both technical and non-technical audiences.
  • Assists in designing correction plans, mitigations, and full remediation actions related to emerging threats and identified vulnerabilities.
  • Collaborate with infrastructure and application owners on security hot-fixes or patch management validation
  • Collaborate with technology teams to research, recommend, and implement enterprise-wide changes
  • Build relationships and serve as a liaison between system/application owners and the business.
  • Assist in tracking and remediation of vulnerabilities by leveraging agreed-upon action plans and timelines with responsible technology developers and support teams.
  • Participate in preparation for and presentation to cross-functional stakeholders and Sr. leadership to ensure the awareness of and ongoing success of the vulnerability reporting and management programs.

 

Why we’re excited about you

Mandatory Skills

  • Working towards a degree in Computer Science, Information Science, Information Technology or related field or equivalent education/experience
  • Ability to provide quality deliverables on time and on budget.
  • Cursory knowledge of vulnerability scanners, vulnerability management systems and patch management.
  • Technical background in (/ knowledge of) systems and network security
  • High level understanding of security controls (e.g. access control, auditing, authentication, encryption, integrity, physical security, and application security).
  • Strong communication skills
  • Proven project management skills (School projects etc)

Desirable:

  • Security certifications highly desirable (e.g. CISA, CISSP, GCIH).
  • Proven experience working with Threat Monitoring and Intelligence integration with SIEM solutions
  • Working knowledge of configuration baseline standards (STIG, CIS, etc.)
  • A passion for security.
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Sacramento Municipal Utility District

SOC Analyst

Sacramento, CA
SOC / Threat Intel
FULL-TIME
Jul 19
Premier

This person is responsible for day to day security operations activities that include detecting malicious activity through monitoring of existing security capabilities, hunting for indicators of attack and compromise in our environment, and maintaining situational awareness of SMUD’s environment. This position will support incident response activities to respond and recover to cybersecurity events.

Uses data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purposes of mitigating threats.

Remote work will be considered

Desired skills:

  • Threat Hunting Experience – candidate should be passionate about finding suspicious activity.
  • Threat Analyst Experience – Candidate should be able to understand technical and business process impacts of activities, and be able to collaborate with IT operations and Cybersecurity Engineers on mitigations and remediations.
  • Ability to analyze malware.
  • Ability to conduct vulnerability scans and recognize vulnerabilities in security systems.
  • Ability to accurately and completely source all data used in intelligence, assessment and/or planning products.
  • Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
  • Ability to apply techniques for detecting host and network-based intrusions using intrusion detection technologies.
  • Ability to interpret the information collected by network tools (e.g. Nslookup, Ping, and Traceroute).
  • Knowledge of penetration testing principles, tools, and techniques.
  • Knowledge of Application Security Risks (e.g. Open Web Application Security Project Top 10 list)
  • Knowledge of cyber attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks).
  • Knowledge of incident response and handling methodologies.
  • Knowledge of information technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, encryption).
  • Ability to share meaningful insights about the context of an organization’s threat environment that improve its risk management posture.

Ability to identify systemic security issues based on the analysis of vulnerability and configuration data.

Position Type

Regular - Full Time

No. of Openings

1

Pay Scale Group

PAS0059O

Base Salary Annual Low

$101,166

Base Salary Annual High

$134,057

Selection Process

Initial Review, Qualifications Interview, Reference Check, Background Check

Major Duties & Responsibilities

Responsible for the design, development, implementation, and/or integration of SMUDs security architecture, system, or system components for use within IT and OT environments. Ensures that the architecture and design of SMUDs IT and OT are functional and secure.
Provides network and systems security engineering, design engineering, security tests and evaluations, and risk assessments for OT and enterprise level IT systems, including risk management, vulnerability assessments, security assessments, strategy and project development, network architecture designs, and monitoring solutions.
Enhance enterprise cybersecurity program by developing technical security requirements and technical security control implementation guidance for IT/OT network infrastructure to include hardware, software, and services.
Applies technical experience and knowledge on routing, switching, MPLS, SONET/SDH, Frame/Relay, Telecommunications, Wireless (Microwave amd LTE) and Radio technologies. 5. Maintain skills implementing and/or operating security and networking technologies: Application Security Scanners, Endpoint Protection, Remote Connection, Network Protection, Data Loss Prevention, File Integrity Monitoring, Security Auditing amd Logging, Vulnerability Management, and Virtual Private Networking technologies such as IPSEC, SSL/TLS, SSH, site to site and network to network.
Advise on the design and innovative integration of cybersecurity toolsets to enable more automated discovery, remediation, and alerting of network and device vulnerabilities as a means of improving the security posture, to include security solutions utilized in SCADA/Control systems environments, applying working knowledge of ICCP, DNP3, MODBUS and other common IEC utility protocols such as IEC-60870-5, IEC-61850.
Maintain technical knowledge of TCP/IP, DNS, SMTP, HTTP, FTP, SNMP, Active Directory, LDAP, Ethernet, Wireless LAN, and other WAN/LAN Protocols. 8. Apply knowledge and functional experience with IDS/IPS, WAF, ADC, firewall, VPN across a wide range of complex architectures, platforms and mediums.
Review and/or monitor network and system activity and analyze evidence of suspicious behavior to identify and report events that occur or might occur within the network to protect information, information systems, and networks from threats.
Other related duties as assigned

Minimum Qualifications

Education
Bachelor's degree in Cybersecurity, Information Security, Information Technology or closely related field (i.e Computer Science, Systems Engineering, Electrical Engineering) or 7 years equivalent experience.

Experience:
Three (3+) or more years of progressively relevant professional or technical experience in cybersecurity and/or information security.

Knowledge Of:
Principles and practices of cybersecurity and information technology systems. Principles and practices of system security engineering, design, development, analysis, testing and security administration. Methods and techniques of evaluating security and privacy requirements and developing secure solutions for SMUD systems. Methods and techniques of developing data security, integrity, backup and recovery processes. Project management methodologies. Principles and practices of systems and procedures analysis and design. English composition and business writing and vocabulary standards; methods and techniques for report preparation and writing; methods and techniques for record keeping; modern office practices and procedures.

Skill To:
Problem solve, analytical and troubleshooting capabilities; ability to learn new skills quickly with minimal guidance; ability to achieve project schedules and milestones; work in a team environment with aggressive deadlines and multiple priorities while staying a team player; facilitation and presentation skills; strong verbal and written communication skills as well as strong interpersonal skills; ability to listen, learn, speak up, and mentor; attention to detail; skill to work with different groups and diverse projects as a partner; skill to perform privacy and/or security reviews including regulatory and industry assessments, risk analyses, information inventory and data mapping, vendor management security assessments, and additional privacy or cybersecurity compliance related projects.

Desirable Qualifications

Any of the skills of the other specialist (Engineering, Governance, Risk Management, Compliance) and OT Security experience to support a cross functional team concept.

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
KBR

Junior Information Security Analyst

Lexington Park, MD
SOC / Threat Intel
FULL-TIME
Jul 19
Premier

KBR is looking for qualified candidates to help support the Atlantic Test Ranges (ATR) and Atlantic Targets and Marine Operations (ATMO) team within the Naval Air Warfare Center Aircraft Division across the country. These outstanding organizations, and the ranges and resources they provide, are vital to our nation’s security. They represent a tremendous investment by the DoD in providing the best test and evaluation, and training range capability to our armed forces and allies. KBR wants to connect with qualified professionals like you, interested in supporting this important test and training mission.

 

Installs, configures, and supports local area networks (LAN), wide area networks (WAN), and Internet systems or a segment of a network system. Monitors network to ensure network availability to all system users and performs necessary maintenance to support network availability. Monitors and tests network performance to ensure networks operate correctly and without interruption. Plans, implements, upgrades, and monitors security measures for the protection of ATR RDT&E computer networks and information. Assess RDT&E system vulnerabilities for security risks and propose and implement risk mitigation strategies. Ensures that appropriate security controls are in place that will safeguard digital files and vital electronic infrastructure. Responds to reports of computer security breaches and viruses on RDT&E networks

 

Basic Qualifications:

BS Degree in a computer science, computer programming, cybersecurity, or engineering discipline from an accredited college or university. Entry level. In lieu of a BS Degree, a High School diploma or equivalent GED and 6 years work experience performing the stated or similar function or an Associate’s Degree and 4 years work experience performing the stated or similar function.

 

Licenses and Certifications

Meet and maintain education, training, and certification requirements in compliance with applicable DoD/DoN Cybersecurity Workforce policy (currently DoD 8570.01-M/8140.01/SECNAV 5239.2). Must hold current industry certifications to achieve and maintain IAT Level II certification IAW DoD instruction 8570.1.

 

Clearance: Secret / Top Secret w/SSBI

 

Scheduled Weekly Hours:

40

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Jacobs

Entry Level Intelligence Analyst

Crystal City, VA
SOC / Threat Intel
FULL-TIME
Jul 11
Premier
This is an entry level position for candidates with the academic background (bachelor’s degree in relevant or demanding field required) and desire to pursue a career in intelligence analysis. This is a great opportunity to begin a career in the intelligence community.

Roles and Responsibilities:
  • Perform all source and open source research and analysis on matters of counterintelligence, counter-terrorism, WMD, cyber, and counter-proliferation to support ongoing investigations and intelligence collection
  • Exploit data from specific sources and raw intelligence, and compile them to validate USIC intelligence collection requirements
  • Help to facilitate the exchange of information between government agencies to include DOJ, DOD, and DHS - Instruct/brief personnel on various national security programs and procedures
  • Disseminate information across the USIC; work directly with agents and analysts to facilitate intelligence collection on specific threats to national security.
  • Work closely with government personnel to support audit preparation and assist in the development of agency and unit/program policy.
#CJPOST 
Qualifications
 Minimum Requirements:
  • Must possess Bachelor’s Degree (no equivalents).
  • Must have an active Top Secret clearance
  • Candidate must possess excellent writing and verbal communication skills. 
  • Must be detail oriented with the ability to multi-task and prioritize efforts.
  • Candidate must be comfortable searching, evaluating and studying open and classified sources to gather and analyze technical information. 
Desired Qualifications:
Background or interest in counter-terrorism, national security, cyber, international relations, analytic studies, counterintelligence, or WMD

Clearance Requirement: This position requires a Top Secret security clearance, based on current background investigation (SBI).


Essential Functions 

Physical Requirements:
Most work will be done at a desk or computer.

Work Environment:
General Office environment. The work environment is fast-paced and sometimes involves extreme deadline pressures. The nature of the work requires a high degree of teamwork and cooperation with other members of the staff as well as individuals across the Company and Customers.

Equipment & Machines:
General office equipment including PC/laptop, Fax, Copiers, Shredder, Printers, Telephone, and other miscellaneous office equipment.

Attendance:
Attendance is critical at all times. Must be able to work a 40-hour workweek, normally Monday through Friday. However, times and days may vary depending on business requirements. Needs to be available to work overtime during critical peaks and be available to meet last minute requests for overtime should the situation occur.
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
NICE Systems

Security Engineer

Atlanta, GA
SOC / Threat Intel
FULL-TIME
Jul 8
Premier

Responsible for managing security related projects, applications, documentation, and monitoring. In addition, this position will review systems to verify complete and proper configuration security configuration.  This position also helps to manage and implement security technologies to ensure that compliance is met within the network and server infrastructure.

 

ESSENTIAL DUTIES AND RESPONSIBILITIES

  • Monitoring, improving and implementing security projects in both the PCI and internal networks
  • Continuous monitoring of the security of networks and systems to maintain Nexidia’s security posture
  • Documentation, development, and enforcement of policies and procedures.
  • Planning and implementing new software deployments and processes
  • Perform Penetration and Security testing
  • Review switch, firewall, server, and application configurations
  • Thorough understanding of information security principles and practices with demonstrated experience including Log monitoring, IPS, and AV solutions.
  • Perform comprehensive PCI-DSS, ISO:27001, and HITRUST assessments, IT audits, policy and procedure development. 
  • Maintain Awareness, Patching, and Vendor security assessment systems
  • Develop reports that detail compliance and security gaps including risk severity level, systems impacted, business risk summary, and recommendations that remediate all findings.
  • Stay current with security vulnerabilities, tools, and best practices

 ADDITIONAL DUTIES AND RESPONSIBILITIES

  • Maintain and manage the security training process
  • Work with auditors to provide document and evidence during audits
  • Performs other duties as required
  • Understands and adheres to Nexidia compliance standards as they appear in the Employee Handbook, Corporate Compliance Policies, Code of Conduct and Conflict of Interest Policy (as appropriate).
  • Stays current with all pertinent federal and state regulations, laws, and policies as they presently exist and as they change or are modified.

 

VISA SPONSORSHIP NOT CURRENTLY OFFERED.

 KNOWLEDGE, SKILLS, AND ABILITIES 

  • Solid understanding security frameworks and standards
  • Solid understanding of Microsoft Server Operating Systems, Linux Operating Systems, Active Directory, and group policy
  • Solid understanding of system and network security including:
    • Firewalls, VPN, SIEM, Audit Tools, Vulnerability and Penetration Testing tools, Antivirus, FIM, IDS/IPS, DLP, Email Security, Wireless, and other Security Tools
  • Possess a good understanding of LAN / WAN technologies and protocols including TCP/IP & DNS
  • Knowledge and experience with Server 2012 and Server 2016
  • Excellent knowledge of security best practices and compliance standards like PCI, ISO:27001, and HIPAA/HITRUST
  • Excellent customer service, verbal and written communication skills

 
EDUCATION AND EXPERIENCE

  • Bachelor's degree in computer science, information technology or related field or equivalent work experience. (Typically four years of additional related, progressive work experience would be needed for candidates applying for this position who do not possess a bachelor's degree.)
  • Knowledge of and experience with PCI, HITRUST, and ISO 27001: information security management systems and certification preferred.
  • A minimum of two years additional directly related technical experience is required.
  • Basic understanding of information security.
  • Basic knowledge of security principles.
  • Knowledge of information technology terms, equipment, systems, functions and major vendors.
  • Excellent oral and written communication skills, including presentation skills.
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
NYC Cyber Command

Threat Intel Analyst Intern

Remote
SOC / Threat Intel
INTERN
Jul 15
Premier

About New York City Cyber Command
New York City Cyber Command (NYC3) was created in 2017 by Executive Order to lead the city’s cyber defense efforts, working across more than 100 agencies and offices to prevent, detect, respond, and recover from cyber threats. New York City Cyber Command (NYC3) is committed to protecting City infrastructure and critical systems from cyber threats, and helping residents become safer in their digital lives.

As the organization defending the largest municipality in the country, NYC3 is charged with directing citywide incident response, setting citywide cybersecurity policies and standards, and working with city agencies to strengthen their cyber defenses.

Job Description:
Cyber Threat Intelligence (CTI) Summer Interns within NYC Cyber Command perform many critical functions within the Threat Management discipline. CTI Summer Interns work directly with the CTI team, and work closely with the Computer Emergency Response Team (CERT),Security Operations Center (SOC), and Counter Threat Automation (CTA) team. Summer Interns will help by providing technical, tactical, and operational intelligence and assisting in providing strategic intelligence briefings to the executive team at NYC3. The technical, tactical and operational intelligence will assist in triaging, responding, remediating and recovering from high severity incidents involving over 160 agencies of the City of New York. CTI intern responsibilities will include : * Develop actionable intelligence in the form of technical indicators, reports, lists, rules, signatures, or indicators and warnings.

  • Collect and analyze open source data, information, and intelligence relevant to cyber security and the mission of NYC3 on a daily basis.
  • Collaborate with the CERT and SOC to perform advanced rule creations and assistance for hunting identified Indicators of Compromise from generated and analyzed intelligence.
  • Conduct threat landscape research across relevant industries and verticals related to New York City with open source information.
  • Conduct analysis and draft finished intelligence products on key issues of strategic interest to NYC3 using open source information

Preferred Skills:

  • An active knowledge of current trends in cyber security, and software/hardware vulnerabilities.
  • A general knowledge on security fundamentals and an inquiring mind.
  • An active interest in current security research.
  • Knowledge in network analysis, host analysis, and IDS/IPS technology.

Minimum Qualification Requirements :
Selected candidates must be enrolled in a degree bearing program

SPECIAL NOTE
Due to the current COVID-19 crisis, this opportunity will be remote. Internship will be unpaid and interns must show proof of their university giving academic credit or funding from their university or authorized 3rd party. The length of this part or full time,17 up to 35 hour per week internship will be no longer than 12 weeks .

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
NYC Cyber Command

Security Operations Analyst - Fall Intern

Remote
SOC / Threat Intel
INTERN
Jul 15
Premier
About New York City Cyber Command
New York City Cyber Command (NYC3) was created in 2017 by Executive Order to lead the city’s cyber defense efforts, working across more than 100 agencies and offices to prevent, detect, respond, and recover from cyber threats. New York City Cyber Command (NYC3) is committed to protecting City infrastructure and critical systems from cyber threats, and helping residents become safer in their digital lives.
 
As the organization defending the largest municipality in the country, NYC3 is charged with directing citywide incident response, setting citywide cybersecurity policies and standards, and working with city agencies to strengthen their cyber defenses. 


Job Description
The mission of the NYC3 is to Prevent, Detect, Respond and Recover from cyber threats against the data and infrastructure of the City of New York, in collaboration with public and private sector partners. More specifically this position is for the Threat Management tower within NYC3. As a Cyber Command Intern (Security Operations Analyst) you will work closely with the CERT, Security Operations (SOC) and Intelligence team on building tools and processes that will enable effective triaging, responding, remediating and recovering from cyber security incidents involving over 140 agencies of the City of New York.

Responsibilities will include:
• Build, develop, and deploy automation / orchestration playbooks that will enable effective triaging of incidents;
• Participate and assist in testing new technologies and products to determine their effectiveness within the NYC3 infrastructure;
• Work with the NYC3 engineering team on deploying tools and platforms to support the mission of the Threat Management team;
• Develop and deploy tools that will assist the NYC3 threat management teams in performing quick triage tasks that would otherwise require manual work;
• Maintain knowledge of the current security threats and actors and their relevance to the City by monitoring reports and intel sources;
• Build metrics utilizing a data security approach to gain insight into attacks and responses to incidents within the City of New York.

Preferred Skills
The preferred candidate should possess the following:
• An active knowledge of current trends in computer security, software/hardware vulnerabilities;
• A general knowledge on security fundamentals and an inquiring mind;
• An active interest in current security research;
• Knowledge in network analysis, host analysis and IDS/IPS technology.

Minimum Qualification Requirements:
Selected candidates must be enrolled in a degree bearing program
 
SPECIAL NOTE
Due to the current COVID-19 crisis, this opportunity will be remote. Internship will be unpaid and interns must show proof of their university giving academic credit or funding from their university or authorized 3rd party. The length of this part or full time,17 up to 35 hour per week internship will be no longer than 12 weeks. 
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Lurie Children's Hospital of Chicago

IT Security Analyst

Chicago, IL
SOC / Threat Intel
FULL-TIME
Jul 7
Premier

Overview

The IT Security Analyst is primarily responsible for the implementation and support of enterprise security for both the data and technology infrastructure utilized by Lurie Children's Hosptial thereby ensuring that Lurie Children's maintains a protected Information Technology (IT) infrastructure. Therefore this individual is must be literate in current security practices, threat awareness, and other applications of the security process to the organization's needs. Knowledge of Cisco, Microsoft, and other client/server network and application technologies is also needed as the security infrastructure exists in support of these systems and applications. This position performs tasks in association with IM application and network systems teams and is expected to perform in a consultative fashion to all parties regarding information security related IT issues. Duties may be performed directly or coordinated with external technology and/or service partners. The IT Security Analyst is expected to be self-directed and perforn responsbilities with minimal supervision.

 

Responsibilities

1. Advises management of potential IT security threats and mitigation strategies.

2. Functions as a technical lead on multiple IT security systems and infrastructure projects.

3. Maintans Cisco and other technology vendors wired and wireless network security equipment and software. a. Reviews multiple metrics, correlates anomalies that impact multiple systems, determines root causes, and implements corrective action. b. Performs security troubleshooting and analysis utilizing Network General Sniffer and other inspection tools c. Works with the IT Security Analyst SR, IT Network Engineer /Engineer and the Manager of IT Security for policy and design needs related to network infrastructure security.

4. Performs a backup role for the IT Network Engineer(s) as needed.

5. Participate in other department or organizational project tasks as required.

6. Completes assigned Help Desk support tickets within IM Department standards

7. Serves as liaison to vendors for equipment and software maintenance

8. Develops and documents procedures covering all aspects of enterprise-wide security infrastructure

9. Performs ongoing capacity and performance planning for enterprise security infrastructure and related technologies.

10. Assumes on-call responsibility for data center equipment operations, per the schedule.

11. Performs other duties as assigned.

 

Qualifications

1. Comprehensive knowledge of Cisco and other security and network technologies: a. 1-3 years of experience working with of the following IT security functions: VPN, firewall, anti-virus protection, two-factor authentication, intrusion detection, disk/file encryption, vulnerability assessments and mitigation, risk assessments, platform hardening, and incident response/reporting. b. 1-3 years of experience working with Microsoft, HP-UX, Solaris, and Windows client/server based equipment/operating systems and applications in a complex enterprise network environment highly desired. c. 1-3 years experience with the following technologies desired: Cisco ASA firewall/VPN, Cisco Secure IDS, Cisco MARS, Microsoft AD, RSA SecureID, Websense Internet monitoring and MacAfee Webshield appliance. d. 1-3 years experience with enterprise wireless technology and security.

2. Education: Bachelor's Degree in Information Systems/Technology/Computer Science (or equivalent work experience).

3. Certifications in the following technologies a plus: CCSP certification (Cisco Certified Security Professional), CISSP (Certified Information Systems Security Professional) and/or MCSA (Microsoft Certified Systems Administrator) or MCSE (Microsoft Certified Systems Engineer) with security specialization.

4. Demonstrated project management skills from a team member role.

5. Programming or scripting skills necessary to assist in server and client management tasks highly desired.

6. Analytical thinking for effective problem determination and correction within the department and in the user community is essential. The ability to work independently, make decisions under pressure, while providing timely and responsive services are the keys to this position.

7. Excellent time and project management skills, customer service and interpersonal skills, system diagnostic and communication (written and oral) are critical for success in this position.

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Microsoft

Cyber Security Analyst II

Reston, VA
SOC / Threat Intel
FULL-TIME
Jul 2
Premier

Core Services Engineering builds and manages the critical products and services that Microsoft runs on. We boldly pursue big ideas that power transformational advances at Microsoft and for our customers, while helping Microsoft teams work smarter, faster, and more securely every day. Core Services Engineering employees have deep technical and business expertise, customer insights, and a clear point of view that comes from first-hand, large-scale experience with Microsoft and industry solutions. We are engineers, technology leaders and experts, digital transformation change agents, and customer advocates. We have exciting opportunities for you to innovate, influence, transform, inspire and grow within our organization and we encourage you to apply to learn more! The Digital Security and Risk Engineering (DSRE) team is looking for a seasoned Security Engineer to work as a Cyber Security Analyst in the Cyber Defense Operations Center (CDOC) focusing on detection, investigation & response of threats against the Microsoft Enterprise. The candidate should be a highly motivated self-starter with attention to detail who can operate in a complex, dynamic environment. This work requires real-time problem solving, technical curiosity, excellent judgement, and strong communication skills. In this role you will have the opportunity to work on cybersecurity issues as part of a dynamic and high-impact team.  We use advanced security technologies, extensive automation, and procedures to protect, detect and respond to security threats in real-time.  In addition to day to day responsibilities, you will inform security initiatives across the company.  You will analyze, contain, and mitigate threats and escalations from multiple sources, both internal and external.  You will be involved in the building and tuning of a wide variety of advanced security detections, conducting detailed and comprehensive investigations, and driving issues to closure.  You will also contribute to developing innovative automation and orchestration solutions for detection and response.  Finally, you will collaborate with security partners and Microsoft security product groups to improve our security posture.

Responsibilities

As a member of the DSRE SOC Investigations team your primary responsibilities would include: 

  • Detect and respond to advanced threats, actor techniques, anomalous or suspicious activity, combined with intelligence, to identify potential and active risks to systems and data
  • Conduct detailed comprehensive analysis and investigation on a wide variety of security events and implement containment and mitigation processes
  • Collaborate with internal security partners and threat intelligence teams to derive indications and warnings of impending threat
  • Use security business intelligence to drive prioritization and improvements within Microsoft security programs
  • Assist in the build, deploy, and tune process of scalable systems that automate security event detection, response, and repeatable tasks
  • Keep up to date on emerging vulnerability, response, mitigation, threat landscape trends and use this knowledge to drive proactive threat monitoring
  • Participate in creating innovative ways to use a wide range of security event data to advance detection methods
  • Work with security engineering teams to validate detection effectiveness using a data-driven approach ant to identify detection gaps and improvements
  • Mentor and provide guidance to junior team members in technical detection and response best practices
  • We handle active security events and respond to threats from a variety of sources, you will be required to participate in shift and on call rotation

Qualifications

Required Qualifications

  • 2+ years of hands-on experience in either security operations, threat detection and analysis, incident response and secure network design
  • Deep understanding of system internals and hardening in one or more of the following: Windows, Linux, macOS operating systems
  • Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings:
    • Citizenship Verification: This position requires verification of US Citizenship to meet federal government security requirements
    • Candidates must have an Active Top Secret clearance and be willing to upgrade to TS/SCI (with polygraph) or have an Active TS/SCI and be willing to upgrade to TS/SCI (with polygraph). This role will require candidates to maintain the TS/SCI (with polygraph) clearance.
    • Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter 

 Preferred Qualifications: 

  • Experience correlating across very large and diverse datasets (Azure Data Lake, Azure Data Explorer, Cosmos DB)
  • Experience working with SQL-based databases, Kusto, Log Analytics
  • Experience in analyzing a wide variety of network and host security logs to detect and resolve security issues
  • Understanding of common threat analysis model’s such as the Diamond Model, Cyber Kill Chain, and MITRE ATT&CK
  • Demonstrated knowledge of common/emerging attack techniques
  • Background in malware analysis
  • Experience working within a diverse organization to gain support for your ideas; Seeks to leverage work of others to increase effectiveness
  • Ability to effectively multi-task and prioritize in a fast-paced environment
  • Demonstrates maturity and leadership qualities when dealing with conflicting views and difficult conversations 

 The ideal candidate will have experience in a team environment, experience with security operations and technical depth in information security domains like authentication, incident response, security monitoring or threat intelligence.  In addition, experience in development of security tools and automated investigations to support response operations is highly desirable. 

 

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Leidos

Jr. Cyber Security Analyst

St. Louis, MO
SOC / Threat Intel
FULL-TIME
Jul 2
Premier

This position will perform cyber threat intelligence analysis, correlate actionable security events, perform network traffic analysis using raw packet data, net flow, IDS, IPS and custom sensor output as it pertains to the cyber security of communications networks, and participate in the coordination of resources during incident response efforts.  Additionally, this position requires rotating shift work.

PRIMARY RESPONSIBILITIES:
•Review DoD and open source intelligence for threats.
•Identify Indicators of Compromise (IOCs) and integrate those into sensors and SIEMs.
•Triage alerts to identify malicious actors on customer networks.
•Report incidents to customers and USCYBERCOM.
•Motivated self-starter with strong written and verbal communication skills, and the ability to create complex technical reports on analytic findings.

BASIC QUALIFICATIONS:
•Bachelor's degree and less than 2+ years of prior relevant experience; additional work experience or Cyber courses/certifications may be substituted in lieu of degree.
•DoD 8570 IAT II prior to starting and CSSP-A Certification within 180 days of hire.
•CND experience (Protect, Detect, Respond and Sustain) within a Computer Incident Response organization or Security Operations Center.
•Demonstrated understanding of the life cycle of network threats, attacks, attack vectors and methods of exploitation with an understanding of intrusion set tactics, techniques and procedures (TTPs). 
•Demonstrated understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elements.
•In-depth knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform (e.g. Nitro/McAfee Enterprise Security Manager, ArcSight, QRadar, LogLogic, Splunk).
•Experience and proficiency with any of the following: Anti-Virus, HIPS, ID/PS, Full Packet Capture, Host-Based Forensics, Network Forensics.
•Experience with malware analysis concepts and methods.
•Unix/Linux command line experience.
•Scripting and programming experience.
•Familiarity or experience in Intelligence Driven Defense and/or Cyber Kill Chain methodology. 
•Willing to perform shift work.
•Must be a US Citizen.
•Must have an active DoD Secret security clearance.

PREFERRED QUALIFICATIONS:
•Advanced certifications such as SANS GIAC/GCIA/GCIH, CISSP or CASP and/or SIEM-specific training and certification.
•Demonstrated commitment to training, self-study and maintaining proficiency in the technical cyber security domain.

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Boeing

Cyber Security Specialist

Los Angeles, CA
Risk & Compliance
FULL-TIME
Sep 28
Premier

Job Description

At Boeing, we innovate and collaborate to make the world a better place. From the seabed to outer space, you can contribute to work that matters with a company where diversity, equity and inclusion are shared values. We’re committed to fostering an environment for every teammate that’s welcoming, respectful and inclusive, with great opportunity for professional growth. Find your future with us.

Boeing Security is seeking a detail-oriented and self-motivated Mid-Level Cyber Security Specialist to support Department of Defense (DoD) and Special Access Program (SAP) activities. This position will be located in El Segundo, CA, Seal Beach, CA, or Huntington Beach, CA.

Position Responsibilities

  • Contributes to the development and deployment of program information security for assigned systems to meet the program and enterprise requirements, policies, standards, guidelines and procedures.
  • Implements Assessment and Authorization (A&A) processes under the Risk Management Framework (RMF), as well as product development and product maintenance for assigned systems.
  • Performs security compliance continuous monitoring (CONMON).
  • Participates in security assessments and audits.

Additional Responsibilities

  • Prepares and presents technical reports and briefings.
  • Contributes to the identification of root causes, the prioritization of threats, and recommends/ implements corrective action.
  • Provides mentoring and technical leadership within the information security program team.
  • Explores the enterprise and industry for the evolving state of industry knowledge and methods regarding information security best practices.
  • Supports development of enterprise-wide information security policies, standards, guidelines and procedures that may reach across multiple stakeholder organizations.

This position requires an active Secret U.S. Security Clearance. (A U.S. Security Clearance that has been active in the past 24 months is considered active.)

Basic Qualifications (Required Skills/Experience):

  • Current IAM Level 1 DoD 8140.01 (previously 8570.01) compliant certification or higher (i.e. CAP, GSLC, Security+ CE, CISSP, CASP, CISM, GSLC)
  • 1+ years of experience in utilizing security relevant tools, systems, and applications in support of Risk Management Framework (RMF) to include: NESSUS, ACAS, DISA STIGs, SCAP, Audit Reduction, and HBSS

Preferred Qualifications (Desired Skills/Experience):

  • Experience working within the National Industrial Security Procedures and Operations Manual (NISPOM)
  • Experience in policies and implementation of Risk Management Framework (RMF)

Typical Education & Experience:

Education/experience typically acquired through advanced technical education (e.g. Bachelor) and typically 5 or more years' related work experience or an equivalent combination of technical education and experience (e.g. Masters with 3 years' related work experience, PhD with 1+ years' related work experience, etc.).

Relocation:

This position does not offer relocation.  Candidates must live in the immediate area or relocate at their own expense.

Employee Referral:

Referral to this job is eligible for bonus.

Drug Free Workplace:

Boeing is a Drug Free Workplace where post offer applicants and employees are subject to testing for marijuana, cocaine, opioids, amphetamines, PCP, and alcohol when criteria is met as outlined in our policies.


Experience Level
Individual Contributor
Contingent Upon Program Award
No, this position is not contingent upon program award

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Church Mutual Insurance

Cybersecurity Intern

Merrill, WI
Risk & Compliance
INTERN
Aug 30
Premier

Overview

Church Mutual's Internship Program runs the day after Memorial Day through mid August, when students return to school. During the 12 week internship, the Cybersecurity Intern will have the opportunity to work on important assignments, gain insight into the business of Cybersecurity, and use your academic knowledge and match your interests to a job.  As an Cybersecurity intern at Church Mutual, you will work alongside our trained professionals, learning and applying valuable skills. 

 

Responsibilities

The typical Intern is an undergraduate who will handle projects normally performed by an entry-level, professional employee.  Assignments can include: identity governance, security risk analysis and assessment, network boundary defense and intrusion detection, security awareness campaigns, vulnerability assessment, process management, and security incident handling.  As an intern, you will have the opportunity to network with senior leaders and participate in a variety of training and development activities.  Interns are valued members of our team and will make immediate and lasting contributions to our company’s success

Qualifications

  • Working towards a Bachelor's Degree in Computer Science, Computer Engineering, Computer Information Systems, Management Information Systems, Information Technology, Mathematics, or other related technical programs
  • Strong technical, analytical, communication, and organizational skills
  • At least one course in, or equivalent knowledge of, the Java programming language
  • Minimum 3.0 cumulative GPA
  • Preferred candidates will be entering Junior or Senior year status in Fall of 2021
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
FireEye

Compliance Analyst Intern

Reston, VA
Risk & Compliance
INTERN
Aug 29
Premier

Company Description

FireEye is the leader in intelligence-led security-as-a-service. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant® consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. FireEye has over 7,500 customers across 67 countries, including more than 50 percent of the Forbes Global 2000.

Job Description

The Governance and Compliance team is a critical part of the larger FireEye Security team. The team is responsible for performance of internal audits and assessments, external audit coordination, policy management, business continuity management and third-party management.

As a Compliance Analyst on the Governance and Compliance team, you will use your acumen, customer service skills, and cybersecurity knowledge to assess the internal control environments within FireEye and participate in vendor management due diligence activities. You will work with a great team of professionals who will provide you the guidance and support you will need to be successful in our shared goal of supporting our internal and external customers to meet today’s complex regulatory and security requirements.

What You Will Do:

·       Interact with our internal customers, internal and external auditors to identify, scope, and evaluate the effectiveness of internal controls

·       Conduct vendor risk assessments

·       Assist with business continuity and disaster recovery documentation and associated testing exercises

·       Be responsible for documenting and tracking your work within internal web-based tools

·       Develop a deep understanding of FireEye products and services

·       Exemplify industry-leading customer support skills and deliver positive customer experience

Qualifications

Requirements:

·       Bachelor’s degree in a technical field or working toward such degree, with at least 3 years of completed post-secondary education

·       Experience with cyber security tools, technology and best practices

·       Experience working in customer facing environment

·       Experience fielding questions and requests from customers, and providing timely and comprehensive responses

 

Additional Qualifications:

·       Demonstrated aptitude and desire to learn new technologies and services

·       Ability to ramp up quickly in learning the portfolio of FireEye services and products

·       Problem solver with keen attention to detail

·       Excellent written and verbal communication skills

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Grant Thornton

IT Audit Associate

New York, NY
Risk & Compliance
FULL-TIME
Aug 23
Premier

Description

IT Audit Associate - NYC

Grant Thornton LLP (Grant Thornton) is the U.S. member firm of Grant Thornton International Ltd, one of the world’s leading organizations of independent audit, tax and advisory firms. We’ve never been a typical professional services firm. We put people first, and that is what sets us apart.

As one of the fastest-growing professional services firms in the world, Grant Thornton LLP is continuously seeking top talent. Discover a place where you’ll work with a team of professionals dedicated to providing bold leadership and distinctive client service. Spend each day engaged in meaningful and challenging work. Be supported in your professional growth and recognized for your contributions.


Position Summary

An IT Assurance Associate is responsible for delivering a full range of IT audit services to our clients. Responsibilities include testing and assessment of information systems control review engagements in support of financial statement audits.

Qualifications

 Essential Duties and Responsibilities

  • Evaluate and test IT controls and identify areas of risk.
  • Apply current knowledge of IT trends and systems processes to identify security and risk management issues, as well as other opportunities for overall process improvement.
  • Maintain professionalism and rapport with the client. Proactively interact with key client management to manage expectations, help ensure client satisfaction, meet client deadlines, and resolve any problems.
  • Gain a comprehensive understanding of assigned client operations, processes and business objectives, and then utilize that knowledge on assigned engagements.
  • Participate in recruiting efforts as needed.
  • Meet or exceed IT Assurance metrics (e.g. – billable hours, CPE, time delinquencies, etc…)
  • Participate in other business development activities as appropriate
  • Other duties as assigned.

Experience Requirements

  • Bachelor's degree in Accounting, Finance, Information Technology, MIS or related field. A Master’s degree is a plus.
  • Desire to pursue CPA, CISA, CISSP, CIA or CISM license/certification.
  • Some related work experience in public accounting or equivalent delivering controls based services, auditing Information Technology General Controls (ITGC’s.) in support of financial statement audits to cross-industry clients and technologies. An understanding of generally accepted practices for testing Key Reports, and Application Controls a plus.
  • Information Security experience or information security training is required.
  • Exceptional client service and communication skills.
  • Strong technical aptitude and problem solving skills
  • Excellent analytical, communication (written and verbal) and interpersonal skills.
  • Effective project and time management skills for handling multiple priorities and simultaneous projects
  • Enthusiasm to learn through a combination of structured, on-the-job and self-directed training
  • Ability to work efficiently and effectively in a complex team environment
  • Strong computer skills including proficiency in Microsoft Office suite applications.
  • Ability to work additional hours and/or travel as needed.
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Focal Point Data Risk LLC

IT Audit Intern

Orlando, FL
Risk & Compliance
INTERN
Aug 4
Premier

Overview

At Focal Point, we’re committed to ensuring the health and safety of our employees, clients, and communities. At the moment, our interview and employee onboarding processes are entirely virtual, as all of our offices are temporarily closed. As conditions change, we will update our process to ensure that our job candidates and employees can have a safe, productive, and mutually beneficial interview experience. To learn more about Focal Point’s response to the current public health crisis, please visit: https://focal-point.com/covid-19-response/.

 

Who We’re Searching For: 

The IT Audit Intern is responsible for the execution of field work on client engagements. Working within the practice office, the IT Audit Intern will collect data, test audit evidence and processes, and document the associated procedures according to Internal Audit guidance. This role interacts with various team members and requires attention to audit details and will work closely with Managers and Directors to keep projects focused and on schedule.

Responsibilities

What You’ll Get to Do:

  •  Assist team members in documenting IT processes, compliance with policies and procedures, and comparison to leading practices within IT departments
  • Perform specific audit procedures, tests and analyses, including those that support requirements regarding Sarbanes-Oxley (SOX) compliance
  • Assist in the execution of an audit program for the testing of IT controls across various platforms and application environments
  • Gain exposure to Internal Audit methodology and standards through participation at various project activities
  • Interacts effectively with co-workers at all levels, to foster and maintain strong working relationships
  • Gain exposure to compliance (Sarbanes-Oxley, PII, etc) and Information Technology technical and operational areas.

Qualifications

What You’ll Need to Succeed:

Minimum Qualifications:

  • Recently graduated with a degree in one of the following:
    • Information Technology
    • Accounting
    • Finance
    • Concentrations in Information Security, Data Analytics, Information Technology
  • Must be available during standard business hours, M-F

         

Preferred Qualifications

  • Holds, or working toward a related professional certification (CIA, CISA, Accounting Designations, etc.)
  • Intermediate to Advanced knowledge of Microsoft Office Suite
  • Strong written and oracle communication skills
  • Strong problem-solving and analytical skills
  • Previous experience as an audit intern, or related role
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
RSM

2021 Security & Risk Intern

New York, NY
Risk & Compliance
INTERN
Jul 29
Premier

We are currently looking for Consultants for our Security, Privacy and Risk Consulting practice. The candidate will work with teams of security and privacy staff in a wide variety of systems environments.  Our Security, Privacy and Risk Consulting team serves the Information Security and Data Privacy related needs of our clients. This team assists clients with selecting, improving, controlling, securing, managing and monitoring the appropriate systems to address their information needs.  We serve a diverse base of clients in a variety of industries, and understanding how technology impacts the operation and growth of organizations is what we do best. 

As a Consulting Associate, you will jump start your career through a comprehensive training and development program where you will be exposed to all our Consulting Solution Practices. This training will include:  

Consulting process, tools and methods 
Client engagement economics 
Presentation and business writing skills 
Examples of candidate's responsibilities include: 
Assess security of client networks, hosts, and applications 
Determine technical, business impact and likelihood of identified security issues and provide remediation guidance to clients 
Perform analysis and testing to verify the strengths and weaknesses of mobile and web applications and web services (SOAP, WSDL, UDDI) 
Perform Internet penetration testing using blackbox and whitebox methodologies 
Review application code, system configurations and device configurations using manual and automated techniques 
Measure and report clients’ compliance with established industry or government requirements 
Work with RSM consulting professionals with a variety of credentials including Certified Ethical Hacker (CEH), Certified Information Systems Security Professionals® (CISSP®); Certified Information Systems Auditor® (CISA®) and Certified Information Security Manager® (CISM®) 

Basic Qualifications: 

Minimum B.A. or B.S. degree or equivalent from an accredited university by the time employment commences with a major in Computer Science, Information Technology, Information Systems Management, Information Security or other similar degrees 
Technical background in computer science and related fields 
Strong knowledge  of computer network technologies, protocols and topologies 
Software development, programming and/or scripting experience (Perl, Python, C, Java, PHP, ASP, etc.) 
The ability to interpret and convey technical information through written and oral communications to all levels of technical aptitude, including senior management 
High degree of integrity and confidentiality, as well as ability to adhere to company policies and best practices 
Possess a strong internal drive and motivation for continuous improvement 
A minimum 3.0 GPA is preferred 

Preferred Qualifications: 

Practical hands-on or lab experience with IT infrastructure components such as servers, firewalls, IDS systems and other network infrastructure components 
Practical hands-on or lab experience  with security applications, such as a AppScan, Metasploit, BurbSuite, Nessus, Social Engineering Toolkit, Kali Linux, etc., or other commercial and public domain security tools 
Operating system configuration and security experience (HP-UX, Linux, Solaris, AIX, etc.) 
Configuration and security experience with web servers and web applications (Apache HTTP/Tomcat, Microsoft IIS, Sun One, Oracle iPlanet, IBM WebSphere, etc.) 
Database Configuration and Security experience (MySQL, Microsoft SQL, IBM DB2, Sybase, Oracle, etc.) 
Familiar with security testing techniques such as network discovery, port and service identification, vulnerability scanning, network sniffing, fuzzing, penetration testing, configuration reviews, firewall rule reviews, social engineering, wireless penetration testing and password cracking 

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Paypal

Risk Management Intern

New York, NY
Risk & Compliance
INTERN
Jul 29
Premier

Fueled by a fundamental belief that having access to financial services creates opportunity, PayPal (NASDAQ: PYPL) is committed to democratizing financial services and empowering people and businesses to join and thrive in the global economy. Our open digital payments platform gives PayPal’s 305 million active account holders the confidence to connect and transact in new and powerful ways, whether they are online, on a mobile device, in an app, or in person. Through a combination of technological innovation and strategic partnerships, PayPal creates better ways to manage and move money, and offers choice and flexibility when sending payments, paying or getting paid. Available in more than 200 markets around the world, the PayPal platform, including Braintree, Venmo and Xoom enables consumers and merchants to receive money in more than 100 currencies, withdraw funds in 56 currencies and hold balances in their PayPal accounts in 25 currencies.

At PayPal, we’re literally reinventing how the world pays and gets paid. We understand that it’s about people. We connect individuals to let them shop, get paid, donate, and send money using today’s technology with the confidence that comes from the security and control PayPal enables. Are you ready to help us change the world? The world’s leading payments company, PayPal, brings together a family of brands that are revolutionizing the way people move money. At PayPal, you will be immersed in an amazing community with a vibrant culture that thrives on innovation, collaboration, inclusion, and wellness. A successful candidate will join the world’s top risk talents in solving some of the most challenging problems in a collaborative global environment that promotes learning and rewards innovation.

Risk Management Professionals at PayPal are highly motivated team players who specialize in analyzing fraud patterns and creating and adapting advanced fraud prevention mechanisms while focusing on the customer’s experience. Our scientists overcome challenges presented by big data, evolving fraud techniques and new payment technologies, by leveraging deep expertise in data analysis, advanced algorithms and story-based analytics. Ideal candidates are problem solvers, equipped with strong analytical skills, suited to approach varied challenges in complex environments. Adept at creative and critical thinking, they can deconstruct problems and transform personal insights into large scale, state-of-the-art solutions.

We work in a space that looks deeply into emerging fraud trends and the facilitation of opportunities that help the business in fueling growth and strategic decisions. You will be able to do it all in a collaborative environment that values your insight, encourages you to take on new responsibility, promotes continuous learning, and rewards innovation. You will join a global team that is multi-disciplinary with a broad spectrum of industry experiences and deep analytical and quantitative expertise.

Key Responsibilities:

  • Provide analytical insights into emerging problems, trends and portfolios
  • Work closely with business partners and stakeholders to determine how to design analysis and measurement approaches that will significantly improve our ability to understand and address emerging business issues
  • Bring data to life making it actionable and relevant to stakeholders through exploratory analysis of internal and external data sources using advanced and innovative analytical techniques, algorithms, and tools
  • Provide regular updates to leadership, peers and other stakeholders that will simplify and clarify complex concepts and results of analyses with emphasis on actionable outcomes and impact on the business

Basic Requirements:

  • Must be pursuing a Bachelor’s or Master’s degree in Computer Science, Math or related field from an accredited college or university
  • Proven ability to work independently and make good decisions with minimal direction
  • Strong communication skills (both verbal and written)
  • Strong analytical skills – analyze complex data, draw accurate conclusions, and make business recommendations
  • Strong working knowledge of Microsoft applications, Excel, PowerPoint, Access and Word – familiarity working with SQL
  • Experience in at least one data visualization tool (Tableau, Qlikview) will be a plus
  •  Proven ability to lead project(s) to conclusion within assigned timelines
  • Ability to approach problems in a quantitative and qualitative manner, and partner with the business to understand their needs and drive solutions
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Rich Products Corporation

Cybersecurity Intern

Buffalo, NY
Risk & Compliance
INTERN
Jul 28
Premier

Rich’s, also known as Rich Products Corporation, is a family-owned food company dedicated to inspiring possibilities. From cakes and icings to pizza, appetizers and specialty toppings, our products are used in homes, restaurants and bakeries around the world. Beyond great food, our customers also gain insights to help them stay competitive, no matter their size. Our portfolio includes creative solutions geared at helping food industry professionals compete in foodservice, retail, in-store bakery, deli, and prepared foods, among others. Working in 100 locations globally, with annual sales exceeding $4 billion, Rich’s is a global leader with a focus on everything that family makes possible. Rich’s®—Infinite Possibilities. One Family.

PURPOSE STATEMENT

This Cybersecurity intern will work with the Global Digital Risk Management Team.  Objectives include documenting various business processes and data flows with a focus on identifying digital assets and intellectual property.

KEY ACCOUNTABILITIES/OUTCOMES
  • Additional responsibilities include; working with and supporting a variety of business application security assessments and reviews to support a variety of new, updated and cloud application requests.  
  • The intern will actively participate in the application security review process and support an initiative to improve automation of this process. 
  • Learning opportunities include business facing analysis, documenting process flows, and creating and presenting formal responses to key business partners. 
  • Identifying the controls and conditions required to mitigate digital risk.
  • As a secondary learning initiative, the intern may participate in a Policy & Standard initiative that involves creating, updating, standardizing, & publishing policies to support a ISO27001 standard. 
  • The Intern may participate in the creation of a structured Governance Risk and Compliance process.
KNOWLEDGE/SKILLS/EXPERIENCE
  • Must be enrolled in an accredited institution, pursuing a bachelor’s or Masters’ degree in Cybersecurity, Information security, Information Assurance, or related field
  • Proficiency in Microsoft Office 
  • Excellent communication and inter-personal skills
  • Ability to analyze and document data process flows and identify vulnerabilities and risk.
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Palo Alto Networks

Senior / Staff CyberSecurity Engineer

Santa Clara, CA
Risk & Compliance
FULL-TIME
Jul 22
Premier

Our Mission At Palo Alto Networks® everything starts and ends with our mission: protecting our way of life in the digital age.. We have the vision of a world where each day is safer and more secure than the one before. These aren’t easy goals to accomplish – but we’re not here for easy. We’re here for better. We are a company built on the foundation of challenging and disrupting the way things are done, and we’re looking for innovators who are as committed to shaping the future of cybersecurity as we are. Your Career Palo Alto Networks is looking for a talented Cybersecurity / Linux Engineer (PKI ) who will be responsible for maintainability of our customer facing PKI infrastructure. As senior technical staff, you will support Tier-3 engineering for PKI domain and related technologies. The ideal candidate enjoys working in a fast-paced environment with highly innovative technologies. You will make a big impact in this highly visible role by building PKI as a service offering for our customers! Your Impact • Implementing and supporting globally distributed customer-facing PKI infrastructure service, including scalability, capacity planning, redundancy, and resiliency. • Work on disruptive technologies creating PKI as a global service. • Provision, configure & support resilient hybrid cloud deployment architecture, while maintaining availability and performance SLAs based on business and product requirements. • Contribute to documentation related to Certificate Practice Statement (CPS), including areas of design, deployment, validation, operations and DR/BCP. • Design proactive service monitoring, alerting and trend analysis of underlying infrastructure, and support the operations team in implementation. • Collaborate and partner with cross-functional development teams to define technical requirements for implementation and adoption of X.509 certificate usage with Palo Alto Networks products and Cloud services and develop automation and integration methods with PKI solution. Your Experience • Design and performance tuning for Linux infrastructure and API in-depth knowledge of multi-tier web applications. • 5-10 years of hands-on Linux experience in managing and supporting Linux server infrastructure in CentOS/RHEL/Ubuntu. • Willing to learn about installation and management of OCSP and HSM solutions. • In-depth knowledge of Certificate Lifecycle Management • Must be able to collaborate between engineering and IT teams for our PKI services. • Strong technical writing skills to support required documentation. • Must be comfortable with Ansible, Chef or similar configuration management tool to manage infrastructure as code and source code control systems such a GIT or SVN. • Experience with Thales(SafeNet) HSMs is a plus. • Fluent in security & system hardening • Passion, drive, energy, a sense of humor and a great attitude! • BA/BS in Computer Science, Information Technology or the equivalent combination of work experience required. The Team Working at a high-tech cybersecurity company within Information Technology is a once in a lifetime opportunity. You’ll be joined with the brightest minds in technology, creating, building, and supporting tools that enable our global teams on the front line of defense against cyberattacks. We’re joined by one mission – but driven by the impact of that mission and what it means to protect our way of life in the digital age. Join a dynamic and fast-paced team that feels excitement at the prospect of a challenge and feels a thrill at resolving technical gaps that inhibit productivity. Our Commitment We’re trailblazers that dream big, take risks, and challenge cybersecurity’s status quo. It’s simple: we can’t accomplish our mission without diverse teams innovating, together. To learn more about our dedication to inclusion and innovation, visit our Life at Palo Alto Networks page and our diversity website. Palo Alto Networks is an equal opportunity employer. We celebrate diversity in our workplace, and all qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or other legally protected characteristics. Additionally, we are committed to providing reasonable accommodations for all qualified individuals with a disability. If you require assistance or an accommodation due to a disability or special need, please contact us at accommodations@paloaltonetworks.com.

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Federal Reserve Bank of Minneapolis

IT/Audit Examiner

Minneapolis, MN
Risk & Compliance
FULL-TIME
Jul 22
Premier

The open role will have responsibility for supporting and executing the Reserve Bank’s supervisory plan of Ameriprise Financial, Inc. (Ameriprise). The successful candidate for this role will have the opportunity to actively participate in high profile inspection activities through assessment of the firm’s IT risks and risk management along with the firm’s internal audit program. This includes, for example, evaluating the effectiveness of the institution’s IT risk identification and control validation processes, governance and oversight, information/cyber security program, business continuity/resiliency, and the effectiveness of internal audit oversight and plan execution.

Ameriprise, headquartered in Minneapolis, Minnesota, is a holding company with $13 billion of annual revenue and $973 billion of assets under management and administration at year-end. Ameriprise offers a wide array of wealth management products and services for individuals including financial planning, managed accounts, life insurance, annuities, and estate planning. It also provides institutional asset management services, including a large family of mutual funds that it offers through affiliates and third parties.

Responsibilities:

  • Leads and manages supervisory events, including determining scope, rating, resource needs, and work assignments.
  • Drafts, reviews, organizes, verifies, and evaluates supervisory event documents prepared by self and others.
  • Communicates, describes, supports, and discusses findings of supervisory events with Reserve Bank and supervised institution management.
  • Analyzes supervised institution performance regarding laws, regulations, and regulatory policies and supports conclusions about overall status of supervised institution.
  • When in a leadership role on an examination, provides training, work direction, and feedback to assisting examiners.
  • Ensures effective supervision of a risk area(s) Ameriprise specific to Information Technology, cyber security, and/or internal audit. The supervision includes: preparing a comprehensive and independent risk assessment; developing, documenting and implementing a supervisory strategy; following up on examination findings and enforcement actions; and conducting ongoing monitoring.
  • Develops and maintains productive working relationships with management at Ameriprise through regular and in-depth discussions to understand changes in strategy, issues, and challenges facing the institution.
  • Maintains effective communication with Ameriprise, the Board of Governors, and Reserve Bank management related to various institution developments, examination findings, changes in major product lines and in risk characteristics.
  • Seeks out and participates in opportunities, including assisting with System or Reserve Bank special projects.
  • Safeguards equipment, sensitive data, and resources according to the SRC Information Security and Data Handling Handbook.
  • Handles records in accordance with the System Records Retention Manual compliance plan.
  • Performs other duties as assigned.

Qualifications:

  • Bachelor's degree in a related field.
  • Examiner credentials. In lieu of examiner credentials, specialized expertise in complex examinations areas as determined by SRC Management.
  • Examiner: At least 4 years of financial services, banking regulations, examinations, and/or expertise in a financial services or other relevant specialty.
  • Senior Examiner: Substantial related experience (6 years) in financial services, banking regulations, examinations, and/or a high level of expertise in a financial services or other relevant specialty.
  • Strong written, verbal, and interpersonal communication skills.
  • Strong analytical skills and detail-orientation.
  • Ability to travel up to 25%.
  • Valid driver’s license with acceptable driving record.
  • Eligible to obtain Examiner or Special Examiner credentials. An acceptable statement of financial interest is required.

Preferred Qualifications:

  • Strong IT experience in areas such as information/cyber security, vendor risk management and/or business continuity planning.
  • Audit or risk management experience in IT or related field.
  • CISA and/or CISSP certification.
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Intercontinental Exchange

Information Security Analyst, GRC

Atlanta, GA
Risk & Compliance
FULL-TIME
Jul 20
Premier
The ICE Information Security Analyst is part of a team responsible for the global Information Security program. This position requires technical proficiency as well as an eager attitude, professionalism, and solid communication skills.
 
Responsibilities
  • Security Metrics – Uses automated and manual processes to produce regular reports communicating the status of the Information Security program
  • Policies and Standards – Maintains corporate Information Security policies and departmental standards and maps them to relevant control standards
  • Regulator, Audit, and Customer Inquiries – Organizes and updates departmental documentation and responds to inquiries in an organized and repeatable fashion
  • Re-certification – Operates periodic processes to ensure hire and termination protocols are complied with and regular access reviews are conducted 
  • Security Awareness – Builds and maintains company awareness and education programs
  • Risk Assessment – Builds and operates the company platform to document, measure, and report assessments, risks, controls, findings, and remediation activity
 
Knowledge and Experience
  • 0 – 3 years of relevant experience
  • University degree in Engineering, MIS, CIS, or related discipline
  • Hands-on experience with Systems Administration and/or IP Networking
  • Experience with Regulatory Compliance
  • Experience in an exchange, trading facility, or financial services
  • Advanced certifications including CISSP
  • Advanced technical writing and/or communication education and experience
Specific Technologies:
 
Excel, Workflow automation tools, Data collection, normalization, indexing, correlation, and visualization.  Scripting, regular expressions, string-parsing, light SDLC, and project management.  NIST Cyber Security Framework, CIS, Archer and competitive GRC Platforms.
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.