• Architects and authors System Security Plans (SSPs). • Develops and manages the Plan of Action and Milestones (POAM). • Drafts all formal security policies. • Designs and facilitates annual Incident Response (IR) and Disaster Recovery (DR) tabletop drills. • Leads the Evidence Collection phase, verifying compliance with C3PAO auditor standards. • Maintains a working knowledge of laws and regulations to ensure adherence.

Porter is hiring for a Cybersecurity Analyst - come join the team! The Cybersecurity Analyst will be responsible for monitoring, analyzing, and responding to security incidents. This role involves identifying vulnerabilities, implementing security measures, and ensuring compliance with industry standards. Your Impact at Porter The Cybersecurity Analyst will be responsible for monitoring, analyzing, and responding to security incidents. This role involves identifying vulnerabilities, implementing security measures, and ensuring compliance with industry standards. Key Responsibilities: · Monitor network traffic for security incidents and anomalies. · Conduct vulnerability assessments and penetration testing. · Investigate security breaches and other cybersecurity incidents. · Develop and implement security policies and procedures. · Collaborate with IT and other departments to enhance security measures. · Stay updated with the latest cybersecurity trends and threats. · Accountable for SOC-2 and HIPAA compliance through Vanta · Prepare reports and documentation on security incidents and findings. · Provide training and support to staff on cybersecurity best practices. What You’ll Need to Make Your Impact · Bachelor's degree in Computer Science, Information Technology, or related field. · Proven experience in cybersecurity or related roles. · Strong understanding of network protocols, firewalls, and intrusion detection systems, and Security Information and Event Management systems. · Familiarity with cybersecurity frameworks (e.g., NIST, CIS, ISO 27001). · Experience with Rapid7 · Experience with AWS and Microsoft Office 365 required. · Healthcare experience and HIPAA framework is a plus. · Excellent problem-solving and analytical skills. · Strong communication skills and ability to work in a team environment. · Relevant certifications (e.g., CISSP, CEH, CompTIA Security+) are a plus. $105,000 - $117,000 a year Benefits of Working with Porter: · Medical, dental and vision benefits within 30 days of hire · Paid Time Off: Vacation and Sick Time · Paid Holidays · Equipment Provided · A fun team and special culture

This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more. Role Description As a Cybersecurity & Compliance Analyst, you will play a critical role in safeguarding our company's information systems and ensuring compliance with regulatory standards. You will be responsible for: - Monitoring, analyzing, and responding to security incidents - Conducting risk assessments - Establishing and implementing cybersecurity, information risk management, and compliance best practices - Implementing controls to protect sensitive data This role is fully remote. Specific location details and expectations will be discussed during the interview process. Qualifications - Bachelor’s degree in Information Technology, Information Security, Cybersecurity or related field and/or equivalent experience - 3+ years of progressively more responsibility in directly related work - Two or more years of experience in utilizing enterprise security or compliance solutions including but not limited to SIEM, Risk Management tools, GRC (Governance, Risk, and Compliance) tools, security detection and response tools, and endpoint security products - Excellent knowledge of Microsoft Purview including Data Loss Protection and other compliance policies - Proven experience in cybersecurity compliance, risk management, and audit processes - Familiarity with common network, system and web application attacks and mitigations - Strong knowledge of regulatory requirements and industry standards related to cybersecurity and Risk Management (e.g., NIST, ISO27701, SOX) - Ability to work effectively in a team environment and in cross-functional teams - Ability to effectively document - Excellent verbal and written communication skills - Energetic, enthusiastic, charismatic Requirements - Develop, implement, and maintain security policies, procedures, and controls to ensure compliance with industry standards and regulations (e.g., NERC CIP, SOX, ISO 27001, etc.) - Evaluate, document, and respond to recommendations or alerts from internal security tools and Managed Security Services Provider - Conduct regular risk assessments and vulnerability scans to ensure the security of the organization's information systems - Assist in the investigation and response to security incidents, ensuring that all actions comply with regulatory requirements - Coordinate with legal and regulatory bodies to ensure the organization remains compliant with evolving cybersecurity laws and regulations - Prepare and present reports on compliance activities, findings, and recommendations to leadership - Assist with the education and training of process/control owners to better understand technology control frameworks and their responsibilities when it comes to data handling - Lead Data Loss Protection (DLP) initiatives, strategies, and controls within the company with the use of Microsoft Purview - Perform security audits and assessments to identify areas of improvement and ensure compliance with regulatory requirements - Assist in responding to external audits by preparing necessary documentation, coordinating with auditors and ensuring that all compliance requirements are met - Maintain up-to-date knowledge of industry standards, regulations, and best practices related to cybersecurity compliance - Recommend and assist with implementation and management of Cybersecurity, Risk Management and Compliance tooling - Support the development and maintenance of a robust cybersecurity governance framework Benefits - Employees (and their families) are eligible for medical, dental, vision, basic life and disability insurance - Employees can enroll in our company’s 401(k) plan - Provided vacation, sick and holiday pay Company Description SOLV Energy is a leading provider of infrastructure services to the power industry, designing, building and maintaining utility scale solar, battery storage and high voltage substation projects nationwide.

This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more. Role Description Candidate will serve as a Principal Security Specialist assigned to the Global Security Services (GSS) Industrial Security Center of Excellence (COE) within the Compliance Team supporting the DoD Self-Inspection Program and other GSS initiatives. Domestic business travel to performance work locations by air periodically to perform peer inspections, attend meetings, or other (estimated up to 25%) is required. Candidate is eligible to perform this role remotely from any location within the United States. - Identify and communicate industrial security processes/best practice standards. - Develop and brief on security awareness, training, and education (SATE) materials. - Understand GSS security processes in all areas related to industrial security. - Compile and conduct data integrity reviews, including preparing performance metrics. - Understand privacy information, company proprietary, third-party information, and controlled unclassified information (CUI) and authorized safeguarding methods to prevent unauthorized access or disclosure. Qualifications - A University Degree or equivalent experience and minimum 5 years prior relevant experience, or an Advanced Degree in a related field and minimum 3 years experience. - Must have at least 5 years of related DoD or Industrial Security experience. - Experience in directly supporting the DoD Self-Inspection program to validate compliance at cleared facilities. - Experience working with the National Industrial Security Program Operating Manual (NISPOM) and other relevant DoD and NSA security guidance. - Experience with interpreting and administering security doctrine, providing clear guidance to company employees, and recommending modifications to operations policies or procedures for compliance. Requirements - DCSA FSO Certification. - DCSA Industrial Security Course Completions. - Working knowledge on the use of Raytheon Security databases (eSecurity, Access Commander, Industrial Security Dashboard, and Resolver). - Working knowledge of the U.S. Government’s Defense Information System for Security (DISS) and the National Industrial Security System (NISS). Benefits - Medical, dental, vision, life insurance. - Short-term disability, long-term disability. - 401(k) match. - Flexible spending accounts. - Flexible work schedules. - Employee assistance program. - Employee Scholar Program. - Parental leave. - Paid time off and holidays.