Here at Appian, our values of Intensity and Excellence define who we are. We set high standards and live up to them, ensuring that everything we do is done with care and quality. We approach every challenge with ambition and commitment, holding ourselves and each other accountable to achieve the best results. When you join Appian, you’ll be part of a passionate team dedicated to accomplishing hard things, together. Here at Appian, we’re passionate about technology. We love making it, and we love using it. Joining Appian CIO will provide you with the opportunity to learn in an environment that values cross-functional collaboration and is committed to personal and professional growth. We want to revolutionize the way people work, and in doing so, we develop the Appian platform to be simple so our customers can thrive. The Appian Information Security department continuously evaluates the threat-landscape for Appian operations and service offerings. As an Information Security Analyst on our Security Operations team, you will participate in monitoring and analyzing security alerts, evaluating emerging threats, responding to cyber threats and adhering to industry regulations. Available to work between 2pm-10pm EST Sunday through Thursday or equivalent hours in a fully remote capacity. To be successful in this role, you need: - To assist with information security related continuous monitoring activities, including monitoring for continued compliance with internal security controls, policies, regulations, and laws - To collaborate with interdepartmental teams to help detect unique threats and mitigations - To support internal and external security reviews, audits, and control evaluations - To participate in the incident reporting and investigation processes - To help conduct risk analysis and provide recommendations for remediation or mitigation - To support information security projects - To coordinate with Appian Engineering teams to research potential security issues - To participate in blue-team activities. And sometimes red-team! - To be passionate about staying up to date on current security risks and trends - To have excellent written and oral communication skills - To have the ability to manage multiple tasks efficiently Basic Qualifications: - Excellent communication skills, including the ability to effectively communicate in English both verbally and in writing - Bachelor’s degree in related field of study - Solid understanding of network fundamentals and internet protocols (TCP/IP networking and network services DNS, DHCP, etc.) - Proficiency in at least one scripting language (Python preferred) - Proficient in querying large datasets using SQL or other big data query languages such as KQL, Splunk Query Language (SPL), etc - Solid understanding of operating systems concepts (Hardening, Log monitoring, and difference between Operating Systems) - Knowledge of the MITRE ATT&CK Framework, Cyber Kill Chain or other relevant network defense and intelligence frameworks - Familiarity with threat intelligence sources, common adversary tactics, techniques, and procedures (TTPs) - Knowledge of cloud-based infrastructures (SaaS, PaaS, IaaS) and layer security responsibilities - Knowledge of cloud concepts (AWS), containers, kubernetes, and DevSecOps principles Nice to Have: - Demonstrated experience identifying and communicating information security concepts and risks to an audience - Experience with EDR and SIEM platforms - Experience automating security processes, detections, or investigations to enhance efficiency and threat response - Relevant information security certifications, such as GCIH, AWS Security, or other SANS certifications. The base salary for this role is between $100,000.00 - $200,000.00 per year and represents a good faith and reasonable estimate of the range at the time of posting. In addition to the base salary, this position is eligible for a overnight shift differential. Actual compensation will be dependent on a number of factors including, but not limited to, the candidate’s relevant work experience, qualifications, internal peer equity, and market and business conditions that exist when extending an offer. A discretionary bonus may be awarded in recognition of individual and company performance. In addition, Appian provides generous benefits offerings that include a 401(k) plan with company match, flexible time off, paid parental leave, medical, dental, and vision plans, life insurance, disability insurance, wellness programs, flexible spending accounts, health savings account contributions, an employee referral bonus program, and learning and development resources. Certain positions may be eligible for equity awards. Pay and benefits are subject to change at any time, consistent with the terms of any applicable compensation, commission, bonus, or benefit plans. Tools and Resources - Training and Development: During onboarding, we focus on equipping new hires with the skills and knowledge for success through department-specific training. Continuous learning is a central focus at Appian, with dedicated mentorship and the First-Friend program being widely utilized resources for new hires. - Growth Opportunities: Appian provides a diverse array of growth and development opportunities, including our leadership program tailored for new and aspiring managers, a comprehensive library of specialized department training through Appian University, skills based training, and tuition reimbursement for those aiming to advance their education. This commitment ensures that employees have access to a holistic range of development opportunities. - Community: We’ll immerse you into our community rooted in respect starting on day one. Appian fosters inclusivity through our 8 employee-led affinity groups. These groups help employees build stronger internal and external networks by planning social, educational, and outreach activities to connect with Appianites and larger initiatives throughout the company. Benefits Appian offers a comprehensive benefits package designed to support your health, wellbeing, and financial future. Benefits may include health coverage, Employee Assistance Program (EAP) with free mental health support, life and disability insurance, an Employee Stock Purchase Program (ESPP), a retirement/pension plan, wellness dollars, tuition reimbursement, family-forming benefits and more. Benefits vary by country—please ask your Talent Acquisition contact for details specific to the location you are applying to. About Appian Appian provides process automation technology. We automate complex processes in large enterprises and governments. Our platform is known for its unique reliability and scale. We’ve been automating processes for 25 years and understand enterprise operations like no one else. For more information, visit appian.com. [Nasdaq: APPN] Follow Appian: LinkedIn, Youtube, Instagram, Facebook Appian is an equal opportunity employer that strives to attract and retain the best talent. All qualified applicants will receive consideration for employment without regard to any characteristic protected by applicable federal, state, or local law. Appian provides reasonable accommodations to applicants in accordance with all applicable laws. If you need a reasonable accommodation for any part of the employment process, please contact us by email at ReasonableAccommodations@appian.com. Please note that only inquiries concerning a request for reasonable accommodation will be responded to from this email address. Appian's Applicant & Candidate Privacy Notice

This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more. Role Description The Cybersecurity Analyst protects enterprise systems, data, and users by monitoring, detecting, investigating, and responding to security events. This exempt role exercises independent judgment to analyze complex alerts, improve defenses, and drive preventive controls, while partnering with the IT Director, Legal/Compliance, and business stakeholders to reduce risk. This position will be considered fully remote, but travel will be required to UniTek locations as needed. Job Responsibilities - Threat Monitoring & Incident Response - Monitor SIEM and EDR tools; triage alerts, contain and eradicate threats, and perform root‑cause analysis. - Lead incident response playbooks, coordinate post‑incident reviews, and document lessons learned. - Vulnerability & Patch Management - Run regular scans, validate findings, prioritize remediation based on risk, and track closure. - Collaborate with infrastructure/app teams to align patch windows and verify fixes. - Identity, Access & Endpoint Security - Enforce MFA, least privilege, and privileged access reviews; support MDM and endpoint hardening baselines. - Security Engineering & Hardening - Tune SIEM/EDR/IDS signatures, maintain logging/alerting rules, and improve detection fidelity. - Support firewall, proxy, email security, and zero‑trust policy updates. - Governance, Risk & Compliance - Map controls to frameworks (e.g., NIST CSF/800‑53, CIS), help with audits, and maintain security policies/standards. - Contribute to third‑party risk assessments and vendor security due diligence. - Awareness & Training - Provide targeted user training and phishing simulations; publish tips and KB articles. - Documentation & Metrics - Maintain IR runbooks, architecture diagrams, and control evidence. - Produce KPIs/KRIs (MTTD/MTTR, patch SLAs, phishing failure rates) for leadership. Qualifications - 3–5 years of experience in cybersecurity, SOC, incident response, or closely related IT security roles. - Hands‑on experience with SIEM (e.g., Splunk, Sentinel), EDR (e.g., CrowdStrike, Defender for Endpoint), vulnerability management (e.g., Tenable, Qualys), MFA/IdP, and endpoint hardening. - Solid grasp of networking, Windows/Linux, identity/access controls, and email/web security gateways. - Strong analytical, written, and verbal communication skills; ability to act with autonomy (exempt‑level scope). Preferred - Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or related field (or equivalent experience). - Certifications such as Security+, CySA+, GSEC, SSCP; higher‑level (CISSP, CISM) is a plus for advanced scope. - Experience with cloud security (M365/Azure, AWS), zero‑trust, and automation/scripting (PowerShell, Python). Work Conditions - Periodic on‑call for security incidents; occasional after‑hours change windows. - Ability to travel as needed for response/testing; otherwise remote.

Cyber Security Specialist Department: Security Employment Type: Full Time Location: Remote Colombia (Bogotá) Description We’re looking for someone great to lead critical work in Security & Compliance! Your primary task is to strengthen our security processes and keep our agency and our clients safe. You will take extreme amounts of initiative and enthusiasm to get things done. To do this, you should have a natural curiosity to research, experiment and reach out to the right people. We’re looking for someone who is driven to build comprehensive security systems, but also practical enough to understand real-world constraints and create resilient safeguards when the ideal setup isn’t immediately available. Strong problem-solving is a must. You should be able to break down complex security issues into manageable components and execute them flawlessly. You will be responsible for communicating with internal teams, clients, and vendors to win buy-in, explain risks, enforce compliance, and keep everyone aligned. Key Responsibilities - Implementing, monitoring, and maintaining endpoint and network security tools (CrowdStrike, MFA, SSO, VPNs, password managers, etc.) - Managing user access controls and enforcing security policies across all devices (including BYOD). - Conducting vulnerability assessments and coordinating incident response. - Reviewing and hardening security configurations for web servers, cloud environments, and third-party integrations. - Supporting compliance efforts for ISO 27001, GDPR, SOC 2, and similar frameworks. - Creating and maintaining security documentation (policies, procedures, incident response plans). - Monitoring system logs and alerts for suspicious activity and responding to events. - Running employee security awareness training and phishing simulations. - Collaborating with Development and DevOps to ensure secure coding and deployment practices. - Coordinating with clients and vendors on security questionnaires, audits, and compliance requirements. Skills, Knowledge and Expertise - Experience: 2+ years in Endpoint Security Management, particularly for web agencies with a remote, BYOD policy. - Communication: Strong written and verbal communication skills (you may be asked to complete a live email task during the interview) - Grit: High persistence and follow-through to ensure people comply with security processes - Clarity: Ability to clarify vague requests, ask smart questions, and structure security recommendations clearly - Analysis: Strong analytical and reasoning ability Benefits - Cutting-edge work in a fast-growing CRO environment where security is mission-critical - Permanently remote work environment - Full-time position with semi-flexible hours — must overlap 4 hours with EST (8 AM–12 NN ET) - Technology reimbursement (hardware and software support) - Company-sponsored training and security certifications - 20 days of paid vacation plus holidays - Competitive salary

This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more. Role Description The Department of War’s (DoW) Office of the Undersecretary of War for Research and Engineering (OUSW (R&E)) is at the forefront of supporting the DoW with the adoption of innovative technologies such as data, analytics, and artificial intelligence to help accelerate predictions, forecasts, and interpretations for both strategic and tactical decisions across the enterprise. These ground-breaking endeavors bring new challenges to the assessment of DoW IT systems that previously did not exist. The Security Control Assessor (SCA) plays a pivotal role in comprehensively understanding the cybersecurity posture of a given capability within OUSW (R&E). SCAs must go beyond a mere compliance focus on controls to articulate the inherent risks of systems. Success in this position requires expertise in statutory guidance such as: - NIST 800 series - DoWI 8500.01 - DoW 8140.03 - ISO 27001 - COBIT - DoW RMF - Operation Vulcan Logic (OVL) The SCA provides authoritative risk determinations and recommendations critical for the Authorizing Official (AO) to grant an Authority to Operate (ATO). Their assessments integrate technical rigor with regulatory compliance, ensuring a robust security posture and informing strategic decision-making. Job Responsibilities - Provide the AO with an independent risk assessment of assigned systems and authorization. - Advise Program Managers on AO determination utilizing OVL documentation. - Provide senior advisory support to OUSW (R&E) AO regarding authorizations of OUSW (R&E) capabilities. - Utilize expert knowledge and experience regarding risk management strategies in support of a major DoW program. - Providing support regarding the agile authorization and OVL processes. - Provide independent risk analysis and recommendation. - Collaborate between the AO and the program as well as Program leadership. - Identify the security baseline based on the mission and security impacts to the system. - Determine assessment criteria, develop, review, and create a plan to assess the security requirements. - Assess the security requirements in accordance with the assessment procedures defined in the Security Assessment Plan (SAP). - Prepare the Security Assessment Report (SAR). - Monitor POAM actions based on findings and reassess remediated risk(s) as appropriate. - Develop the Risk Recommendation and AO Determination Brief. - Develop a system-level continuous monitoring strategy. - Author and present briefs regarding status of authorizations to AO and other senior Government officials. - Provides security architecture and DoW compliance advisory support. Qualifications - Must have an active Top-Secret Clearance SCI eligible. - Bachelor’s degree in computer science/information technology, or other related degree fields (master’s degree is preferred or at least 5 years of related experience). - At least 5+ years of cybersecurity experience including a senior technical or management role, Project or Program Management experience a plus. - At least one IAT/IAM or equivalent security certifications e.g. Sec+, CISSP, CCSP, CISM, CISA, or CASP. - Experience working with OSD leadership or Military component or branch. - Understanding of NIST 800 series guidelines, DoWI 8500.01, DoW 8140.03, ISO 27001, COBIT, DoW RMF, OVL, and current cybersecurity best practices. - Excellent communication/presentation skills briefing senior military and government civilian leadership. - Experienced with writing standard operating procedures. - Experience in hands-on with eMASS, Xacta and/or other GRC tools. - Experience with Federal and FedRamp A&A Processes. Success Factors - Have a strong background in risk management, and governance, risk and compliance (GRC). - Strong client focus and commitment to continuous improvement, ability to proactively network and establish relationships. - Manage multiple priorities in a high-paced and fast-changing environment. - Perform other duties as assigned or required. AAP Statement We are proud to be an Affirmative Action and Equal Opportunity Employer and as such, we evaluate qualified candidates in full consideration without regard to race, color, religion, sex, sexual orientation, gender identity, marital status, national origin, age, disability status, protected veteran status, and any other protected status.