This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more. Role Description The Cybersecurity Analyst protects enterprise systems, data, and users by monitoring, detecting, investigating, and responding to security events. This exempt role exercises independent judgment to analyze complex alerts, improve defenses, and drive preventive controls, while partnering with the IT Director, Legal/Compliance, and business stakeholders to reduce risk. This position will be considered fully remote, but travel will be required to UniTek locations as needed. Job Responsibilities - Threat Monitoring & Incident Response - Monitor SIEM and EDR tools; triage alerts, contain and eradicate threats, and perform root‑cause analysis. - Lead incident response playbooks, coordinate post‑incident reviews, and document lessons learned. - Vulnerability & Patch Management - Run regular scans, validate findings, prioritize remediation based on risk, and track closure. - Collaborate with infrastructure/app teams to align patch windows and verify fixes. - Identity, Access & Endpoint Security - Enforce MFA, least privilege, and privileged access reviews; support MDM and endpoint hardening baselines. - Security Engineering & Hardening - Tune SIEM/EDR/IDS signatures, maintain logging/alerting rules, and improve detection fidelity. - Support firewall, proxy, email security, and zero‑trust policy updates. - Governance, Risk & Compliance - Map controls to frameworks (e.g., NIST CSF/800‑53, CIS), help with audits, and maintain security policies/standards. - Contribute to third‑party risk assessments and vendor security due diligence. - Awareness & Training - Provide targeted user training and phishing simulations; publish tips and KB articles. - Documentation & Metrics - Maintain IR runbooks, architecture diagrams, and control evidence. - Produce KPIs/KRIs (MTTD/MTTR, patch SLAs, phishing failure rates) for leadership. Qualifications - 3–5 years of experience in cybersecurity, SOC, incident response, or closely related IT security roles. - Hands‑on experience with SIEM (e.g., Splunk, Sentinel), EDR (e.g., CrowdStrike, Defender for Endpoint), vulnerability management (e.g., Tenable, Qualys), MFA/IdP, and endpoint hardening. - Solid grasp of networking, Windows/Linux, identity/access controls, and email/web security gateways. - Strong analytical, written, and verbal communication skills; ability to act with autonomy (exempt‑level scope). Preferred - Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or related field (or equivalent experience). - Certifications such as Security+, CySA+, GSEC, SSCP; higher‑level (CISSP, CISM) is a plus for advanced scope. - Experience with cloud security (M365/Azure, AWS), zero‑trust, and automation/scripting (PowerShell, Python). Work Conditions - Periodic on‑call for security incidents; occasional after‑hours change windows. - Ability to travel as needed for response/testing; otherwise remote.

Cyber Security Specialist Department: Security Employment Type: Full Time Location: Remote Colombia (Bogotá) Description We’re looking for someone great to lead critical work in Security & Compliance! Your primary task is to strengthen our security processes and keep our agency and our clients safe. You will take extreme amounts of initiative and enthusiasm to get things done. To do this, you should have a natural curiosity to research, experiment and reach out to the right people. We’re looking for someone who is driven to build comprehensive security systems, but also practical enough to understand real-world constraints and create resilient safeguards when the ideal setup isn’t immediately available. Strong problem-solving is a must. You should be able to break down complex security issues into manageable components and execute them flawlessly. You will be responsible for communicating with internal teams, clients, and vendors to win buy-in, explain risks, enforce compliance, and keep everyone aligned. Key Responsibilities - Implementing, monitoring, and maintaining endpoint and network security tools (CrowdStrike, MFA, SSO, VPNs, password managers, etc.) - Managing user access controls and enforcing security policies across all devices (including BYOD). - Conducting vulnerability assessments and coordinating incident response. - Reviewing and hardening security configurations for web servers, cloud environments, and third-party integrations. - Supporting compliance efforts for ISO 27001, GDPR, SOC 2, and similar frameworks. - Creating and maintaining security documentation (policies, procedures, incident response plans). - Monitoring system logs and alerts for suspicious activity and responding to events. - Running employee security awareness training and phishing simulations. - Collaborating with Development and DevOps to ensure secure coding and deployment practices. - Coordinating with clients and vendors on security questionnaires, audits, and compliance requirements. Skills, Knowledge and Expertise - Experience: 2+ years in Endpoint Security Management, particularly for web agencies with a remote, BYOD policy. - Communication: Strong written and verbal communication skills (you may be asked to complete a live email task during the interview) - Grit: High persistence and follow-through to ensure people comply with security processes - Clarity: Ability to clarify vague requests, ask smart questions, and structure security recommendations clearly - Analysis: Strong analytical and reasoning ability Benefits - Cutting-edge work in a fast-growing CRO environment where security is mission-critical - Permanently remote work environment - Full-time position with semi-flexible hours — must overlap 4 hours with EST (8 AM–12 NN ET) - Technology reimbursement (hardware and software support) - Company-sponsored training and security certifications - 20 days of paid vacation plus holidays - Competitive salary

This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more. Role Description The Department of War’s (DoW) Office of the Undersecretary of War for Research and Engineering (OUSW (R&E)) is at the forefront of supporting the DoW with the adoption of innovative technologies such as data, analytics, and artificial intelligence to help accelerate predictions, forecasts, and interpretations for both strategic and tactical decisions across the enterprise. These ground-breaking endeavors bring new challenges to the assessment of DoW IT systems that previously did not exist. The Security Control Assessor (SCA) plays a pivotal role in comprehensively understanding the cybersecurity posture of a given capability within OUSW (R&E). SCAs must go beyond a mere compliance focus on controls to articulate the inherent risks of systems. Success in this position requires expertise in statutory guidance such as: - NIST 800 series - DoWI 8500.01 - DoW 8140.03 - ISO 27001 - COBIT - DoW RMF - Operation Vulcan Logic (OVL) The SCA provides authoritative risk determinations and recommendations critical for the Authorizing Official (AO) to grant an Authority to Operate (ATO). Their assessments integrate technical rigor with regulatory compliance, ensuring a robust security posture and informing strategic decision-making. Job Responsibilities - Provide the AO with an independent risk assessment of assigned systems and authorization. - Advise Program Managers on AO determination utilizing OVL documentation. - Provide senior advisory support to OUSW (R&E) AO regarding authorizations of OUSW (R&E) capabilities. - Utilize expert knowledge and experience regarding risk management strategies in support of a major DoW program. - Providing support regarding the agile authorization and OVL processes. - Provide independent risk analysis and recommendation. - Collaborate between the AO and the program as well as Program leadership. - Identify the security baseline based on the mission and security impacts to the system. - Determine assessment criteria, develop, review, and create a plan to assess the security requirements. - Assess the security requirements in accordance with the assessment procedures defined in the Security Assessment Plan (SAP). - Prepare the Security Assessment Report (SAR). - Monitor POAM actions based on findings and reassess remediated risk(s) as appropriate. - Develop the Risk Recommendation and AO Determination Brief. - Develop a system-level continuous monitoring strategy. - Author and present briefs regarding status of authorizations to AO and other senior Government officials. - Provides security architecture and DoW compliance advisory support. Qualifications - Must have an active Top-Secret Clearance SCI eligible. - Bachelor’s degree in computer science/information technology, or other related degree fields (master’s degree is preferred or at least 5 years of related experience). - At least 5+ years of cybersecurity experience including a senior technical or management role, Project or Program Management experience a plus. - At least one IAT/IAM or equivalent security certifications e.g. Sec+, CISSP, CCSP, CISM, CISA, or CASP. - Experience working with OSD leadership or Military component or branch. - Understanding of NIST 800 series guidelines, DoWI 8500.01, DoW 8140.03, ISO 27001, COBIT, DoW RMF, OVL, and current cybersecurity best practices. - Excellent communication/presentation skills briefing senior military and government civilian leadership. - Experienced with writing standard operating procedures. - Experience in hands-on with eMASS, Xacta and/or other GRC tools. - Experience with Federal and FedRamp A&A Processes. Success Factors - Have a strong background in risk management, and governance, risk and compliance (GRC). - Strong client focus and commitment to continuous improvement, ability to proactively network and establish relationships. - Manage multiple priorities in a high-paced and fast-changing environment. - Perform other duties as assigned or required. AAP Statement We are proud to be an Affirmative Action and Equal Opportunity Employer and as such, we evaluate qualified candidates in full consideration without regard to race, color, religion, sex, sexual orientation, gender identity, marital status, national origin, age, disability status, protected veteran status, and any other protected status.

The HIPAA Subject Matter Expert supports the Health and Human Services (HHS), Office for Civil Rights (OCR) promoting the right to access health information and protection of the privacy and security of this information. These highly trained and highly skilled consultants and analysts are integral to the success and performance of OCR and to further OCR’s mission. Chickasaw Nation Industries, Inc. serves as a holding company with multiple subsidiaries engaged in several lines of business (Technology, Infrastructure & Engineering, Health, Manufacturing, Public Safety, Consulting, and Transportation) for the federal government and commercial enterprises. A portion of our profits is used to support Chickasaw citizens. We are proud to support the economic development and long-term viability of the Chickasaw Nation and its people. CNI offers premium benefits eligible on the first day of hire to full time employees; (Medical - Dental – Vision), Company Life Insurance, Short-Term and Long-Term Disability Insurance, 401(K) Immediate Vesting, Professional Development Assistance, Legal Aid Assistance Program, Family Planning / Fertility Assistance, Personal Time Off, and Observance of Federal Holidays. As a federal contractor, CNI is a drug-free workplace and adheres to the Federal Controlled Substance Act. ESSENTIAL REQUIREMENTS - Preference will be given to candidates with relevant industry certifications from CISSP, CISM, CIPP/CIPT/CIPT. - Ten (10) years of relevant cybersecurity experience is preferred. - Experience in auditing and generating audit reports is required. - Fundamental knowledge of basic systems analysis. - Knowledge of a broad range of relevant computer systems, applications, and/or related equipment. - Knowledge of computer security procedures and protocol. - Basic knowledge of advanced operating system, network, or application management tasks. - Knowledge of current technological developments/trends in area of expertise. - Knowledge of federal copyright laws as they pertain to the use of computer software. - Ability to integrate emerging technologies and applications into current environment and to identify technical specifications to meet user needs including operating system and network or application configuration. - Ability to identify technical specifications to meet user needs including operating system and network or application configuration. - Skills in planning, organizing, and adapting within a multi-tasking environment. - Strong interpersonal skills, flexibility, and customer service orientation. - Ability to gather facts and data for technical proposals and to expand upon them or develop alternatives and to evaluate emerging technologies and identify their potential impact within the existing environment. - Ability to evaluate emerging technologies and identify their potential impact within the existing environment. - Ability to analyze complex computer problems and provide solutions. - Ability to communicate effectively, both orally and in writing. - Ability to communicate technical information to non-technical personnel. - Ability to develop and deliver presentations. KEY DUTIES AND RESPONSIBILITIES Essential duties and responsibilities include the following. Other duties may be assigned. - Reviews security and privacy complaints, data breach notification and cybersecurity incident reports and other correspondence and evidence to determine whether complaints, self-reported breaches or breach notification reports indicate non-compliance with the HIPAA Security Rule. Reviews data provided by the healthcare organizations across the nation to assess the overall impact of security and privacy incidents. - Evaluates and determines the technical sufficiency of submissions from HIPAA covered entities and business associates in response to data and documentation requests (i.e. Assessing reports related to security baselines, penetration tests, vulnerability assessments, and digital forensics). - Documents processes, standard operating procedures and system requirements; develops reports summarizing the analysis along with formulating recommendations for OCR to consider for future action. - Develops written reports with technical security analyses, summaries, and recommendations for action, reports on root causes of problems, efficiency, and support needs. - Provides expertise in the development and evaluation of health information privacy policies and technologies, specifically regarding protected health information; deidentified/re-identified health information; limited data sets. - Provides subject matter expert analysis, evaluation, and recommendations based on national security standards (NIST), industry best practices from the International Organization for Standardization and implementation specifications of the HIPAA - Security Rule. - Provides DIN designing, implementing, and managing information security, data protection, and risk management programs, including policies, procedures, and controls for protected health information based on HIPAA requirements. - Provides advisory expertise in the areas of risk analyses, vulnerability assessments, incident response, security architecture, physical security, business continuity and disaster recovery, enterprise mobility, threat intelligence and analysis, security awareness and - online safety, and resolution of highly complex security projects and issues. - Works well with programmers, developers, content managers, and other key personnel in an interactive development situation. EDUCATION/EXPERIENCE Minimum educational experience is a Bachelor’s degree from an accredited university with the focus on Cybersecurity, Computer Science, Information Sciences, or other comparable fields of Study. PHYSICAL DEMANDS Work is primarily performed in an office environment. Regularly required to sit. Regularly required use hands to finger, handle, or feel, reach with hands and arms to handle objects and operate tools, computer, and/or controls. Required to speak and hear. Occasionally required to stand, walk and stoop, kneel, crouch, or crawl. Must frequently lift and/or move up to 10 pounds and occasionally lift and/or move up to 25 pounds. Specific vision abilities required by this job include close vision, distance vision, depth perception, and ability to adjust focus. Exposed to general office noise with computers printers and light traffic. The physical demands described here are representative of those that must be met by an employee to perform successfully the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of this job. EOE including disability/vet. The estimated pay range for this role is $125K to $135K, with the final offer contingent on location, skillset, and experience. CNI offers a comprehensive benefits package that includes: - Medical - Dental - Vision - 401(k) - Family Planning/Fertility Assistance - STD/LTD/Basic Life/AD&D - Legal-Aid Program - Employee Assistance Program (EAP) - Paid Time Off (PTO) – (11) Federal Holidays - Training and Development Opportunities Your application submission will be considered for all potential employment opportunities with Chickasaw Nation Industries (CNI).