Building a career at Granite may be the most valuable thing you could do... Find your dream job today, and be part of something great. Our most powerful partnership is the one we have with our employees. Our people are our most valued asset and the foundation of Granite’s century-old success. We’re building more than infrastructure; we are building your future. General Summary This position is responsible for supporting the company’s cybersecurity program identifying cybersecurity risks within the enterprise and developing initiatives to mitigate and/or eliminate those risks. This position is a fully remote role. Essential Job Accountabilities - Supports all aspects of Data Governance efforts to ensure the quality and security of the data used across the organization. - Assists with security-related triage, such as Incidents and Exceptions, to ensure timely diagnosis and resolution of possible network events. - Handles Incident escalations from the team to ensure management is made aware of possible security breaches. - Participates in Sprint planning for new implementations to ensure everyone in the organization is aware of development schedules and priorities and to ensure the Development team is focused on the appropriate deadlines. - Creates User Stories for new technology implementation and prescribes Test Cases to ensure successful implementations within the organization. - Monitors tools with security policies and procedures, ensures enforcement sanctions, and documentation to drive end-user compliance. - Authors security policies, standards, procedures, and runbooks to ensure optimal security safety and compliance. - Resolves security issues by working with other Infrastructure staff and users to minimize security interruptions and secure the Company’s IT infrastructure. Education - Bachelor’s degree in Computer Science, Information Technology, or related field of study required - Certification in a cybersecurity or information security discipline, such as CISSP, CEH or CISM preferred Work Experience - 7+ years of Information Technology security experience, preferably in a medium to large organization Knowledge, Skills, & Abilities - Proficient in IT Security tools such as vulnerability management, endpoint detection and response, SIEM/SOC, Email Secure Gateway, Web filtering an SSL description and Next-Gen firewalls. - Must have working knowledge of IT networking, Windows, and VMWare systems and related security requirements. - Must possess the ability to be proactive and identify, define, and analyze complex data security issues and to recommend and implement solutions. - Exhibit high degree of initiative and independent judgment with demonstrated troubleshooting, follow-through, and critical-thinking skills. - Ability to manage multiple projects simultaneously in a fast-paced, detail-oriented, and consistently changing work environment with the ability to make decisions based on research results. - Advanced analytical and technical skills requiring an aptitude for detail, precision, and logic with comprehensive knowledge of Cybersecurity administration. - Excellent interpersonal, verbal, and written communication skills with the ability to communicate with courtesy and diplomacy. - Ability to efficiently follow written and verbal instructions. - Excellent organizational skills including record keeping, data collection, and system information. - Conduct detailed analysis of security events and evidence, compile and analyze data, and to furnish information in report format, written correspondence, email, or verbally. Physical Demands The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. While performing the duties of this job, the employee is regularly required to talk and hear. The employee frequently is required to stand, walk, sit, and use hands to operate a computer keyboard. The employee is occasionally required to reach with hands and arms. The employee must occasionally lift and/or move up to 10 pounds. Specific vision abilities required by this job include close vision, and ability to adjust focus. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Additional Requirements/Skills - Comply, understand, and support corporate safety initiatives to ensure a safe work environment - Ability and willingness to abide by the Company’s Code of Conduct daily - Travel up to 10% Our Benefits at a Glance: Building tomorrow starts with you, and Granite knows that you can excel only if we support you in and out of the workplace. That is why we offer a broad benefits package that includes paid holidays, sick leave, medical, dental, vision, life insurance, disability insurance, flexible spending plans, as well as special programs for musculoskeletal health, mental wellness, and more. Salaried employees may choose from two PPO medical plans through Anthem BlueCross, including our most popular plan, for which 100% of the premium is paid by Granite for eligible employees and dependents. Employees can also opt into a Health Savings Account (HSA) or a Flexible Spending Account (FSA). As part of our investment in your future outside of the workplace, Granite provides a 100% match on the first 6% of eligible compensation that salaried employees defer into their 401(k) plans, which vests immediately. Benefits may vary for positions located outside of the continental United States. Base Salary Range: $110,159.00 - $211,418.00Pay may vary based upon relevant experience, skills, location, and education among other factors. ​ About Granite Construction Incorporated Granite Construction Incorporated is a member of the S&P 400 Index and is the parent company of Granite Construction Company, one of the nation's largest heavy civil contractors and construction materials producers. Granite is a Drug-Free Workplace and Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, sex, sexual orientation, national origin, age, disability, protected veteran status, or any other protected characteristic. We consider qualified applicants with arrest and conviction records in accordance with the San Francisco Fair Chance Ordinance, the Los Angeles Fair Chance Initiative for Hiring Ordinance, and other applicable laws. For additional information on applicant/employee rights please click here. Notice to Staffing Agencies Granite Construction, Inc. and its subsidiaries ("Granite") will not accept unsolicited resumes from any source other than directly from a candidate. Any unsolicited resumes sent to Granite, including unsolicited resumes sent to a Granite mailing address, fax machine or email address, directly to Granite employees, or to Granite's resume database will be considered Granite property. Granite will NOT pay a fee for any placement resulting from the receipt of an unsolicited resume. Granite will consider any candidate for whom an Agency has submitted an unsolicited resume to have been referred by the Agency free of any charges or fees. Agencies must obtain advance written approval from Granite's recruiting function to submit resumes, and then only in conjunction with a valid fully-executed contract for service and in response to a specific job opening. Granite will not pay a fee to any Agency that does not have such agreement in place. Agency agreements will only be valid if in writing and signed by Granite's Human Resources Representative or his/ her designee. No other Granite employee is authorized to bind Granite to any agreement regarding the placement of candidates by Agencies.

• Leads and supports Information Security team members with risk analysis • Frequently monitor, test, and make improvements to security practices • Consult with engineers to provide vulnerability identification and/or remediation support • Oversee vendor relationships regarding security system updates • Identify opportunities to improve work processes and/or automate improvements • Liaise with and support security operations center (SOC) analysts • May be asked to serve in on-call rotation • Assist and/or lead proof-of-concepts, analysis, and/or implementation of security tooling • Review, analyze and/or respond to phishing submissions and alerts • Provide support and/or evidence as necessary for audits

• Assist Information Security team members with risk analysis of identified issues or events • Monitor the effectiveness of security practices • Provide vulnerability remediation support • Liaise with and support security operations center (SOC) analysts with direction • May be required to serve in on-call rotation • Capable of assisting with proof-of-concepts or implementation of security tooling with direction • Review, analyze (with direction) and/or respond to phishing submissions and alerts • Support documentation, reporting or tracking related to security initiatives as assigned • Participate in an entirely remote working environment (such as using webcam and participating verbally or with reactions)

COLSA is seeking a Cybersecurity Specialist to deliver and sustain capabilities in a fast-paced SAFe Agile development environment, while providing cybersecurity direction and supporting the consolidation of NASA’s enterprise IT systems. This is a remote position. Candidates must reside in a state where COLSA currently conducts business or is authorized to employ staff. - Apply knowledge of concepts, processes, practices, and procedures on technical assignments. - Support enterprise Cybersecurity standards. - Develop and implement Cybersecurity standards and procedures in accordance with government regulations. - Coordinate, develop, and recommend security processes. - Recommend Cybersecurity solutions to support customers’ requirements. - Identify and report security violations. - Recommend and satisfy Cybersecurity requirements based upon the analysis of CSPP, policy, regulatory, and resource demands. - Support customers at the highest levels in the development and implementation of processes and policies. - Apply know-how to government and commercial common user systems, as well as to dedicated special purpose systems requiring specialized security features and procedures. - Support design and development of security features for system architecture requirements. - Analyze and make recommendations of security requirements for computer systems which may include mainframes, workstations, and personal computers. - Support design, development, engineering, and implementation of solutions that meet CSPP requirements. - Provide integration and implementation of the computer system security solution. - Analyze general Cybersecurity-related technical problems and provide basic engineering and technical support in solving these problems. - Support vulnerability/risk analyses of computer systems and applications during all phases of the system development life cycle. - Perform all procedures necessary to ensure the safety of information systems data assets and to protect systems from intentional or inadvertent access, theft, or destruction. - Ensure that all information systems are functional and secure. - Ensure cyber monitoring is performed timely and cyber responses occur within established processes/procedures. - Support efforts for critical processes outside of normal hours to include nights, weekends, and holidays. - Deploy rapid response to quickly resolve cyber events. - Communicate with senior customer stakeholders on reporting metrics (e.g., number of events, average time to respond, affected applications or platforms, etc.). - Prepare and distribute cyber/IA required reporting. At COLSA, people are our most valuable resource and centered at our core value. We invite you to unite your talents with opportunity and be a part of our “Family of Professionals!” Learn about our employee-centric culture and benefits here.