Avint is hiring a Journeyman Information Security Analyst to support and protect critical federal information systems. In this role, you’ll be part of a high-performing team responsible for system security analysis, vulnerability management, and incident response within a Federal Information Systems Security environment. You’ll work at the intersection of security operations, risk management, and compliance, helping ensure systems remain secure, resilient, and aligned with federal cybersecurity requirements.

Aon sp. z o.o. IT Risk & Governance Manager Aon is in the business of better decisions At Aon, we shape decisions for the better to protect and enrich the lives of people around the world. As an organization, we are united through trust as one inclusive, diverse team, and we are passionate about helping our colleagues and clients succeed. What the day will look like - Policy & Standards Management - Create, maintain, and govern technology policies, standards, and procedures in partnership with stakeholders. - Ensure documentation is current, consistent, and aligned to organizational risk appetite and regulatory requirements. - Drive periodic policy reviews, approvals, and communication across impacted teams. - Provide guidance and interpretation of policies and standards to technology and business teams. - Technology Controls & Assurance - Design, implement, and maintain technology control library aligned to policies, frameworks, and regulatory expectations (e.g., access management, change management, incident management, data protection, resilience, etc.) - Ensure critical systems and data are safeguarded, and controls are regularly reviewed for effectiveness and compliance - Partner with Technology and Cybersecurity teams to remediate control gaps and strengthen the control environment. - Coordinate and support internal/external audits, control testing, and assurance activities - Track issues, findings, and remediation plans to timely closure, escalating when necessary - Technology Risk Management - Identify, assess, and monitor technology risks across applications, infrastructure, and services. - Develop and maintain technology risk registers, ensuring risks are clearly documented, assessed, and tracked to remediation. - Provide risk guidance for new initiatives, technology changes, and vendor engagements. - Support the definition and monitoring of risk appetite, key risk indicators (KRIs), and metrics. - Regulatory Governance & Compliance - Monitor relevant regulatory requirements, industry standards, and best practices related to technology risk (e.g., cybersecurity, operational resilience, data protection). - Support regulatory exams, inquiries, and responses for technology-related topics. - Translate regulatory expectations into practical control and process requirements for technology teams. - Prepare and deliver governance materials and risk reporting for senior management and governance forums/committees. - Stakeholder Engagement & Governance Forums - Partner with Technology, Cybersecurity, Compliance, Internal Audit, and Business stakeholders to align on risk priorities and remediation plans. - Prepare clear, concise reporting on technology risk posture, key issues, and trends for leadership. - Promote a risk-aware culture by providing training and guidance on technology risk, controls, and governance. Skills and experience that will lead to success Required: - Bachelor’s degree in Information Technology, Information Security, Risk Management, Business, or related field (or equivalent experience). - Demonstrated experience (e.g., 4–8+ years) in technology risk management, IT audit, information security, technology controls, or related governance roles. - Strong understanding of technology risk concepts and common frameworks (e.g., ISO 27001, NIST, COBIT, ITIL, or similar). - Experience with technology control design, implementation, and testing. - Knowledge of regulatory and compliance requirements related to technology and data (e.g., operational risk, data protection/privacy, cybersecurity, financial services regulations as applicable). - Proven ability to develop and manage policies, standards, and procedures. - Strong analytical, problem-solving, and documentation skills with attention to detail. - Excellent communication skills, with the ability to explain complex risk and control topics to both technical and non-technical stakeholders. - Ability to work independently and collaboratively in a fast-paced, matrixed environment. Preferred (nice to have): - Professional certifications such as CRISC, CISA, CISSP, CGEIT, or similar. - Experience in a regulated industry (e.g., financial services, healthcare, utilities). - Experience with GRC tools/platforms for risk, control, and issue management. - Background supporting large-scale technology programs or transformation initiatives. How we support our colleagues In addition to our comprehensive benefits package, we encourage a diverse workforce. Plus, our agile, inclusive environment allows you to manage your wellbeing and work/life balance, ensuring you can be your best self at Aon. Furthermore, all colleagues enjoy two “Global Wellbeing Days” each year, encouraging you to take time to focus on yourself. We offer a variety of working style solutions, but we also recognise that flexibility goes beyond just the place of work... and we are all for it. We call this Smart Working! Our continuous learning culture inspires and equips you to learn, share and grow, helping you achieve your fullest potential. As a result, at Aon, you are more connected, more relevant, and more valued. Aon values an innovative, diverse workplace where all colleagues feel empowered to be their authentic selves. Aon is proud to be an equal opportunity workplace. Aon provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, age, disability, veteran, marital, domestic partner status, or other legally protected status. We welcome applications from all and provide individuals with disabilities with reasonable adjustments to participate in the job application, interview process and to perform essential job functions once onboard. If you would like to learn more about the reasonable accommodations we provide, email ReasonableAccommodations@Aon.com Please attach CV in English only. #technologyandsecurity #LI-MK1 #LI-REMOTE 2573728

Title: Vulnerability Assessment Analyst Clearance: Active TS Required, Q Clearance preferred Education: Bachelor’s degree preferred Years Experience: all levels available Location: fully remote Compensation: DOE ($50K-$130K/yr.) Overview: A Vulnerability Assessment Analyst is responsible for identifying, analyzing, and mitigating security vulnerabilities within an organization’s systems and networks. They play a crucial role in safeguarding digital assets by conducting assessments, preparing reports, and recommending solutions to enhance security posture. The role of a Vulnerability Assessment Analyst is increasingly critical in today's cybersecurity landscape, as organizations face a growing number of cyber threats. By proactively identifying and mitigating vulnerabilities, these analysts help protect sensitive information and maintain the integrity of IT infrastructure. In this role you will: Perform assessments of systems and networks within the NE or enclave and identifies where those systems/networks deviate from acceptable programs, enclave policy, or local policy. Measures effectiveness of defense-in-depth architecture against known vulnerabilities. Key Responsibilities - Conduct Vulnerability Assessments: Perform assessments of systems and networks to identify vulnerabilities and deviations from acceptable configurations and policies. This includes both technical evaluations (technology) and non-technical evaluations (people and operations). - Prepare Audit Reports: Document findings from assessments, including technical and procedural issues, and provide recommended remediation strategies to address identified vulnerabilities. - Maintain Cyber Defense Tools: Utilize and maintain specialized cyber defense audit toolkits and software to support vulnerability assessments and audits. - Analyze Cyber Defense Policies: Evaluate the organization's cyber defense policies and configurations to ensure compliance with regulations and organizational directives. - Conduct Penetration Testing: Support or conduct authorized penetration testing on enterprise network assets to identify potential security weaknesses. - Stay Updated on Threats: Keep abreast of the latest cybersecurity threats, vulnerabilities, and compliance requirements to effectively safeguard organizational assets. - Collaborate with IT Teams: Work closely with IT and security teams to implement security measures and improve the overall security posture of the organization. Skills and Knowledge Required - Technical Proficiency: Knowledge of network security architecture, application vulnerabilities, and penetration testing principles is essential. - Analytical Skills: Ability to analyze complex systems and identify potential security risks. - Communication Skills: Strong written and verbal communication skills to prepare reports and present findings to stakeholders. - Certifications: Relevant certifications such as CompTIA CySA+, CompTIA Security+, and others can enhance job prospects and demonstrate expertise in the field. Note This job description in no way states or implies that these are the only duties to be performed by the employee(s) of this position. Employees will be required to follow any other job-related instructions and to perform any other job-related duties requested by any person authorized to give instructions or assignments. All duties and responsibilities are essential functions and requirements and are subject to possible modification to reasonably accommodate individuals with disabilities. Who we are...  August Schell offers 30 years of experience in providing our customers innovative solutions and engineering services to their most challenging needs. We thrive on navigating complex IT difficulties and are driven to find the best solutions for our customers. Our team delivers expert knowledge in cyber security, big data, endpoint security and cloud solutions. Our ability to serve our customers with continued excellence is a direct reflection of our dedicated and exceptional people. At August Schell, we are not only a team, we are a family. Equal Employment Opportunity August Schell Enterprises Inc. is an Equal Employment Opportunity Employer. We are committed to providing a workplace that is free from discrimination and harassment based on race, color, religion, sex (including pregnancy, sexual orientation or gender identity), national origin, age, marital status, disability, protected veteran status or any other characteristic protected by applicable law. Accommodations If you are an individual with a disability and would like to request a reasonable accommodation during the application or hiring process, please contact Human Resources at hr@augustschell.com

• Assist with Epic Configuration: Support customization and configuration of Epic applications to meet organizational needs. • Workflow Analysis: Observe and document clinical and administrative workflows to understand system requirements. • Testing & Validation: Participate in testing new builds, upgrades, and patches to ensure accuracy and functionality. • End-User Support: Help troubleshoot basic issues and escalate complex problems to experienced analysts. • Training Support: Assist in creating user guides and training materials for member staff. • Documentation: Maintain detailed records of system changes, workflows, and troubleshooting steps. • Collaboration: Work closely with experienced analysts and clinical teams to learn best practices in healthcare IT.