• Investigate and respond to intrusion events/incidents using SIEM, XSOAR, file analysis, endpoint logs, etc. • Support cybersecurity incident response activities, including but not limited to discover, contain, and mitigate incident response workflows. • Test and evaluate use-cases and work on fine-tuning them. • Identify log sources needed for collection for both cybersecurity and compliance for the SIEM. • Generate appropriate alerting within SIEM to leverage in automation activities. • Write automation in the SOAR to accelerate IR activities (Java, Python, Bash, etc.). • Participate in Monitoring, and Incident Response activities. • Workflow creation and analysis. • Analyze, prioritize and escalate any issues that could potentially put business objectives, results, or processes at risk.

Overview Company Overview: Allied Universal®, North America’s leading security and facility services company, offers rewarding careers that provide you a sense of purpose. While working in a dynamic, welcoming, and collaborative workplace, you will be part of a team that contributes to a culture that positively impacts the communities and customers we serve. Job Description Allied Universal® is hiring a Senior Industrial Security Specialist. The Senior Industrial Security Specialist will lead a team responsible for implementing Personnel Security (PerSec) procedures and participate in executing these protocols. This role includes managing government databases, reviewing Standard Form 86 (SF-86) submissions, transmitting security clearance requests, and delivering briefings. Key responsibilities involve obtaining security clearance eligibility for designated personnel, facilitating access indoctrinations and debriefings, providing briefings for foreign travel, and ensuring compliance with reporting requirements under 32 CFR 117 and SEAD 3. The position also manages security awareness and training programs for personnel with security clearances and their managers. This role is remote; therefore, the employee must ensure reliable internet access and a private workspace or work from the local branch office. - Remote, senior‑level role on a highly specialized Industrial Security team - supporting cleared programs that are critical to the business. - Serve as a trusted clearance expert and team leader, guiding junior specialists, owning complex cases, and ensuring the clearance program runs smoothly, accurately, and in full compliance. - Make a visible impact every day by managing end‑to‑end clearance activity, partnering with government agencies and stakeholders, and helping managers across the organization understand and follow cleared‑program requirements. RESPONSIBILITIES: - Lead a team of 2 or more Industrial Security Specialists by monitoring PerSec processing times, working with Operations and team members to identify efficiency gaps, suggesting or implementing process improvements, and introducing new procedures. - Contribute to selecting and placing specialists; develop performance and career programs; coach and mentor team - Create training materials and guidance documents for team, Operations, or branch personnel - Conduct training sessions for Operations or branch personnel - Act as a liaison between the company and multiple customer agencies and clients for status checks and submission of required security documentation - Prepare and submit electronic application (eApp) case files for initial personnel security investigations (SF-86) and reinvestigations (continuous evaluation program - CE) - Provide advice and assistance to employees preparing security documents via eApp - Conduct required briefings (initial, annual, and debrief) - Collect, prepare, and submit adverse information reports - Collect, prepare, and submit Foreign Travel reporting documents, briefings, and debriefings - Utilize various internal systems and government security databases - Oversee personnel security processes and perform quality control in the processing of all employees - Assist with reviewing, filing, and properly maintaining client DoD Form 254 (DD-254)s - Coordinate with client security representatives to process security visits for cleared employee site access - Verify personnel have completed necessary security education and training according to access requirements - Troubleshoot issues and resolve any questions or concerns from clients, federal investigators, or government agencies - Effectively interact with all levels of personnel, both internal and external, through oral and written communication - Provide additional support to the NISP Manager or Vice President as deemed necessary QUALIFICATIONS (MUST HAVE): - Must be a United States Citizen and possess a Department of Defense (DoD) SECRET security clearance. Candidates should either hold an active DoD SECRET clearance or be eligible to obtain one quickly. - A DoD SECRET clearance is required for this position. PREFERRED QUALIFICATIONS (NICE TO HAVE): - Prior experience managing an industrial security program for a commercial or government entity BENEFITS: - Wage range: $56,000 - $64,000 + internal advancement opportunities - Medical, dental, vision, basic life, AD&D, retirement plan and disability insurance - Eight paid holidays annually, five sick days, and four personal days - Vacation time offered at an accrual rate of 3.08 hours biweekly; unused vacation is only paid out where required by law #LI-26 Closing Allied Universal® is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race/ethnicity, age, color, religion, sex, sexual orientation, gender identity, national origin, genetic information, disability, protected veteran status or relationship/association with a protected veteran, or any other basis or characteristic protected by law. For more information: www.aus.com If you have difficulty using the online system and require an alternate method to apply or require an accommodation, please contact our local Human Resources department. To find an office near you, please visit: www.aus.com/offices. Requisition ID 2026-1552390

At Coretelligent, we take ownership of the technology our clients rely on every day. We partner with growing, highly regulated organizations that need secure, dependable IT environments built to scale. Our role goes beyond support. We bring structure, clarity, and accountability to complex technology landscapes so leaders can move forward with confidence. Over the past several years, Coretelligent has entered a new chapter. We have strengthened our leadership team, modernized our service delivery, and sharpened our focus on long-term client outcomes. Our work spans managed IT, cybersecurity, cloud, and strategy, delivered through a model designed for consistency, transparency, and trust. We are building a team of professionals who care deeply about quality, ownership, and continuous improvement. If you value clear expectations, thoughtful collaboration, and work that genuinely matters to the businesses you support, you will feel at home here. Job Overview At Coretelligent, we take ownership of the technology and security environments our clients rely on every day. Our Security Operations team plays a critical role in protecting client infrastructure across highly regulated industries where reliability, visibility, and rapid response are essential. As a Senior SOC Analyst, you will serve as a senior technical resource within the Security Operations Center, responsible for advanced threat detection, investigation, and incident response across multiple client environments. This role acts as an escalation point for complex investigations while also helping improve the maturity, efficiency, and quality of our SOC operations. You will combine hands-on analytical work with mentorship and operational improvement efforts. This includes conducting deep investigations, leading incident response efforts, refining detection capabilities, and ensuring consistent investigative standards across the team. The ideal candidate demonstrates strong technical judgment, calm decision-making during security events, and the ability to communicate clearly with both technical teams and client stakeholders. Key Responsibilities: - Serve as a senior escalation point for SOC analysts, providing guidance on alert triage, investigation methodology, containment strategies, and incident classification. - Lead complex investigations across multiple telemetry sources including SIEM, EDR/XDR, firewall, cloud, and network logs to identify attacker behavior and root causes. - Conduct hands-on incident response activities including containment coordination, eradication guidance, recovery recommendations, and post-incident reporting. - Perform proactive threat hunting across client environments to identify suspicious behaviors, emerging threats, and attacker techniques that may evade automated detection. - Tune and optimize detection logic across SIEM platforms, EDR tooling, correlation rules, and automated workflows to improve signal quality and reduce false positives. - Contribute to SOC operational maturity through automation, SOAR workflows, and investigation efficiency improvements. - Mentor and support SOC analysts through knowledge sharing, investigation guidance, and quality review of alert handling and incident documentation. - Maintain high investigative standards through clear documentation, consistent investigation processes, and strong communication during security events. - Develop and maintain incident response runbooks, threat hunting procedures, and operational playbooks to support continuous improvement of SOC operations. - Participate in client communications during security investigations, incident briefings, and follow-up reviews while maintaining a professional and confident presence. - Stay current on evolving attacker tactics, vulnerabilities, and threat intelligence trends to continuously improve detection and response capabilities. Required Skills and Qualifications: - 5+ years of experience in security operations, threat detection, digital forensics, incident response, or related cybersecurity roles. - Demonstrated experience conducting advanced security investigations within SOC or incident response environments. - Strong familiarity with security operations technologies including SIEM platforms, EDR/XDR tools, IDS/IPS, firewall telemetry, and cloud logging solutions. - Deep understanding of attacker methodologies and security frameworks such as MITRE ATT&CK, cyber kill chain, and NIST incident response lifecycle. - Proficiency in log analysis, detection tuning, event correlation, and end-to-end investigation workflows. - Experience coordinating response activities across multiple stakeholders during active security incidents. - Strong written and verbal communication skills, including the ability to translate complex technical findings into clear client-facing summaries. - Relevant cybersecurity certifications such as GCIA, GCIH, GCFA, GNFA, CySA+, AZ-500, or equivalent experience. Salary Range for this position (depending upon experience): $125,000 - $135,000 This range reflects the minimum and maximum targets for new hires across all US locations (with the exception of MA, NY, and CA). Within the range, individual pay is determined by job-related skills, experience, work location, and relevant education or training. What you’ll love about Coretelligent: We take Coretelligent culture very seriously! As a company, we constantly think of ways to give back to our valued employees through company engagement. We offer a competitive salary, amazing benefits, a great vacation package, a healthy work-life balance, and opportunities to grow your career from within!  Benefits: Health, Dental, & Vision, Flexible Spending Account (FSA), 401k, Health Reimbursement Account (HRA), Health Savings Account (HSA), Life Insurance, Disability Insurance, Paid Parental Leave, Holiday Pay, Flexible Vacation & Sick Days. Perks: Fourteen holidays, including a day off on your birthday, flexible vacation, spot bonuses for demonstrated excellence, community and social events, learning and development, flexible working life, $100 well-being allowance, and other health & wellness perks. Equal Opportunity and Accessibility Commitment Coretelligent is an Equal Opportunity employer committed to diversity, equity, and inclusion. We welcome qualified applicants of all races, ethnicities, religions, ages, sexual orientations, gender identities, socioeconomic statuses, and more. Our focus is on creating an inclusive workplace where diversity is valued beyond compliance, ensuring that every team member feels respected, supported, and empowered to be their authentic selves. In compliance with the Colorado Anti-Discrimination Act (CADA), we do not request or consider age or age-adjacent information (such as graduation dates) during the hiring process. We encourage all qualified individuals to apply, regardless of age. We extend our dedication to accessibility and inclusivity to our remote workforce. In alignment with the Americans with Disabilities Act (ADA), we are committed to providing reasonable accommodations to enable individuals with disabilities to effectively perform their job duties in a remote setting. Applicants needing accommodations for the application or interview process are encouraged to reach out to talent@core.tech for necessary arrangements. E-Verify www.dhs.gov/E-Verify For information about the right to work, click here for English or here for Spanish. E-Verify is a registered trademark of the U.S. Department of Homeland Security. This business uses E-Verify in its hiring practices to achieve a lawful workforce. As Coretelligent is a remote company hiring candidates, our perks and benefits packages may adjust based on your location. Direct applicants only; no recruitment agencies or third-party recruiters, please. #LI-Remote

Join Aya Healthcare, winner of multiple Top Workplace awards! We are seeking a Manager, Security Operations to lead and modernize our enterprise security operations function, with accountability for incident response, detection engineering, automation, operational metrics, and continuous improvement. This role owns the day‑to‑day execution and evolution of security operations using ServiceNow Security Incident Response (SIR) as the system of record and partners closely with internal teams, managed service providers, and nearshore/offshore resources. This is a builder‑focused leadership role for someone who thrives on ownership and momentum. Aya is actively maturing its security operations capabilities—moving from reactive alert handling toward measurable, scalable, and automated SecOps outcomes. You’ll have the mandate to design modern SIR playbooks, improve signal quality, automate response, and scale operations across a blended delivery model while clearly demonstrating impact through MTTx metrics. This position will be PST business hours. Who We Are: We’re a $8+ billion, rapidly growing workforce solutions provider in the healthcare industry. We deliver tech-enabled services that help healthcare organizations meet and manage their contingent labor needs. We build and manage tech-enabled marketplaces for national and local healthcare talent and deliver contingent labor management solutions through our proprietary software platform. At Aya, we’re obsessed with creating exceptional experiences for our clients, clinicians, and employees. In fact, we put employee satisfaction above all else. Our team members are responsible for incomparable customer experience and we know that happy employees are critical to maintaining happy clients. We foster an entrepreneurial, high-energy, low-bureaucracy culture and value innovative thinking and creative problem-solving. We embrace diversity in thought and backgrounds unified by a commitment to high achievement. When you join Aya, you’ll be surrounded by teammates who care about you as an individual and leaders who will help you grow both personally and professionally. Responsibilities: - You will report to the VP, Information Security. - Own the execution and continuous improvement of Aya Healthcare’s enterprise Security Operations program. - Lead a blended security operations model combining internal analysts, nearshore/offshore resources, and managed service providers. - Establish clear operating models, escalation paths, staffing coverage expectations, and accountability across all SecOps resources. - Serve as the primary owner of ServiceNow Security Incident Response (SIR) workflows, data models, and operating procedures. - Design, implement, and continuously improve SIR playbooks to automate triage, enrichment, containment, and response actions. - Drive automation that reduces manual analyst effort and improves MTTD, MTTR, and MTTC through standardized playbook execution. - Ensure incidents are consistently triaged, investigated, documented, and remediated using ServiceNow SIR. - Oversee detection and response capabilities across EDR and SIEM platforms, ensuring high‑quality signal ingestion and routing into SIR. - Operate confidently across Microsoft Azure security capabilities available through Microsoft E5 environments (e.g., Defender, Sentinel). - Define, track, and improve MTTx metrics, using data to prioritize automation and process improvements. - Lead post‑incident reviews and ensure lessons learned translate into improved detections, playbooks, and response procedures. - Manage, coach, and develop security operations personnel while fostering a high‑energy, accountable team culture. - Act as a trusted escalation point during security incidents and clearly communicate operational risk and response status to leadership. Required Qualifications: - 5+ years of experience in Security Operations, Incident Response, or SOC‑related roles. - 2+ years of direct experience managing and operating ServiceNow Security Incident Response (SIR), including workflow ownership and playbook design. - Demonstrated experience designing or operating incident response automation and playbooks within SIR or SOAR‑like platforms. - Hands‑on experience integrating EDR platforms (e.g., Microsoft Defender and/or CrowdStrike Falcon) with ServiceNow SIR. - Strong experience operating and managing EDR and SIEM solutions in an enterprise environment. - Strong hands‑on experience with Microsoft Azure security solutions, including capabilities available through Microsoft E5 subscriptions. - Demonstrated experience managing and improving MTTx metrics (e.g., MTTD, MTTR) to drive operational change. - Proven experience leading security operations teams, including internal staff and external service providers. - Strong incident leadership, communication, and decision‑making skills with the ability to influence across teams. Core Role Criteria: - Security Operations Ownership: End‑to‑end accountability for SecOps outcomes, not just alert handling or vendor oversight. - ServiceNow SIR & Automation (Critical): Proven ability to design, implement, and improve SIR workflows and playbooks tied to measurable outcome improvements. - EDR / SIEM Operational Depth: Strong understanding of detection quality, enrichment, routing, and response tuning. - Metrics‑Driven Execution: Uses MTTx metrics to prioritize automation, justify investment, and demonstrate improvement. - People & Vendor Leadership: Successfully leads blended teams (internal, MSP, offshore) while standardizing execution through playbooks. - Builder Mindset: Lands quickly, stabilizes operations, and then modernizes through automation and process design. What We Offer: - Free premium medical, dental, life and vision insurance - Generous 401(k) match - Aya also offers other benefits to those that are eligible and where required by applicable law, including reimbursements and discretionary bonuses - Aya provides paid sick leave in accordance with all applicable state, federal, and local laws. Aya’s general sick leave policy is that employees accrue one hour of paid sick leave for every 30 hours worked. However, to the extent any provisions of the statement above conflict with any applicable paid sick leave laws, the applicable paid sick leave laws are controlling - Celebrations! We hit our goals and reward ourselves. - Company-sponsored virtual events, happy hours and team-building activities are always on the horizon — plus, you get a special treat on your birthday! - Unlimited DTO — we believe in time off! - Virtual yoga, meditation or boot camp classes offered daily Compensation: Aya reasonably anticipates the pay scale for this position to be an annual salary of $150,000 to $180,000. The pay scale for this position may vary if applicant possesses experience outside of what Aya reasonably anticipates for this position. Bonuses are subject to the role and your manager’s discretion. Aya is an Equal Opportunity Employer (EEO), including Disability / Vets, and welcomes all to apply. Please click here for our EEO policy