DDC-IT Services is seeking a Sr. IBM z/OS Systems Administrator to join their growing team! Responsibilities - Ensure that all information systems are managed, operated, and used IAW DISA STIGS and other applicable policies and procedures. - Support all ACPs (ACF2, RACF and CA TSS) utilized by the information systems. - Provide access control and account provisioning for all information systems. - Use DISA approved tools to plan, conduct, review, analyze, and correct findings in support of STIG reviews SRR. - Provide audit and inspection support for the government to include providing artifacts and evidence. - Support COOP exercises (Simulated and Table Top) exercises. - Grant and maintain access and account profiles for both individual and system resources. - Promptly report security violations IAW with specific security requirements for reporting incidents and violations. - Use DISA approved tools and follow policies for Change, Incident and Service Requests. - Performs other related duties as assigned. Qualifications - Must have an Active Secret clearance. - Must currently possess one of the IAT Level 2 certifications: - CCNA-Security - CSA+ - GICSP - CompTIA Security+ CE - SSCP About Us Diné Development Corporation (DDC) is a Navajo Nation owned family of companies that provides government agencies and commercial organizations with high-quality IT, professional, environmental, and research and development services. DDC is dedicated to empowering the Navajo Nation and communities we serve. Benefits Eligible full-time employees receive a comprehensive benefits package, including medical, dental, vision, life and disability coverage, retirement savings with company match, paid time off, voluntary supplemental benefits, and access to an employee assistance program. The package also includes educational assistance, with tuition reimbursement. EEO Statement This contractor and subcontractor shall abide by the requirements of 41 CFR 60‑1.4(a), 60‑300.5(a) and 60‑741.5(a). These regulations prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities, and prohibit discrimination against all individuals based on their race, color, religion, sex, sexual orientation, gender identity, national origin, or for inquiring about, discussing, or disclosing information about compensation, or any other basis prohibited by law. We participate in E‑Verify.

Why AIS? When you join AIS, you’re joining a mission-driven team that’s passionate about making a difference. You’ll work on projects that matter, alongside industry-leading experts, in an environment that fosters innovation, driving client success, and empowering our team to make a lasting impact. As an employee-owned company, we value collaboration, inclusivity, continuous growth, and shared success. - Employee Ownership: Your contributions directly impact the company’s success, and you share in its achievements. - Continuous Learning: Access to resources, training, and mentorship to support your professional growth. - Inclusive Culture: A workplace where diversity is celebrated, and everyone’s voice is valued. - Mission-Driven Work: Engage in projects that make a meaningful difference for our clients and communities. What are we looking for? At AIS, we're looking for more than just skills - we're looking for driven individuals who are passionate about making a difference, eager to grow, and aligned with our core principles. Working@AIS At AIS, we are dedicated to providing our employees with diverse opportunities to grow their careers while supporting a variety of impactful projects. For this position, we are seeking a talented individual to join AIS as a Security Engineer. - Core Knowledge & Skills: Applies advanced network security, cryptography, vulnerability assessment, regulatory compliance, and access/governance principles. - Work & Complexity: Conducts security assessments, handles incidents, implements policies, configures advanced security settings, and manages security devices. - Quality & Independence: Conducts thorough assessments, produces clear documentation, improves practices, and works independently within project scope. - Teamwork & Communication: Participates in team projects, shares knowledge, coordinates with other teams, and mentors junior staff. - Consulting & Engagement: Advises internal teams, optimizes processes, evaluates technologies, and coordinates vendor support. As your initial project assignment, you will support the unique needs of our client as a AWS Cloud Security Engineer - Mid. Project Summary AIS is supporting federal customer with a program focused on architecture and infrastructure. Key Responsibilities - Drives the stability and sustainability of the cloud-based networks, software systems for scaling and reliable operations. - Performs system integration, verification and validation and supportability and effectiveness analyses for total systems. - Creates proactive engineering mechanisms that will enable the team to manage the health of a number of distributed VMs. - Performs functional analysis, timeline analysis, detail trade studies, requirements allocation and interface definition studies for hardware and software specifications. - Utilizes trends and metrics to identify opportunities for improvements within existing frameworks, tools and processes. - Responsible for systems functionality, performance, and configurations issues. Required For This Opportunity - Bachelors degree in Computer Science, Information Systems, Engineering, or related field (or equivalent experience). - 4+ years of relevant experience supporting enterprise cloud and/or infrastructure environments. - Certifications: IAT-2, 1 or more cloud certifications. - Active Secret clearance (or higher). - Experience working in regulated environments and following secure engineering / documentation practices. Nice to Have Skills - Experience supporting DoD/IC programs and mission systems. At AIS, we are committed to offering competitive and fair compensation that reflects the skills, experience, and contributions of each team member. The targeted base salary range for this role is $80,000-$121,000 per year. Please note that this range is provided as a guideline and the final offer will be based on several factors, including but not limited to, skillset and competencies, level of experience, education, certifications, and location. We value transparency in our hiring process and are happy to discuss how your unique qualifications align with our compensation structure during the interview process. Applied Information Sciences does not discriminate on the basis of race, national origin, religion, color, gender, sexual orientation, age, disability, protected veteran status, or any other basis. Employment decisions are based solely on qualifications, merit, and business needs.

About Us At Cast & Crew, we’ve empowered creativity and supported the global entertainment industry for decades. Together with our family of brands - Backstage, CAPS, Checks & Balances, Final Draft, Media Services, Sargent-Disc, and The TEAM Companies – we operate as a combined entertainment technology and services provider offering industry standard screenwriting accounting software, digital payroll products, data & reporting, and a host of creative tools. The industry continues to move faster than ever, and the need for our expertise, our technology, and our people has never been greater. We are a production’s best ally every step of the way. #OneCastOneCrew We’re not looking for a security manager who used to write code. We’re looking for an engineer who happens to also lead people. The Manager, Application Security will own Cast & Crew’s application security program end-to-end — from threat modeling and code review to exploit development, red teaming, and building the tooling and pipelines that catch vulnerabilities before they ship. You will be deeply embedded in the engineering organization, embedded in pull requests, embedded in architecture conversations, and embedded in the minds of the developers you partner with. This role sits at the intersection of elite offensive security skills, deep software engineering fluency, and the ability to lead and develop a small but high-impact team. You will report to the CISO and work closely with the VP of Engineering and product teams across a complex, multi-product environment handling sensitive payroll, financial, and production data for major studios and streaming platforms. If you read CVEs for fun, have strong opinions about parser differentials, and can pivot from reviewing a threat model to writing a PoC exploit to coaching a junior engineer — this role was written for you. As the Manager of Product Security, you will build and lead a team responsible for embedding security into every phase of our software development lifecycle. You'll work at the intersection of application security, cloud infrastructure security, and DevSecOps, partnering closely with engineering, operations, and product teams to ensure that security is not an afterthought but a foundational element of everything we build. This is a leadership role for someone who is equally comfortable setting strategic direction, mentoring team members, and rolling up their sleeves to solve complex technical security challenges. You will manage a team of security engineers and analysts, drive our DevSecOps transformation, participate in architecture reviews, and champion a "shift left" security culture across the organization. If you're passionate about building secure software at scale, thrive in a collaborative environment, and want to make a tangible impact on an industry that touches millions of workers, we want to hear from you. What You’ll Do Application Security Engineering - Own and execute the full application security testing lifecycle: SAST, DAST, SCA, manual code review, and penetration testing across web, API, and mobile surfaces. - Write exploits. When a finding is disputed or unclear, you prove it — PoC code, not a CVSS score and a policy citation. - Perform deep manual code review across multiple languages and frameworks. You don’t rely solely on scanners; you read the code. - Lead threat modeling sessions for new features and architecture changes. You drive these, not just attend them. - Build and maintain internal security tooling — custom scanners, fuzz harnesses, pipeline integrations, automation scripts — in Python, Go, or similar. - Define and enforce secure coding standards across the SDLC. Champion shift-left security without being a blocker. - Operate and continuously tune SAST/DAST/SCA tooling (Snyk, Semgrep, Burp Suite, or equivalents) integrated into CI/CD pipelines. - Run or coordinate red team exercises and adversarial simulations against Cast & Crew products and infrastructure. - Lead vulnerability triage, root cause analysis, and post-incident security reviews for product security incidents. Team Leadership - Lead, mentor, and develop a team of security engineers and analysts (currently: 2 Application Security Engineers and an Application Security Analyst). - Set technical direction for the team. Your engineers should become better engineers because they work for you. - Conduct regular 1:1s, performance reviews, and career development conversations. - Hire and grow the team as the program scales. You know what good looks like because you’ve been it. - Build a culture of rigor and curiosity — where the team questions assumptions, hunts proactively, and owns outcomes. Engineering Partnership - Embed with engineering teams. Attend sprint planning, architecture reviews, and design sessions — not just as an observer but as a contributor. - Participate in the Architecture Review Board. Block what needs to be blocked; approve fast what doesn’t. - Build relationships with senior engineers and tech leads based on technical credibility. They should want you in the room. - Translate security risk into engineering language. No FUD, no compliance theater — clear, prioritized, evidence-based guidance. - Partner with the GRC team on SOC 2 and NIST 800-53 compliance for product security domains. - Collaborate with Corporate Security Operations on detection, response, and threat intelligence relevant to the product surface. What We’re Looking For Required - 7+ years in application security, offensive security, or product security — with hands-on technical depth throughout. Not 7 years of managing AppSec programs from a distance. - You write code. Not just scripts — real, production-quality code. Python, Go, Java, or similar. Security engineers who can’t code are a hard pass. - Deep, demonstrable expertise in at least three of the following: - Web application hacking: SQLi, XSS, SSRF, deserialization, auth flaws, business logic — you find these manually, not just with a scanner - Secure code review across multiple languages and frameworks - API security: REST, GraphQL, gRPC — you know where the attack surface lives - Cloud-native application security on AWS (IAM abuse, metadata service attacks, misconfigured S3/Lambda/ECS) - CI/CD pipeline security and DevSecOps toolchain integration - Exploit development, PoC writing, or red team operations - Fuzzing, static analysis, or custom security tooling development - 2+ years managing or leading security engineers, including mentorship and performance ownership. - Strong understanding of the entire vulnerability lifecycle: discovery, triage, reproduction, remediation validation, and root cause. - Experience working directly inside engineering orgs — reading PRs, attending standups, influencing architecture. Not operating from a separate security silo. - Can communicate technical risk clearly to both engineers and executives. No jargon substitutes for clarity. Strong Preference - CVEs to your name, bug bounty hall of fame credits, published research, CTF competition history, or an equivalent public body of offensive security work. - OSCP, OSED, OSWE, GWAPT, or similar offensive certifications. CISSP alone is not sufficient signal for this role. - Experience building internal security tooling from scratch — not just configuring vendor products. - Background in software development prior to moving into security. Engineers who crossed over understand how developers think. - Experience in regulated environments handling PII, financial data, or payroll data — SOC 2, NIST 800-53, CCPA familiarity. - Familiarity with secrets management (HashiCorp Vault, AWS Secrets Manager), container security, and IaC security (Terraform, CloudFormation). - Experience running or coordinating bug bounty programs and working with external researchers. You Are - Obsessively curious about how systems break. You read CVE disclosures and think about what you would have found first. - A multiplier. Your team gets sharper working with you — not dependent on you. - Pragmatic about risk. You know when to push hard and when a compensating control is good enough. - Allergic to security theater. Compliance checkboxes without security outcomes are not your idea of a good program. - Direct. You tell engineers — and executives — the truth about risk, even when it’s uncomfortable. - A continuous learner. The threat landscape moves. You move with it. Benefits Cast & Crew provides a comprehensive package of employee benefits including: Medical, Dental, Vision, PTO, health and wellness programs, employee discounts, and more! Note: Cast & Crew benefits are subject to eligibility requirements. Cast & Crew is an equal opportunity employer committed to hiring a diverse workforce and sustaining an inclusive culture. It is our policy to provide equal employment opportunities to all individuals based on job-related qualifications and ability to perform a job, without regard to age, gender, gender identity, sexual orientation, race, color, religion, creed, national origin, disability, genetic information, veteran status, citizenship or marital status, and to maintain a non-discriminatory environment free from intimidation, harassment or bias based upon these grounds. CA residents Your personal information may be collected in connection with certain services provided by Cast & Crew or its affiliated companies. A summary of your California privacy rights can be found at: https://www.castandcrew.com/privacy-policy/ Compensation is commensurate with various factors including, but not limited to, relevant experience, qualifications, skills, training, licensure, certifications, geographic cost of labor, and other business and organizational needs. Compensation range for candidates in other locations may differ based on the cost of labor in that location. The compensation range for this position is: $150,000.00 - $190,000.00 per year.

The Computer Systems Specialist supports evaluation, analysis, and optimization of computer systems, hardware, and software applications within the DLA EFM portfolio. The role focuses on troubleshooting system issues, supporting integration efforts, and recommending improvements to enhance system performance and maintainability. *This position is contingent upon contract award.* Responsibilities - Evaluate computer hardware and software to support mission requirements - Analyze system interfaces and integration with other systems - Troubleshoot system bottlenecks and recommend solutions - Support system optimization and performance improvements - Assist with system implementation, maintenance, and sustainment activities - Provide analytical support for system development and integration tasks - Utilize Microsoft tools and project management concepts to support analysis and reporting - Performs other related duties as assigned Qualifications - Basic understanding of IT systems, hardware, and software environments - Ability to troubleshoot and analyze system issues - Familiarity with system integration concepts - Proficiency with Microsoft tools - Strong analytical and problem-solving skills - Years of Experience: One (1) year of relevant experience - Education Level: Not specified - Clearance Requirements: Moderate Risk, Confidential, Non-Critical Sensitive; Tier 3 / NACLC / ANACI Any other work-related qualifications needed for the role: - Microsoft Suite (Word, Excel, Access, PowerPoint) - Project management familiarity - Ability to support enterprise IT environments About Us Diné Development Corporation (DDC) is a Navajo Nation owned family of companies that provides government agencies and commercial organizations with high-quality IT, professional, environmental, and research and development services. DDC is dedicated to empowering the Navajo Nation and communities we serve. Benefits Eligible full-time employees receive a comprehensive benefits package, including medical, dental, vision, life and disability coverage, retirement savings with company match, paid time off, voluntary supplemental benefits, and access to an employee assistance program. The package also includes educational assistance, with tuition reimbursement. EEO Statement This contractor and subcontractor shall abide by the requirements of 41 CFR 60-1.4(a), 60-300.5(a) and 60-741.5(a). These regulations prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities, and prohibit discrimination against all individuals based on their race, color, religion, sex, sexual orientation, gender identity, national origin, or for inquiring about, discussing, or disclosing information about compensation, or any other basis prohibited by law. We participate in E-Verify.