• The Senior IT Security Compliance Analyst provides support for technology compliance programs, including leading and executing functions and duties that may include: consulting and collaborating with business and technology stakeholders at all levels on control design and remediation to mitigate technology risks; participating on large-scale projects; maintaining IT control library/testing general computer and application controls; coordinating and supporting technology components of onsite and virtual audits/assessments, NCUA examinations, and client due diligence reviews; • Performing segregation of duties reviews and user attestations; documenting process flows and compliance-related deliverables; assisting with the creation and maintenance of IT and information security policies and standards required to maintain company certifications (e.g., PCI DSS, NIST CSF); • Coaching and cross-training technology compliance staff. The individual will execute assigned duties to meet stated priorities and SLAs. The individual plays a critical role in driving technology control and compliance practices and adoption across the company. • This role directs and advises technical SMEs in the design, implementation, monitoring and reporting of technology control and compliance processes and documentation on-premise and in the Cloud.

Role Description The Junior IT Cyber Security Analyst assists in safeguarding the organization’s systems, data, and networks across both corporate and clinical environments. This role supports core cybersecurity operations, including: - Threat monitoring - Incident response - Vulnerability management - Compliance activities Under the direction of senior cybersecurity professionals, the position contributes foundational cybersecurity expertise while contributing to day-to-day security operations. The Junior Analyst helps maintain and strengthen the organization’s overall security posture through active participation in monitoring, analysis, and risk mitigation efforts. Key Performance Areas - KPA 1 – Threat Monitoring & Initial Response (Support Role) - Monitor security alerts from SIEM, EDR, email security, and network tools. - Perform initial triage and escalate suspicious activity to senior analysts. - Follow established incident response playbooks for basic investigations. - Document incidents, actions taken, and outcomes. - KPA 2 – Vulnerability & Patch Support - Assist with vulnerability scans and review scan results. - Track remediation progress and follow up with system owners. - Support patching efforts by validating updates and documenting status. - Help maintain asset and vulnerability inventories. - KPA 3 – Compliance & Documentation - Support collection of evidence for audits (HIPAA, SOC 2, etc.). - Maintain documentation for policies, procedures, and controls. - Assist with periodic access reviews and data protection checks. - Help track remediation of audit findings. - KPA 4 – Cyber Awareness, Training, and Culture - Assist in coordinating phishing simulations and training campaigns. - Help distribute cybersecurity communications (e.g., tips, alerts). - Promote secure behaviors across staff through basic guidance. - Support onboarding security training for new employees. - KPA 5 – Clinic Onboarding and Operational Support - Assist senior analysts with clinic onboarding security tasks. - Support inventory collection (devices, users, systems). - Help validate baseline security controls during integrations. - Participate in remote or occasional on-site support activities. - KPA 6 – Learning & Continuous Improvement - Participate in cybersecurity projects and tool implementations. - Develop knowledge of security technologies and best practices. - Track and report basic metrics (e.g., ticket resolution, alert volumes). - Continuously improve technical and analytical skills. Qualifications - Associate or Bachelor’s degree in Information Technology, Cybersecurity, or related field (or equivalent experience). - High school education required. - 0–2 years of IT or cybersecurity-related experience. - Internship, lab, or hands-on training experience preferred. - CompTIA Security+ (or actively pursuing). - Other entry-level certifications (e.g., Network+, ISC2 CC). Requirements - Analytical & Problem-Solving: Applies foundational analysis to investigate alerts, review data, and identify issues; follows established processes with attention to detail and appropriate escalation. - Interpersonal Effectiveness: Communicates professionally, builds collaborative relationships, maintains confidentiality, and responds constructively to feedback. - Communication: Demonstrates clear written and verbal communication; documents incidents and findings effectively; conveys basic technical information to non-technical audiences. - Customer Focus & Organizational Awareness: Supports internal users and clinical staff with a service-oriented approach; aligns work with organizational priorities and healthcare standards. - Self-Management & Accountability: Manages time and priorities effectively; demonstrates reliability, initiative, and adaptability in a structured environment. - Adaptability: Thrives in a fast-paced, multi-site healthcare setting; manages competing priorities and collaborates across distributed teams. - Technical Proficiency: Proficient in Microsoft Office (Word, Excel, PowerPoint, Outlook); able to learn and utilize cybersecurity tools (e.g., SIEM, EDR, vulnerability scanners) with training. Benefits - Flexible hours - Ergonomic home office guidance - Communication software accessibility

Role Description The Security Analyst (Junior to Mid-Level) will support the development, implementation, and coordination of information security program efforts and related risk management activities across the company. This role involves working with cross-functional teams to ensure compliance with security standards, monitor threats, and support the organization’s overall security posture. The Security Analyst will assist in administering security tools, managing incidents, and ensuring compliance with frameworks such as NIST 800-171, CMMC, and other customer-specific requirements. - Administer and maintain security tools, including SIEM, endpoint protection, and vulnerability management platforms. - Monitor systems and networks for suspicious activity, unauthorized access, and potential threats. - Investigate and respond to security incidents, ensuring timely containment and resolution. - Conduct regular vulnerability scans and assessments, collaborating with teams to remediate findings. - Support the development and delivery of security awareness and training programs for employees. - Assist in evaluating software and tools for security risks and compliance with company policies. - Participate in cyber supply chain risk management efforts, including vendor assessments. - Maintain baseline configurations and inventory of system components. - Perform periodic access reviews to ensure compliance with least privilege principles. - Support remediation efforts for security controls identified as non-compliant. - Assist in preparing for third-party audits and assessments, ensuring compliance with NIST 800-171, CMMC, and other frameworks. - Collaborate with engineering and IT teams to implement secure system architectures and processes. Qualifications - 1-3 years of experience in a security analyst or related role. - Familiarity with security frameworks such as NIST 800-171, CMMC, NIST RMF, and NIST CSF. - Experience with security tools such as SIEM, vulnerability scanners, and endpoint protection platforms. - Strong understanding of security principles, including access control, incident response, and vulnerability management. - Excellent analytical and problem-solving skills. - Strong communication skills, both written and verbal. - Ability to obtain and maintain government security clearance. Requirements - BS or applicable experience in lieu of degree. - $81,000-$107,000. - Eligible for up to 10% annual bonus. Preferred Skills & Certifications - Certifications such as CompTIA Security+, or equivalent. - Experience with cloud security (AWS, Azure, or GCP). - Knowledge of scripting languages (e.g., Python, PowerShell) for automation. - Familiarity with regulatory requirements such as NISPOM, ITAR, and DFARS. Benefits - 9/80 schedule. - Healthcare (medical, dental, vision, prescription drugs). - Paid Maternity and Parental Leave. - 50% company match per contributed dollar into 401(k) savings plan, up to $11,500. - Tuition reimbursement. Company Description Stratolaunch is a technology accelerator that engineers operationally realistic testing at Mach 5+. Our air-launched, Talon testbeds are reusable, cost-effective platforms that enable routine access to the hypersonic environment. We deliver flight data critical to validating system performance and achieving rapid technology deployment. Together with our customers, we drive innovations that are imperative to advancing national security.

Role Description Everforth ECS is seeking a Cyber Security Analyst (Intern) to support the Secure Unclassified Network (SUNet) Enterprise Infrastructure Program. SUNet is a DoW-owned, contractor-managed platform that houses multiple U.S. Government Mission Partner Enclaves, each with a unique set of data, applications, and information systems /sub-systems that support the development of Artificial Intelligence / Machine Learning (AI/ML) algorithms. The Cyber Security Analyst (Intern) will work in a demanding, high-energy environment that requires innovative solutions to cyber, operational, programmatic, and business challenges. The Cyber Security Analyst (Intern) reports directly to the SUNet Cyber Security Manager. General responsibilities include: - Assisting in the implementation, management, and continuous improvement of the RMF process, ensuring compliance with applicable DoW standards, policies, and guidelines. - Collaborate with Cyber Security Team members and system owners to implement security controls, policies, and procedures. - Monitor and track the implementation of Security Technical Implementation Guides (STIGs). - Aid in reviewing and maintaining RMF documentation, including System Security Plans (SSPs), Security Assessment Reports (SARs), and Plans of Action and Milestones (POA&Ms). - Assisting with Atlassian Jira tickets. - Stay up-to-date with the latest cyber security threats, trends, and best practices to proactively improve the organization's security posture. - Provide short-term, high-priority project management support and coordination. - Other duties, as assigned. Qualifications - U.S. Citizen. - High school Diploma / GED. - Ability to obtain a DoW Secret security clearance. - DoW 8140 IAT Level II or higher certification (e.g., Security+); must be current/active or obtained within the internship period. - Coursework and/or professional/scholastic projects involving the use of cyber security tools and technologies. - Basic understanding of cybersecurity best practices, standards, and frameworks, including NIST and RMF. - Proficient in Microsoft Office tools and O365, including Word, PowerPoint, Excel, and Teams. - Strong planning, data collection, and analytical skills. - Strong problem-solving and decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate solution. - Highly developed interpersonal and oral/written communication skills, with the ability to effectively and professionally interact with a diverse set of stakeholders (from peers to end-users to executive management). - Ability to work in a fast-paced and challenging environment.