• Own and evolve the application security capability across the full software development lifecycle • Embed secure-by-design principles • Reduce risk exposure and strengthen cyber resilience across modern, cloud, and API-driven environments • Work at the intersection of security, engineering, and business teams • Ensure application risks are clearly understood, prioritised, and effectively managed

Role Description Gemeinsam mit unserem Partner, einem international tätigen Industrieunternehmen, suchen wir im Zuge des weiteren Ausbaus des IT-Security-Teams einen Firewall Specialist (m/w/d) für verschiedene Standorte in Deutschland oder komplett remote aus dem Homeoffice. In dieser Rolle übernimmst du eine zentrale Funktion bei der Sicherstellung und Weiterentwicklung einer modernen Netzwerk- und Sicherheitsinfrastruktur. Dabei arbeitest du in einem technologisch anspruchsvollen Umfeld mit Fokus auf Palo Alto Firewalls, Netzwerk-Security und konzernweite Sicherheitsstandards. - Gestaltung des sicheren Betriebs und der Weiterentwicklung der konzernweiten Netzwerk- und Firewall-Infrastruktur im Palo-Alto-Umfeld - Betreuung geschäftskritischer IT- und OT-Umgebungen und aktive Mitwirkung an der Weiterentwicklung der Sicherheitsarchitektur - Umsetzung spannender Projekte rund um die Harmonisierung und Automatisierung der gruppenweiten Firewall-Architektur und Netzwerk-Security - Analyse und Bearbeitung von Security Incidents, Service Requests und Kundenanforderungen im Bereich Netzwerk- und Firewall-Infrastruktur - Übernahme von Verantwortung für Patchmanagement, Lifecycle-Management und kontinuierliche Optimierung der bestehenden Security-Infrastruktur - Enge Zusammenarbeit mit internen Fachbereichen und Unterstützung des Teams im operativen Betrieb Qualifications - Abgeschlossene Ausbildung/ein Studium im IT-Bereich oder eine vergleichbare Qualifikation; alternativ langjährige relevante Berufserfahrung - Mindestens zwei Jahre Erfahrung im Bereich Firewall, Netzwerk und Netzwerk-Security - Fundierte Praxiserfahrung in der Betreuung von Firewalls, idealerweise in Palo Alto inkl. Prisma Access sowie weiteren Palo Alto-Produkten - Gute Kenntnisse in Windows- und Linux-Betriebssystemen sowie im Betrieb komplexer IT-Infrastrukturen - Analytisch, strukturiert und eigenverantwortlich; souveräner Umgang mit anspruchsvollen oder zeitkritischen Situationen - Sichere Kommunikation auf Deutsch und Englisch Benefits - Modernes Arbeitsumfeld mit flexiblen Arbeitszeiten und mobilem Arbeiten bis hin zu nahezu vollständiger Remote-Arbeit - 30 Tage Urlaub sowie Urlaubs- und Weihnachtsgeld - Aktive Unterstützung deiner persönlichen und fachlichen Weiterentwicklung - Vorsorgeleistungen, Corporate Benefits, Bike Leasing sowie kostenlose Parkplätze und gute Verkehrsanbindung - Bezuschusste Betriebskantine sowie regionale Angebote zur Kinderferienbetreuung je nach Standort Company Description traze ist eine spezialisierte Recruiting-Boutique mit Fokus auf das Salesforce-Ökosystem und angrenzende Technologien. Wir verbinden langjährige Beratungserfahrung mit exzellentem Recruiting-Know-how und schaffen so einen innovativen, persönlichen Ansatz für die Vermittlung von Fach- und Führungskräften.

Role Description We are looking for an experienced Cybersecurity IT Auditor for our regional banking client on a project basis. This contract role will run through August 31st. - Support IT audit engagements by evaluating the design and operating effectiveness of cybersecurity and ITGC controls - Perform control testing across areas such as access, change management, and cybersecurity frameworks - Conduct stakeholder interviews to understand processes, risks, and control environments - Document workpapers and contribute to audit findings and final reporting Qualifications - Bachelor’s degree or higher in accounting, finance, or other related fields - Professional certification (e.g., CISA, CIA, CISSP, CPA, etc.) is a plus - 5+ years of relevant Cybersecurity IT Audit experience - Qualified applicants must reside in the continental U.S. - Must be legally authorized to work in the United States now and in the future - Verification of employment eligibility will be required at the time of hire - Visa sponsorship is not available for this position Benefits - Total compensation and benefits consist of salary, group health plan benefits, 401(K), profit-sharing contributions, flexible time off, and parental leave

Title: AWS Cloud Security and ICAM Specialist Job Description: Responsibilities for this Position Location: Any Location / Remote Full Part/Time: Full time Job Req: RQ220978 Type of Requisition: Regular Clearance Level Must Currently Possess: None Clearance Level Must Be Able to Obtain: None Public Trust/Other Required: BI Full 6C (T4) Job Family: IT Infrastructure and Operations Job Qualifications: Skills: Access Management, Identity Governance, Secure Authentication Certifications: None Experience: 10 + years of related experience US Citizenship Required: No Job Description: The AWS Cloud Security and ICAM Specialist supports the Case Management Modernization (CMM) Program for the Administrative Office of the U.S. Courts (AO) by designing, implementing, and managing secure authentication and authorization frameworks across modernized cloud-based applications. This role ensures compliance with federal identity governance, FedRAMP, and Zero Trust Architecture (ZTA) principles within an AWS environment. The ICAM Specialist collaborates with architecture, security, and DevSecOps teams to ensure access control, identity federation, and credential management are integrated seamlessly across all layers of the CMM application ecosystem. Key Responsibilities: - Design and maintain the ICAM architecture for identity, access, and authentication management across AWS-hosted CMM applications and other legacy ICAM - Implement federated identity and single sign-on (SSO) solutions using modern protocols (SAML, OAuth2.0, OIDC) - Collaborate with Cloud and Security Architects to enforce Zero Trust Architecture (ZTA) across microservices and APIs - Configure and maintain directory services and identity providers (e.g., AWS Cognito, AWS IAM Identity Center, Azure AD, IBM Verify , Key Cloak) - Deep experience integrating KeyCloak as a broker IdP federating upstream enterprise IdPs while issuing downstream OIDC token to application - Design ICAM brokerage solutions and support compliance assessments, ensuring adherence to FISMA, NIST 800-63, and FedRAMP security controls - Develop and document identity lifecycle management processes-provisioning, deprovisioning, and access reviews - Design and implement least privileged roles, groups, functionalities based on ZTA for both privileged and non-privileged users for a FedRAMP High system - Experience defining workflow, rules, policies within ICAM tools particularly IBM Verify and Key Cloak - Conduct access audits, user entitlement reviews, and anomaly detection to ensure least-privilege compliance - Provide subject matter expertise in identity federation, PKI, certificate management, and secure API authorization - Design strategies for logging, monitoring and auditing authentication and authorization related events in combination with other AWS event logs - Design and implement storage level, microservice level Authentication and Authorization - Support ATO process by providing solutions to all security controls, document implementation plan, maintain Visio diagrams - Participate in design sessions and work closely with the security lead - Collaborate with DevSecOps teams to embed ICAM policies within CI/CD pipelines and Infrastructure-as-Code (IaC) templates - Direct and lead Pen testing, Review architecture diagrams produced by different teams - Independently lead design and implement of vulnerability management - Heavily participate in ATO activity - Lead and direct engineering team Deliverable Alignment & Performance Outcomes: - Architecture Diagrams: Depicting identity flow, federation, and integration points with AWS and CMM systems - Access Control Documentation: Policies, RBAC models, and credential management workflows - Compliance Verification Reports: Audit results aligned to NIST 800-63, FedRAMP, and FISMA standards - Zero Trust Implementation Artifacts: Documentation and verification of ZTA enforcement within system components - Performance Outcomes: - 100% of CMM applications integrated with SSO and MFA. - Zero unauthorized access incidents attributable to configuration error - 100% compliance with NIST and FedRAMP ICAM control requirements - Reduced account provisioning time by 30% through automation Tools & Technologies: - IAM & Federation: Key Cloak, Okta - Access & Compliance: SailPoint, CyberArk, HashiCorp Vault - Cloud: AWS IAM, KMS, CloudTrail, Lambda - Protocols: SAML, OAuth2.0, OIDC, SCIM - Monitoring & Audit: Splunk - Collaboration: Jira, Confluence, SharePoint, MS Teams Required Skills & Experience: - Education: Bachelor's Degree in Cybersecurity, Information Systems, or related discipline required; Master's Degree preferred - Experience: 10+ years of experience in identity and access management, including 8+ years in cloud-based federal environmentsrequired; 12+ years of experience in information systems preferred - Hands-on experience with Key Cloak and AWS IAM Identity Center for SSO and MFA implementations. (IBM Verify a plus) - Strong knowledge of identity federation protocols (SAML, OAuth2.0, OIDC, SCIM) and modern authentication flows - Expertise with RBAC/ABAC frameworks, policy-based access control, and least-privilege enforcement - Familiarity with NIST 800-63, FISMA, FedRAMP, and ZTA standards and compliance frameworks - Experience implementing ICAM solutions in Agile and DevSecOps environments - Working knowledge of PKI, digital certificates, and encryption technologies - Strong analytical and troubleshooting skills with ability to resolve identity integration issues - Experience with AWS Container Security and Network Security (preferred, not required) - Expert in designing logging and monitoring system by correlating events from several AWS and ICAM system - Experience supporting federal digital modernization or judiciary IT programs. - Familiarity with Zero Trust Architecture and micro segmentation principles - Exposure to API gateway authentication (Kong, Apigee, AWS API Gateway). - Experience integrating identity governance tools (SailPoint, Saviynt). - Excellent presentation and communication skills - Consultant mindset with the ability to work with high level customer stakeholders and build excellent customer relationship - Experience identifying and applying industry tools, solutions, methods best practices, and emerging technologies - Strong analytical skills and problem-solving skills with the ability to formulate and communicate recommendations for improvement - Demonstrated ability to work effectively, independently, and as part of a team Certification(s): - Certified Information Systems Security Professional (CISSP) - preferred - AWS Certified Security - Specialty or Azure Identity & Access Administrator - preferred - Certified Identity and Access Manager (CIAM) or Certified Identity Professional (CIP) - beneficial - SAFe Practitioner (SPC/SSM) - a plus Security Clearance Level: Ability to pass a background check to obtain and maintain a position of Public Trust with the Administrative Office of the US Courts. Must be a US Person (Green Card Holder, US Permanent Resident Alien, Refugee, Asylee, US Citizen). Location: Remote GDIT IS YOUR PLACE At GDIT, the mission is our purpose, and our people are at the center of everything we do. - Growth: AI-powered career tool that identifies career steps and learning opportunities - Support: An internal mobility team focused on helping you achieve your career goals - Rewards: Comprehensive benefits and wellness packages, 401K with company match, and competitive pay and paid time off - Community: Award-winning culture of innovation and a military-friendly workplace OWN YOUR OPPORTUNITY Explore an enterprise IT career at GDIT and you'll find endless opportunities to grow alongside colleagues who share your desire to drive operations forward. The likely salary range for this position is $153,000 - $207,000. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range. Scheduled Weekly Hours: 40 Travel Required: Less than 10% Telecommuting Options: Remote Work Location: Any Location / Remote Additional Work Locations: Total Rewards at GDIT: Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. GDIT typically provides new employees with 15 days of paid leave per calendar year to be used for vacations, personal business, and illness and an additional 10 paid holidays per year. Paid leave and paid holidays are prorated based on the employee's date of hire. The GDIT Paid Family Leave program provides a total of up to 160 hours of paid leave in a rolling 12 month period for eligible employees. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most. We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 26,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 50 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.