Security Engineer Remote Jobs in Illinois (US)
This page tracks remote security engineer openings that are location-eligible for Illinois.
This page tracks remote security engineer openings that are location-eligible for Illinois.
Open jobs
3,871
Hiring companies this week
9
Salary sample
$43 - $136,400
Jobs added last hour
0
3871 Jobs
1967 Companies
Zocdoc is the beginning of a better healthcare experience for millions of patients every month.
Our Mission Healthcare should work for patients, but it doesn’t. In their time of need, they call down outdated insurance directories. Then wait on hold. Then wait weeks for the privilege of a visit. Then wait in a room solely designed for waiting. Then wait for a surprise bill. In any other consumer industry, the companies delivering such a poor customer experience would not survive. But in healthcare, patients lack market power. Which means they are expected to accept the unacceptable. Zocdoc’s mission is to give power to the patient. To do that, we’ve built the leading healthcare marketplace that makes it easy to find and book in-person or virtual care in all 50 states, across +200 specialties and +12k insurance plans. By giving patients the ability to see and choose, we give them power. In doing so, we can make healthcare work like every other consumer sector, where businesses compete for customers, not the other way around. In time, this will drive quality up and prices down. We’re 18 years old and the leader in our space, but we are still just getting started. If you like solving important, complex problems alongside deeply thoughtful, driven, and collaborative teammates, read on. Your Impact to our Mission Zocdoc’s most important asset is our people. As an Application Security Engineer, you’ll play a meaningful role in helping our development organization build secure software with confidence. In this role, you’ll work closely with our Compliance, Security, and Engineering teams to support our secure software development lifecycle, strengthen application security governance, and help shape emerging AI governance guardrails across the business. You'll enjoy this role if you... - Personally motivated by helping teams build secure software and reduce risk before issues reach production. - Autonomous, urgent, and creative. You genuinely love turning security requirements into practical guidance for developers. - Highly collaborative and energized by partnering with engineering squads across the software development lifecycle. - Passionate about application security, secure coding, and improving how teams work within modern development environments. - A clear communicator who can make security concepts approachable and actionable for technical partners. - The kind of person who is excited by emerging technology trends, especially AI security risks and automated workflows. - Serious about your work, but not about yourself. Your day to day is... - Serving as an accessible point of contact for engineering squads, helping teams understand and follow secure development lifecycle guidelines. - Assisting developers in reviewing and interpreting alerts from static analysis and software composition analysis tools, including helping distinguish true vulnerabilities from false positives. - Providing clear, actionable guidance on remediating common application security vulnerabilities, including issues aligned to the OWASP Top 10. - Helping maintain internal security documentation, developer playbooks, and secure coding training materials so that compliance expectations are clear and achievable. - Supporting application security governance by tracking key security milestones and organizing technical evidence from repositories and deployment pipelines for compliance audits. - Monitoring application security metrics, including vulnerability patch timelines and policy exceptions, to support regular leadership reporting. - Working with cutting-edge GenAI tools and technology while supporting AI governance frameworks and helping ensure AI-enabled workflows align with privacy and security guardrails. You’ll be successful in this role if you have… - Meaningful experience in an information security role, software engineering position, or IT audit function with an application security focus. - A foundational understanding of software development processes and how security fits into agile environments. - Familiarity with code review concepts and comfort reading at least one major language used in cloud environments, such as Python, JavaScript, Go, or Java. - Basic exposure to cloud environments such as AWS, GCP, or Azure, along with an understanding of Git workflows. - A conceptual understanding of vulnerability categories and web application security standards. - An interest in emerging technology trends, especially AI security risks and automated workflows. - Required: the ability to integrate generative AI tools into daily workflows to automate tasks, foster innovation, and maximize productivity. - A degree in Computer Science, Cybersecurity, or a related technical field is preferred, though equivalent hands-on experience or certifications such as Security+, GSEC, or CEH are also highly valued. - Superb communication skills, humility, and a collaborative approach to supporting stakeholders across engineering and security. Benefits - Flexible work environment - Unlimited Vacation - 100% paid employee health benefit options (including medical, dental, and vision) - 401(k) with employer funded match - Corporate wellness program with Wellhub - Sabbatical leave (for employees with 5+ years of service) - Competitive paid parental leave and fertility/family planning reimbursement - Cell phone reimbursement - Employee Resource Groups and ZocClubs to promote shared community and belonging - Great Place to Work Certified Zocdoc is committed to fair and equitable compensation practices. Salary ranges are determined through alignment with market data. Base salary offered is determined by a number of factors including the candidate’s experience, qualifications, and skills. Certain positions are also eligible for variable pay and/or equity; your recruiter will discuss the full compensation package details. NYC Base Salary Range $100,000—$140,000 USD About us Zocdoc is the country’s leading digital health marketplace that helps patients easily find and book the care they need. Each month, millions of patients use our free service to find nearby, in-network providers, compare choices based on verified patient reviews, and instantly book in-person or video visits online. Providers participate in Zocdoc’s Marketplace to reach new patients to grow their practice, fill their last-minute openings, and deliver a better healthcare experience. Founded in 2007 with a mission to give power to the patient, our work each day in pursuit of that mission is guided by our six core values. Zocdoc is a private company backed by some of the world’s leading investors, and we believe we’re still only scratching the surface of what we plan to accomplish. Zocdoc is a mission-driven organization dedicated to building teams as diverse as the patients and providers we aim to serve. In the spirit of one of our core values - Together, Not Alone, we are a company that prides itself on being highly collaborative, and we believe that diverse perspectives, experiences and contributors make our community and our platform better. We’re an equal opportunity employer committed to providing employees with a work environment free of discrimination and harassment. Applicants are considered for employment regardless of race, color, ethnicity, ancestry, religion, national origin, gender, sex, gender identity, gender expression, sexual orientation, age, citizenship, marital or parental status, disability, veteran status, or any other class protected by applicable laws. Job Applicant Privacy Notice
Transforming cities through autonomous technology to create a safer, greener, more accessible world.
• Integrate security practices — threat modeling, architecture reviews into product development workflows from requirements through release. • Provide early security input on hardware, firmware, and software design decisions, including third-party and supply chain risk considerations. • Write, review, and validate security requirements across hardware and software domains; enforce secure coding standards and perform security analysis on main compute systems. • Assist with maintaining Software Bill of Materials (SBOM) and Hardware Bill of Materials (HBOM) using dedicated SBOM tooling to ensure component visibility, vulnerability tracking, and supply chain transparency across products. • Apply security lenses during safety and functional assessments in collaboration with safety, systems, and software teams. • Assist in proactive vulnerability patching and support secure update strategies using product security tooling for threat modeling and risk profiling. • Conduct hazard and threat analyses (TARA/HARA) early in the architecture and development lifecycle. • Analyze and harden the security architecture of vehicle subsystems and autonomous stacks; define system- and product-level security requirements and ensure validation coverage. • Assist senior level engineers with Ethernet, in-vehicle networking, and cloud interface configuration, including port security and network segmentation. • Maintain working knowledge of R155/156, ISO 21434 and UL 4600; support internal audits, risk assessments, and compliance documentation. • Engage with Auto-ISAC to track emerging threats, attack vectors, and industry best practices. • Work across teams such as cybersecurity, hardware, and product engineering — providing architectural security design feedback. • Assist with fostering a security-first culture across the organization through integrated best practices and awareness programs. • Perform additional responsibilities as directed by your manager.
• Serves as a cybersecurity Subject Matter Expert (SME) with regards to Assessment and Authorization (A&A) of information systems and all associated cybersecurity policies and procedures. • Performs a DOW cybersecurity process while either authorizing an information system or serving as a SME for an information system undergoing authorization. • Possess an understanding of how the security controls identified in the NIST 800-53 apply to the process of assessing and authorizing a large organization’s IT infrastructure such as DLA’s, in which there is a compilation of large and small enclaves, AIS applications and outsourced IT processes. • Determines the applicable severity value for an identified vulnerability (e.g., non-compliant security control), and determines the possible ramifications on the system’s current or future authorization. • Briefs senior management on the progress or results of an information system undergoing the Risk Management Framework (RMF) process.
Inspira Financial provides health, wealth, retirement, and benefits solutions that strengthen and simplify the health and wealth journey. With more than 7 million clients, representing over $62 billion in assets, Inspira works with thousands of employers, plan sponsors, recordkeepers, TPAs, and other institutional partners — helping the people they care about plan, save, and invest for a brighter future. Inspira relentlessly pursues better outcomes for all with our automatic rollover services, health savings accounts, emergency savings funds, custody services, and more. Learn more at inspirafinancial.com.
Role Description The Sr. Cloud Security Engineer (Sr. CSE) is a hybrid cloud and security engineering role responsible for the hands-on remediation of infrastructure and cloud vulnerabilities, ensuring cloud and infrastructure resources maintain compliance with established policies and Minimum Security Baselines (MSBs), and reporting the organization's current compliance posture. The Sr. CSE will partner with the Security team to define, author, and maintain cloud security policies, keeping pace with evolving industry trends and regulatory requirements. This role will also actively participate in audit activities, including evidence gathering, reporting, and cross-functional collaboration with Compliance, Legal, and IT teams. Duties & Responsibilities: - Vulnerability Remediation & Security Operations - Perform hands-on remediation of infrastructure and cloud vulnerabilities, driving issues to closure within established SLAs and policy requirements. - Operate and administer vulnerability management and cloud security posture management (CSPM/DSPM) tooling - managing scan coverage, remediating findings, and reporting on SLA adherence. - Identify, prioritize, and remediate cloud misconfigurations and security posture gaps across the organization's Azure subscriptions and infrastructure. - Implement and validate security controls across cloud-native services, IaaS, PaaS, and container-based workloads. - Maintain and enforce secure configurations across firewalls, network security components, application delivery infrastructure, and compute platforms in partnership with the Security Team. - Assist with privileged credential hygiene, certificate lifecycle, and secrets governance across the environment when needed. - Support the hardening of Windows and Linux server environments through configuration management and compliance-as-code practices. - Maintain awareness of known and emerging vulnerabilities across the full technology stack - cloud services, OS platforms, network components, and application runtimes. - Compliance, Policy & Reporting - Monitor and report the organization's compliance posture against established security policies, baselines, and regulatory frameworks. - Partner with the Security team to define, author, and maintain cloud and infrastructure security policies - keeping pace with evolving industry trends and regulatory requirements. - Review and update existing policies on a regular cadence to reflect changes in the cloud environment and threat landscape. - Produce accurate, timely compliance posture reports for leadership - covering baseline adherence, vulnerability SLA performance, and remediation progress. - Coordinate and assist in evidence collection and audit maintenance for internal and external organizational assessments, including regulatory audits and third-party risk reviews. - Respond to findings from audits, security questionnaires, and internal/external scanning or penetration testing. - CI/CD Pipeline & Infrastructure Security - Partner with Software Engineering and App Security teams to embed security into CI/CD pipelines and deployment workflows - including secret scanning, least-privilege deployment identities, and secrets management integration. - Review and advise on Infrastructure-as-Code (IaC) implementations from a security perspective, ensuring patterns align with security baselines and organizational standards. - Support secure configuration management across server and cloud environments. - Ensure PKI and certificate management practices are maintained across the environment - including TLS/SSL lifecycle, renewal processes, and certificate inventory. - Technical Leadership & Mentorship - Serve as an informal technical leader and security subject matter expert across Cloud Engineering, Platform Engineering, and adjacent teams. - Mentor engineers on security best practices, secure design patterns, and compliance requirements - elevating security competency across the department without direct people management responsibilities. - Contribute to architecture and design reviews, providing a security lens on cloud platform decisions in partnership with the Cloud Architect. - Cross-Team Collaboration - Cloud Engineering & Platform Engineering - consult on secure architecture, container platform hardening, network segmentation, and pipeline security practices. - Identity & Access Management (IAM) - partner on identity governance, privileged access management, and access control policy enforcement. - Incident Response / Vulnerability Management - collaborate with the Security Detection & Response team on vulnerability prioritization, SLA tracking, remediation coordination, and incident response activities. - Audits & Assessments - provide technical support for evidence gathering, compliance posture reporting, and audit response. - Application Development Teams - consult on security requirements for cloud-native application platforms, ensuring developer environments are built securely from the ground up. Qualifications - 10+ years of experience in cloud engineering, infrastructure, or security engineering - with demonstrated hands-on security work, not just advisory. - Bachelor's Degree in Computer Science, Software/Computing Engineering, Information Security, or related field - or equivalent experience. - Technical certifications preferred: AZ-500, SC-100, SC-200, AZ-104, or equivalent cloud/security certifications. - Experience working in regulated industries (Financial Services, Insurance, or Health-Tech preferred). - Familiarity with compliance frameworks: NIST, HIPAA, PCI and Minimum Security Baselines (MSBs). Requirements - Hands-on experience or significant exposure to the following services and concepts: - Cloud Platform - Azure. - Networking & Security: Virtual Networks (VNETs) and peering, NSGs, UDRs, Private Endpoints, Azure Firewall, Application Gateways (including WAF - OWASP ruleset configuration, Detection vs. Prevention mode), ExpressRoute, VPN Gateways, and Azure Bastion. - Compute & Containers: Virtual Machines, VM Scale Sets, AKS (Kubernetes), and Container App Environments - including cluster hardening, network policy enforcement, workload identity, and Azure Policy for Kubernetes. - Identity & Access: Active Directory (on-prem, hybrid Entra Connect sync), Microsoft Entra ID, Privileged Identity Management (PIM), Conditional Access policy design and enforcement, Azure RBAC (including custom role design), and Entra ID Protection. - Security & Compliance Tooling: Microsoft Sentinel, Microsoft Defender for Cloud (Defender for Containers, Defender for Servers, Defender CSPM), and Azure Policy. - Monitoring & Observability: Azure Monitor - KQL, alert rule configuration, log-based queries, and action group integrations; familiarity with Log Analytics Workspace architecture and log ingestion patterns at scale. - Secrets & Certificates: Azure Key Vault and Key Vault CSI Secrets Store driver for AKS. - Storage & Recovery: Storage Accounts, Backup Vault, and Azure Site Recovery. - Virtual Desktop: Azure Virtual Desktop (AVD). - Security Tooling - Rapid7 - vulnerability management and scanning (InsightVM or InsightIDR); scan configuration, reporting, and SLA tracking. - Wiz and/or Orca Security - CSPM/DSPM platform experience; cloud misconfiguration identification, prioritization, and remediation workflows. - Microsoft Sentinel - SIEM administration, analytics rule management, and data connector configuration; familiarity with security log feeds from edge and email security platforms preferred. - Microsoft Defender for Cloud - Defender plans (Servers, Containers, CSPM), agentless scanning, and security recommendation management. - Datadog - log management, infrastructure monitoring, and security-adjacent alerting. - Identity, Access & Privileged Access Management - Delinea Secret Server (Thycotic) - PAM administration, privileged credential vault management, and access policy configuration. - Active Directory + Entra ID - hybrid identity, Entra Connect sync, group policy (GPO), DNS, and DHCP administration. - Conditional Access, PIM, and RBAC - policy design, enforcement, and least-privilege access models at enterprise scale. - Microsoft Intune - device compliance enforcement as part of a Zero Trust security posture. - Certificate Management - PKI, TLS/SSL lifecycle management, certificate inventory, and renewal processes. - Network & Perimeter Security - Cloudflare (Enterprise) - CDN, WAF, DDoS protection, and DNS proxy configuration and management. - Network routing and VPN - hub-and-spoke topology, route tables, ExpressRoute, and VPN Gateway. - Cisco ASAv - virtual firewall configuration and management. - DNS, DHCP, and Group Policy - enterprise-scale administration in hybrid environments. - DevOps, IaC & Pipeline Security - Azure DevOps (ADO) - CI/CD pipeline security, build agent management, and secure pipeline design. - GitHub / GitLab - source control security, branch protection, secret scanning, and pipeline hardening. - Infrastructure-as-Code (IaC) - Terraform, ARM templates, or Bicep - with a security-first approach to cloud deployments. - CHEF - configuration management and compliance-as-code for server fleet hardening and baseline enforcement. - Endpoint & Server Platforms - Windows Server - administration, hardening, security baseline enforcement, and Group Policy management. - Linux Server - administration, hardening, and security baseline enforcement across enterprise server fleets. - Microsoft 365 Suite - Exchange, SharePoint, Teams, and Intune - security configuration and administration. - Frameworks & Compliance - Familiarity with NIST, HIPAA, and organizational Minimum Security Baselines (MSBs). - Understanding of Zero Trust architecture principles and how they apply across identity, network, and workload security. - Familiarity with PCI-DSS scoped environment security requirements preferred. - Experience operating in regulated industries (Financial Services, Insurance, or Health-Tech). - Experience with or exposure to the following developer runtimes and technologies is a plus, as this role will consult on security posture within environments built on: ASP.NET, .NET, Java (JBoss / Hibernate / JMS), gRPC, Redis, SQL Server.
Relevant, scalable, and blazing-fast search and discovery experiences
• Design and automate controls, detection mechanisms, and tooling to improve the Information Security of Algolia’s infrastructure and products • Research, evaluate, and recommend new Information Security technologies, techniques, and frameworks • Design, implement, and maintain information security monitoring and remediation systems that move the needle in protecting Algolia’s customers’ data, and protecting Algolia’s systems and data • Partner with engineering and product teams to integrate Information Security into new features, systems, and development pipelines • Contribute to improving Information Security standards, processes, and best practices across the company • Conduct Information Security risk assessments and threat models of core systems, services, and third-party vendors (this does not include answering customer third-party risk assessment questionnaires). • Participate in and sometimes lead Information Security incident response activities and post-incident analysis • Support ongoing and emerging Information Security and compliance initiatives (e.g., SOC 2, Type II, ISO 27001, C5, GDPR) • Manage and enhance Algolia’s public bug bounty and vulnerability disclosure programs
Role Description The Senior Cyber Resiliency Engineer develops and supports technical capabilities that strengthen incident response and cyber resiliency across the enterprise. Areas of concentration include: - Alert triage - Technical analysis - Incident investigation - Threat identification - Containment - SIEM and EDR platforms - Security monitoring - Exposure management Assist in the development and implementation of cybersecurity procedures, playbooks and standards. Identify inadequacies and propose solutions to improve the organization's ability to detect, analyze, contain and recover from cybersecurity incidents. The Senior Cyber Resiliency Engineer will also mentor team members, assist with projects, and maintain technical documentation. Qualifications - Certifications: [Not specified] - Education: Bachelor's Degree in a Related Field - Experience in lieu of education: [Not specified] Requirements - Works with the SOC to monitor alerts, analyze suspicious activity, and investigate cybersecurity incidents. - Provides incident response to security threats, with emphasis on identification, scoping, containment, and technical response coordination. - Performs technical investigations using endpoint, network, identity, cloud and log data to determine root cause and affected systems. - Assists in the development and maintenance of SIEM, EDR, alerting, detection content and response procedures. - Evaluates and supports cybersecurity tools and technical capabilities that strengthen incident detection and containment. - Partners with infrastructure, application, exposure management and other IT teams to identify and remediate security gaps. - Documents investigative findings, incident actions, evidence and improvement opportunities. - Participates in tabletop exercises, incident simulations and technical validation activities to improve response readiness. - Works closely with legal, compliance, privacy and other departments to support coordinated incident management activities. - Monitors emerging threats, vulnerabilities and threat intelligence, and recommends improvements to detection and response capabilities. - Mentors team members on incident response procedures, investigations, security tools and documentation. Benefits - The compensation range for this position is $43.07 per hour - $74.08 per hour. - Comprehensive benefits package for team members and providers. Company Description At Carle Health, we're committed to fostering a workplace where every team member feels valued, respected and empowered, where passion and purpose come together to positively impact the lives of our patients and our communities. - Nearly 17,000 team members and providers support patient care across central and southeastern Illinois. - Includes eight award-winning hospitals and a multispecialty provider group with more than 1,500 doctors and advanced practice providers. - Developing the next generation of providers and healthcare professionals through Carle Illinois College of Medicine. - Holds Magnet® designations for nursing care at several hospitals. - Opportunities in several communities throughout central Illinois with potential for growth and life-long careers.
Q2IMPACT is a data- and AI-first organization known for delivering innovative, customized solutions in monitoring, evaluation, learning, digital transformation, and performance management for government, security, and development partners. Drawing on deep expertise in advanced analytics, digital platforms, and AI, we help clients solve their most complex data, knowledge management, and operational challenges. Our collaborative culture values curiosity, partnership, and technical excellence.
Role Description The Data Governance Lead is responsible for establishing and managing the enterprise data governance framework supporting a Department of Defense (DoD) Security Cooperation platform. This role ensures that data across Security Cooperation programs—including Foreign Military Sales (FMS), Building Partner Capacity (BPC), Institutional Capacity Building (ICB), International Military Education and Training (IMET), Humanitarian Assistance, and Security Cooperation workforce development—is trusted, secure, discoverable, and actionable. The Data Governance Lead will develop governance policies, data standards, metadata management, taxonomy, master data management, and lifecycle processes that enable secure information sharing, artificial intelligence (AI), advanced analytics, and enterprise knowledge management. Working across functional and technical teams, the incumbent will facilitate governance councils, promote data stewardship, and ensure compliance with DoD cybersecurity, records management, and data strategy requirements. This position plays a critical role in transforming fragmented information into a strategic enterprise asset that supports decision-making, operational readiness, partner nation engagement, and institutional learning across the Security Cooperation enterprise. Qualifications - Bachelor's degree in Information Management, Data Science, Information Systems, Computer Science, Public Administration, or related field. - Minimum 10 years of experience in enterprise data management, governance, or information management. - Minimum 5 years supporting Department of Defense or Federal Government programs. - Experience establishing enterprise data governance programs. - Experience facilitating governance councils or executive working groups. - Active Secret Security Clearance. - U.S. Citizenship required. Requirements - Experience with Data Governance frameworks. - Data stewardship and metadata management. - Data quality management and master data management (MDM). - Information lifecycle management and business glossaries. - Knowledge of DoD Data Strategy and Digital Modernization Strategy. - Familiarity with AWS cloud services and Microsoft Purview. Benefits - Competitive salary and benefits package. - Opportunities for professional development and training. - Supportive work environment with a focus on collaboration. Success Measures - Establishing a sustainable enterprise Data Governance Program adopted across Security Cooperation organizations. - Improving data quality, consistency, and trust through measurable governance metrics. - Implementing standardized metadata and taxonomy that significantly enhance information discoverability. - Enabling AI-ready data and knowledge assets that support advanced search, analytics, and decision support. - Increasing reuse of institutional knowledge through improved governance and content lifecycle management. - Reducing duplicate, obsolete, and conflicting information across enterprise repositories. - Achieving compliance with DoD data governance, records management, and cybersecurity requirements. - Building an active network of data stewards who sustain governance practices across the enterprise. Work Environment The Data Governance Lead operates at the intersection of mission operations, enterprise technology, and organizational governance. This position requires collaboration with senior defense leaders, Security Cooperation practitioners, data architects, cybersecurity professionals, instructional designers, and knowledge management specialists to ensure that enterprise data is managed as a strategic asset. The role is central to enabling data-informed decision-making, AI-enabled knowledge discovery, and enterprise interoperability across the Security Cooperation community while supporting the Department of Defense's broader digital modernization objectives.
Q2IMPACT is a data- and AI-first organization known for delivering innovative, customized solutions in monitoring, evaluation, learning, digital transformation, and performance management for government, security, and development partners. Drawing on deep expertise in advanced analytics, digital platforms, and AI, we help clients solve their most complex data, knowledge management, and operational challenges. Our collaborative culture values curiosity, partnership, and technical excellence.
Role Description The Change Management Lead supports the successful adoption of a Department of Defense (DoD) Security Cooperation digital platform by planning and executing organizational change management (OCM) activities that prepare users, stakeholders, and leadership for new technologies, processes, and ways of working. Working under the guidance of senior program leadership, the Change Management Lead develops communication strategies, stakeholder engagement plans, training support, and adoption metrics to ensure the platform is embraced across the Security Cooperation enterprise. The role serves as a bridge between technical development teams and end users, helping to translate complex system capabilities into practical, mission-focused benefits. This position is well suited for a mid-level professional with experience in organizational change, communications, training, or user adoption who is looking to expand their expertise in federal digital transformation and Security Cooperation. Qualifications - Bachelor's degree in Organizational Development, Communications, Business Administration, Public Administration, Education, Psychology, Human Resources, or a related field. - 3–6 years of experience supporting organizational change management, communications, training, project management, or digital transformation initiatives. - Experience supporting federal government, Department of Defense, or other large organizations is preferred. - Active Secret Security Clearance or ability to obtain and maintain one. - U.S. Citizenship required. Requirements - Understanding of change management principles and methodologies. - Experience supporting organizational transformation initiatives. - Ability to assess stakeholder needs and organizational impacts. - Strong planning and organizational skills. - Experience developing executive communications, user communications, training announcements, newsletters, FAQs, job aids, and presentation materials. - Experience supporting instructor-led training, virtual training, user onboarding, training coordination, and learning resource development. - Experience using tools such as Microsoft 365, SharePoint Online, Microsoft Teams, PowerPoint, Excel, Word, and survey tools (Microsoft Forms, SurveyMonkey, etc.). Benefits - Supporting successful rollout of new platform capabilities with minimal disruption to users. - Increasing user awareness, engagement, and adoption through effective communications and training. - Delivering high-quality communication products and user enablement materials on schedule. - Maintaining positive relationships with stakeholders across the Security Cooperation community. - Collecting actionable user feedback that informs future platform enhancements. - Contributing to measurable improvements in user satisfaction, platform utilization, and organizational readiness. - Supporting continuous improvement of change management processes and tools. Work Environment The Change Management Lead works as part of a multidisciplinary digital transformation team supporting the modernization of Security Cooperation capabilities across the Department of Defense. The role involves regular collaboration with government stakeholders, technical teams, trainers, and program leadership to ensure that new technologies are successfully adopted and deliver meaningful operational value. This position is ideal for an early- to mid-career professional who enjoys working with people, communicating complex ideas clearly, and helping organizations navigate change. It offers opportunities to grow into more senior organizational change, program management, or digital transformation leadership roles while contributing to mission-critical modernization efforts.
Role Description Ajaia is hiring a Director of IT & Security to own the full scope of internal IT operations, information security, and compliance across a multi-cloud, multi-country organization. This is a hands-on leadership role. You will build and maintain the systems, policies, and infrastructure that keep the company running securely while driving automation wherever possible. - Own internal IT (devices, access, onboarding) - Manage security posture (policies, monitoring, incident response) - Oversee compliance (HIPAA, SOC 2, vendor risk) - Utilize AI tools to automate routine operations, improve monitoring, and accelerate output - Start as an individual contributor with potential to build a small team as the company scales - Use AI in daily workflows across research, ideation, drafting, design iteration, quality checks, and delivery acceleration Qualifications - Bachelor's degree in Information Technology, Computer Science, Cybersecurity, or equivalent experience - 8+ years of experience in one or more of the following areas: - IT operations and infrastructure management - Information security and security operations - Cloud administration and security (GCP, Azure, or multi-cloud environments) - Compliance and audit management (HIPAA, SOC 2, or similar frameworks) - Hands-on experience managing multi-cloud environments (GCP and Azure required) - Working knowledge of HIPAA and SOC 2 compliance, including direct experience preparing for or managing external audits - Experience building and enforcing security policies, access controls, and incident response procedures - Strong understanding of identity management (SSO, MFA, RBAC), endpoint management, and network security fundamentals - Proficiency with AI tools and a working practice of using automation to reduce operational burden - Excellent documentation and communication skills with the ability to translate security concepts for non-technical stakeholders - Comfortable working autonomously in a fast-paced, fully remote, distributed environment Requirements - Relevant certifications: CISSP, CISM, CCSP, CompTIA Security+, or equivalent - Experience with DevSecOps practices, CI/CD pipeline security, or infrastructure-as-code (Terraform, Pulumi, or similar) - Background in vendor risk management and third-party security assessments - Experience supporting healthcare or financial services clients with regulated data requirements - Familiarity with GDPR, DPDPA, or other regional data protection frameworks - Experience with GRC platforms such as Vanta, Drata, or similar tools - Experience with SIEM platforms, vulnerability management tools, or penetration testing coordination Benefits - Base salary: Approximately $35,000 USD per year (calibrated for target regions) - Performance bonus: Opportunity to earn up to 100% of base salary in performance-based bonuses - Salary and total compensation depend on experience, location, and demonstrated performance during the hiring process
Role Description We are seeking a highly qualified CMMC Compliance Specialist to serve as a trusted compliance advisor for Department of Defense contractors. In this role, you will function as a virtual Compliance Officer for assigned clients, helping them build, maintain, and continuously improve their cybersecurity compliance programs. You will guide organizations through every phase of the compliance lifecycle—from initial gap assessments and remediation planning to audit readiness and ongoing compliance management—while providing strategic guidance on CMMC, NIST SP 800-171, DFARS, and related federal cybersecurity requirements. Primary Responsibilities - Compliance Consulting - Serve as the designated compliance advisor for assigned client organizations. - Interpret and apply: - NIST SP 800-171 - DFARS 252.204-7012 - CMMC 2.0 Level 1 & Level 2 requirements - SPRS scoring and submissions - Guide clients through gap assessments, remediation planning, implementation, and certification readiness. - Assist clients with developing and maintaining: - System Security Plans (SSPs) - Plans of Action & Milestones (POA&Ms) - Security policies and procedures - Compliance documentation and evidence - Client Success & Advisory - Conduct recurring compliance strategy meetings with clients. - Review implementation progress and validate remediation efforts. - Serve as the primary compliance contact throughout the client engagement. - Translate complex regulatory requirements into practical business and technical recommendations. - Collaborate with client leadership, IT teams, and security personnel to implement compliant solutions. - Support clients before, during, and after assessments. - Documentation & Reporting - Prepare professional assessment reports and executive summaries. - Maintain accurate compliance documentation and audit evidence. - Track compliance milestones and client deliverables. - Ensure documentation aligns with federal requirements and industry best practices. - Training & Education - Deliver cybersecurity awareness and compliance training for client personnel. - Educate organizations on evolving CMMC and NIST requirements. - Help clients understand how cybersecurity controls support their business operations. - Ongoing Compliance Management - Conduct monthly compliance reviews. - Monitor regulatory updates affecting Department of Defense contractors. - Assist clients with annual self-assessments and SPRS submissions. - Support audit readiness initiatives. - Coordinate with C3PAOs, government auditors, and other stakeholders as necessary. Qualifications - Current CMMC Certified Practitioner (CP) certification or higher - Ability to obtain CMMC CCP or CCA within 90 days if not already certified - 3+ years of experience in cybersecurity, information assurance, risk management, or compliance - Experience working with: - NIST SP 800-171 - DFARS 252.204-7012 - CMMC - Experience supporting Department of Defense contractors or federal compliance programs - Strong written and verbal communication skills - Ability to manage multiple client engagements simultaneously - Excellent organizational and project management skills Preferred Qualifications - CMMC CCP (OK If In Progress) - CMMC CCA (OK If In Progress) - Security+ - Experience working within a Managed Service Provider (MSP) - Experience serving as a vCISO or virtual Compliance Officer - Experience with vulnerability assessments, risk assessments, and security audits - Understanding of federal contracting regulations and Controlled Unclassified Information (CUI) - Familiarity with common compliance tracking platforms, ticketing systems, and remote collaboration tools Technical Knowledge - Strong knowledge of: - NIST SP 800-171 - CMMC 2.0 - DFARS cybersecurity requirements - Risk Management Frameworks - Security policies and governance - Security documentation - Risk assessments - Cybersecurity best practices - Microsoft Government Cloud (GCC/GCC High) environments (preferred) What We're Looking For - Enjoys solving complex compliance challenges. - Can confidently explain technical concepts to executive leadership. - Builds trusted relationships with clients. - Is highly organized and detail-oriented. - Thrives in a fast-paced consulting environment. - Is passionate about helping organizations improve their cybersecurity posture. Benefits - Competitive salary - Comprehensive medical, dental, and vision insurance - Company-paid Life Insurance - Company-paid Short-Term & Long-Term Disability - SIMPLE IRA retirement plan with company match - 128 hours of Paid Time Off - Paid industry certifications and continuing education - Professional development assistance - Referral bonus program - Legal services benefit - Performance bonus opportunities - Free office snacks - Outstanding team culture - Opportunity for long-term career advancement within one of the nation's premier defense cybersecurity organizations Travel Up to 25% travel may be required. Equal Opportunity Employer On Call Computer Solutions is proud to be an Equal Opportunity Employer. We celebrate diversity and are committed to creating an inclusive workplace where every employee has the opportunity to succeed.
3,861more opportunities are still waiting for you.Log in now and take your next shot before someone else does.
Cloud, Azure, Observability/Monitoring, SIEM, Cyber Security, CI/CD