Security Analyst Salary in Boston, MA

About Us: As a not-for-profit organization, Mass General Brigham is committed to supporting patient care, research, teaching, and service to the community by leading innovation across our system. Founded by Brigham and Women's Hospital and Massachusetts General Hospital, Mass General Brigham supports a complete continuum of care including community and specialty hospitals, a managed care organization, a physician network, community health centers, home care and other health-related entities. Several of our hospitals are teaching affiliates of Harvard Medical School, and our system is a national leader in biomedical research.We're focused on a people-first culture for our system's patients and our professional family. That's why we provide our employees with more ways to achieve their potential. Mass General Brigham is committed to aligning our employees' personal aspirations with projects that match their capabilities and creating a culture that empowers our managers to become trusted mentors. We support each member of our team to own their personal development-and we recognize success at every step.Our employees use the Mass General Brigham values to govern decisions, actions and behaviors. These values guide how we get our work done: Patients, Affordability, Accountability & Service Commitment, Decisiveness, Innovation & Thoughtful Risk; and how we treat each other: Diversity & Inclusion, Integrity & Respect, Learning, Continuous Improvement & Personal Growth, Teamwork & Collaboration.The Opportunity:At Mass General Brigham Digital, we pride ourselves on our ability to create maximum strategic, clinical, and operational value from established and emergent technologies for our patients, care teams, researchers, and employees. Digital health will not only enhance the equity and efficiency of healthcare delivery, but it will also help make medicine more personalized and precise. This Applications Analyst II position reports into IS Strategic Planning & Performance (SPP) at Dana-Farber Cancer Institute (DFCI). The Collaboration & Productivity Tools (CPT) team within SPP supports a suite of tools that evolve with the needs of DFCI to work more efficiently. In this role, the incumbent will be responsible for evaluating, implementing, and optimizing collaboration and productivity tools to enhance organizational efficiency and teamwork. The ideal candidate will have a strong understanding of various collaboration platforms, low-code solutions, system administration utilities, project management tools, and business productivity applications.The analyst will serve as a key institutional resource for gathering business needs and understanding collaboration tool functionality and limitations to help teams apply the best solutions for productivity and efficiency. The analyst will help manage the catalog of collaboration tools supported by DFCI Information Services (IS), working in conjunction with applicable MGB resources. They will be proficient in numerous tools; analyze user requirements, data, and workflows; and provide consultative guidance to IS staff and DFCI business users.Principal Duties and Responsibilities: • Works with SPP leadership and CPT team members to maintain an overall tools strategy for DFCI. Includes coordination with DFCI IS colleagues, MGB partners, and vendors.• Analyzes business needs to help determine best solutions for DFCI constituents at the team, department, or enterprise level in areas benefitting from digital solutions. Customizes and configures tools to align with business processes and optimize workflow efficiencies.• Consults, designs, develops, implements, administers, and trains on collaboration tools. Integrates tools with existing systems and applications. Communicates progress to stakeholders. Reports status, metrics, and issues to leadership. Oversee deployment process, ensuring a smooth transition and user adoption.• Supports numerous collaboration and productivity tools at agreed-upon levels. Fully supported tools may require extensive project work, system planning/enhancements, and regular training. Other tools may be supported at lighter levels and include account provisioning, license management, troubleshooting, vendor communications, and ad hoc training. Tools include but are not limited to Quickbase, Smartsheet, SurveyMonkey, Panopto, LinkedIn Learning, storage applications, and the Microsoft 365 suite expanded applications, including SharePoint, Teams, Forms, Power Apps, and others. • Collaborates with CPT staff, leadership, training specialists, DFCI Communications, Information Security, and other applicable staff to promote the use of approved tools to departments and across the institute as appropriate.• Assists SPP management with work requests as well as prioritization process and pipeline for user inquiries and resulting work and projects. This process determines whether to take on work, assign to others, or create a project team led by a PMO PM. • Teams with training staff, analysts, administrators, and support personnel who are assigned to work on collaboration and productivity solutions. Works closely with training specialists in determining education needs and best learning assets to create and deliver for each supported tool. • Participates in ongoing risk management in both new and established tools. Particular attention to data security and InfoSec policies and procedures.• Partners with vendors, such as Microsoft, to determine use cases and best practices for deploying solutions within our tenant. Networks with relevant DFCI and MGB resources to ensure quality of tools and adhere to current policies and practices.• Keeps abreast of new technologies and trends in the industry by reading, researching, networking, testing, and attending training/workshops/conferences to determine opportunities for DFCI.• Evaluates the use and effectiveness of tools, as well as that of associated training and communications, using metrics to promote continual improvement.• Uses the Mass General Brigham values to govern decisions, actions and behaviors. These values guide how we get our work done: Patients, Affordability, Accountability & Service Commitment, Decisiveness, Innovation & Thoughtful Risk; and how we treat each other: Diversity & Inclusion, Integrity & Respect, Learning, Continuous Improvement & Personal Growth, Teamwork & Collaboration.• May require occasional after hours and weekend work to perform tasks that cannot be done during standard business hours.• Other duties as assigned.Qualifications • Bachelor's Degree required in information technology, computers science, or related field, or equivalent combination of education and proven work experience.• 5+ years' experience as an applications analyst, system/network administrator, or similar supporting constituents across an enterprise. • Proficiency in developing, configuring, administering, training, and supporting software tools. • Understanding the application and support of technology from a project management and business operations perspective.• A combination of education and experience may be substituted for requirements.Skills/Abilities/Competencies: • Competent in using client-based and cloud-based tools information systems, tools, and software utilities within various infrastructure and web browser frameworks in Windows and Mac environments, including content management systems, storage utilities, Microsoft 365, and development and/or database tools. Propensity to assess and learn new tools.• Demonstrated analytical, critical thinking, and problem-solving skills• Needs-analysis approaches in gathering requirements and brainstorming solutions. Aptitude to effectively translate business requirements to functional requirements. • Commitment to advancing productivity through the use and education of technology.• Effective collaboration with all levels of personnel within the DFCI and MGB communities, including executives across various disciplines, technical and non-technical colleagues, and training specialists.• Self-motivated, independent, and possesses the ability to learn quickly. • Skilled in troubleshooting access, tool, and education issues in a service-oriented environment.• Proven strength in communication, presentation, and documentation.• Ability to co-lead and/or facilitate working sessions with all levels of staff. • Extremely organized; work on operational and project assignments as prioritized by management.• Capacity to successfully negotiate and collaborate with others of different skill sets, backgrounds, and levels within and external to the organization. • Knowledge of the healthcare environment.Working Conditions: The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job.• This position requires occasional local travel to DFCI and/or MGB sites, vendors, and/or conferences.• On-call coverage expected as business needs dictate.• Hospital work environment working conditions include possible exposure to diseases or infections and may require safety gear (PPE) such as gloves and mask.• Normal office working conditions. The noise level in the work environment is quiet to moderate.• While performing the duties of this job, the employee is frequently required to sit; talk; or hear; use hands to finger; handle; or feel; reach with hands and arms. The employee is occasionally required to stand; walk; and stoop; kneel; or crouch. The employee must frequently lift and/or move up to 5 pounds and occasionally lift and/or move up to 20 pounds.• Specific vision abilities required by this job include close vision, distance vision and depth perception.EEO Statement Mass General Brigham is an Equal Opportunity Employer. By embracing diverse skills, perspectives, and ideas, we choose to lead. All qualified applicants will receive consideration for employment without regard to race, color, religious creed, national origin, sex, age, gender identity, disability, sexual orientation, military service, genetic information, and/or other status protected under the law. We will ensure that all individuals with a disability are provided a reasonable accommodation to participate in the job application or interview process, perform essential job functions, and receive other benefits and privileges of employment.

Harvard UniversityDescription: 27-Mar-2024Senior Information Security ArchitectHarvard Medical School 65408BRPosition DescriptionThe Senior Information Security Architect is a pivotal role focused on safeguarding the data and IT infrastructure of Harvard Medical School and Harvard School of Dental Medicine from cyber threats. This professional is responsible for the architectural design, implementation, and ongoing enhancement of security solutions. The role demands a sophisticated understanding of HMS and HSDM IT systems, a forward-thinking approach to threat detection and mitigation, and effective collaboration across various departments. This role will closely partner with others across HMS IT and Security to further enable the HMS mission through implementing an effective security eco-system.Key Responsibilities:Security Strategy Development: Lead the creation and execution of a strategic, comprehensive enterprise information security architecture and design methodology to ensure the protection of information assets.Secure Architecture Assessment: Assess current systems and platforms in place for risk assessment/recommendations based on current systems and programs.Security Architecture Design: Design and implement secure systems and networks, ensuring they fulfill technical and functional security requirements.Secure SDLC Design: Integrate security best practices and methodologies through all phases of the Software Development Life Cycle (SDLC) to ensure secure design, development and deployment of applications.Compliance and Standards: Work with compliance and risk teams to ensure industry standards and regulatory requirements such as ISO 27001, GDPR, HIPAA, SOC 2, etc.Threat Modeling: Lead the design and implementation of a threat-modeling program at HMS. Conduct detailed threat modeling to identify potential security issues and vulnerabilities, developing strategies to counteract these risks.Penetration Testing: Coordinate and execute penetration testing activities to proactively discover and rectify security weaknesses within the organization's IT environment.Building and Maintaining Security Asset Management Platform: Develop and sustain an integrated security asset management platform to ensure a comprehensive understanding and management of all security-related assets. This includes inventory tracking, security posture assessment, and lifecycle management to enhance the organization's security framework.Emerging Technology Monitoring: Keep abreast of the latest security technologies and trends, along with potential threats, to continuously improve the security stance of the organization.Stakeholder Collaboration: Work closely with IT, compliance, and business units to ensure security measures are aligned with business objectives and operational needs.Basic Qualifications Minimum of seven years’ post-secondary education or relevant work experienceAdditional Qualifications and SkillsMinimum of 5-7 years experience in an information security role, with at least 2-3 years in security architecture or similar capacity.Professional security management certification, such as CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), or equivalent, is highly preferred.Deep knowledge of security protocols, cryptography, authentication, authorization, and overall security.Proficiency in cloud security architecture and mobile security.Expertise in threat modeling, penetration testing, and security asset management.Experience designing and implementing enterprise-wide security programs and frameworks.Excellent verbal and written communication skills, with the ability to effectively communicate security and risk-related concepts to a broad audience.Strong collaboration and influence skills to partner with stakeholders.Demonstrated leadership skills and the ability to mentor team members. Certificates and LicensesCompletion of Harvard IT Academy Information Security Foundations course (or external equivalent) preferredIT Security Certification preferred; e.g., CISSP, CISA/CISM, and/or GIACAdditional InformationThe health of our workforce is a priority for Harvard University. With that in mind, we strongly encourage all employees to be up-to-date on CDC-recommended vaccines.Please note that we are currently conducting a majority of interviews and onboarding remotely and virtually. We appreciate your understanding.The Harvard Medical School is not able to provide visa sponsorship for this position.Not ready to apply? Join our talent community to keep in touch and learn about future opportunities! (https://www.gem.com ?formID=16341e35-cbc6-4904-88a3-09b35763307e) Work Format DetailsThis position is eligible for 100% remote work. Employees may work from any of the Harvard Registered Payroll States, which currently includes Massachusetts, Connecticut, Maine, New Hampshire, Rhode Island, Vermont, Georgia, Illinois, Maryland, New Jersey, New York, Virginia, Washington, and California (CA for exempt positions only). Certain visa types and funding sources may limit work location. Individuals must meet work location sponsorship requirements prior to employment.BenefitsWe invite you to visit Harvard's Total Rewards website (https://hr.harvard.edu/totalrewards) to learn more about our outstanding benefits package, which may include: Paid Time Off: 3-4 weeks of accrued vacation time per year (3 weeks for support staff and 4 weeks for administrative/professional staff), 12 accrued sick days per year, 12.5 holidays plus a Winter Recess in December/January, 3 personal days per year (prorated based on date of hire), and up to 12 weeks of paid leave for new parents who are primary care givers. Health and Welfare: Comprehensive medical, dental, and vision benefits, disability and life insurance programs, along with voluntary benefits. Most coverage begins as of your start date. Work/Life and Wellness: Child and elder/adult care resources including on campus childcare centers, Employee Assistance Program, and wellness programs related to stress management, nutrition, meditation, and more. Retirement: University-funded retirement plan with contributions from 5% to 15% of eligible compensation, based on age and earnings with full vesting after 3 years of service. Tuition Assistance Program: Competitive program including $40 per class at the Harvard Extension School and reduced tuition through other participating Harvard graduate schools.Tuition Reimbursement: Program that provides 75% to 90% reimbursement up to $5,250 per calendar year for eligible courses taken at other accredited institutions. Professional Development: Programs and classes at little or no cost, including through the Harvard Center for Workplace Development and LinkedIn Learning.Commuting and Transportation: Various commuter options handled through the Parking Office, including discounted parking, half-priced public transportation passes and pre-tax transit passes, biking benefits, and more. Harvard Facilities Access, Discounts and Perks: Access to Harvard athletic and fitness facilities, libraries, campus events, credit union, and more, as well as discounts to various types of services (legal, financial, etc.) and cultural and leisure activities throughout metro-Boston.Job FunctionInformation Technology Department Office LocationUSA - MA - Boston Job CodeI0459P IT Info Security Professnl V Work FormatRemote Sub-Unit------------ Salary Grade059DepartmentInformation Technology | SecurityUnion00 - Non Union, Exempt or Temporary Time StatusFull-time Pre-Employment ScreeningCriminal, IdentityCommitment to Equity, Diversity, Inclusion, and BelongingWe are committed to cultivating an inclusive workplace culture of faculty, staff, and students with diverse backgrounds, styles, abilities, and motivations. We appreciate and leverage the capabilities, insights, and ideas of all individuals. Harvard Medical School Mission and Community Valueshttps://hms.harvard.edu/about-hms/campus-culture/mission-community-values-diversity-statementEEO StatementWe are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, gender identity, sexual orientation, pregnancy and pregnancy-related conditions, or any other characteristic protected by law.LinkedIn Recruiter Tag (for internal use only)#LI-DK1 PI238746629

The OpportunityRecognizing the 340B Program is highly complex and constantly evolving, those working with the Program must possess a high level of specialized training and a solid knowledge base. Mass General Brigham (MGB) is committed to a formalized 340B enterprise-wide program serving as the institutional expert and authority over 340B Program services. Program goals of ensuring the greatest cost savings returns while maintaining the utmost compliance are supported by 340B Analysts. Pharmacy 340B Program Analyst II is responsible for providing ongoing program development and coordination support. responsibilities include but are not limited to 340B baseline knowledge, drug purchasing, inventory processes, monthly reporting, split-billing software maintenance, manual and robotic audits, contract pharmacy relationships, dispensing monitoring in both outpatient and inpatient settings, and all areas of program compliance. The analyst will be required to be competent in all enterprise software as well as have thorough knowledge of all categories of covered entity status.Key DutiesHelp manage and lead along with the MGB 340B Program Lead the 340B MGB Oversight Council and to each institutional compliance authority regarding adherence to the qualifications to the details, policies, and procedures of the 340B Program regulations and guidelines.Manage and maintain consistent improvement for the overall efficiency, value, and internal support of the program. Develop reports and lead the analysis (cost analysis, trends, and forecasts) used to educate staff and give strategic guidance to Pharmacy and Hospital leadership.Responsible for routinely monitoring all areas of 340B outpatient use with Pharmacy Supply Chain and Finance to ensure maximum participation continually looking for additional qualified areas.Monitor utilization records and purchasing accounts to ensure the billing extract data and split billing software are working appropriately and compliantly. Ensure use of 340B priced products in all qualified outpatients, implementing procedures for pricing exclusions, product shortages requiring alternative products, filtering out non-eligible transactions including, but not limited to, drugs used to treat patients during inpatient care, Medicaid patients, drugs associated with manufacturer rebates, drugs provided free by manufacturers, those provided at non-eligible locations, or written by non-eligible providers.Develop process of continually reviewing 340B account records for exceptions, drugs required to be purchased at WAC, quickly detecting, and addressing costly changes or over purchasing on WAC. Monitor GPO utilizations and purchases for compliance to GPO Prohibition if required.Assist and monitor buyers as they replenish inventory in the mixed-use settings to see those appropriate accounts (e.g., WAC, GPO, and 340B) are used. Comply with all track-and-trace legal requirements of the Drug Supply Chain Security Act for purchasing and distribution of drug products. Establish routine up-dating of the CDM/crosswalk for new products, product changes or errors thus ensuring the accuracy of the utilization report and split-billing process.Through financial analysis, strive to recognize the value opportunity of the 340B program and track the overall financial impact to the organization. Collaborate with other 340B Program analysts to develop daily, monthly, quarterly and yearly audit metrics ensuring compliance with 340B program requirements and guidelines.Participate in constant (daily and monthly) self-audits of 340B pharmacy operations documenting procedures for presenting and resolving reconciliation issues as they arise during the monitoring and reconciliation process.Communicate, along with the entire 340B Program team, to all MGB staff the purpose and importance of the 340B program, establishing a clear way for them to address their problems, concerns or suggestions for improvement. Develop and foster working relationships with internal working counterparts (IT, Internal Audit, Accounting and others) to facilitate productive exchanges of information to improve program efficiency and promote program compliance.Provide data, information and reports as needed for other business units within the organization.Attend conferences and meetings as requested, regularly monitor HRSA and OPA publications and websites as well as the professional media, literature, and peers to insure the 340B Pharmacy team has the latest information regarding interpretations, rulings, suggestions, and progressive ideas for improving participation. Other duties as assignedQualifications Qualifications Bachelor's degree in business, accounting, finance, healthcare or related fieldAdvanced degree is a plus5 years of compliance, business, finance, or related experience preferredSkills, Abilities and Core CompetenciesExcellent verbal and written communication skillsProficiency with Excel is required; familiarity with data query/data management, PowerPoint and Tableau preferredConceptual, analytical and problem-solving skills with the ability to create forecasts and models in a complex environment are requiredHigh comfort level with challenge and change, meeting deadlinesTact, diplomacy, and ability to work with individuals at all levels of hospital and medical staffFlexibility of work hours when requiredAbility to work with confidential informationPossess strong interpersonal skills to effectively communicate with cross functional teams including staff at all levels of the organizationAbility to successfully negotiate and collaborate with others of different skill sets, backgrounds an levels within and external to the organizationStrong problem solving skillsRequires minimal direction from leadership and possesses the ability to learn quicklyEEO Statement Mass General Brigham is an Equal Opportunity Employer. By embracing diverse skills, perspectives and ideas, we choose to lead. All qualified applicants will receive consideration for employment without regard to race, color, religious creed, national origin, sex, age, gender identity, disability, sexual orientation, military service, genetic information, and/or other status protected under law. We will ensure that all individuals with a disability are provided a reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment.

Center 3 (19075), United States of America, McLean, VirginiaSr. Cyber Analyst, RiskCapital One is one of the fastest growing organizations in the world today. The growth of the business is being accelerated by leveraging innovative and emerging technologies. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years, fully exiting our data centers. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity and managing technology risk. Cybersecurity Risk professionals at Capital One are trusted expert advisers who shape decisions, challenge activities to ensure they meet our standards, and generally oversee technology, cybersecurity, and information security risk across the business and the central technology organization.Cybersecurity risk and analysis plays a critical role in ensuring that the company's risk-taking entities are aware of the risks inherent in their activities and decisions, the impact of their actions on the company at an enterprise level, and opportunities to reduce, mitigate, or avoid the risks altogether. Associates are highly-skilled and have a wealth of experience and a demonstrated ability to provide value added recommendations and deliver high-impact results in the cybersecurity domain areas.Cybersecurity is a strategic priority at Capital One, with heavy engagement from the Board, the Chief Executive Officer, and the executive committee. By joining Capital One, you will be providing these executives with the trusted, independent voice they need to ensure our company's cybersecurity risks are appropriately managed. The position affords opportunities for substantial growth. The demands and high-visibility nature of this position require an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately.Job Responsibilities:Serve as a liaison on Department-led efforts requiring Information Security Office input or participationDevelop and manage the Information Security intake process and toolsDevelop and manage organization's knowledge management toolsImprove and document critical business processesConduct quality assurance on regulator-required cyber risk reportsServe as a liaison between the Divisional Information Security Office and its Audit and assurance partnersReview and triage intake requests and adjudicate new services for the Information Security OfficeCollaborate with Divisional Information Security Office teams to ensure they have the tools necessary to support their customersParticipate in functional communities of practice to ensure consistency across Information Security Office teamsWork with the Information Security Office leadership team on senior leader initiativesProvide support on agenda and materials development and execution of Information Security Office and Department meetings and eventsBe knowledgeable about Capital One's Information Security offerings, policies, procedures and standardsCollaborate effectively with colleagues, stakeholders, and leaders across multiple organizations to achieve strategic objectives.Excellent verbal and written communication skills across levels of leadership.Passion and expertise in cybersecurity, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions.Ability to manage and synthesize information into meaningful messages for both upstream (e.g., executive management) and downstream (e.g., Line of Business stakeholder) audiences.Basic Qualifications:High School Diploma, GED, or equivalent certificationAt least 4 years of experience with technology or cyber security risk management frameworksAt least 1 year of experience developing, evaluating, or implementing cybersecurity, technology, or risk assessment activitiesPreferred Qualifications:Bachelor's Degree3+ years of Risk Management experience in a Cyber or Information Security practiceProject Management experience leading cross functional projects in RiskExperience with cloud risk, governance, control, and securityCISA, CISM, CRISC, or CISSP CertificationAt this time, Capital One will not sponsor a new applicant for employment authorization for this position.Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website. Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level.This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer committed to diversity and inclusion in the workplace. All qualified applicants will receive consideration for employment without regard to sex (including pregnancy, childbirth or related medical conditions), race, color, age, national origin, religion, disability, genetic information, marital status, sexual orientation, gender identity, gender reassignment, citizenship, immigration status, protected veteran status, or any other basis prohibited under applicable federal, state or local law. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections 4901-4920; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries.If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1-800-304-9102 or via email at [email protected]. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.For technical support or questions about Capital One's recruiting process, please send an email to [email protected] One does not provide, endorse nor guarantee and is not liable for third-party products, services, educational tools or other information available through this site.Capital One Financial is made up of several different entities. Please note that any position posted in Canada is for Capital One Canada, any position posted in the United Kingdom is for Capital One Europe and any position posted in the Philippines is for Capital One Philippines Service Corp. (COPSSC).

Location: REMOTESalary: $40.00 USD Hourly - $44.00 USD HourlyDescription: LOCATIONS: Temple Terrace, FL; Cary, NC; Ashburn, VA (REMOTE) MODEL: 4pm-12am EST shift and/or 12am-8am EST shift The Tier-1 Security Analyst represents the entry point into the Security Operations Centre (SOC). The SOC Security Analyst will perform basic security monitoring, handle common issue types, and perform basic incident response activities. The duties of the SOC Security Analyst (Tier 1) include the following: • Provide "eyes on glass" real-time security monitoring in a 24x7 environment by monitoring security infrastructure and security alarm devices for Indicators of Compromise utilizing SIEM and cybersecurity tools. • Performing level 1 assessment of incoming alerts (assessing the priority of the alert, determining the severity of the alert concerning the customer environment, correlating additional details) and coordinating with Senior Analysts for high-priority incidents, if necessary. • Provide basic security event detection and initial triage of security events, opening tickets in designated ticketing systems within SLO and/or SLA guidelines. • Performing administrative routines of SOC like evaluating reports and SIEM dashboards, reviewing ticket escalations. • Incoming call handling from and initiating trouble tickets, if applicable. • Provide health and availability analysis, opening tickets in designated ticketing systems within SLO and/or SLA guidelines. • Follow documented escalation procedures. • Identify recurring incidents for problem management purposes. • Coordinate with Senior Analysts for high-priority incidents. Required Skills & Expertise: • Associate degree in Computer Science, Information Security, or a similar discipline • Strong documentation and communication skills • Exceptional problem-solving skills • Proactive in engaging with customers, client executives, and company management teams • Basic knowledge of network technologies • Knowledge of Transmission Control Protocol/Internet Protocol (TCP/IP), RCF 1918, and common attacks against TCP/IP protocol • Knowledge of Microsoft Windows and Server Operating Systems • Basic understanding of threat landscape and indicators of compromise • At least 1-3 years Security related experience • Clear and concise written and oral English Desired Skills & Experience: • Bachelor or higher degree in Computer Science, Information Security, or similar discipline • Information Technology security-related certifications like CompTIA A+, Network+, Security+, Linux, Cisco CCNA, Microsoft Certified Azure Fundamentals, AWS Cloud Practitioner or SANS GSEC • Understanding of command line scripting and implementation (i.e. Python, PowerShell, Bash Shell) • Ability to write new content/searches/scripts (e.g., Splunk dashboards, Splunk ES alerts, QRadar, RSA Netwitness, SumoLogic, Sentinel, Chronicle, SOAR, etc.) • Experience with tools such as Active Directory, Cisco IOS, MS Server, AMP, Splunk ES, SNORT, Yara, IronPort, Firepower, SOAR, etc. • Strong understanding of networking (TCP Flags, TCP Handshake, IP addressing, Firewalls, Proxy, IDS, IPS) • Ability to perform NetFlow / packet capture (PCAP) analysis • Experience with basic cyber threat hunting Contact: [email protected] job and many more are available through The Judge Group. Find us on the web at www.judge.com

Location: REMOTESalary: $40.00 USD Hourly - $46.00 USD HourlyDescription: LOCATIONS: Temple Terrace, FL; Cary, NC; Ashburn, VA REMOTE MODEL: 4pm-12am EST shift and/or 12am-8am EST shift The Tier-1 Security Analyst represents the entry point into the Security Operations Center (SOC). The SOC Security Analyst will perform basic security monitoring, handle common issue types, and perform basic incident response activities. The duties of the SOC Security Analyst (Tier 1) include the following: Provide eyes on glass real-time security monitoring in a 24x7 environment by monitoring security infrastructure and security alarm devices for Indicators of Compromise utilizing SIEM and cybersecurity tools. Performing level 1 assessment of incoming alerts (assessing the priority of the alert, determining the severity of the alert concerning the customer environment, correlating additional details) and coordinating with Senior Analysts for high-priority incidents, if necessary. Provide basic security event detection and initial triage of security events, opening tickets in designated ticketing systems within SLO and/or SLA guidelines. Performing administrative routines of SOC like evaluating reports and SIEM dashboards, reviewing ticket escalations. Incoming call handling from and initiating trouble tickets, if applicable; ? Provide health and availability analysis, opening tickets in designated ticketing systems within SLO and/or SLA guidelines. Follow documented escalation procedures. Identify recurring incidents for problem management purposes. Coordinate with Senior Analysts for high-priority incidents.REQUIRED SKILLS & EXPERTISE: Associate degree in Computer Science, Information Security, or a similar discipline Strong documentation and communication skills ? Exceptional problem-solving skills Proactive in engaging with customers, client executives, and management teams Basic knowledge of network technologies Knowledge of Transmission Control Protocol/Internet Protocol (TCP/IP), RCF 1918, and common attacks against TCP/IP protocol Knowledge of Microsoft Windows and Server Operating Systems ? Basic understanding of threat landscape and indicators of compromise At least 1-3 years Security related experience Clear and concise written and oral English DESIRED SKILLS & EXPERIENCE: Bachelor or higher degree in Computer Science, Information Security, or similar discipline Information Technology security-related certifications like CompTIA A+, Network+, Security+, Linux, Cisco CCNA, Microsoft Certified Azure Fundamentals, AWS Cloud Practitioner or SANS GSEC Understanding of command line scripting and implementation (i.e. Python, PowerShell, Bash Shell) Ability to write new content/searches/scripts (e.g., Splunk dashboards, Splunk ES alerts, QRadar, RSA Netwitness, SumoLogic, Sentinel, Chronicle, SOAR, etc.) Experience with tools such as Active Directory, Cisco IOS, MS Server, AMP, Splunk ES, SNORT, Yara, IronPort, Firepower, SOAR, etc. Strong understanding of networking (TCP Flags, TCP Handshake, IP addressing, Firewalls, Proxy, IDS, IPS) Ability to perform NetFlow / packet capture (PCAP) analysis Experience with basic cyber threat hunting Contact: [email protected] job and many more are available through The Judge Group. Find us on the web at www.judge.com

Location: REMOTESalary: $40.00 USD Hourly - $51.00 USD HourlyDescription: LOCATIONS: Temple Terrace, FL; Cary, NC; Ashburn, VA REMOTE MODEL: 4pm-12am EST shift and/or 12am-8am EST shift The Tier-1 Security Analyst represents the entry point into the Security Operations Center (SOC). The SOC Security Analyst will perform basic security monitoring, handle common issue types, and perform basic incident response activities. The duties of the SOC Security Analyst (Tier 1) include the following: Provide eyes on glass real-time security monitoring in a 24x7 environment by monitoring security infrastructure and security alarm devices for Indicators of Compromise utilizing SIEM and cybersecurity tools; Performing level 1 assessment of incoming alerts (assessing the priority of the alert, determining the severity of the alert concerning the customer environment, correlating additional details) and coordinating with Senior Analysts for high-priority incidents, if necessary; Provide basic security event detection and initial triage of security events, opening tickets in designated ticketing systems within SLO and/or SLA guidelines; Performing administrative routines of SOC like evaluating reports and SIEM dashboards, reviewing ticket escalations ; Incoming call handling from and initiating trouble tickets, if applicable; Provide health and availability analysis, opening tickets in designated ticketing systems within SLO and/or SLA guidelines; Follow documented escalation procedures; Identify recurring incidents for problem management purposes; Coordinate with Senior Analysts for high-priority incidents. Required Skills & Expertise: Associate degree in Computer Science, Information Security, or a similar discipline Strong documentation and communication skills Exceptional problem-solving skills Proactive in engaging with customers, client executives, and management teams Basic knowledge of network technologies Knowledge of Transmission Control Protocol/Internet Protocol (TCP/IP), RCF 1918, and common attacks against TCP/IP protocol . Knowledge of Microsoft Windows and Server Operating Systems . Basic understanding of threat landscape and indicators of compromise .At least 1-3 years Security related experience . Clear and concise written and oral English Desired Skills & Experience: Bachelor or higher degree in Computer Science, Information Security, or similar discipline . Information Technology security-related certifications like CompTIA A+, Network+, Security+, Linux, Cisco CCNA, Microsoft Certified Azure Fundamentals, AWS Cloud Practitioner or SANS GSEC . Understanding of command line scripting and implementation (i.e. Python, PowerShell, Bash Shell) . Ability to write new content/searches/scripts (e.g., Splunk dashboards, Splunk ES alerts, QRadar, RSA Netwitness, SumoLogic, Sentinel, Chronicle, SOAR, etc.) .Experience with tools such as Active Directory, Cisco IOS, MS Server, AMP, Splunk ES, SNORT, Yara, IronPort, Firepower, SOAR, etc. .Strong understanding of networking (TCP Flags, TCP Handshake, IP addressing, Firewalls, Proxy, IDS, IPS) . Ability to perform NetFlow / packet capture (PCAP) analysis .Experience with basic cyber threat hunting Contact: [email protected] job and many more are available through The Judge Group. Find us on the web at www.judge.com

Location: REMOTESalary: $44.00 USD Hourly - $46.00 USD HourlyDescription: DESCRIPTION LOCATIONS: Temple Terrace, FL; Cary, NC; Ashburn, VA REMOTE MODEL: 4pm-12am EST shift and/or 12am-8am EST shift The Tier-1 Security Analyst represents the entry point into the Security Operations Center (SOC). The SOC Security Analyst will perform basic security monitoring, handle common issue types, and perform basic incident response activities. The duties of the SOC Security Analyst (Tier 1) include the following: • Provide "eyes on glass" real-time security monitoring in a 24x7 environment by monitoring security infrastructure and security alarm devices for Indicators of Compromise utilizing SIEM and cybersecurity tools; • Performing level 1 assessment of incoming alerts (assessing the priority of the alert, determining the severity of the alert concerning the customer environment, correlating additional details) and coordinating with Senior Analysts for high-priority incidents, if necessary; • Provide basic security event detection and initial triage of security events, opening tickets in designated ticketing systems within SLO and/or SLA guidelines; • Performing administrative routines of SOC like evaluating reports and SIEM dashboards, reviewing ticket escalations ; • Incoming call handling from and initiating trouble tickets, if applicable; • Provide health and availability analysis, opening tickets in designated ticketing systems within SLO and/or SLA guidelines; • Follow documented escalation procedures; • Identify recurring incidents for problem management purposes; • Coordinate with Senior Analysts for high-priority incidents. Required Skills & Expertise: • Associate degree in Computer Science, Information Security, or a similar discipline • Strong documentation and communication skills • Exceptional problem-solving skills • Proactive in engaging with customers, client executives, and management teams • Basic knowledge of network technologies • Knowledge of Transmission Control Protocol/Internet Protocol (TCP/IP), RCF 1918, and common attacks against TCP/IP protocol • Knowledge of Microsoft Windows and Server Operating Systems • Basic understanding of threat landscape and indicators of compromise • At least 1-3 years Security related experience • Clear and concise written and oral English Desired Skills & Experience: • Bachelor or higher degree in Computer Science, Information Security, or similar discipline • Information Technology security-related certifications like CompTIA A+, Network+, Security+, Linux, Cisco CCNA, Microsoft Certified Azure Fundamentals, AWS Cloud Practitioner or SANS GSEC • Understanding of command line scripting and implementation (i.e. Python, PowerShell, Bash Shell) • Ability to write new content/searches/scripts (e.g., Splunk dashboards, Splunk ES alerts, QRadar, RSA Netwitness, SumoLogic, Sentinel, Chronicle, SOAR, etc.) • Experience with tools such as Active Directory, Cisco IOS, MS Server, AMP, Splunk ES, SNORT, Yara, IronPort, Firepower, SOAR, etc. • Strong understanding of networking (TCP Flags, TCP Handshake, IP addressing, Firewalls, Proxy, IDS, IPS) • Ability to perform NetFlow / packet capture (PCAP) analysis • Experience with basic cyber threat hunting.Contact: [email protected] job and many more are available through The Judge Group. Find us on the web at www.judge.com

BA for Data Security / Data Loss preventioProjects: Data sensitivity labeling within Office365 , the labeling is optional right now and will at some point be mandatory to used the labels. Also a replacement for a tool that captures all the data loss information due to it being insufficient. Another project to look at additional capabilities in Service Now.Experience in data loss as a BA, some cyber security knowledge, some Power BI background would be useful. Any Service Now platforms would be great and gathering requirements for Service Now. Jira is heavily used by this team and moving to SAFe agile from a project methodology standpoint.3 month minimum contract2hire conversionThis role will be working with the program manager on the data security and data loss prevention work stream within Global Cyber Security in which people, processes, and technologies are significantly impacted. We require a strong BA that has demonstrated success. This is a great opportunity to work within a fast-paced environment, within a global team.Support the Global Cyber Security Program by:* Gathering requirements, providing expertise and guidance, and executing plans to enhance business capability, achieve results and support the global cyber security organization.* Understanding and clearly documenting complex process flows.* Identifying and implementing business processes as well as continuous improvement initiatives by assessing alignment of current process, programs, and systems to business requirements and recognize opportunities for standardization, increased efficiency, cost reduction, increased quality, and improved user experience to enhance performance of the program.* Providing recommendations for improvement and implementing procedural changes to ensure technical solutions align with organizational objectives, regulatory standards, and business needs.* Identifying and eliminating risks to complex change implementation by planning user acceptance testing, clarifying, and ensuring developers understand requirements, coordinating users, executing tests, monitoring test completion, escalating defects/issues, and soliciting feedback to support accurate testing and alignment with desired outcomes.* Facilitating meetings supporting all phases of assigned projects, using appropriate tools and technology according to meeting objectives and attendees.Primary Responsibilities* Foster a partnered approach, building and maintaining strong productive working relationships with internal stakeholders aligning service delivery with business needs.* Develop implementation and improvement plans by eliciting business requirements from stakeholders to identify business needs, evaluate requirements and desired outcomes, analyze gaps between current and future state, and recommend solutions.* Understand and clearly document complex process flows.* Develop a list of technical business requirements based on discussions with stakeholders, engineers, and end users and analyze them for accuracy, completeness, redundancy, ambiguity, and testability.* Discuss complex technical details at a high level with leadership/stakeholders and at a low level with engineers and architects.* Assess, document, and communicate impact of change to business and individuals by collaborating with internal and external key stakeholders to analyze information needs and functional requirements, accurately define costs, schedule timeline, and evaluate interdependencies to develop business requirements documentation for key stakeholder engagement.* Support end-users by thoroughly understanding user requirements and user experience.* Assist with the identification of training requirements for assigned projects and business units by providing input to the training plan, supporting the development of training materials and participating in the training for assigned projects as required.* Analyze business requirements for accuracy, completeness, redundancy, ambiguity, and testability.* Identify and eliminate risks to complex change implementation by planning user acceptance testing, clarifying, and ensuring developers understand requirements, coordinating users, executing tests, monitoring test completion, escalating defects/issues, and soliciting feedback to support accurate testing and alignment with desired outcomes.* Design and provision reporting solutions to enable project decision making, tracking and implementation.* Adhere to data policies & standards, while also enforcing correct management of sensitive data in compliance with global business rules, legal and governmental regulations.* Ensure data integrity, accuracy and reconciliation within reports and dashboards by reviewing, identifying, and resolving gaps and inconsistencies.Required Qualifications* Education: Bachelor's degree or equivalent combination of education and work experience.* Experience: 4 years relevant experience.* Ability to work global hours (US, UK, and Australia time zones).* Excellent communication, analytical and interpersonal skills.* Working knowledge of cyber security projects and programs and managing requirements and testing on the projects.* Experience collaborating with technical team members, business analysts, and project/program managers to ensure a quality solution is delivered.* Evidence of successful participation in the delivery of complex programs.* Effective collaboration, communication, and strong stakeholder management skills.* Impact analysis and strong problem-solving skills when gathering and assessing business needs to overcome potential obstacles and challenges.* Facilitate meetings supporting all phases of assigned projects, using appropriate tools and technology according to meeting objectives and attendees.* Self-motivated, assertive, detail oriented, high degree of organization skills and the ability to appropriately prioritize assigned tasks to ensure timely goal achievement.Preferred Qualifications* Experience with software including Jira, Confluence, Microsoft O365.* Experience using Data Security Technology/Solutions such as Data Loss Prevention and Data Classification.* Working knowledge and understanding of SharePoint, SQL, relational databases, and reporting tools such as Power BI, Tableau, MS Reporting Services and Excel.* Working knowledge of terminology, function and fundamental capabilities of common computer, software, information and communication technology devices, components, and concepts.* An understanding of IT networking and infrastructure.* Working knowledge of the ServiceNow platform and modules.Preferred Competencies/Skills* Understand the principles underlying the relationship among facts and apply this understanding when solving problems.* Observe and evaluate the outcome of a business need and interpret the results and their implications.* Foresee potential obstacles and challenges, identifying root cause and recommending plans to address.* Effectively present thoughts to influence and persuade organizational leaders and key stakeholders to adopt innovative recommendations.* Utilize advanced written and oral communication skills to inform key stakeholders.* Navigate organizational structure by networking and building relationships among multiple business units.* Share knowledge and educate others.* Exhibit leadership in everyday interactions.* Successfully engage in multiple initiatives simultaneously.* Work effectively under pressure; develop and adhere to deadlines.* Adapt and be flexible in a complex, changing environment.Beacon Hill is an Equal Opportunity Employer that values the strength diversity brings to the workplace.If you would like to complete our voluntary self-identification form, please click here or copy and paste the following link into an open window in your browser: https://jobs.beaconhillstaffing.com/eeoc/Completion of this form is voluntary and will not affect your opportunity for employment, or the terms or conditions of your employment. This form will be used for reporting purposes only and will be kept separate from all other records.Company Profile:Beacon Hill Technologies, a premier National Information Technology Staffing Group, provides world class technology talent across all industries utilizing a complete suite of staffing services. Beacon Hill Technologies' dedicated team of recruiting and staffing experts consistently delivers quality IT professionals to solve our customers' technical and business needs.Beacon Hill Technologies covers a broad spectrum of IT positions, including Project Management and Business Analysis, Programming/Development, Database, Infrastructure, Quality Assurance, Production/Support and ERP roles.Learn more about Beacon Hill Staffing Group and our specialty divisions, Beacon Hill Associates, Beacon Hill Financial, Beacon Hill HR, Beacon Hill Legal, Beacon Hill Life Sciences and Beacon Hill Technologies by visiting www.beaconhillstaffing.com .We look forward to working with you.Beacon Hill. Employing the Future (TM)

Cyber Security Risk AnalystCollege Board - Risk ManagementLocation This is a fully remote role. Candidates who live near CB offices have the option of being fully remote or hybrid (Tuesday and Wednesday in office). Type: This is a full-time positionAbout the TeamThe Information Security Governance Risk and Compliance (ISGRC) team at the College Board checks and certifies the College Board's Information Security Programs. Our mission is to provide our stakeholders with meaningful insights that continuously improve the risk posture across the organization.ISGRC partners work with business leads to perform necessary security reviews of policies, systems, contracts, and vendors to better understand and manage risk. The team also manages security policies, security awareness training, and industry-recognized certifications (ISO 27001, SOC2 and PCI-DSS).About the OpportunityAs a Security Risk Analyst, you will have the critical role of being responsible for evaluating and managing exceptions to IT security policies, for managing the Organization's Risk and Control Issues Register (Risk Register), and for developing reports and metrics.Your strong technical communication and negotiation skills will help you build relationships and collaborate with diverse stakeholders and reduce risk to the organization and ensure compliance.Under the direction of management, you will manage the Risk Register and perform security policy exceptions to help the College Board understand its critical risks.In this role you will:Manage the Risk Register (20%)Leads the management of the issues and risks and quickly escalates any untimely completion of audit actions.Works independently to communicate risks and works with others to problem-solve risks to tolerance levels based on data and evidence.Maintains data quality of Risk Register and executes any required data clean-up exercises.Understands College Board work to be able to drive Risk or Control Owners to ensure consistent application of policies and standards.Raises awareness about Risk & Control Issues, Policy exceptions, and available risk reduction options.Fosters a culture of risk awareness and compliance within the technology department and across the organization.Manage Policy Exceptions (65%)Independently analyzes policy exception submissions and provide risk assessment reports for critical service lines, applications, and infrastructure hosted on-prem and in the cloud.Evaluates and manage exceptions to IT security policies.Manages materials for the Exception Review Board and present exception information to executive leadership and senior team members.Maintains an up-to-date knowledge and understanding of IT security policies and principles.Maintains a customer-focused attitude in all interactions with customers and colleagues.Manage Metrics and Reporting (15%)Provides weekly and monthly reporting for the Risk Register and policy exceptions.Produces trending metrics and escalate exceptions.Performs other duties as assigned.About You5-7 years of experience managing or supporting IT Security Risk and Control Risk Register and processing policy exceptions.Strong understanding of risk management techniques such as: risk identification, risk scoring, risk mitigation, and risk tracking.The proven ability to lead conversations balancing risk and multiple business needs that result in positive outcomes with multiple stakeholders.The capacity to assess risk information and make risk recommendations independently.Strong organization and prioritization skills and the proven ability to manage multiple tasks simultaneously, both independently and as a member of the team.7-10 years of experience in information security; governance, risk, and compliance; and/or information technology projects.Excellent verbal and written communication skills.Experience with governance, risk, and compliance tools (e.g., RSAM, RSA Archer) preferred.Experience with information security and privacy frameworks such as ISO 27001, COBIT, NIST-CSF, NIST 800-53, GDPR etc.Current Information Security Certification (e.g., CISSP, CRISC, CISM, CISA, or related security certification) preferred or the ability to attain one within 6 months of hire.Bachelor's degree in computer science, cybersecurity, engineering, IT management or four years equivalent IT and security industry experience.For remote positions, ability to travel 4 times a year to our Reston, VA office.Authorization to work for any employer in the USAAbout Our ProcessApplication review will begin immediately and will continue until the position is filledWhile the hiring process may vary, it generally includes: resume and application submission, recruiter phone screen, hiring manager interview, performance exercise and/or panel interview, and reference checks. This is an approximately 8-week processAbout Our Benefits and CompensationCollege Board offers a competitive benefits and compensation program that attracts top talent looking to make a difference in education. As a self-sustaining non-profit, we believe in compensating employees equitably in relation to each other, their qualifications, their impact, and the relevant market.The hiring range for a new employee in this position is $72000 to $120000. College Board differentiates salaries by location so where you live will narrow the portion of this range in which you can expect a salary.Your salary will be carefully determined based on your location, relevant experience, the external labor market, and the pay of College Board employees in similar roles. College Board strives to provide our best offer up front based on this criteria.Your salary is only one part of all that College Board offers, including but not limited to:A comprehensive package designed to support the well-being of employees and their families and promote education. Our robust benefits package includes health, dental, and vision insurance, generous paid time off, paid parental leave, fertility benefits, pet insurance, tuition assistance, retirement benefits, and moreRecognition of exceptional performance through annual bonuses, salary growth over time through market increases, and opportunities for merit raises and promotions based on increased scope of responsibilityA job that matters, a team that cares, and a place to learn, innovate and thriveYou can expect to have transparent conversations about benefits and compensation with our recruiters throughout your application process.#LI-Remote#LI-MD1