What Jobs are available for Threat Modeling in the United States?

Overview

The Position: The Information Security Engineer position will be responsible for providing technical and business assistance for a wide variety of information security related matters. It requires monitoring of computer networks for security issues, install security software and document all security issues or breaches found.

• Bachelor’s Degree in Cyber Security, or equivalent/related field or equivalent years of experience
• 8+ years in an information security technical role
• Experience in securing cloud environments, specifically Azure, and auditing its services and resources against best practices and identify misconfigurations
• Hands-on experience with mitigating security controls (next gen anti-virus, EDR, IPS/IDS, DLP, web and network proxies, URL content filtering, log collection (SIEM), vulnerability management, multi-factor authentication, identity management and conditional access polices, VPN's) and how they work in an overall defense in depth risk assessment methodology
• Previous experience within an internal Information Security team

• Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities
• Architect, implement, and reevaluate any security service or product in our security stack with little technical guidance
• Conduct and manage security threat and impact assessments and provide input on our overall information security strategy
• Pick up service tickets within established SLAs including those that have been escalated to Tier Two/Three as needed
• After hours or weekend work: for scheduled maintenance, incident response including evenings and weekends as required
• On Call Support: Participate in a rotating on-call schedule for outages or incident response
• Required to come to the office at least 2 times per week during the first 90 days
• After 90 days, you will have the option to work remotely with at least 1 in-person engagement required monthly
• 100% company-paid monthly insurance premiums for employees and dependents
• Medical, Dental, Vision, and Life Insurance
• Employee assistance program
• 4% retirement matching
• Long-Term & Short-Term Disability Coverage
• Paid time off
• 0-1 year – 15 day (pro-rated first year)
• 1-5 years – 20 days
• 5-10 years – 25 days
• 10+ years – 30 days
• Holidays – 13 paid holidays
• Monthly cell phone reimbursement
• Complimentary parking space or monthly reimbursement for DART public transportation
• Team-building activities and events, including quarterly kick-off meetings and community volunteer day
• Matching charitable gift program
• Professional development & training opportunities
• Wellness Program: Focuses on community, financial, mental, nutrition, physical and social health
• Business casual, jeans allowed

*All benefits are subject to change with notice to the employee

All job offers will be contingent on successful completion of a drug screen and background check.

ISN is an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status.

First Name

Last Name

Preferred First Name

Email

Phone

Resume/CV 25 MB limit. Allowed types: pdf doc docx txt rtf.

Enter text manually

25 MB limit. Allowed types: pdf doc docx txt rtf.

Enter text manually

School - Select -

Degree - Select -

- Select -

School - Select - * Degree - Select - Discipline - Select - Start Date * Month Month * Year Year End Date * Month Month * Year Year

Are you legally authorized to work in the United States? - Select -

Are you currently residing in Dallas or willing to relocate upon offer?

The position requires you to reside within a commutable distance to ISN Dallas office.

- Select -

Home Address (City, State):

Do you now, or will you in the future, require sponsorship for employment visa status (e.g., H-1B visa status, etc.) to work legally in the United States?

This includes any required sponsorship after your current immigration status expires (e.g. CPT, OPT, etc.)

- Select -

What are your minimum salary requirements?

What is your required notice period?

Do you have a relative or family member that currently works, is planning to work or has worked at ISN? If yes, please provide their name and describe your relationship.

Read more on how ISN approaches working with relatives

* CCPA Notice at Collection for California Job Applicants

ISN is committed to protecting the privacy and security of personal information collected from job applicants. Please read the CCPA Notice and acknowledge/confirm.

- Select -

All information provided with this application is true, accurate and complete. I accept that any false, misleading, inaccurate or incomplete information I provided may lead to my application being rejected, or an offer of employment being withdrawn, or dismissal from my employment. - Select -

If you provided a phone number, do you consent to receiving follow-up communication via text message (or SMS message) regarding your application status?

If yes, you can always opt-out by replying STOP.

For government reporting purposes, we ask candidates to respond to the below self-identification survey. Completion of the form is entirely voluntary. Whatever your decision, it will not be considered in the hiring process or thereafter. Any information that you do provide will be recorded and maintained in a confidential file.

As set forth in ISN’s Equal Employment Opportunity policy, we do not discriminate on the basis of any protected group status under any applicable law.

Race - Select -

- Select -

If you believe you belong to any of the categories of protected veterans listed below, please indicate by making the appropriate selection. As a government contractor subject to the Vietnam Era Veterans' Readjustment Assistance Act (VEVRAA), we request this information in order to measure the effectiveness of the outreach and positive recruitment efforts we undertake pursuant to VEVRAA. Read More

- Select -

Form CC-305
Page 1 of 1
OMB Control Number
Expires 04/30/2026

Why are you being asked to complete this form?

We are a federal contractor or subcontractor. The law requires us to provide equal employment opportunity to qualified people with disabilities. Read More

Disability Status - Select -

PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete.

Overview

Chief Information Security Officer, Dartmouth College, Hanover, New Hampshire.

The CISO will lead an enterprise-wide information security program protecting Dartmouth’s academic, research, and administrative operations. The CISO will report to the Vice President and Chief Information Officer and serve on the Information Technology and Consulting leadership team, with a dotted line to the Chief Compliance Officer. The CISO will be a crucial advisor to institutional leadership, providing guidance and policies on risk posture, regulatory obligations, and acceptable risk thresholds. They will oversee a team of IT security professionals, direct the College's cybersecurity strategy, and make critical decisions regarding risk assessments, security protocols, and responses to emerging threats. The CISO will articulate the cybersecurity priorities to institutional risk stakeholders, including the Board of Trustees, serving as the key leader and voice of cybersecurity on campus.

The CISO will join Dartmouth at an exciting and pivotal moment. With the recent appointment of a new president and the arrival of a new provost, Dartmouth is primed for an exciting era of growth and innovation, driven by strong new leadership to shape its future direction. The CISO will be integral in stewarding collaborations and relationships across the institution, ensuring that constituents feel well-supported on issues of security so that Dartmouth remains well-positioned to advance its vision. Dartmouth researchers secure approximately $200 million in external research funding annually; the next CISO will play a crucial role in supporting researchers and ensuring secure, effective, compliant, and efficient security measures and processes for them.

Dartmouth has a rich and distinguished history of leadership and innovation in higher education. President Sian Leah Beilock has redoubled Dartmouth’s commitment to leading the field, utilizing the institution’s size, scope, and tight-knit community as advantages to forge a bold path in an important moment for higher education. Dartmouth’s unique profile blends the energy, resources, and academic rigor of a major research university with a steadfast dedication to undergraduate education across the arts, sciences, and engineering. The College is committed to expanding the scope and impact of its innovations, scholarship, and research.

The ideal candidate will be a strategic thinker, skilled at building consensus and aligning people and processes. They will collaborate closely with Dartmouth’s research community to support their goals and timelines, ensuring clear, timely communication and actively eliminating obstacles to improve efficiency. This individual will advocate for a culture where information security is viewed as a shared responsibility among all employees handling sensitive data. They will offer a forward-looking, sustainable vision for Dartmouth’s cybersecurity initiatives, staying informed on industry trends and best practices. With up-to-date knowledge of leading digital platforms and technologies, they will apply meaningful metrics to drive timely evaluations and informed, values-based decisions. Remaining sharply attuned to cybersecurity threats, they will maintain constant vigilance in protecting the College’s digital landscape.

The next CISO will bring demonstrated leadership experience working in a decentralized research university with a proven record of ethical data governance and AI security in an academic setting, securing cloud environments, and implementing zero-trust models. The CISO will be an accomplished team leader and manager and a skilled communicator who can engage across a wide range of audiences.

Dartmouth College has retained the national search firm Isaacson, Miller to assist in recruiting its new Chief Information Security Officer. Screening of complete applications will begin immediately and continue until the completion of the search process. Inquiries, nominations, referrals, and CVs with cover letters should be sent via the Isaacson, Miller website for the search: Electronic submission of materials is strongly encouraged.

Becca Kennedy, Managing Partner

Kristen Andersen, Senior Associate

Cortnee Bollard, Senior Search Coordinator

Isaacson, Miller

Dartmouth College is an equal opportunity employer under federal law. We prohibit discrimination on the basis of race, color, religion, sex, age, national origin, sexual orientation, gender identity or expression, disability, veteran status, marital status, or any other legally protected status. Applications are welcome from all.

Dartmouth is committed to accessibility for its community. If you are an applicant with a disability and would like to request a reasonable accommodation to aid in the job application and/or interview process, please email In the subject line, please state application accommodations and include the job number or title. Someone from the ADA/504 Office will be in touch within 2 business days.

Job Description

One of our law firm clients is seeking an Information Security Engineer in the Washington, DC or New York area, may work 100% virtual/remote in a firm-approved U.S. state as part of the “Gideon” office. The Information Security Engineer is a technical security expert responsible for supporting security operations, engineering, and architecture functions and efforts. Under the direction of the Manager of Information Security, the Information Security Engineer helps to ensure the overall security posture of the organization and is expected to be involved in day-to-day security operations and contribute to ensuring the integrity and availability of IT and application infrastructure and the confidentiality, integrity, and availability of data in support of enterprise IT objectives and client service delivery needs.

Responsibilities include but are not limited to:

Security Operations

• Performing security log and event analysis, taking appropriate action to address security risks or incidents using EDR, SIEM, and log aggregation systems.
• Monitoring and executing the vulnerability management program to reduce IT hygiene risks.
• Maintaining and managing assigned security toolsets, including:
  • Application control systems
  • EDR/AV
  • Email security platform
  • Attack simulation platform
  • Threat intelligence/hunting
  • Security-related AI tools
• Supporting incident response and investigation efforts.
• Validating and tracking IT operational activities for compliance with policies and standards.
• Researching security vulnerabilities and cybersecurity trends.
• Reporting and tracking security events and remediation activities.
• Supporting third-party risk management and IT compliance efforts.
• Assisting with security awareness training.
• Participating in IT Security on-call rotation.

Security Engineering & Architecture

• Advising on planning of security systems and standards, evaluating technologies, and developing security requirements.
• Reviewing applications and SaaS changes for security impacts.
• Participating in the enterprise Change Advisory Board (CAB).
• Researching and recommending methods, software, and technologies to mitigate risks.
• Contributing to security policies, standards, and procedures.

Qualifications:

Education/Experience

• Four-year college degree preferred; equivalent experience considered.
• Minimum of three (3) years in Information Security or related IT fields with security responsibilities.

Technical Skills

• Experience with Windows, Unix/Linux, and Active Directory.
• Solid understanding of networking protocols: TCP/IP, UDP, DNS, DHCP, HTTP/HTTPS, routing.
• Knowledge in security engineering, system/network security, authentication, cryptography, application and cloud security.
• Proficiency in Windows OS, Microsoft Office Suite.
• Skilled in using AI tools for daily tasks.
• Strong remote collaboration capabilities.

Communication & Writing

• Ability to explain complex technical concepts to non-technical audiences.
• Excellent oral and written communication skills.
• Effective presenter to diverse audiences.
• Skilled in choosing appropriate communication methods.

Professionalism & Judgment

• Strong initiative, judgment, and professionalism.
• High confidentiality and discretion.
• Exceptional client service orientation.

Problem-Solving & Strategic Focus

• Strong problem-solving and strategic thinking.
• Goal-oriented with strong task prioritization.
• Detail-oriented with excellent organizational skills.
• Capable of multitasking in fast-paced environments.

Flexibility & Commitment

• Reliable, dependable, and motivated.
• Willing to work additional hours as needed.
• Willingness to travel (1–4 weeks per year, or more if required).

We work with top law firms, associations and corporations to connect professionals to jobs they can't find anywhere else. The recruiters at Consiliio, LLC are vested in taking the time to get to know each candidate and finding the right match for each individual. Our extensive industry knowledge is a resource that we share with every candidate to help prepare for each step of the interview process and negotiate the best possible salary. In working with us, you are able to have direct access to hundreds of hiring decision makers in the country.

We work with top law firms, associations and corporations to connect professionals to jobs they can't find anywhere else. The recruiters at Consiliio, LLC are vested in taking the time to get to know each candidate and finding the right match for each individual. Our extensive industry knowledge is a resource that we share with every candidate to help prepare for each step of the interview process and negotiate the best possible salary. In working with us, you are able to have direct access to hundreds of hiring decision makers in the country.

Job Description

We are looking for exceptionally talented and motivated individuals to help us deliver the world’s best cybersecurity compliance services to our customers. TraceSecurity is a cybersecurity service and software provider servicing financial, health care, and other institutions.

The function of a TraceSecurity ISA is to work directly with clients to perform a variety of Information Security services. TraceSecurity will teach the analyst to use a wide variety of tools and techniques, so it is imperative that the candidate possesses a desire to learn in a fast-paced environment. Since a majority of our engagements are performed onsite with the client, this position requires up to 50%-75% travel. Applicants should have 2 or more years’ experience in an IT-related field.

Requirements:

• Effective verbal and written communication skills
• Ability to travel approximately 50%
• Basic understanding of security frameworks, such as ISO 27001, NIST 800-53, HIPAA/HITECH, or PCI DSS
• Fundamental understanding of operating systems, including Windows, Mac, and Linux
• Computer Networking experience
• Systems Administration experience
• Self-driven to continuously develop professionally within the information security space
• Works well within a team environment
• College degree and/or equivalent IT industry training or work experience
• Strong Problem-Solving abilities
• Positive Attitude

Preferred Skills, Experience, and Certifications:

• Security solutions (IDS/IPS, firewalls, SIEM, DLP)
• Security Risk Assessments
• Information Security-related certifications (CISSP, CISA, CEH, Security+, etc)
• Information Technology & Networking-related certifications (MCSA, MCSE, A+, Network+, CCNA, etc)

TraceSecurity is a leading provider of cybersecurity and compliance solutions that help organizations of all sizes reduce the risk of cyber breaches and demonstrate compliance. TraceSecurity offers a comprehensive portfolio of solutions that allow organizations to manage their information security program and supplement it with third-party validation and testing. TraceSecurity’s suite of information security services includes IT risk assessments and audits, social engineering, penetration testing, and security training.

With market experience that spans over 2,000 customers, TraceSecurity offers the insight, products, professional services and partners to support the security and risk management efforts of organizations of all sizes across all industries.

TraceSecurity is a leading provider of cybersecurity and compliance solutions that help organizations of all sizes reduce the risk of cyber breaches and demonstrate compliance. TraceSecurity offers a comprehensive portfolio of solutions that allow organizations to manage their information security program and supplement it with third-party validation and testing. TraceSecurity’s suite of information security services includes IT risk assessments and audits, social engineering, penetration testing, and security training.

With market experience that spans over 2,000 customers, TraceSecurity offers the insight, products, professional services and partners to support the security and risk management efforts of organizations of all sizes across all industries.

Job Description

NHRS Is hiring for an Information Security Analyst. This position is assessed in Band M. $45.76-$9.00

We are hiring in the range of 48.53- 58.99

Information Security Analyst
NHRS is seeking an experienced Information Security Analyst (ISA) to lead the development and continuous improvement of our cybersecurity program. This role ensures the confidentiality, integrity, and availability of NHRS systems and data by proactively defending against cyber threats and advising leadership on security strategies.

Key Responsibilities:

• Assess and monitor information security controls and risks.

• Ensure compliance with NIST, NHRS policies, and industry best practices.

• Lead third-party risk assessments and support IT audits.

• Manage security awareness training and enforce policy adherence.

• Maintain the risk register and provide reports on NHRS’ security posture.

• Support incident response planning and execution.

Qualifications:

• Bachelor’s degree in computer science or related field (Master’s preferred).

• 15+ years combined experience in Information Security and Windows administration.

• Security certifications (CISSP, CISM, Security+, CySA+) preferred.

• Strong knowledge of cybersecurity principles, regulatory frameworks, incident response, and SIEM/security tools.

• Excellent communication and analytical skills.

NHRS offers professional development opportunities and encourages certification and training.

Job Description

Position Title: Information Security Manager

Department: Data Solutions

Reports To: Chief Technology Officer

FLSA Classification: Exempt, full-time

About Us:

The Center for Improving Value in Health Care (CIVHC) is an independent non-profit that equips partners and communities in Colorado and across the nation with the resources, services and unbiased data needed to improve health and health care. As the designated administrator of Colorado’s All Payer Claims Database (CO APCD), CIVHC oversees the collection of health care claims from Colorado’s public and private health care insurers and uses that information to promote price transparency, inform policy, advance health equity, conduct research, and much more. We are objective, solution-oriented, and maintain the highest integrity in the work we do.

Job Summary:

The Information Security Manager leads the oversight and strategic direction of information security at CIVHC, with a focus on policy development, vendor security assurance, and regulatory compliance. This is not a hands-on systems administration or SOC (Security Operations Center) role.

The Information Security Manager serves as the internal point of accountability for ensuring that CIVHC’s data infrastructure, cloud migration initiatives, and vendor relationships meet the highest security and privacy standards. The Information Security Manager collaborates with the Finance, Compliance, Data Solutions, and Data Access and Impact departments to ensure the integrity, confidentiality, and availability of CO APCD information systems.

As the administrator of the Colorado All Payer Claims Database (CO APCD), CIVHC contracts with external vendors for data ingestion, storage, and analytics. This position provides oversight support of those partnerships to ensure compliance with HIPAA, NIST, and other regulatory standards.

This position is especially critical for cloud migration, increased API use, and AI exploration, and plays a lead role in risk evaluation. The role also includes business-aligned responsibilities such as documentation of database architecture and governance planning, working closely with technical and compliance teams.

The Information Security Manager will integrate forward-thinking, community-centered innovation with scalable data services. The ideal candidate brings a strong commitment to equity, the ability to communicate complex information to diverse audiences, and a visionary mindset to leverage data for transformative health outcomes across Colorado and beyond.

Supervisory Responsibilities:

• Direct oversight of the IT & Network Specialist. Future supervisory responsibility may expand with organizational growth.
• Collaborate with the IT & Network Specialist to ensure that device management, internal network configurations, and endpoint protections align with the organization’s overall security and compliance framework.
• Set priorities, approve technology purchases, and support professional development for the IT & Network Specialist in alignment with organizational goals.
• Ensure proper documentation and incident handling for IT issues involving internal hardware, user access, and system configurations.
• Integrate business-side IT practices into enterprise-wide risk management, business continuity planning, and security training initiatives.

Duties/Responsibilities/Essential Functions:

• Develop information security policies, procedures, and documentation.
• Ensure organizational policies are compliant with relevant security and privacy regulations (e.g., HIPAA, NIST, SOC 2, FISMA).
• Support external partnerships on security matters, working closely with Legal & Compliance. In some cases, Legal & Compliance may lead, with the Information Security Manager providing technical input and documentation.
• Evaluate and oversee vendor risk related to data handling, system architecture, and regulatory adherence.
• Lead internal risk assessments, documentation, and architecture reviews related to cloud environments and APIs.
• Oversee incident response planning and coordinate post-incident reporting and improvement.
• Guide the documentation and improvement of database architecture.
• Define and implement security and ethical guidelines for AI, automation, and emerging technology adoption.
• Collaborate with technical staff and vendors to review and document security controls during infrastructure changes.
• Partner with Legal & Compliance and executive leadership to interpret and operationalize applicable laws, regulations, and contractual obligations in a rapidly evolving healthcare, IT, and data landscape.
• Develop training materials, best-practice guides, and onboarding resources for data and technology users.

Reasonable accommodations may be made to enable individuals with disabilities to perform these essential functions.

Required Skills/Abilities:

• Excellent communication and collaboration skills across technical and non-technical teams.
• Strong understanding of security compliance frameworks: HIPAA, NIST, ISO 27001, SOC 2.
• Experience conducting or overseeing security assessments, risk reviews, and audits.
• Familiarity with cloud architecture documentation, vendor oversight, and system migration planning.
• Experience reviewing and documenting data structures, schema, or database system architecture.
• Familiarity with AI/ML governance, automation policy development, or responsible technology evaluation.

Education and Experience:

• Minimum 7 years of experience in information security oversight, Information Technology risk management, or technology compliance.
• Bachelor’s degree in Cybersecurity, Information Systems, Information Technology, IT Governance, or a related field; or a 7-year combination of education and/or progressive experience.
• Experience with healthcare data environments or privacy-sensitive data ecosystems.
• Prior involvement with cloud migration projects or multi-vendor data infrastructure preferred.
• Knowledge of CMS Incidental Disclosure protocols preferred.
• Experience working in public sector, nonprofit, or mission-driven organizations preferred.
• Professional certifications: CISSP, CISM, CISA, CCSP, are strongly preferred but not required.

Physical Requirements: Primarily computer-based work with extended periods of sitting, typing, and concentration. May occasionally require light lifting of office materials.

• Sitting for extended periods of time.
• Using a computer and keyboard for typing and data entry.
• Reaching and stretching to access files or equipment.
• Lifting and carrying light objects such as papers or office supplies.
• Walking short distances within the office environment.
• Operating office equipment such as printers, copiers, and fax machines.
• Occasionally bending or stooping to retrieve items from lower shelves or cabinets.
• Maintaining good posture to prevent discomfort or strain.
• Using a telephone or headset for communication.
• Ability to focus and concentrate for prolonged periods.

Other duties:

Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.

Position Timeline:

Our target is to fill this position by October 24 , 2025 . Application review will begin immediately and will continue on a rolling basis until the position is filled. We encourage interested candidates to apply as soon as possible for full consideration.

Compensation and Benefits:

The salary range for this position is $95,000 - $115,000 annually, based on relevant experience, education, and internal equity. CIVHC offers a comprehensive benefits package including medical, dental, and vision coverage; paid time off; life and disability insurance; and retirement plan contributions.

Equal Opportunity Employer:

CIVHC is proud to be an Equal Opportunity Employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. We do not discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, disability, age, or any other legally protected status.

Job Description

Information Security Engineer, Senior

Full Time Aberdeen Proving Ground, MD

Secret Clearance

Job Description:

Responsibilities

The ISE will serve as the overall security point of contact for this contract. The ISE's full time duty location will be onsite at Aberdeen Proving Gound, MD.

Must have experience in the following:

• Writing Configuration Management (CM) Plans and audit software change procedures, software development, software testing, and software documentation to verify compliance with software CM plans and procedures.
• Participating in design reviews, configuration audits, and evaluations of software products to ensure proper identification, control, and status accounting of the software baseline for each system.
• Configuration Management tools (JIRA, puppet, Confluence, Git Hub etc) and scripting.
• Implementing Configuration Management process in DEVSECOPS/ Agile development environment.
• ISSE Type - Security Engineering background with knowledge on how to secure a hybrid cloud environment.
• Patch management - Landscape, Satellite, etc.
• Familiar with Landscape
• Log management - Prometheus, Grafana
• Experience in Linux and Linux based applications /tools
• Experience with Containers

Qualifications

• Bachelor's Degree in Computer Science, or other Engineering or Technical discipline with an Information Security or Cyber Security Concentration. Security Clearance: SECRET
• Seven (7) years' experience within the last 9 years.
• Seven years of professional experience, appropriate computing environment certification, and IA SYSTEM ARCHITECT AND ENGINEER (IASAE) SPECIALTY qualified in accordance with standards spelled out in DoD -M and the Army Information Assurance (IA) Training and Certification Best Business Practice.
• Experience can be substituted for the degree provided the person has BOTH the relevant experience AND is fully Information Assurance (IA) certified in accordance with AR 25-2, Information Assurance, and the associated best business practice for IA Training and certification (IA Training BBP).

About Semper Valens Solutions:

Semper Valens Solutions, Inc. (SVS) is a Service-Disabled Veteran Owned Small Business (SDVOSB) providing Cost Effective Software and Systems Engineering, Field Support, Training and Full Life cycle Support Management to the DOD and VA community.

At Semper Valens, our vision is to remain a creative, cutting edge and cost-effective solutions provider where our shared intellect, industry experience, and technology excellence, make a positive difference in our customer's success. Our solutions help bridge the gap between IT and business prioritizations to optimize budgets, risks and operational processes.

We search for outstanding technical professionals, hiring at all levels of the experience spectrum; intermediate, journeyman and senior. Consider us for your career plan.

Semper Valens Solutions is an Equal Opportunity Employer

Semper Valens Solutions proactively fulfills its role as an equal opportunity employer. We do not discriminate against any employee or applicant for employment because of race, color, sex, religion, age, sexual orientation, gender identity and expression, national origin, marital/parental status, pregnancy/childbirth, or related conditions, physical or mental disability, genetic information, status as a Disabled Veteran, Recently Separated Veteran, Active-Duty Wartime or Campaign Badge Veteran, Armed Forces Services Medal, or any other characteristic protected by law.

If you require a reasonable accommodation to apply for a position with Semper Valens Solutions through its online applicant system, please contact Semper Valens Solutions Human Resources Department at .

Semper Valens Solutions is an affirmative action/equal opportunity employer - minorities, females, disabled, and protected veterans are urged to apply. Applicants have rights under Federal Employment Laws.

All Jobs at Semper Valens Solutions:

Job Description

Description:

The First National

Job Description

Summary:
The Director of Information Security leads the design and execution of the organization’s cybersecurity strategy, overseeing programs that protect data, systems, and members from evolving threats. This role balances strategic vision with hands-on operational leadership, ensuring compliance, resilience, and alignment with business goals. The Director will collaborate closely with executive leadership and IT teams to strengthen the credit union’s overall security posture.

Key Responsibilities:

• Develop, implement, and manage the organization’s enterprise cybersecurity program, policies, and risk management framework.

• Lead security operations, incident response, and technology oversight to maintain regulatory compliance and operational resilience.

• Provide strategic leadership, budgeting, and staff development for the information security team, while reporting progress and risks to executive management.

Qualifications:

• Minimum 8 years of IT experience, including 6 in cybersecurity and 4 in a leadership role.

• Deep understanding of security frameworks (NIST, ISO 2700x, COBIT) and regulatory requirements (GLBA, FFIEC, PCI).

• Bachelor’s degree in Computer Science or related field; CISSP, CISM, or similar certifications strongly preferred.

---

This job is Hybrid Remote.

Pay Range: Salary $200,000.00 to $250,000.00

We offer several comprehensive benefits package including health and life insurance, paid and unpaid time off, and retirement and savings plans to qualifying employees.

Download the Sparks Group mobile app from Apple App Store or Google Play .

---

Sparks Group is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, pregnancy, citizenship, family status, genetic information, disability, or protect veteran status.