6,101 IT Controls jobs in the United States

IT Security & Controls Analyst

City: Chicago

State/Province: IL

Country: United States

Division: Corporate

Job ID: 13762

Since 1952, Lawson Products has worked hard to make our customers' jobs easier by improving their operational efficiency, productivity, and overall performance. As a leader in the MRO industry, we partner with customers to make sure they have the right maintenance and repair parts on hand when needed.

We are looking for a motivated Security & Controls Lead responsible for supporting audit cycles and ensuring compliance with Sarbanes-Oxley and other regulatory standards. This position is also tasked with creating and implementing security standards for the SAP landscape, Active Directory, and other ancillary systems, based on best practices.

Our corporate headquarters is in Chicago, IL. We offer 401k plus vision, dental and medical benefits, as well as a paid holiday and PTO package.

Responsibilities:

• Regularly performs spot checks on account and role creation, user account onboarding, and termination reviews. Follows up with Lawson staff and consultants if deficiencies are found.

• Oversees and coordinates with offshore SAP Security Analyst. Performs spot checks on their work, providing best practice and process improvement. Gives direction and ensures they are following the methodologies and standards set by this job function.

• Adheres to regulatory and compliance requirements, such as segregation of duties, SOX, and other regulatory standards, as required.

• Liaises with the business, service delivery, internal audit, and external audit teams to ensure a consistent and comprehensive security approach.

• Supports and monitors SOX related activities for all in scope applications to ensure compliance.

• Participates in periodic audits with internal and external audit personnel and constructs action plans for addressing any noted deficiencies.

• Establishes and maintains procedures and other technical documentation related to the IT security environment.

• Collaborates with functional and technical teams to resolve system issues.

• Monitors user administration processes and continuously implements improvements.

• Other duties as assigned.

Qualifications & Requirements:

• Undergraduate degree in engineering, computer science, or other technical discipline, plus five to seven years of security-specific experience, with at least the most recent three years of progressive applied experienced as an IT Security Professional, or an equivalent combination of education and experience.

• Must have three to five years of previous demonstrated work experience implementing SOX Security and Audit Controls.

• Strong team player with excellent collaboration skills and the ability to work in cross-functional and cross-cultural environment.

• The following certifications are a plus:

• Completed SAP Security Certification.

• Professional certification(s) such as a CISA, CISSP, CGEIT, or CRISC.

• An experienced IT security professional, well-versed in IT security policy management, information security risk management, IT security governance, industry best practices in securing IT systems, and security audit engagement management.

• A working level knowledge of Active Directory, groups, users, organizational units, group policy and how to provision the minimum security required for a user's job function.

• Deep knowledge of the following areas: position-based SAP security; table level restrictions; authorization groups; company code restrictions; SAP file level restrictions; SAP Java AS security; mass user creation; deletion; ECATT scripting and SAP security logs.

• An in-depth understanding of SAP security authorization concepts, SAP Segregation of Duty, access controls and SAP GRC Administration. Experience with GRC 5.3 and 10 is a plus.

• Understanding and experience implementing and supporting SAP security for ECC, GRC, BW, BOBJ, BODS, BPC, CRM, PI and SAP Mobile Platform.

• Demonstrates knowledge and skill in managing security process controls over critical and sensitive SAP transactions.

• Able to work closely with the business, internal audit and IT to implement and maintain consistent SAP security controls across multiple SAP landscapes.

• Able to take the initiative and work independently on implementing security processes for major projects.

• Able to demonstrate progressive, broad-based IT, and business experience.

• Strong analytical, troubleshooting, and problem-solving abilities.

• Strong customer service skills and commitment to providing quality service in support of IS/IT goals.

• Excellent communication, interpersonal/team building skills, and time management skills.

Our salary range for this role is $83,00 - $99,640 including a full benefits package.

Lawson Products is an Equal Opportunity Employer of women, minorities, protected veterans and individuals with disabilities.

Our client is looking for an experienced Information Security Controls Manager to support their security governance efforts, ensure regulatory compliance, and respond to client and audit requests. This role is ideal for someone with a strong background in information security, excellent communication skills, and the ability to collaborate across teams. This is a hybrid position based in Fairfield County, CT.

Information Security Controls Manager 's Responsibilities and Duties:

• Respond to client due diligence questionnaires, audit requests, and regulatory exams.
• Maintain and enhance information security policies, controls, and documentation.
• Work with GRC tooling to support automation and continuous compliance efforts.
• Ensure alignment with frameworks like NIST CSF and regulations including DORA, MAS, SFC, CFTC, and FINRA.
• Collaborate with cross-functional teams to assess and address information security risks.
• Drive risk assessments and develop remediation plans.
• Build and maintain dashboards, reports, and evidence repositories.

Information Security Controls Manager 's Qualifications and Skills:

• Bachelor's degree in Information Security, Computer Science, or related field.
• At least 5 years of experience in Information Security.
• At least 3 years of experience responding to due diligence, audit, and regulatory requests.
• Working knowledge of GRC platforms and automation tools.
• Familiarity with NIST CSF and cybersecurity regulations across global financial sectors.
• Prior experience as a security risk assessor is a plus.
• Excellent verbal and written communication.

RightClick is an equal opportunity employer who agrees not to discriminate against any employee or job applicant irrespective of race, color, creed, alienage, religion, sex, national origin, age, disability, gender (including gender identity), marital status, sexual orientation, citizenship or any other characteristic protected by law.

**Specialty/Competency:** Oracle
**Industry/Sector:** Not Applicable
**Time Type:** Full time
**Travel Requirements:** Up to 40%
At PwC, our people in business application consulting specialise in consulting services for a variety of business applications, helping clients optimise operational efficiency. These individuals analyse client needs, implement software solutions, and provide training and support for seamless integration and utilisation of business applications, enabling clients to achieve their strategic objectives.
In Oracle compliance and security at PwC, you will focus on providing consulting services for validating compliance and enhancing security within Oracle applications. You will analyse client requirements, implement security measures, and offer guidance and support for compliance with regulatory standards. Your work will enable clients to mitigate risks, protect sensitive data, and maintain compliance with industry regulations.
Enhancing your leadership style, you motivate, develop and inspire others to deliver quality. You are responsible for coaching, leveraging team member's unique strengths, and managing performance to deliver on client expectations. With your growing knowledge of how business works, you play an important role in identifying opportunities that contribute to the success of our Firm. You are expected to lead with integrity and authenticity, articulating our purpose and values in a meaningful way. You embrace technology and innovation to enhance your delivery and encourage others to do the same.
Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to:
+ Analyse and identify the linkages and interactions between the component parts of an entire system.
+ Take ownership of projects, ensuring their successful planning, budgeting, execution, and completion.
+ Partner with team leadership to ensure collective ownership of quality, timelines, and deliverables.
+ Develop skills outside your comfort zone, and encourage others to do the same.
+ Effectively mentor others.
+ Use the review of work as an opportunity to deepen the expertise of team members.
+ Address conflicts or issues, engaging in difficult conversations with clients, team members and other stakeholders, escalating where appropriate.
+ Uphold and reinforce professional and technical standards (e.g. refer to specific PwC tax and audit guidance), the Firm's code of conduct, and independence requirements.
**The Opportunity**
As part of the Enterprise Application Risk - Oracle Compliance and Security team you are expected to lead the creation and implementation of impactful Oracle controls auditing, consulting, and implementation initiatives. As a Manager you are expected to supervise, develop, and coach teams, manage client service accounts, and drive assigned client engagement workstreams by independently solving and analyzing complex problems to develop rigorous deliverables. You are also responsible for identifying new service opportunities, managing SDLC for Oracle Cloud product implementations, and leading security/RMC design workshops with client stakeholders.
**Responsibilities**
+ Lead the creation and implementation of Oracle controls auditing and consulting initiatives
+ Supervise and mentor team members, encouraging professional growth
+ Manage client service accounts and project workstreams
+ Independently resolve complex challenges to produce top-quality deliverables
+ Identify new service opportunities and manage SDLC for Oracle Cloud implementations
+ Conduct security and risk management design workshops with clients
+ Build and maintain client relationships
+ Assure adherence to control design standards
**What You Must Have**
+ Bachelor's Degree
+ 5 years of Oracle controls auditing, consulting and/or implementing
**What Sets You Apart**
+ Broad knowledge of Oracle Cloud application product suite
+ Experience with Oracle Cloud role design
+ Experience with Oracle Cloud Risk Management Cloud (RMC)
+ Leading 3+ end to end Oracle Security implementations
+ Leading design, build, test and deploy phases
+ Managing and understanding SDLC for Oracle Cloud product implementations
+ Identifying and addressing client needs
+ Managing in a professional services firm or large enterprise
+ Leading client projects and understanding business and technology
Learn more about how we work: does not intend to hire experienced or entry level job seekers who will need, now or in the future, PwC sponsorship through the H-1B lottery, except as set forth within the following policy: PwC is an equal opportunity employer, all qualified applicants will receive consideration for employment at PwC without regard to race; color; religion; national origin; sex (including pregnancy, sexual orientation, and gender identity); age; disability; genetic information (including family medical history); veteran, marital, or citizenship status; or, any other status protected by law. 
For only those qualified applicants that are impacted by the Los Angeles County Fair Chance Ordinance for Employers, the Los Angeles' Fair Chance Initiative for Hiring Ordinance, the San Francisco Fair Chance Ordinance, San Diego County Fair Chance Ordinance, and the California Fair Chance Act, where applicable, arrest or conviction records will be considered for Employment in accordance with these laws. At PwC, we recognize that conviction records may have a direct, adverse, and negative relationship to responsibilities such as accessing sensitive company or customer information, handling proprietary assets, or collaborating closely with team members. We evaluate these factors thoughtfully to establish a secure and trusted workplace for all.
The salary range for this position is: $99,000 - $232,000, plus individuals may be eligible for an annual discretionary bonus. For roles that are based in Maryland, this is the listed salary range for this position. Actual compensation within the range will be dependent upon the individual's skills, experience, qualifications and location, and applicable employment laws. PwC offers a wide range of benefits, including medical, dental, vision, 401k, holiday pay, vacation, personal and family sick leave, and more. To view our benefits at a glance, please visit the following link:

**IT Security & Controls Analyst**
**City:** Chicago
**State/Province:** IL
**Country:** United States
**Division:** Corporate
**Job ID:** 13762
Since 1952, Lawson Products has worked hard to make our customers' jobs easier by improving their operational efficiency, productivity, and overall performance. As a leader in the MRO industry, we partner with customers to make sure they have the right maintenance and repair parts on hand when needed.
We are looking for a motivated Security & Controls Lead responsible for supporting audit cycles and ensuring compliance with Sarbanes-Oxley and other regulatory standards. This position is also tasked with creating and implementing security standards for the SAP landscape, Active Directory, and other ancillary systems, based on best practices.
Our corporate headquarters is in Chicago, IL. We offer 401k plus vision, dental and medical benefits, as well as a paid holiday and PTO package.
**Responsibilities:**
+ Regularly performs spot checks on account and role creation, user account onboarding, and termination reviews. Follows up with Lawson staff and consultants if deficiencies are found.
+ Oversees and coordinates with offshore SAP Security Analyst. Performs spot checks on their work, providing best practice and process improvement. Gives direction and ensures they are following the methodologies and standards set by this job function.
+ Adheres to regulatory and compliance requirements, such as segregation of duties, SOX, and other regulatory standards, as required.
+ Liaises with the business, service delivery, internal audit, and external audit teams to ensure a consistent and comprehensive security approach.
+ Supports and monitors SOX related activities for all in scope applications to ensure compliance.
+ Participates in periodic audits with internal and external audit personnel and constructs action plans for addressing any noted deficiencies.
+ Establishes and maintains procedures and other technical documentation related to the IT security environment.
+ Collaborates with functional and technical teams to resolve system issues.
+ Monitors user administration processes and continuously implements improvements.
+ Other duties as assigned.
**Qualifications & Requirements:**
+ Undergraduate degree in engineering, computer science, or other technical discipline, plus five to seven years of security-specific experience, with at least the most recent three years of progressive applied experienced as an IT Security Professional, or an equivalent combination of education and experience.
+ Must have three to five years of previous demonstrated work experience implementing SOX Security and Audit Controls.
+ Strong team player with excellent collaboration skills and the ability to work in cross-functional and cross-cultural environment.
+ The following certifications are a plus:
+ Completed SAP Security Certification.
+ Professional certification(s) such as a CISA, CISSP, CGEIT, or CRISC.
+ An experienced IT security professional, well-versed in IT security policy management, information security risk management, IT security governance, industry best practices in securing IT systems, and security audit engagement management.
+ A working level knowledge of Active Directory, groups, users, organizational units, group policy and how to provision the minimum security required for a user's job function.
+ Deep knowledge of the following areas: position-based SAP security; table level restrictions; authorization groups; company code restrictions; SAP file level restrictions; SAP Java AS security; mass user creation; deletion; ECATT scripting and SAP security logs.
+ An in-depth understanding of SAP security authorization concepts, SAP Segregation of Duty, access controls and SAP GRC Administration. Experience with GRC 5.3 and 10 is a plus.
+ Understanding and experience implementing and supporting SAP security for ECC, GRC, BW, BOBJ, BODS, BPC, CRM, PI and SAP Mobile Platform.
+ Demonstrates knowledge and skill in managing security process controls over critical and sensitive SAP transactions.
+ Able to work closely with the business, internal audit and IT to implement and maintain consistent SAP security controls across multiple SAP landscapes.
+ Able to take the initiative and work independently on implementing security processes for major projects.
+ Able to demonstrate progressive, broad-based IT, and business experience.
+ Strong analytical, troubleshooting, and problem-solving abilities.
+ Strong customer service skills and commitment to providing quality service in support of IS/IT goals.
+ Excellent communication, interpersonal/team building skills, and time management skills.
Our salary range for this role is $83,00 - $99,640 including a full benefits package.
Lawson Products is an Equal Opportunity Employer of women, minorities, protected veterans and individuals with disabilities.

Security Controls Assessor Representative
Posted: 08/08/2024
Electrosoft Services, Inc. is an award-winning company that provides comprehensive technology-based solutions and services to federal customers. While cybersecurity is our specialty, we also focus on ICAM, enterprise IT modernization, and software solutions. We always seek to delight our customers, so we retain highly qualified employees and offer them meaningful work, growth opportunities, and work-life balance. What sets us apart from all other contractors is the sense of teamwork our employees feel - and the knowledge that outstanding effort is recognized and rewarded. The camaraderie we share emanates from Lunch & Learn sessions where we explore new ideas together, fun group activities ranging from escape rooms to miniature golf, and much, much more. If we've described you and your dream workplace, please apply and share in the many benefits and opportunities we offer.
Security Controls Assessor - Representative
Job Description
Electrosoft is seeking a Security Control Assessor - Representative (SCA-R) to support our DoD customer at Scott Air Force Base, IL. The SCA-R will independently assess the adequacy and compliance of security controls applied to the agency on behalf of the Government SCA and Authorizing Official (AO). SCA-R personnel will assist Government personnel with the overall responsibility to conduct independent comprehensive assessments of the management, operational, privacy and technical security controls and controls enhancements employed within or inherited by an IT system to determine the overall effectives of the controls for more than 52 Programs of Record in use across the Enterprise. The SCA-R will collect, provide, and maintain current documentation on authorization processes and procedures.
Duties & Responsibilities:
+ Assess, identify, and provide to the Government, for AO approval, a listing of recommended enterprise security controls/enhancements that provide mission assurance for cyber USTRANCOM terrain systems supporting USTRANSCOM's mission.
+ Provide SME support for RMF activities within and/or outside Enterprise Mission Assurance Support Service (eMASS) or other tool as designated by the Government.
+ Provide technical and operational analyses of supporting artifacts and provide risk analysis recommendations to the SCA.
+ Perform triage of authorization, POA&M, System Security Plan, System Categorization, and risk acceptance requests using the Govt RMF Artifact Quality Rubric.
+ Identify non-compliant submissions, document in the Package Return Report (PRR), and submit to the Government SCA for approval and signature.
+ Review security artifacts provided by program offices or other organizations and assess both technical and functional adequacy of cybersecurity/Information Assurance (IA) controls
+ Perform the Independent Verification and Validation (IV&V) role within eMASS on NIPRNet and SIPRNet, verifying that controls are in-place, operating as intended, producing desired outcomes, and providing feedback to submitters on non-compliant security controls, adequacy of artifacts, and POA&M items, and provide the required PRR as needed.
+ Compile Authorization Official package to include risk assessment, required artifacts, and required approval documents to support risk recommendations to the AO in accordance with Government guidance.
+ Review and coordinate RMF packages such as categorizations, security plans and POA&Ms for signature by approved authorities as designated by the Government and IAW suspense assigned by the Government.
+ Manage eMASS user accounts (i.e., add, delete, and assign/update roles) for the customers instance of eMASS per Government direction.
+ Track status of checklists and packages from submission through approval or disapproval decision by the AO.
Qualifications/Certifications:
+ Requires Active IAM-III certification (e.g. CISSP, CISM)
+ Minimum of 5 years of related experience
+ Requires Active DoD Secret security clearance
+ BA/BS degree from an accredited university
+ Thorough understanding and experience with DoD RMF tool eMASS
+ Excellent written and verbal communication skills, demonstrating the ability to present material to senior DoD and non-DoD officials.
+ Able to communicate effectively with senior leaders and customers to clearly present technical approaches and findings.
+ Demonstrated knowledge and understanding of the DoD mission
+ Experience with Ports, Protocols, Services Management (PPSM) is desired
Benefits:
+ Pay Range $100,000 - $120,000
+ The Electrosoft Services, Inc. pay range for this job position represents the typical salary range for this position based on experience and other factors.
+ We offer a wide range of benefits including health, dental, vision, and prescription benefits, retirement benefits, and paid leave.
Individuals seeking employment at Electrosoft Services are considered without regards to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, gender identity, or sexual orientation. You are being given the opportunity to provide the following information in order to help us comply with federal and state Equal Employment Opportunity/Affirmative Action record keeping, reporting, and other legal requirements
All qualified applicants are considered for employment, and employees are treated during employment without regard to race, color, religion, sex, national origin, age, citizenship, disability, or Veteran status. Additionally, the company provides reasonable accommodations to qualified individuals with disabilities.

**Specialty/Competency:** Oracle
**Industry/Sector:** Not Applicable
**Time Type:** Full time
**Travel Requirements:** Up to 40%
At PwC, our people in business application consulting specialise in consulting services for a variety of business applications, helping clients optimise operational efficiency. These individuals analyse client needs, implement software solutions, and provide training and support for seamless integration and utilisation of business applications, enabling clients to achieve their strategic objectives.
In Oracle compliance and security at PwC, you will focus on providing consulting services for validating compliance and enhancing security within Oracle applications. You will analyse client requirements, implement security measures, and offer guidance and support for compliance with regulatory standards. Your work will enable clients to mitigate risks, protect sensitive data, and maintain compliance with industry regulations.
Enhancing your leadership style, you motivate, develop and inspire others to deliver quality. You are responsible for coaching, leveraging team member's unique strengths, and managing performance to deliver on client expectations. With your growing knowledge of how business works, you play an important role in identifying opportunities that contribute to the success of our Firm. You are expected to lead with integrity and authenticity, articulating our purpose and values in a meaningful way. You embrace technology and innovation to enhance your delivery and encourage others to do the same.
Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to:
+ Analyse and identify the linkages and interactions between the component parts of an entire system.
+ Take ownership of projects, ensuring their successful planning, budgeting, execution, and completion.
+ Partner with team leadership to ensure collective ownership of quality, timelines, and deliverables.
+ Develop skills outside your comfort zone, and encourage others to do the same.
+ Effectively mentor others.
+ Use the review of work as an opportunity to deepen the expertise of team members.
+ Address conflicts or issues, engaging in difficult conversations with clients, team members and other stakeholders, escalating where appropriate.
+ Uphold and reinforce professional and technical standards (e.g. refer to specific PwC tax and audit guidance), the Firm's code of conduct, and independence requirements.
**The Opportunity**
As part of the Enterprise Application Risk - Oracle Compliance and Security team you are expected to lead the creation and implementation of impactful Oracle controls auditing, consulting, and implementation initiatives. As a Manager you are expected to supervise, develop, and coach teams, manage client service accounts, and drive assigned client engagement workstreams by independently solving and analyzing complex problems to develop rigorous deliverables. You are also responsible for identifying new service opportunities, managing SDLC for Oracle Cloud product implementations, and leading security/RMC design workshops with client stakeholders.
**Responsibilities**
+ Lead the creation and implementation of Oracle controls auditing and consulting initiatives
+ Supervise and mentor team members, encouraging professional growth
+ Manage client service accounts and project workstreams
+ Independently resolve complex challenges to produce top-quality deliverables
+ Identify new service opportunities and manage SDLC for Oracle Cloud implementations
+ Conduct security and risk management design workshops with clients
+ Build and maintain client relationships
+ Assure adherence to control design standards
**What You Must Have**
+ Bachelor's Degree
+ 5 years of Oracle controls auditing, consulting and/or implementing
**What Sets You Apart**
+ Broad knowledge of Oracle Cloud application product suite
+ Experience with Oracle Cloud role design
+ Experience with Oracle Cloud Risk Management Cloud (RMC)
+ Leading 3+ end to end Oracle Security implementations
+ Leading design, build, test and deploy phases
+ Managing and understanding SDLC for Oracle Cloud product implementations
+ Identifying and addressing client needs
+ Managing in a professional services firm or large enterprise
+ Leading client projects and understanding business and technology
Learn more about how we work: does not intend to hire experienced or entry level job seekers who will need, now or in the future, PwC sponsorship through the H-1B lottery, except as set forth within the following policy: PwC is an equal opportunity employer, all qualified applicants will receive consideration for employment at PwC without regard to race; color; religion; national origin; sex (including pregnancy, sexual orientation, and gender identity); age; disability; genetic information (including family medical history); veteran, marital, or citizenship status; or, any other status protected by law. 
For only those qualified applicants that are impacted by the Los Angeles County Fair Chance Ordinance for Employers, the Los Angeles' Fair Chance Initiative for Hiring Ordinance, the San Francisco Fair Chance Ordinance, San Diego County Fair Chance Ordinance, and the California Fair Chance Act, where applicable, arrest or conviction records will be considered for Employment in accordance with these laws. At PwC, we recognize that conviction records may have a direct, adverse, and negative relationship to responsibilities such as accessing sensitive company or customer information, handling proprietary assets, or collaborating closely with team members. We evaluate these factors thoughtfully to establish a secure and trusted workplace for all.
The salary range for this position is: $99,000 - $232,000, plus individuals may be eligible for an annual discretionary bonus. For roles that are based in Maryland, this is the listed salary range for this position. Actual compensation within the range will be dependent upon the individual's skills, experience, qualifications and location, and applicable employment laws. PwC offers a wide range of benefits, including medical, dental, vision, 401k, holiday pay, vacation, personal and family sick leave, and more. To view our benefits at a glance, please visit the following link:

**ManTech** seeks a motivated, career and customer-oriented **Senior Security Controls Assessor** to join our team in **Doral, FL** .
**Responsibilities include but are not limited to:**
+ Determines the effectiveness of security controls within Information Systems (IS), ensuring compliance and identifying vulnerabilities.
+ Rates the severity of weaknesses and recommends corrective actions, while overseeing Collateral, SCI, and SAP activities for sensitive information security.
+ Oversees IS security program policy, specifically SAP network infrastructure integration, and assesses Risk Management Framework (RMF) methodologies in accordance with the Joint SAP Implementation Guide (JSIG).
+ Advises ISO, IDO, PSO, and DAO/AO on security issues, evaluates authorization packages, and recommends authorization.Ensures security assessments are completed, prepares Security Assessment
+ Reports (SAR), assesses proposed changes to Authorization Boundaries, and creates Plans of Action and Milestones (POA&M) for identified weaknesses.Reviews sanitization and clearing procedures, assists with compliance inspections and cybersecurity incidents, ensures corrective measures, and evaluates hardware/software for security impact.
+ Ensures organizations address all phases of the Software Development
+ Lifecycle (SDLC), evaluates Continuous Monitoring Plans, and provides direction and mentorship to subordinate staff.
**Minimum Qualifications:**
+ High School and 4 years of additional experience or Associate's Degree and 2 years of additional experience may be exchanged in lieu of a required Bachelor's degree
+ 9+ years of experience with 5+ years of position-specific related experience.
+ 6+ years of experience in SAP, SCI, or Collateral Information Systems (IS) security and the implementation of regulations identified in the description of duties, or as an Information System Security Officer (ISSO), Information System Security Manager (ISSM), or SCA.
+ Experience in DoD, national, and applicable service and agency security policy, manuals, and standards. DoD 8570.01-M IAT Level III or DoD 8570.01-M IAM Level III certification.
**Desired Qualifications:**
+ Master's degree in Cybersecurity, Computer Engineering, Computer Science, or other closely related IT discipline.
+ Experience with ServiceNow, Microsoft TechCenter, or Jira ticketing systems. Experience with military/diplomatic operations working within a J-6/G-6/S-6 Directorate or with Special Operations Forces (SOF) or the Department of State (DoS) leading and performing cybersecurity risk assessments for and across multiple commands, agencies, and regionally distributed locations in a Security Operations Center (SOC). DoD 8570.01-M IASAE Level III certification (ISC2 CISSP-ISSAP, CISSP-ISSEP, or CISSP-ISSMP). Certified Ethical Hacker (CEH), GIAC Incident Handler (GCIH), Global Information Assurance Certification (GCIA), GIAC Penetration Tester (GPEN).
+ Experience at a DoD Combatant Command (e.g., SOUTHCOM, NORTHCOM, CENTCOM, CYBERCOM, INDOPACOM, EUCOM, AFRICOM, STRATCOM, TRANSCOM, SOCOM, SPACECOM) or a component is desired.
**Clearance Requirements:**
+ Must have an active Top Secret clearance with SCI Eligibility.
**Physical Requirements:**
+ Must be able to remain in a stationary position 50%
+ Constantly operates a computer and other office productivity machinery, such as a calculator, copy machine and computer printer
+ The person in this position frequently communicates with co-workers, management and customers, which may involve delivering presentations. Must be able to exchange accurate information in these situations.
ManTech International Corporation, as well as its subsidiaries proactively fulfills its role as an equal opportunity employer. We do not discriminate against any employee or applicant for employment. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
If you are a qualified individual with a disability and require a reasonable accommodation to apply for a position with ManTech through its online applicant system, please email us at and provide your name and contact information.

**MANTECH** seeks a motivated, career and customer-oriented **Security Controls Assessor III** to join our team in **Doral, FL** .
**Responsibilities include but are not limited to:**
+ Determines the effectiveness of security controls within Information Systems (IS), ensuring compliance and identifying vulnerabilities.
+ Rates the severity of weaknesses and recommends corrective actions, while overseeing Collateral, SCI, and SAP activities for sensitive information security.
+ Oversees IS security program policy, specifically SAP network infrastructure integration, and assesses Risk Management Framework (RMF) methodologies in accordance with the Joint SAP Implementation Guide (JSIG).
+ Advises ISO, IDO, PSO, and DAO/AO on security issues, evaluates authorization packages, and recommends authorization; ensures security assessments are completed, prepares Security Assessment Reports (SAR), assesses proposed changes to Authorization Boundaries, and creates Plans of Action and Milestones (POA&M) for identified weaknesses.
+ Reviews sanitization and clearing procedures, assists with compliance inspections and cybersecurity incidents, ensures corrective measures, and evaluates hardware/software for security impact.
+ Ensures organizations address all phases of the Software Development Lifecycle (SDLC), evaluates Continuous Monitoring Plans, and provides direction and mentorship to subordinate staff.
**Minimum Qualifications:**
+ Bachelors degree or 4 years of additional experience may be exchanged in lieu of a required bachelor's degree
+ 9+ years of experience with 5+ years of position-specific related experience.
+ 6+ years of experience in SAP, SCI, or Collateral Information Systems (IS) security and the implementation of regulations identified in the description of duties, or as an Information System Security Officer (ISSO), Information System Security Manager (ISSM), or SCA.
+ DoD 8570.01-M IAT Level III or DoD 8570.01-M IAM Level III certification.
**Desired Qualifications:**
+ Master's degree in Cybersecurity, Computer Engineering, Computer Science, or other closely related IT discipline.
+ Experience with ServiceNow, Microsoft TechCenter, or Jira ticketing systems.
+ Experience with military/diplomatic operations working within a J-6/G-6/S-6 Directorate or with Special Operations Forces (SOF) or the Department of State (DoS) leading and performing cybersecurity risk assessments for and across multiple commands, agencies, and regionally distributed locations in a Security Operations Center (SOC).
+ DoD 8570.01-M IASAE Level III certification (ISC2 CISSP-ISSAP, CISSP-ISSEP, or CISSP-ISSMP).
+ Certified Ethical Hacker (CEH), GIAC Incident Handler (GCIH), Global Information Assurance Certification (GCIA), GIAC Penetration Tester (GPEN).
+ Experience at a DoD Combatant Command (e.g., SOUTHCOM, NORTHCOM, CENTCOM, CYBERCOM, INDOPACOM, EUCOM, AFRICOM, STRATCOM, TRANSCOM, SOCOM, SPACECOM) or a component is desired.
**Clearance Requirements:**
+ Must have an active Secret clearance
**Physical Requirements:**
+ Must be able to remain in a stationary position 50%
+ Constantly operates a computer and other office productivity machinery, such as a calculator, copy machine and computer printer
+ The person in this position frequently communicates with co-workers, management and customers, which may involve delivering presentations. Must be able to exchange accurate information in these situations.
ManTech International Corporation, as well as its subsidiaries proactively fulfills its role as an equal opportunity employer. We do not discriminate against any employee or applicant for employment. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
If you are a qualified individual with a disability and require a reasonable accommodation to apply for a position with ManTech through its online applicant system, please email us at and provide your name and contact information.

**Specialty/Competency:** Oracle
**Industry/Sector:** Not Applicable
**Time Type:** Full time
**Travel Requirements:** Up to 40%
At PwC, our people in business application consulting specialise in consulting services for a variety of business applications, helping clients optimise operational efficiency. These individuals analyse client needs, implement software solutions, and provide training and support for seamless integration and utilisation of business applications, enabling clients to achieve their strategic objectives.
In Oracle compliance and security at PwC, you will focus on providing consulting services for validating compliance and enhancing security within Oracle applications. You will analyse client requirements, implement security measures, and offer guidance and support for compliance with regulatory standards. Your work will enable clients to mitigate risks, protect sensitive data, and maintain compliance with industry regulations.
Enhancing your leadership style, you motivate, develop and inspire others to deliver quality. You are responsible for coaching, leveraging team member's unique strengths, and managing performance to deliver on client expectations. With your growing knowledge of how business works, you play an important role in identifying opportunities that contribute to the success of our Firm. You are expected to lead with integrity and authenticity, articulating our purpose and values in a meaningful way. You embrace technology and innovation to enhance your delivery and encourage others to do the same.
Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to:
+ Analyse and identify the linkages and interactions between the component parts of an entire system.
+ Take ownership of projects, ensuring their successful planning, budgeting, execution, and completion.
+ Partner with team leadership to ensure collective ownership of quality, timelines, and deliverables.
+ Develop skills outside your comfort zone, and encourage others to do the same.
+ Effectively mentor others.
+ Use the review of work as an opportunity to deepen the expertise of team members.
+ Address conflicts or issues, engaging in difficult conversations with clients, team members and other stakeholders, escalating where appropriate.
+ Uphold and reinforce professional and technical standards (e.g. refer to specific PwC tax and audit guidance), the Firm's code of conduct, and independence requirements.
**The Opportunity**
As part of the Enterprise Application Risk - Oracle Compliance and Security team you are expected to lead the creation and implementation of impactful Oracle controls auditing, consulting, and implementation initiatives. As a Manager you are expected to supervise, develop, and coach teams, manage client service accounts, and drive assigned client engagement workstreams by independently solving and analyzing complex problems to develop rigorous deliverables. You are also responsible for identifying new service opportunities, managing SDLC for Oracle Cloud product implementations, and leading security/RMC design workshops with client stakeholders.
**Responsibilities**
+ Lead the creation and implementation of Oracle controls auditing and consulting initiatives
+ Supervise and mentor team members, encouraging professional growth
+ Manage client service accounts and project workstreams
+ Independently resolve complex challenges to produce top-quality deliverables
+ Identify new service opportunities and manage SDLC for Oracle Cloud implementations
+ Conduct security and risk management design workshops with clients
+ Build and maintain client relationships
+ Assure adherence to control design standards
**What You Must Have**
+ Bachelor's Degree
+ 5 years of Oracle controls auditing, consulting and/or implementing
**What Sets You Apart**
+ Broad knowledge of Oracle Cloud application product suite
+ Experience with Oracle Cloud role design
+ Experience with Oracle Cloud Risk Management Cloud (RMC)
+ Leading 3+ end to end Oracle Security implementations
+ Leading design, build, test and deploy phases
+ Managing and understanding SDLC for Oracle Cloud product implementations
+ Identifying and addressing client needs
+ Managing in a professional services firm or large enterprise
+ Leading client projects and understanding business and technology
Learn more about how we work: does not intend to hire experienced or entry level job seekers who will need, now or in the future, PwC sponsorship through the H-1B lottery, except as set forth within the following policy: PwC is an equal opportunity employer, all qualified applicants will receive consideration for employment at PwC without regard to race; color; religion; national origin; sex (including pregnancy, sexual orientation, and gender identity); age; disability; genetic information (including family medical history); veteran, marital, or citizenship status; or, any other status protected by law. 
For only those qualified applicants that are impacted by the Los Angeles County Fair Chance Ordinance for Employers, the Los Angeles' Fair Chance Initiative for Hiring Ordinance, the San Francisco Fair Chance Ordinance, San Diego County Fair Chance Ordinance, and the California Fair Chance Act, where applicable, arrest or conviction records will be considered for Employment in accordance with these laws. At PwC, we recognize that conviction records may have a direct, adverse, and negative relationship to responsibilities such as accessing sensitive company or customer information, handling proprietary assets, or collaborating closely with team members. We evaluate these factors thoughtfully to establish a secure and trusted workplace for all.
The salary range for this position is: $99,000 - $232,000, plus individuals may be eligible for an annual discretionary bonus. For roles that are based in Maryland, this is the listed salary range for this position. Actual compensation within the range will be dependent upon the individual's skills, experience, qualifications and location, and applicable employment laws. PwC offers a wide range of benefits, including medical, dental, vision, 401k, holiday pay, vacation, personal and family sick leave, and more. To view our benefits at a glance, please visit the following link: