I am...

Location: Schriever SFB, Colorado Springs, CO

​

Position: Cybersecurity Analyst - Advanced

• Applies knowledge of Cyber policy, procedures, and workforce structure to develop, implement, and maintain a cyber-secure environment.
• Relies on extensive experience and judgement to plan and accomplish enclave security related goals.
• Supervises IAM and IAT personnel.
• Reports to government managers for enclave operational requirements.
• Leads cyber management and operations for enclave(s)/systems/sites.
• There are no supervisory responsibilities, but the employee may coach and mentor other employees.
• Capable of supporting a full-time, 40-hour work week, Monday-Friday. Occasional evening and weekend work may be required as job duties demand.
• Some travel is expected for this position.
• Other duties as assigned.

Minimum Qualifications:

• Education: Master’s in STEM / Program Management / or Cyber-related field or equivalent from an accredited institution with 5 years of cyber management experience.
• Acceptable alternative: Bachelor's Degree in STEM / Program Management / Cyber-related field with 8 years DoD cyber experience and knowledge demonstrated in cyber and missile defense related or other complex, large DoD programs / projects.
• IAM III Certification prior to accepting position - no exceptions.
• CISM
• CISSP (or Associate)
• GSLC
• CCISO
• eMASS Certification prior to accepting position - no exceptions.
• An Active Top Secret Clearance with SCI eligibility is required.

Why work at ITC Defense:

• Employer Supplemented Health Insurance
• Employer Paid Dental and Vision Insurance
• Employer Paid Life and AD&D Insurance
• 3% Biweekly 401(k) Contribution
• Paid Time Off
• Tuition and Certification Reimbursement
• Competitive Salaries with Performance Incentives
• A positive working environment with supportive teammates and leadership

​

For individuals assigned and/or hired to work in Colorado, ITC Defense is required by law to include a reasonable estimate of the compensation range for this role. This compensation range is specific to the State of Colorado and takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and delivery model. We would not anticipate that the individual hired into this role would land at or near the top end of the range, but such a decision will be dependent on the facts and circumstances of each case. A reasonable estimate of the range is $120,000 - $155,000 per year.

You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance.

​

ITC Defense Corp. is committed to creating a diverse environment and is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or protected veteran status. U.S. Citizenship is required for most positions. This job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee. Duties, responsibilities and activities may change, or new ones may be assigned at any time with or without notice. Employment with ITC is at-will. For further information on our equal opportunity protections as part of the employment process, please see http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf and http://www.dol.gov/ofccp/regs/compliance/posters/pdf/OFCCP_EEO_Supplement_Final_JRF_QA_508c.pdf

​

ACCESSIBILITY- Candidates must be able to perform the essential functions of the position satisfactorily and that, if requested, reasonable accommodation may be made to enable employees with disabilities to perform the essential functions of their job, absent undue hardship. If you are a qualified individual with a disability or a disabled veteran, you have the right to request a reasonable accommodation for purposes of participating in the application/selection process with ITC. Please refer to our website www.itcdefense.com/careers for further information on all our EEO/VEVRAA policies.

​

Thank you for your interest in ITC Defense!

The Director of Information Security is responsible for establishing and maintaining the overall information security program within the Bank. The Director is responsible for providing leadership, strategic direction, and guidance to ensure the confidentiality, integrity, and availability of the Bank's information assets. The Director oversees the development and implementation of information security policies, procedures, and controls and ensures compliance with industry regulations and standards.

• Develops and implements a comprehensive information security program, including policies, procedures, and controls.
• Monitors and urgently addresses current and emerging cybersecurity risks that pertain to the Bank and its customers. Advises the Bank's Chief Risk Officer, IT Committee, and Senior Management in developing and implementing information technology safeguard strategies and controls to mitigate risks.
• Conducts ongoing information security compliance monitoring and performs IT and customer information risk assessments for all areas of the Bank.
• Monitors and continuously upgrades information security and business resiliency capabilities across the enterprise.
• Manages enterprise-wide Business Continuity Planning (BCP), including establishing and validating policies and procedures to restore business-critical services of the Bank in the event of a disaster or event.
• Works closely with and challenges the Director of Information Technology and the Chief Risk Officer to develop strategic plans and makes recommendations for significant information technology projects involving functional changes within the Bank.
• Provides the Board with an annual assessment of the Bank's Information Security program in accordance with the Gramm Leach Bliley Act.
• Assures audit compliance and procedure quality control through internal and external reviews, recommends and initiates corrective actions, and ensures system resources are in compliance with established Bank policies, procedures, and state and federal laws, rules and regulations.
• Manages physical security policies, protocols, procedures, and systems. Ensures policies and procedures are consistently applied across the Bank and ensures adherence with regulatory requirements.
• Continuously monitors and assesses the information security team and resources to ensure the organization employs and develops top talent.
• Performs personnel actions, including performance appraisals, disciplinary actions, and interviewing candidates for employment, and supervises the daily activities of the department, including, but not limited to, effective delegation of assignments, developing work schedules, and providing necessary training.
• Fosters a culture of security awareness and accountability throughout the organization. Works with the Training Officer to develop and deliver security awareness and training programs to educate employees on security best practices.
• Supports Community Reinvestment Act (CRA) through business development efforts. Actively participates in community organizations.
• Maintains a current knowledge of bank regulations. Ensures compliance with all Federal, State and Bank policies, procedures, and regulations.
• Other duties as assigned.

Required Qualifications:

• Bachelor's degree in Computer Science, Information Technology, or a related field.
• Extensive experience in information security management, including experience in a leadership or executive role.
• Professional certifications such as ISACA-CISM, and/or ISC2-CISSP are required.
• In-depth knowledge of information security frameworks, standards, and best practices. Strong understanding and experience in implementing the guidelines of FFIEC IT Booklets.
• Strong understanding of risk management principles and experience conducting risk assessments.
• Demonstrated ability to develop and execute strategic plans and initiatives.
• Strong leadership and people management skills, with the ability to build and develop a high-performing security team.
• Up-to-date knowledge of emerging threats, vulnerabilities, and security technologies.

​

Preferred Qualifications:

• Ability to deal with complex problems involving multiple facets and variables in non-standardized situations.

River City Bank is an Affirmative Action and Equal Opportunity Employer with a commitment to diversity. Individuals seeking employment at River City Bank are considered without regards to ancestry, age, color, physical or mental disability, genetic information, gender, gender identity, gender expression, marital status, medical condition, national origin, race, religion, sex, sexual orientation, protected veteran/military status or any other consideration made unlawful by federal, state or local laws. Note: River City Bank does not sponsor applicants for work visas.

​

For CA residents please read the Notice at Collection - California before applying.

​

Salary: $140,000 to $200,000 per year

Company Description

​

Visa is a world leader in payments and technology, with over 259 billion payments transactions flowing safely between consumers, merchants, financial institutions, and government entities in more than 200 countries and territories each year. Our mission is to connect the world through the most innovative, convenient, reliable, and secure payments network, enabling individuals, businesses, and economies to thrive while driven by a common purpose – to uplift everyone, everywhere by being the best way to pay and be paid.

​

Make an impact with a purpose-driven industry leader. Join us today and experience Life at Visa.

• Develop proof-of-concept prototypes for promising cybersecurity solutions, ensuring alignment with Visa's existing security architecture and strategic goals.
• Identify and assess innovative cybersecurity tools, companies, and concepts that can enhance Visa's security architecture.
• Work closely with internal stakeholders, including the Cybersecurity Product Development team, to transition prototypes into fully operational products and solutions.
• Continuously monitor and analyze emerging cybersecurity trends, technologies, and practices that have the potential to impact Visa's security posture.
• Build automation to Integrate and orchestrate existing security tools so we can quickly resolve damaging malware infections.
• Independently formulate direction, design or oversight for the development of major Enterprise-wide programs or plans that have significant impact on the success of the organization
• Be responsible for overall planning, direction and oversight of multiple projects, products, services or functions.
• Stay up to date on new security tools & techniques in the information security space.
• Conduct proof of concept activities with key business users in support of advanced use cases.
• Automate security tools and processes ensuring innovation and advancement strategies that keep pace in the areas of access control, security-in-depth, secure transaction processing, secure coding practices for web and mobile applications.
• Be a product security champion by driving Security Architecture and Design/implementation/optimization for Web, API and Mobile backend applications across Visa.
• Engage in the initial requirements definition (including analysis of threats and risks and alignment with Visa security, Engineering, IT and Architecture standards).
• Conduct and facilitate security reviews, threat modelling including deep design reviews throughout the development lifecycle.
• You'll be working on enabling/building security on various platforms and technologies which protect the applications from attacks like:
• Payment processing platforms, Payment Wallet solutions, Consumer facing applications, COTS products deployed in house, public clouds, Issuer/Acquirer facing platforms and applications, white labelled solutions for partners.
• zTPF, zOS, MVS, Linux, Windows, VMWare, Openstack, SDN, Public cloud like AWS, Google
• Cybersecurity tools like IDS, SIEM, Tripwire, Tanium, Netwitness, Netflow, WAF
• HSMs, Tokenization systems, data encryption solutions from Safenet, Vormetric etc
• Web technologies like HTTP, SOAP, REST services, AJAX
• Databases like Oracle, MS SQL, Couchbase, Cassandra, Riak, Aerospike
• Programming languages like Java, C, C++, .Net, Javascript, GoLang, ErLang, Cobol etc
• Caching services like Kafka, Coherence, MQ
• Big-data like Hadoop
• Web Access Management solutions like Forgerock, Siteminder, Custom/in-house Security Frameworks

Basic Qualifications:

​

• 5+ years of relevant work experience with a Bachelor’s Degree or at least 2 years of work experience with an Advanced degree (e.g. Masters, MBA, JD, MD) or 0 years of work experience with a PhD, OR 8+ years of relevant work experience.

​

Preferred Qualifications:

​

• 6 or more years of work experience with a Bachelor's Degree in Computer Science or 4 or more years of relevant experience with an Advanced Degree (e.g. Masters, MBA, JD, MD) or up to 3 years of relevant experience with a PhD
• Bachelor’s Degree in Computer Science (or equivalent) from an accredited university.
• Minimum of 5 years of experience in architecting, designing and developing large enterprise class applications with increasing responsibilities.
• The Ideal candidate will also have one or more of the following certifications: CISSP, CISM, CEH, SANS/GIAC
• Conducting in-depth technical reviews of enterprise systems to identify the appropriate mitigation strategies required to bring these systems into compliance with established policy and industry guidelines.
• Proven ability to build Threat Models and analyze security weaknesses in complex deployments with varying technology stack
• Expertise in securing the integration of multiple environments across on-premises, multi-cloud, and hybrid architectures. Strong understanding of application and network security.
• Experience as technical lead organizing and mentoring junior and intermediate level engineers/architect
• Proficiency in performing risk, business impact, control and vulnerability assessments, and in defining treatment strategies.
• Full-stack web development with a focus on real-time interactive applications.
• Proficiency in front-end frameworks such as React.js, Vue.js, or Angular.js, with a deep understanding of state management (e.g., Redux, Vuex).
• Experience with back-end development using Node.js with frameworks such as Express.js or Nest.js.
• Solid understanding of AJAX and Fetch API for making asynchronous HTTP requests to the server.
• Hands-on experience with real-time communication technologies like WebSockets (e.g., Socket.io) or Server-Sent Events (SSE) for real-time data synchronization between clients.
• Proficient in working with databases like:
• NoSQL databases: MongoDB, Firebase (Firestore or Realtime Database) for flexible and real-time data storage.
• Relational databases with JSON support: PostgreSQL for structured data handling with Mermaid.js scripts stored in JSONB.
• Graph databases: Neo4j for handling complex graph structures and relationships (a plus).
• Familiarity with Mermaid.js or similar graph visualization libraries and how they integrate into web applications.
• Python development to create a system that translates questionnaire answers into AI prompts and then maps these to Mermaid.js SVG scripts for generating diagrams dynamically.
• Experience in data handling and AI prompt generation to automate the conversion of user input (questionnaire responses) into Mermaid.js diagrams.
• Understanding of real-time collaboration tools and patterns to enable multiple users to edit graphical elements simultaneously.
• Experience in designing and implementing APIs (RESTful or GraphQL) to handle data synchronization between the front-end and back-end.
• Knowledge of authentication methods (OAuth, JWT) to secure collaborative multi-user environments.
• Experience with version control systems (Git, GitHub) and CI/CD pipelines for deploying scalable applications.

Additional Information

​

Work Hours: Varies upon the needs of the department.

​

Travel Requirements: This position requires travel 5-10% of the time.

​

Mental/Physical Requirements: This position will be performed in an office setting. The position will require the incumbent to sit and stand at a desk, communicate in person and by telephone, frequently operate standard office equipment, such as telephones and computers.

​

Visa is an EEO Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. Visa will also consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.

​

Visa will consider for employment qualified applicants with criminal histories in a manner consistent with applicable local law, including the requirements of Article 49 of the San Francisco Police Code.

​

U.S. APPLICANTS ONLY: The estimated salary range for a new hire into this position is 139,800.00 to 202,750.00 USD per year, which may include potential sales incentive payments (if applicable). Salary may vary depending on job-related factors which may include knowledge, skills, experience, and location. In addition, this position may be eligible for bonus and equity. Visa has a comprehensive benefits package for which this position may be eligible that includes Medical, Dental, Vision, 401 (k), FSA/HSA, Life Insurance, Paid Time Off, and Wellness Program.