Build Your Career in Cybersecurity -
YOUR WAY

Director of Infrastructure & Information Security - Hybrid Work Opportunity

​

Retirement Clearinghouse was voted one of the top places to work by Charlotte Magazine in 2024! When you join the team, you'll make a real difference and can learn, grow and make a positive impact every day. At Retirement Clearinghouse we are helping millions of Americans preserve their retirement savings. We use innovative technology and provide exceptional customer service to help participants make informed decisions about their retirement accounts.

​

We are looking for an experienced Director of Infrastructure & Information Security to join our Information Technology Team.

• Determining current and future enterprise infrastructure needs and oversight of the design, implementation, development and maintenance of RCH’s computing/IT environment.
• Responsible for RCH’s information security strategy and policies and oversight of the development, implementation, and enforcement of security standards and procedures.
• Oversight of the Help Desk Support team.

Required Qualifications:

• 10+ years of information technology experience
• 5+ years of experience managing multiple teams with varying responsibilities.
• Advanced knowledge and experience with Microsoft Operating Systems and Active Directory.
• Experience with AWS
• Experience with Microsoft 365 products including Exchange, SharePoint, OneDrive, Entra, Intune, etc.
• Knowledge of common security and audit frameworks such as SOC, ISO, and NIST.
• Process driven along with superior analytic and problem-solving skills.
• Strong interpersonal skills to build rapport and trust with individuals from diverse backgrounds.

• As a team member at Retirement Clearinghouse, you’ll enjoy:
• A culture that fosters a positive work-life balance.
• Hybrid work opportunities.
• Competitive compensation with Bonus potential.
• 23 days of Paid Time Off per year, 5 sick days per year, 3 Floating Holidays per year (actual time off is prorated the first year and is based upon date of hire)
• Paid holidays
• Medical, dental, vision, short-term disability, long-term disability, life insurance benefits on day 1 of employment
• 401k eligibility and 100% vesting with employer matching on day 1 of employment.
• Professional Growth and Career Advancement Opportunities

​

• Retirement Clearinghouse is in the Ayrsley area located in Charlotte, NC, the second-largest banking center in the United States.

​

• Retirement Clearinghouse is an EEO employer and participates in the E-Verify program. Pre-employment background checks will be performed upon offer of employment.

Job Summary:

​

At Estes Express Lines, where our mission is to facilitate frictionless shipping experiences for our customers, we embrace innovation to transform the industry. Our engineers play a pivotal role in researching and uncovering new opportunities to strengthen the foundation of our digital products, all aimed at delivering an effortless customer experience. The Cybersecurity Analyst I will be at the forefront of ensuring the reliability and security of the organization’s diverse technologies. Our Analysts will focus on lifecycle management, product recommendations, patch management, proactive threat detection and response, as well as reliability and resilience across technologies. Together, we are committed to building and delivering an exceptional customer experience, making shipping frictionless for employees and customers alike.

• Assists in digital evidence collection and forensic analysis to support incident response.
• Contributes to the continuous improvement of cybersecurity operations through participation in incident response playbook enhancements, post-incident reviews to distill lessons learned, and maintenance of regular security assessments and updates.
• Identifies automation opportunities to enhance cybersecurity capabilities and proactively addresses trends that may negatively impact stakeholders.
• Conducts investigations into security incidents such as malware infections, phishing attempts, and unauthorized access; Monitors the threat landscape to identify and assess emerging threats and vulnerabilities.
• Analyzes attack vectors and understands threat actor techniques to compromise systems and data.
• Develops knowledge in using SIEM tools, with potential for further development and maintenance of detections.
• Understands threats and risks related to the transportation and logistics industry.
• Engages in training and exercises to maintain team proficiency.
• Supports network investigations to mitigate potential security risks and intrusions.
• Fosters partnerships and collaborates with internal and external teams to enhance cybersecurity measures.
• Strengthens application security by implementing best practices in software development and deployment.
• Ensures robust cloud security protocols are in place to protect organizational data across various platforms.
• Enhances mobile security to safeguard against unauthorized access and threats on mobile devices.
• Advises on comprehensive data security strategies to ensure the integrity and confidentiality of sensitive information.
• Participates in the assessment of third-party vendors and service providers to ensure compliance with security standards.
• Coordinates, schedules, and manages penetration testing, vulnerability assessments, phishing simulations, and social engineering tests to identify potential security weaknesses.
• Regular attendance is required.
• This is not an all-inclusive list of job requirements and/or duties and may not contain all mental and physical capabilities necessary to perform the job at all times due to circumstances. Operational, safety and other needs may require the employee to perform any and all other duties as assigned. Employees are expected, and must be able to perform all such duties and tasks.

Required Qualifications:

• Basic knowledge of SIEM tools and the cybersecurity threat landscape.
• Understanding of ICS and OT security principles and cloud security best practices.
• Ability to work effectively with cross-functional teams and customers.
• Good planning and organizational skills, with the ability to manage multiple priorities.
• Understanding of the MITRE ATT&CK Framework and ability to apply it in practical scenarios.
• Strong communication skills, both written and verbal, and the ability to collaborate cross-functionally.
• Resourceful and self-motivated, with the ability to work independently when necessary.
• Analytical and critical thinking skills, with a demonstrated commitment to customer service.
• Familiarity with digital forensics, incident response, and playbook development.

​

Preferred Qualifications:

• Bachelor’s degree in computer science, information technology, cybersecurity, or a related field.
• 1 year of experience in cybersecurity or related IT roles.
• Basic knowledge of application, cloud, mobile, and data security practices.
• Experience in conducting security assessments of third-party vendors and service providers.
• Proficiency in coordinating and managing security testing activities, including penetration testing and vulnerability scanning.
• Demonstrated ability to develop and execute security testing schedules and maintain up-to-date security measures.

Physical Demands:

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. While performing the duties of this job, the employee is regularly required to talk or hear. Specific vision abilities required by this job include close vision, distance vision, peripheral vision, depth perception and ability to adjust focus. The employee is frequently required to sit and use hands to finger, handle, or feel or operate computers and other standard office equipment. The employee is occasionally required to stand, walk, lift, twist, turn and reach with hands and arms. The employee must be capable of lifting a minimum of 20 lbs., or more if required by the essential functions of the job.

​

Work Environment:

The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. The noise level in the work environment ranges from quiet to loud as required by the essential functions of the job.

Information Security Specialist - Associate

Fort Knox KY or Remote

Active Secret Clearance Required

@Orchard is supporting a growing Federal contractor with a need for an Information Security Specialist. The individual in this position will assist in developing and maintaining knowledgebase on changing regulatory, threat, and technology landscapes to continually develop or maintain security policies and standards and ensure compliance throughout the organization.

• Conducts and supports Traditional Security Reviews (assessments, evaluations, audits) as required and determined by Cybersecurity.
• Identifies and makes on-the-spot corrections to deficiencies and educates the user on current security standards/requirements IAW current cyber guidelines and DoD compliance standards.
• Provides surge support, technical guidance, and expertise in the areas of Cybersecurity to support Customer, Mission Partners, IMOs, ISSOs, IS Owners, Software Developers, Network System, and Database Administrators IAW all related cyber regulations and directives; provide results in reports, briefs, and deliverables as required to the appropriate Government representative.
• Provide Cybersecurity surge support in the event of real world or additional requirements in support of RMF compliance checks and documentation review across authorization boundaries, including, but not limited to:
• Perform security review preparation for all security controls associated with RMF applicable to an assigned authorization boundary based upon the Confidentiality, Integrity, or Availability designation.
• Perform on site or off-site reviews of all information systems to audit and validate compliance with associated security controls.
• Perform as reviewers of audit teams during inspections, assessments, evaluations, audits, etc.
• Provide reports to the assigned Government representative as required.
• Provide reviews, validation, and deliverable efforts in support of compliance or non-compliance IAW CCI, STIGs, and SRGs for each finding or vulnerability IAW RMF.
• Provide embedded Cybersecurity support across Customer or other supported organizations as required.

Requirements:

• Active Secret clearance
• Relevant experience with information security.

Preferred:

• BA/BS preferred
• IAT Level I (Security+, CND, CCNA-Security, OR SSCP recommended)

Established in 2010, @Orchard has an exceptional reputation, providing staffing solutions to time-sensitive, talent scarcity issues to deliver better talent management ROI. Our specialty lies in the critical area of program talent acquisition and resource management, not in one narrow skillset, but across many areas of technical and functional delivery. To learn more about our other exciting opportunities, visit our Jobs Page at www.atorchard.com.