Cyber security analyst jobs in Allentown, PA - 486 jobs

Job Description Forhyre is seeking a talented individual that will be able to provide security architecture support and interface across the program as needed. This support includes, but is not limited to, cybersecurity solutions, providing technical strategy for solutions, guidance, policy, and implementations. The successful candidate for this position is a highly motivated individual, with a strong IT security background who excels integrating, operating, and deploying security technology and solutions and interacts well with both internal teams and clients. Note: U.S. citizens and those authorized to work in the U.S. are encouraged to apply. We are unable to sponsor at this time. Responsibilities: Engineer, implement and monitor security measures for the protection of computer systems, networks and information Develop and implement security policies and controls to support the Cyber Security framework Manage the existing cyber security training program across global, multilingual business Assists in ensuring global Information security program meets all industry regulations, standards, and compliance requirements Drive adoption of infrastructure security best practices and work with Information Technology teams to ensure security standards are maintained Implement technology to proactively scan Information Technology environment for security breaches and suspicious activity Continuous improvement in the areas of Information Security technologies, techniques and processes Develops and maintains an effective system for the distribution of regular key performance indicator reports and dashboard Ability to interpret penetration test results and describe issues and fixes to non-security expert Responsible for leading an accurate & comprehensive status reporting to the executive steering committee Create and implement SOP/ process improvement initiatives to achieve outcomes that align or exceed the expectations of strategic roadmap Skills & Experience Bachelor's degree and 12+ years of experience; additional years of directly applicable experience may be accepted in lieu of a degree. Certified Information Systems Security Professional (CISSP) 8+ years hands-on experience designing or implementing security solutions, including all related documentation and artifacts Analytical ability, problem-solving skills, and ability to break down complex problems into actionable steps Extensive experience in design and development of enterprise security architectures. Experience must include a wide range of work in creating diagrams and documentation with all components that comprise IT systems including network topology. Strong knowledge and experience in secure enterprise architecture design, especially with regard to IAM, NDR, EDR, SIEM, AI/ML, and other cybersecurity tools and resultant applications Experience selecting effective methods, techniques, and evaluation criteria to achieve desired outcomes Previous experience developing architectures, strategies, strategic plans, roadmaps, and technical standards for the federal IT enterprise environment. Vulnerability Assessment testing and/or Penetration Testing (preferred) Robotic Process Automation/Intelligent Automation (preferred) Business case development supporting security technology solutions (preferred) Additional certifications demonstrating cybersecurity/technical mastery (preferred)

At Customers Bank, we believe in working hard, working smart, working together to deliver memorable customer experiences and having fun. Our vision, mission, and values guide us along our path to achieve excellence. Passion, attitude, creativity, integrity, alignment, and execution are cornerstones of our behaviors. They define who we are as an organization and as individuals. Everyone is encouraged to have personal development plans. By doing so, our team members are on their way to achieve their highest potential and be successful in their personal and professional lives. This role is required to sit ONSITE in our Malvern, PA office Monday through Thursday with Friday remote. Must be eligible to work in the U.S. without requiring sponsorship now or in the future. Who is Customers Bank? Founded in 2009, Customers Bank is a super-community bank with over $22 billion in assets. We believe in dedicated personal service for the businesses, professionals, individuals, and families we work with. We get you further, faster. Focused on you: We provide every customer with a single point of contact. A dedicated team member who's committed to meeting your needs today and tomorrow. On the leading edge: We're innovating with the latest tools and technology so we can react to market conditions quicker and help you get ahead. Proven reliability: We always ground our innovation in our deep experience and strong financial foundation, so we're a partner you can trust. What you'll do: Documentation & Communication: Develop and maintain workflows to create, maintain, and update information security documentation in support of internal and external audit requirements. Control Testing & Evaluation: Under the direction information security management, execute testing procedures to assess the design and effectiveness of key information security controls across business units, technology, and operational processes. Track control effectiveness and KRI/KPI for inclusion in risk assessment reports. Issue Identification & Reporting: Document test results, identify control deficiencies, and provide clear recommendations for remediation. Identify and track exceptions to the Bank's security policies and procedures. Audit readiness and response: Assist information security team with gathering evidence/artifacts for internal and external audits. Collaboration: Work closely with business process owners, auditors, compliance, and risk teams to ensure timely resolution of identified issues. Continuous Monitoring: Participate in ongoing monitoring and follow-up activities to confirm remediation effectiveness and sustainability. What do you need? Must-Haves 2+ years of experience in internal audit, cyber security, or IT risk management, Knowledge of information security and IT risk control frameworks (e.g., COSO, COBIT, NIST). Understanding of financial, operational, and IT control environments. Strong analytical skills with attention to detail and accuracy. Excellent written and verbal communication skills Bachelor's degree in information systems, cyber risk, or related field. Key Skills Understanding of information technology infrastructure (networking, Active Directory, backups, etc.) and security concepts (role-based access control, least privilege, defense in depth, etc.). Experience in developing and maintaining documentation strategies for information security policies, standards, and operating procedures. Proficiency with Microsoft Office applications (Excel, Word, PowerPoint). Develop and maintain working relationships with audit, GRC, and IT teams to promote continuous control awareness and improvements. Nice-to-Haves Professional certifications such as CIA, CISSP, CISA, Microsoft certifications, or CRMA. Experience in Banking, financial services, or other highly regulated industries. Customers Bank is an equal opportunity employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also provide “reasonable accommodations”, upon request, to qualified individuals with disabilities, in accordance with the Americans with Disabilities Act and applicable state and local laws. Diversity Statement: At Customers Bank, we believe in working smart, working together, and having fun while delivering innovative solutions and memorable experiences for our customers. We are committed to the continual advancement of a culture which reflects the value we place on diversity, equity, and inclusion. We honor the diverse experiences, perspectives, and identities of our team members, and we recognize that it is their passion, creativity, and integrity that drives our success. Step into your future with us! Let's take on tomorrow.

A Few Words About Us Integrated Resources, Inc is a premier staffing firm recognized as one of the tri-states most well-respected professional specialty firms. IRI has built its reputation on excellent service and integrity since its inception in 1996. Our mission centers on delivering only the best quality talent, the first time and every time. We provide quality resources in four specialty areas: Information Technology (IT), Clinical Research, Rehabilitation Therapy and Nursing. Job Description: Network Security Analyst 6 months CTH • 3+ years of designing, implementing and supporting CISCO ISE is required Responsibilities: Work with vendor to ensure the quality design, implementation, installation/configuration, and provide technical admin support for Cisco ISE Authentication Authorization, Posture Assessment, and AnyConnect end point Malware Prevention solutions. • Upgrade Cisco ISE infrastructure including hardware, software, and AnyConnect • Perform Cisco ISE Authentication and Authorization • Enforce security Posture compliance for wired and wireless endpoints and enhance infrastructure security using the Cisco ISE • Deploy Cisco ISE Profiling and client provisioning services • Integrate Endpoint Malware Protection Services (AMP) with AnyConnect and Cisco ISE • Provide Reports, Monitoring, Troubleshooting, and Security Work with vendor on problem resolution Create policies and reports to meet the business requirements Participate in Planning, Design, and Tests Perform security audits, scan and monitor servers Investigate and report on security alerts and perform security incident reporting Requirements: Expert-level knowledge and experience with design, implementation and support of Cisco ISE 3-5 year of experience working with Network Security applications Complex routing and switching solutions (Cisco is a must, Nexus strongly preferred, other manufacturers are a plus) Advance knowledge of networking, TCP/IP, FTP, SCP, firewalls, ACLs, Authentication protocols, Authorization, VPN, PKI, RSA, and Encryption Knowledge of Directory Services including Active Directory, LDAP, and TDS Knowledge of F5 load balancers Knowledge of IT security principles, HIPAA, SOX and PCI regulations Knowledge of IDS/IPS, Malware Prevention (Sourcefire & Fireye desired, Palo Alto a plus) Business Analysis skills and ability to translate business requirements into technical requirements Excellent oral/written communication and organizational skills Security certification a plus such as CISSP, CEH or CISA Qualifications Bachelor's Degree in Computer Science, Programming, or IT required Additional Information Contact- 732-549-2030 ext 242 Harshad

Hours: 40 Pay Details: $98,160 - $159,270 USD TD is committed to providing fair and equitable compensation opportunities to all colleagues. Growth opportunities and skill development are defining features of the colleague experience at TD. Our compensation policies and practices have been designed to allow colleagues to progress through the salary range over time as they progress in their role. The base pay actually offered may vary based upon the candidate's skills and experience, job-related knowledge, geographic location, and other specific business and organizational needs. As a candidate, you are encouraged to ask compensation related questions and have an open dialogue with your recruiter who can provide you more specific details for this role. Line of Business: Technology Solutions Job Description: The Information Security Specialist defines, develops and/or implements Technology Controls / Information Security related policies, programs, tools and provides specialized expertise and guidance on assessing risks, identifying potential gaps and providing security solutions to mitigate risks and protect the Bank. Participates on projects of moderate to high complexity and provides complex reporting, analysis, and assessments at the functional, business line or enterprise level for own area. Information Security Specialist - AI Vulnerability Specialist is responsible for supporting the identification, assessment, and management of vulnerabilities unique to AI models across the organization. This role contributes to processes that enable continuous detection, classification, and remediation of AI‑related risks, ensuring the secure operation of AI systems throughout their lifecycle. Working within the Information Security team, the Specialist helps perform model assessments, operate scanning tools, and assist in documenting and communicating risks to relevant stakeholders. This role emphasizes hands‑on analysis, operational execution, and collaboration with engineering partners to support the organization's AI risk posture. Depth & Scope: Participates on complex, comprehensive or large projects and initiatives Acts as a lead expert resource in technology controls / information security for project teams, the business / organization and/or outside vendors Has advanced knowledge of organization, technology controls / security/ risk issues Education & Experience: Bachelor's degree preferred Information security certification / accreditation an asset 7+ years of relevant experience Expert knowledge of IT security and risk disciplines and practices Preferred Qualifications: Demonstrated success in building AI vulnerability management programs, including assessment, prioritization, and remediation governance. Experience supporting vulnerability management activities, including assessment, prioritization, or remediation workflows. Understanding of AI/ML lifecycle stages (data preparation, training, deployment, and monitoring). Familiarity with AI/ML model architectures, pipelines, and frameworks (TensorFlow, PyTorch, Scikit learn). Knowledge of cloud based AI platforms such as AWS Sagemaker, Azure AI, or GCP Vertex AI. Exposure to AI security tooling or model specific vulnerability assessment techniques. Working knowledge of ServiceNow Vulnerability Response or similar SecOps workflows. Understanding of AI related security frameworks and emerging threat vectors. Experience in regulated industries or familiarity with applicable standards (e.g., FFIEC, GLBA, GDPR, PCI DSS, NYDFS Cybersecurity Regulation). Advanced security certifications (CISSP, CCSP, or equivalent) Physical Requirements: Never: 0%; Occasional: 1-33%; Frequent: 34-66%; Continuous: 67-100% Domestic Travel - Occasional International Travel - Occasional Performing sedentary work - Continuous Performing multiple tasks - Continuous Operating standard office equipment - Continuous Responding quickly to sounds - Occasional Sitting - Continuous Standing - Occasional Walking - Occasional Moving safely in confined spaces - Occasional Lifting/Carrying (under 25 lbs.) - Occasional Lifting/Carrying (over 25 lbs.) - Never Squatting - Occasional Bending - Occasional Kneeling - Never Crawling - Never Climbing - Never Reaching overhead - Never Reaching forward - Occasional Pushing - Never Pulling - Never Twisting - Never Concentrating for long periods of time - Continuous Applying common sense to deal with problems involving standardized situations - Continuous Reading, writing and comprehending instructions - Continuous Adding, subtracting, multiplying and dividing - Continuous The above statements are intended to describe the general nature and level of work being performed by people assigned to this job. They are not intended to be an exhaustive list of all responsibilities, duties and skills required. The listed or specified responsibilities & duties are considered essential functions for ADA purposes. #EVMAI Who We Are: TD is one of the world's leading global financial institutions and is the fifth largest bank in North America by branches/stores. Every day, we deliver legendary customer experiences to over 27 million households and businesses in Canada, the United States and around the world. More than 95,000 TD colleagues bring their skills, talent, and creativity to the Bank, those we serve, and the economies we support. We are guided by our vision to Be the Better Bank and our purpose to enrich the lives of our customers, communities and colleagues. TD is deeply committed to being a leader in customer experience, that is why we believe that all colleagues, no matter where they work, are customer facing. As we build our business and deliver on our strategy, we are innovating to enhance the customer experience and build capabilities to shape the future of banking. Whether you've got years of banking experience or are just starting your career in financial services, we can help you realize your potential. Through regular leadership and development conversations to mentorship and training programs, we're here to support you towards your goals. As an organization, we keep growing - and so will you. Our Total Rewards Package Our Total Rewards package reflects the investments we make in our colleagues to help them and their families achieve their financial, physical and mental well-being goals. Total Rewards at TD includes base salary and variable compensation/incentive awards (e.g., eligibility for cash and/or equity incentive awards, generally through participation in an incentive plan) and several other key plans such as health and well-being benefits, savings and retirement programs, paid time off (including Vacation PTO, Flex PTO, and Holiday PTO), banking benefits and discounts, career development, and reward and recognition. Learn more Additional Information: We're delighted that you're considering building a career with TD. Through regular development conversations, training programs, and a competitive benefits plan, we're committed to providing the support our colleagues need to thrive both at work and at home. Colleague Development If you're interested in a specific career path or are looking to build certain skills, we want to help you succeed. You'll have regular career, development, and performance conversations with your manager, as well as access to an online learning platform and a variety of mentoring programs to help you unlock future opportunities. Whether you have a passion for helping customers and want to expand your experience, or you want to coach and inspire your colleagues, there are many different career paths within our organization at TD - and we're committed to helping you identify opportunities that support your goals. Training & Onboarding We will provide training and onboarding sessions to ensure that you've got everything you need to succeed in your new role. Interview Process We'll reach out to candidates of interest to schedule an interview. We do our best to communicate outcomes to all applicants by email or phone call. Accommodation TD Bank is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, status as a protected veteran or any other characteristic protected under applicable federal, state, or local law. If you are an applicant with a disability and need accommodations to complete the application process, please email TD Bank US Workplace Accommodations Program at ***************. Include your full name, best way to reach you and the accommodation needed to assist you with the applicant process.

Job DescriptionAt ALLERE GROUP, we pride ourselves in creating the perfect match for our candidates. We work tirelessly to build relationships with top companies across the nation, so we always have exciting opportunities for the right candidates. If you are excited about emerging technologies and would love to be a part of a progressive company, we want to talk to you!Job Title: Security AnalystLocation: Hybrid - Allentown, PAResponsibilities Collaborate with product teams to embed security into AI/ML models, pipelines, and applications throughout the SDLC. Conduct security reviews for AI systems, including LLMs, generative models, and data pipelines. Support the development of AI security policies, standards, and controls aligned with NIST, ISO, and emerging AI regulations. Define and implement AI-specific risk controls, including model validation, bias mitigation, and explainability. Collaborate with legal, compliance, and data privacy teams to ensure adherence to evolving AI regulations. Assist in evaluating and implementing AI security tools for observability, model scanning, and data protection. Help build awareness and training materials for secure AI development practices across agile teams. Qualifications Bachelor's degree in Computer Science, Information Security, or a related field. 2+ years of experience in cybersecurity, with exposure to AI/ML technologies. Familiarity with secure coding practices, threat modeling, and cloud-native environments. Understanding of AI/ML concepts such as model training, inference, data labeling, and adversarial attacks. Knowledge of common AI risks (such as prompt injection, data poisoning, model misuse, etc.) and cybersecurity concepts (authentication, encryption, network security) is required. Strong communication and collaboration skills in agile environments (SAFe experience a plus). Strong analytical skills to assess risks and vulnerabilities in complex systems. Preferred Skills Professional certifications such as CCSK, CEH, or AI-specific credentials are highly desirable. Experience with Microsoft AI security tools (MS Defender for Cloud, MS Defender for Cloud Apps, Azure AI Content Safety, MS Purview). Experience with AI security tools (e.g., Zenity, Hidden Layer). Exposure to Power Platform, Power BI, or other low-code tools, especially any experience implementing data governance or DLP (Data Loss Prevention) on those, is a plus. Experience specifically in AI security or ML model governance is a strong plus. Proficiency in scripting and automation for security testing is a plus ALLERE GROUP is a proud woman-owned business (WBENC certified) and active supporters of numerous philanthropic, volunteer, and fundraising endeavors. ALLERE GROUP offers direct hire, contract to hire, and statement of work placements. We offer access to employer healthcare benefits, and a 401k retirement plan. Allere Group provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.

The INFOSEC/Cybersecurity Specialist applies advanced computer science and cybersecurity practices to design, develop, evaluate, and integrate secure computer systems and networks. The role provides information assurance, system security engineering, and integration support to internal and external customers. Responsibilities span a wide range of security functions including secure architectures, electronic data protection, network access control, encryption technologies, vulnerability and penetration analysis, and cybersecurity research. Key Responsibilities System Security Officer (SSO) Support * Perform SSO duties for all ATO‑owned systems-Operations (OPS) and Facilities & Equipment (F&E)-across the entire system lifecycle. Program Control & Governance * Provide program control and governance management support. Security Management Functions * Support budget management * Provide privacy management support * Coordinate responses for data calls * Support audit management activities * Develop and maintain Standard Operating Procedures (SOPs) * Provide policy management support Cybersecurity Engineering & Lifecycle Support * Support system development lifecycle activities for NAS enterprise‑level F&E‑funded cybersecurity services and OPS‑funded cybersecurity efforts. * Support development of cybersecurity standards and policies. * Assist with integration of NAS systems into enterprise architecture at strategic and tactical levels. Cybersecurity Engineering & Technical Services * Deliver cybersecurity engineering management support * Develop cybersecurity requirements * Support development, management, and operation of cybersecurity tools * Provide domain subject matter expertise * Conduct cyber engineering reviews * Support enterprise solution development * Support cybersecurity monitoring standards, requirements, and management Qualifications * U.S. Citizenship is required * Must be able to obtain a Public Trust clearance * Bachelor's degree in related field * Minimum 15 years of relevant experience * FAA experience a bonus Preferred Qualifications * Experience with encryption technologies, penetration testing, vulnerability assessments, and information assurance * Experience supporting federal, aviation, or enterprise‑level systems * Strong analytical, communication, and documentation skills * Ability to collaborate with technical, program, and leadership teams

Why us? You will be part of a team that believes that believes in employees success! They are a dynamic, fast growing company with great opportunities and an employee focused company culture. Join this fantastic team today and make a difference in your life and the lives of those around you! They are an equal opportunity employer and value diversity at our company. Job Description Strong knowledge of Information Security concepts such as: •Encryption, Cloud and Mobile Device Security •Data Loss and Prevention tools and solutions •Risk-Threat Analysis and Vulnerability Assessments •Enterprise Security Monitoring, Role-Based Access Control (RBAC) •Identity and Access Management, Computer Forensic •IT Audit and Compliance, Regulatory Requirements (HIPAA, CMS, FISMA, et. al.) •Knowledge of common vulnerability tools, and the ability to identify basic categories of vulnerability. What's in it for YOU? Salary: $120000 to $140000 10% bonus, exceptional perks and benefits Professional development training, mentoring, career coaching, and more! Sounds like you? then ping us with your most updated resume. We'd love to talk to you! We are excited about the companies growth and the role you will play with them. Qualifications Desired Skills & Experience: You hold a Bachelor's degree in any domain. You are certified in CISSP, or CISA, or CEH, required. You have more than 10 years experience working in the IT security function. You have working experience in the health care and/or financial services industries with project management and program management experience. You have good experience with Operating System, Database, Network and Application Security. Additional Information All your information will be kept confidential according to EEO guidelines.

ADP is Hiring a Lead Information Security Analyst - Identity Unlock Your Career Potential: Global Security Organization at ADP. Do you have a passion for going on the offensive to safeguard critical information? As ADP's Global Security Organization (GSO), we know that our clients rely on us for human capital management solutions, but beyond that, they entrust us with one of their most valuable assets -- their employee data. We are honored by this trust and are laser focused on securing data at every step in the information lifecycle, ensuring integrity, confidentiality and compliance with industry and government regulations at all times. From the cloud to the data center and across every emerging device, you'll join a team of experts in the GSO who are always staying one step ahead in this ever-changing world of data by continually evolving our strategies and technologies to protect ADP and our clients. Like what you see? Apply now! Learn more about ADP at tech.adp.com/careers Responsibilities: Develop and lead IAM security programs, with a primary focus on Active Directory (on-prem and Azure AD), identity lifecycle management, authentication systems, and overall directory hygiene Provide security oversight and guidance for directory services (Active Directory, Azure AD), including accounts, Group Policy, OU structure, domain trusts, and federation services. Oversight and compliance monitoring for role-based access control (RBAC), conditional access, and least privilege principles across AD and cloud identity platforms. Oversight and compliance monitoring for SSO, MFA, Privileged Access Management (PAM), and Identity Governance & Administration (IGA) tools. Align IAM configurations and controls to meet compliance, audit, and security requirements as necessary (e.g., CIS, SOX, NIST, ISO 27001). Mentor junior team members in support of IAM security program via process documentation and knowledge sharing. Analyze identity-related incidents and participate in incident response and root cause analysis. Knowledge of modern identity strategies (Zero Trust, passwordless authentication, Just-In-Time access). To Succeed in This Role: You will have a bachelor's degree or equivalent. Skills: 5+ years of experience in IAM or Security Operations, with hands-on expertise in Active Directory and Azure AD Strong knowledge of identity protocols (LDAP, Kerberos, SAML, OAuth2, OpenID Connect) Experience with hybrid identity environments, including Azure AD Connect, conditional access, and authentication flows Familiarity with IAM and PAM solutions such as SailPoint, CyberArk, etc. Understanding of security frameworks (NIST, ISO, CIS) and regulatory compliance requirements (SOX, HIPAA, GDPR) Strong knowledge of Cloud IAM concepts and implementations across the major cloud providers (AWS, Azure, OCI, GCP) Strong scripting or automation skills (e.g., PowerShell, Python) Excellent analytical, communication, and documentation skills What are you waiting for? Apply today! Find out why people come to ADP and why they stay: https://youtu.be/ODb8lxBrxrY (ADA version: https://youtu.be/IQjUCA8SOoA )

ADP is Hiring a Lead Information Security Analyst - Identity Unlock Your Career Potential: Global Security Organization at ADP. Do you have a passion for going on the offensive to safeguard critical information? As ADP's Global Security Organization (GSO), we know that our clients rely on us for human capital management solutions, but beyond that, they entrust us with one of their most valuable assets -- their employee data. We are honored by this trust and are laser focused on securing data at every step in the information lifecycle, ensuring integrity, confidentiality and compliance with industry and government regulations at all times. From the cloud to the data center and across every emerging device, you'll join a team of experts in the GSO who are always staying one step ahead in this ever-changing world of data by continually evolving our strategies and technologies to protect ADP and our clients. Like what you see? Apply now! Learn more about ADP at tech.adp.com/careers Responsibilities: Develop and lead IAM security programs, with a primary focus on Active Directory (on-prem and Azure AD), identity lifecycle management, authentication systems, and overall directory hygiene Provide security oversight and guidance for directory services (Active Directory, Azure AD), including accounts, Group Policy, OU structure, domain trusts, and federation services. Oversight and compliance monitoring for role-based access control (RBAC), conditional access, and least privilege principles across AD and cloud identity platforms. Oversight and compliance monitoring for SSO, MFA, Privileged Access Management (PAM), and Identity Governance & Administration (IGA) tools. Align IAM configurations and controls to meet compliance, audit, and security requirements as necessary (e.g., CIS, SOX, NIST, ISO 27001). Mentor junior team members in support of IAM security program via process documentation and knowledge sharing. Analyze identity-related incidents and participate in incident response and root cause analysis. Knowledge of modern identity strategies (Zero Trust, passwordless authentication, Just-In-Time access). To Succeed in This Role: You will have a bachelor's degree or equivalent. Skills: 5+ years of experience in IAM or Security Operations, with hands-on expertise in Active Directory and Azure AD Strong knowledge of identity protocols (LDAP, Kerberos, SAML, OAuth2, OpenID Connect) Experience with hybrid identity environments, including Azure AD Connect, conditional access, and authentication flows Familiarity with IAM and PAM solutions such as SailPoint, CyberArk, etc. Understanding of security frameworks (NIST, ISO, CIS) and regulatory compliance requirements (SOX, HIPAA, GDPR) Strong knowledge of Cloud IAM concepts and implementations across the major cloud providers (AWS, Azure, OCI, GCP) Strong scripting or automation skills (e.g., PowerShell, Python) Excellent analytical, communication, and documentation skills What are you waiting for? Apply today! Find out why people come to ADP and why they stay: **************************** (ADA version: **************************** )

Description: CALLOUTS: - This role is hybrid in either Louisville, KY, Providence, RI or Allentown, PA (onsite on tues to thur) - Looking for experience with agents generative AI - Experience in security tooling like Zenity would be nice to have Seeking a passionate and technically skilled Junior to Mid-Level AI Security Analyst to join our Product Security team. This role is ideal for someone with a strong foundation in cybersecurity and a growing expertise in AI/ML systems. You will implement and maintain security guardrails for AI solutions including Traditional ML, Generative AI, and Agentic AI. You'll work within our established AI Security Controls framework, which tailors'controls by AI type and emphasizes observability, traceability, risk management, and specialized safeguards for Generative and Agentic AI. You will collaborate with the Data & AI and Product Teams to ensure that AI-driven applications adhere to enterprise security standards and policies. You will help shape and secure the future of AI technologies across our enterprise, ensuring responsible and resilient adoption of AI in alignment with our security modernization goals. Required Experience: •Bachelor's degree in Computer Science, Information Security, or a related field. •2+ years of experience in cybersecurity, with exposure to AI/ML technologies. •Familiarity with secure coding practices, threat modeling, and cloud-native environments. •Understanding of AI/ML concepts such as model training, inference, data labeling, and adversarial attacks. •Knowledge of common AI risks (such as prompt injection, data poisoning, model misuse, etc.) and cybersecurity concepts (authentication, encryption, network security) is required. •Strong communication and collaboration skills in agile environments (SAFe experience a plus). •Strong analytical skills to assess risks and vulnerabilities in complex systems. Preferred Qualifications: •Professional certifications such as CCSK, CEH, or AI-specific credentials are highly desirable. •Experience with Microsoft AI security tools (MS Defender for Cloud, MS Defender for Cloud Apps, Azure AI Content Safety, MS Purview). •Experience with AI security tools (e.G., Zenity, HiddenLayer). •Exposure to Power Platform, Power BI, or other low-code tools, especially any experience implementing data governance or DLP (Data Loss Prevention) on those, is a plus. •Experience specifically in AI security or ML model governance is a strong plus. •Proficiency in scripting and automation for security testing is a plus.

Hours: 40 Pay Details: $98,160 - $159,270 USD TD is committed to providing fair and equitable compensation opportunities to all colleagues. Growth opportunities and skill development are defining features of the colleague experience at TD. Our compensation policies and practices have been designed to allow colleagues to progress through the salary range over time as they progress in their role. The base pay actually offered may vary based upon the candidate's skills and experience, job-related knowledge, geographic location, and other specific business and organizational needs. As a candidate, you are encouraged to ask compensation related questions and have an open dialogue with your recruiter who can provide you more specific details for this role. Line of Business: Technology Solutions Job Description: The Information Security Specialist defines, develops and/or implements Technology Controls / Information Security related policies, programs, tools and provides specialized expertise and guidance on assessing risks, identifying potential gaps and providing security solutions to mitigate risks and protect the Bank. Participates on projects of moderate to high complexity and provides complex reporting, analysis, and assessments at the functional, business line or enterprise level for own area. Depth & Scope: Participates on complex, comprehensive or large projects and initiatives Acts as a lead expert resource in technology controls / information security for project teams, the business / organization and/or outside vendors Has advanced knowledge of organization, technology controls / security/ risk issues Education & Experience: Bachelor's degree preferred Information security certification / accreditation an asset 7+ years of relevant experience Expert knowledge of IT security and risk disciplines and practices Preferred Qualifications: Ability to support risk management by analyzing findings rigorously, enabling data-driven decisions to improve compliance and remediation sustainability Strong skills in data strategy, advanced analytics design, mentoring, and predictive modeling for risk forecasting and severity scoring Experience developing AI and machine learning models, creating dashboards, and collaborating with governance teams to meet regulatory standards Advanced skills in Python, R, SQL, data visualization tools, and familiarity with cloud platforms and GRC systems Skills applying AI/ML techniques, and developing Confluence web applications to enhance data management and insights delivery Certifications such as CRISC, CISA, or CISSP Experience in information security, technology risk, Big Four firms, and AI/ML tools is advantageous Ability to ensure all analytics and reporting adhere to regulatory expectations, NIST/ISO frameworks, and risk governance standards. Knowledge of audit methodologies, regulatory frameworks (e.g., OCC, Fed, Basel, SOX, NIST, ISO 27001), and issue management practices Physical Requirements: Never: 0%; Occasional: 1-33%; Frequent: 34-66%; Continuous: 67-100% Domestic Travel - Occasional International Travel - Never Performing sedentary work - Continuous Performing multiple tasks - Continuous Operating standard office equipment - Continuous Responding quickly to sounds - Occasional Sitting - Continuous Standing - Occasional Walking - Occasional Moving safely in confined spaces - Occasional Lifting/Carrying (under 25 lbs.) - Occasional Lifting/Carrying (over 25 lbs.) - Never Squatting - Occasional Bending - Occasional Kneeling - Never Crawling - Never Climbing - Never Reaching overhead - Never Reaching forward - Occasional Pushing - Never Pulling - Never Twisting - Never Concentrating for long periods of time - Continuous Applying common sense to deal with problems involving standardized situations - Continuous Reading, writing and comprehending instructions - Continuous Adding, subtracting, multiplying and dividing - Continuous The above statements are intended to describe the general nature and level of work being performed by people assigned to this job. They are not intended to be an exhaustive list of all responsibilities, duties and skills required. The listed or specified responsibilities & duties are considered essential functions for ADA purposes. Who We Are: TD is one of the world's leading global financial institutions and is the fifth largest bank in North America by branches/stores. Every day, we deliver legendary customer experiences to over 27 million households and businesses in Canada, the United States and around the world. More than 95,000 TD colleagues bring their skills, talent, and creativity to the Bank, those we serve, and the economies we support. We are guided by our vision to Be the Better Bank and our purpose to enrich the lives of our customers, communities and colleagues. TD is deeply committed to being a leader in customer experience, that is why we believe that all colleagues, no matter where they work, are customer facing. As we build our business and deliver on our strategy, we are innovating to enhance the customer experience and build capabilities to shape the future of banking. Whether you've got years of banking experience or are just starting your career in financial services, we can help you realize your potential. Through regular leadership and development conversations to mentorship and training programs, we're here to support you towards your goals. As an organization, we keep growing - and so will you. Our Total Rewards Package Our Total Rewards package reflects the investments we make in our colleagues to help them and their families achieve their financial, physical and mental well-being goals. Total Rewards at TD includes base salary and variable compensation/incentive awards (e.g., eligibility for cash and/or equity incentive awards, generally through participation in an incentive plan) and several other key plans such as health and well-being benefits, savings and retirement programs, paid time off (including Vacation PTO, Flex PTO, and Holiday PTO), banking benefits and discounts, career development, and reward and recognition. Learn more Additional Information: We're delighted that you're considering building a career with TD. Through regular development conversations, training programs, and a competitive benefits plan, we're committed to providing the support our colleagues need to thrive both at work and at home. Colleague Development If you're interested in a specific career path or are looking to build certain skills, we want to help you succeed. You'll have regular career, development, and performance conversations with your manager, as well as access to an online learning platform and a variety of mentoring programs to help you unlock future opportunities. Whether you have a passion for helping customers and want to expand your experience, or you want to coach and inspire your colleagues, there are many different career paths within our organization at TD - and we're committed to helping you identify opportunities that support your goals. Training & Onboarding We will provide training and onboarding sessions to ensure that you've got everything you need to succeed in your new role. Interview Process We'll reach out to candidates of interest to schedule an interview. We do our best to communicate outcomes to all applicants by email or phone call. Accommodation TD Bank is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, status as a protected veteran or any other characteristic protected under applicable federal, state, or local law. If you are an applicant with a disability and need accommodations to complete the application process, please email TD Bank US Workplace Accommodations Program at ***************. Include your full name, best way to reach you and the accommodation needed to assist you with the applicant process.

Provide senior-level cybersecurity and information system security support for Navy systems by leading RMF activities, security authorization packages, continuous monitoring, and cybersecurity compliance in support of mission operations. Key Responsibilities Lead and support RMF Steps 1-6 for assigned Navy information systems Develop and maintain SSPs, SAPs, SARs, POA&Ms, and security artifacts Coordinate system authorization activities with Authorizing Officials (AOs) Conduct risk assessments and vulnerability analysis Support continuous monitoring, audits, and inspections Advise leadership on cybersecurity risk and mitigation strategies Qualifications (Citizenship, Education, Experience, Skills) Citizenship: U.S. Citizenship required Education: Bachelor's degree in Cybersecurity, IT, or related field (or equivalent experience) Certification: Must possess and maintain a DoD 8140 / IAWF-approved Information Assurance Technical (IAT) Level II certification (e.g., CompTIA Security+ CE, CySA+, SSCP, GSEC, or equivalent) Experience: Minimum 8 years cybersecurity / ISS experience; 5+ years RMF support Skills: RMF; NIST 800-53; risk analysis; technical writing; coordination with government stakeholders Required Systems, Tools, and Framework Experience Frameworks: DoD RMF, NIST SP 800-53, 800-37, 800-30 Systems: eMASS, ACAS, HBSS, STIG Viewer Tools: Nessus, SCAP, vulnerability scanning tools Security Handling: CUI, controlled system documentation We are an Equal Opportunity Employer and strive to provide equal employment opportunity to all applicants and staff in accordance with sound employee relations practices and federal and state laws. All qualified applicants will receive consideration without regard to race, color, religion, sex, national origin, age, disability, veteran status, sexual orientation, gender identity or expression, marital status, ancestry, genetic information, pregnancy status, or any other characteristic protected by law.

About the Role: The Network Security Engineer will design, implement, and manage secure network infrastructure to ensure uninterrupted business operations. Responsibilities: Configure and maintain firewalls, VPNs, and IDS/IPS systems. Perform network security monitoring and incident response. Conduct penetration testing and simulate attacks to identify weaknesses. Harden routers, switches, and network devices. Optimize performance without compromising security. Requirements: 3+ years experience in network engineering/security. Strong knowledge of Cisco, Palo Alto, or Fortinet firewalls. Experience with network protocols (TCP/IP, DNS, SSL, VPN). CCNA Security, CCNP Security, or equivalent certifications. Required Skills: Information Security Security

**Summary Statement:** You will be working with a team of experts to resolve issues and create new security infrastructure based on current market trends. **What you will be doing:** As a Penske Systems Engineer - Cyber Security you will maintain network, server and workstation firewall protection and provide network and application scanning, security logging, and intrusion detection capabilities. You will provide security reviews and define security models for new systems based on current trends and developments. You will also collaborate with different teams within the IT department to discuss, analyze or resolve usability issues and work on projects to update or create new security infrastructures. **Major Responsibilities:** - Ensure associates follow security standards through oversight of the set-up of a user's security access, administer network security access and monitor the associate's use of data systems to safeguard company information - Provide security reviews and define security models for new systems - Analyze and recommend security products based on their performance - Audit access to mission critical applications and to maintain compliance documentation for SOX and PCI - Analyze and review annual SOX and other compliance reports - Collaborate with different teams within the IT department to discuss, analyze, or resolve usability issues - Work on 1-3 mid to large-scale projects concurrently, assigned from department and group senior leadership - Mentor Security Administrators and Offshore Contractors - Define, implement, communicate and update security architecture for multiple computing platforms, operating systems, data networks, applications, and client software - Develop, implement, communicate, and update security policies and procedures for hardware, software, and network infrastructure - Develop, implement, and maintain tools for effective security administration and monitoring compliance IT security policies and procedures as well as detection of attempted security breaches and intrusion - Develop, test, and update disaster recovery plans to ensure that plans achieve desired results in protecting company assets and plans meet corporate risk and business resumption goals - Develop training material to be used to develop awareness within corporation of security policies, procedures, best practices and other issues as needed - Detailed understanding of Cloud Security fundamentals, including cryptography and the shared responsibility model - Other projects as assigned **Qualifications:** - Bachelor's degree or equivalent experience required, advanced degrees or certifications preferred - Minimum of 3+ years' experience - A background in auditing is also desirable - Knowledge of current state of the art security products is required - Firewall software/hardware - Proxy Filtering - Centralized Log configuration and analysis - IDS/IPS configuration and analysis. - SSO Infrastructure - Network Vulnerability Scanning - Advanced User Authentication Structures - OS Hardening and Security - Application vulnerability scanning - Networking TCP/IP and packet capture applications - Endpoint Protection solutions - Encryption Technology - Good documentation and presentation skills are also necessary for this position - Familiarity with disaster recovery planning and test execution - Regular, predictable, full attendance is an essential function of the job - Willingness to travel as necessary, work the required schedule, work at the specific location required, complete Penske employment application, submit to a background investigation (to include past employment, education, and criminal history) and drug screening are required **Physical Requirements:** -The physical and mental demands described here are representative of those that must be met by an associate to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. -The associate will be required to read; communicate verbally and/or in written form; remember and analyze certain information; and remember and understand certain instructions or guidelines. -While performing the duties of this job, the associate may be required to stand, walk, and sit. The associate is frequently required to use hands to touch, handle, and feel, and to reach with hands and arms. The associate must be able to occasionally lift and/or move up to 25lbs/12kg. -Specific vision abilities required by this job include close vision, distance vision, peripheral vision, depth perception and the ability to adjust focus. Penske is an Equal Opportunity Employer **About Penske Truck Leasing/Transportation Solutions** Penske Truck Leasing/Transportation Solutions is a premier global transportation provider that delivers essential and innovative transportation, logistics and technology services to help companies and people move forward. With headquarters in Reading, PA, Penske and its associates are driven by a dedication to excellence and a commitment to customer success. Visit Go Penske to learn more. Job Category: Information Technology Job Function: Software Engineering Job Family: Information Technology Address: 100 Gundy Drive Primary Location: US-PA-Reading Employer: Penske Truck Leasing Co., L.P. Req ID: 2510735

Ask IT Consulting Inc, backed by a $500 million Microtek group company, provides an industry leading blend of technology, business consulting, and outsourcing services. Ask IT is a minority-owned enterprise; it has been founded on providing the highest quality possible and on the devotion to customer satisfaction. ASK IT consulting is an equal opportunity employer, which is a global staffing, consulting and technology solutions company, offering industry-specific solutions to fortune 500 clients and worldwide corporations. Job Description The Information Security Specialist (ISS) is responsible for developing and documenting information security policies and standards, in addition to planning, coordinating, and implementing security measures for information systems. Years of Relevant Experience: 5 plus years Preferred Education 4 year college degree or equivalent technical study • -Define, develop and implement information security & risk management policies, procedures & best practices to comply with industry standards • -Develop plans to safeguard computer files against accidental or unauthorized • modification, destruction, or disclosure and to meet emergency data processing • needs. Monitor use of data files and regulate access to safeguard information in • computer files. • -Document and maintain a repository with version control of all policies, procedures and best practices • -Perform compliance reviews, risk management functions, test executions and encryptions for application and infrastructure service levels • -Monitor use of data files and safeguard computer files against authorized access and unauthorized access • -Modify computer security files to incorporate new software, correct errors or access changes • -Perform risk assessments and execute tests of data processing system to ensure • functioning of data processing activities and security measures. • -Encrypt data transmissions and erect firewalls to conceal confidential information as it • is being transmitted and to keep out tainted digital transfers. • -Identify and track issues, risks and action items. • -Document information security policies, standards, and procedures spanning and • encompassing the range of topics such as organization security, asset ID and • classification, personal security, communications and operations management, • access control, system development and maintenance, business continuity • management, and compliance. • -Confer with users to discuss issues such as computer data access needs, security • violations, and programming changes. • -Train users and promote security awareness to ensure system security and to • improve server and network efficiency. Qualifications Prior experience in the following are essential for the role: • Websense 7.8 • E policy Orchestrator 4.6 • Mc Afee email gateway (MEG) 7.6 • Airwatch 8.0.6.0 Additional Information If you are interested in finding out more about opportunities near you, if you are in need of a staffing firm such as ours, or if you just have a question regarding your resume and career path, please email me at ryanaskitc.com

Primary Office Location: 626 Washington Place. Pittsburgh, Pennsylvania. 15219. Join our team. Make a difference - for us and for your future. Please note: this on-site position is based at our Financial Center in Pittsburgh, PA. Candidates must be local, or willing to relocate to area. FNB will not provide sponsorship for employment-based visas for this position; only candidates who are legally authorized to work in the U.S. will be considered. Position Overview: This position is primarily responsible for quarterly Information Security Risk Assessment testing and review, Information Security Program maintenance, User Awareness of Information Security Policies including employee awareness activities and online course maintenance, coordination of the Information Security Committee, coordination and documentation of the Vendor Analysis process, User Administration, representation of Information Security for various projects and as needed or requested by the Director of Technology Risk Management. Position Title: Security Access Management Analyst 1 Business Unit: Risk Management Reports to: Manager of Security Access Management Position Overview: This position is primarily responsible for ensuring the protection of corporation information, following all financial regulations such as the Gramm-Leach-Bliley Act (GLBA) and keeping the information security program enforced through access management. The incumbent analyzes user requirements, procedures and problems to automate or improve existing systems and review computer system capabilities, workflow and scheduling limitations. Primary Responsibilities: Under direct supervision, administers user access and ensures access to applications systems remains appropriate. Under direct supervision, recertifies user access to ensure it remains appropriate. Assesses and resolves user access problems related to security controls to minimize business impact and risk exposure. Researches suspected access violations. Participates in the development and maintenance of criteria and procedures to ensure the correct individuals are involved at the correct time for security incidents identified by retail support. Conducts regular security audits, analysis and assessments per security policy. Performs other related duties and projects as assigned. All employees have the responsibility and the accountability to serve as risk managers for their businesses by understanding, reporting, responding to, managing and monitoring the risk they encounter daily as required by F.N.B. Corporation's risk management program. F.N.B. Corporation is committed to achieving superior levels of compliance by adhering to regulatory laws and guidelines. Compliance with regulatory laws and company procedures is a required component of all position descriptions. Minimum Level of Education Required to Perform the Primary Responsibilities of this Position: High School or GED Minimum # of Years of Job Related Experience Required to Perform the Primary Responsibilities of this Position: 1 Skills Required to Perform the Primary Responsibilities of this Position: Excellent project management skills Excellent communication skills, both written and verbal Excellent customer service skills Excellent organizational, analytical and interpersonal skills Ability to use a personal computer and job-related software MS Word - Basic Level MS Excel - Intermediate Level MS PowerPoint - Basic Level BA or BS preferred. Experience in information systems. Knowledge of ITI processing software and security settings. Licensures/Certifications Required to Perform the Primary Responsibilities of this Position: N/A Physical Requirements or Work Conditions Beyond Traditional Office Work: N/A Equal Employment Opportunity (EEO): It is the policy of F.N.B. Corporation (FNB) and its affiliates not to discriminate against any employee or applicant for employment because of age, race, color, religion, sex, national origin, disability, veteran status or any other category protected by law. It is also the policy of FNB and its affiliates to employ and advance in employment all persons regardless of their status as individuals with disabilities or veterans, and to base all employment decisions only on valid job requirements. FNB provides all applicants and employees a discrimination and harassment free workplace.

Job Description Type: Full Time Overtime Exempt: Exempt Reports To: ARMADA HQ Travel Required: Yes Security Clearance Required: Active Secret Security Clearance ************CONTINGENT UPON AWARD*************** Duties & Responsibilities: Specialist, Information System Security III (SISS3) will conduct risk and vulnerability assessments of planned and installed systems to identify vulnerabilities, risks and protection needs; conduct systems security evaluation, audits, and reviews; determine the residual risk of a package based on package content and assessment results and documenting for the Security Controls Assessor's (SCA) and higher level review. Execute Security Assessment Plans (SAPs) by conducting on-site testing for afloat and PIT ashore systems. Examples include executing STIGs, SRGs, ACAS scanning, and applying patches assets to obtain cybersecurity compliance and remediate vulnerabilities. Specialist, Information System Security III (SISS3) will conduct systems security reviews, audits, or evaluations, as appropriate, to ensure accreditation documents are accurate and represent the current risk posture of the system. Perform analysis of logs, events, and reporting of various data collections tools including: vulnerability monitoring via Assured Compliance Assessment System (ACAS) and related tools, Host Based Security Systems (HBSS), web content filters, Security Information and event management (SIEM), firewall systems, network devices, server devices, workstations, and intrusion detection and prevention systems (ID/PS). Specialist, Information System Security III (SISS3) will assess impacts from observed risks and report via the Cybersecurity Program chain of command. Executing Security Assessment Plans (SAPs) by conducting on-site testing for afloat and PIT ashore systems. Examples include executing STIGs, SRGs, ACAS scanning, and applying patches assets to obtain cybersecurity compliance and remediate vulnerabilities. Perform the evaluation of system administrator, security engineer, and/or system owner proposed corrections to ensure compliance and best-fit solution. Specialist, Information System Security III (SISS3) will present and submit data to management, develop reports, and produce procedural documentation in a comprehensive and cohesive manner. Perform risk management and security engineering for Research, Development, Testing, and Evaluation (RDT&E) RMF Afloat systems include Information Assurance Vulnerability Management (IAVM) support, remediation, patching, scanning and associated boundary maintenance. Specialist, Information System Security III (SISS3) will document residual risks in a plan of actions and milestones formatted in compliance with the current package system, currently eMASS. Specialist, Information System Security III (SISS3) will maintain current vulnerability scan data and residual risk plan of actions and milestones in Vulnerability Remediation Asset Manager (VRAM). Manage, attend, and support configuration control board practices. Create and verify the accuracy of POA&Ms/RARs as identified by vulnerability actual test results. Specialist, Information System Security III (SISS3) shall write technical documentation such as user manuals, reports, documentation, policies, presentations, Plan of Action and Milestones (POA&Ms), risk assessments, proposals, outlines, and summaries in support of both ashore and afloat systems across multiple platforms. Support developing of technical documents across multiple platforms including configuration management, milestone, issue tracking, web site content management and RMF documentation. Specialist, Information System Security III (SISS3) may be required to travel CONUS (any state in USA) and OCONUS (primarily Japan, and any country in Europe). The estimated number of trips is 14 per year (estimated 25%-30% travel). Other duties as assigned. Knowledge, Skills, and Abilities (KSAs): Ability to travel CONUS (any state in USA) and OCONUS (primarily Japan, and any country in Europe). Proficient in Microsoft Windows Operating System Administration, including Windows 11, Windows 10, Windows 7, and Windows XP (at a minimum). Ability to work as a team member, communicate, perform office functions and use office tools, customer focused and deliver exceptional performance. Possess excellent organizational and file management skills and the ability to plan and execute administrative work with little supervision. Possess excellent oral and written communication skills. Required Certifications: Minimum of one (1) IAT Level II listed certificate required: CompTIA Security+ (CE) CompTIA CySA+ GIAC Security Essentials (GSEC) ISC² SSCP (Systems Security Certified Practitioner) Minimum/General Experience: Five (5) years of experience in the following: Cybersecurity, Engineering, Test and Evaluation (T&E) or Authorization and Assessment (A&A) (formerly C&A) related field. Information Assurance tools such as Defense Information Systems Agency (DISA) Enterprise Mission Assurance Support Service (eMASS), Assured Compliance Assessment Solution (ACAS). Command line interface, PowerShell, and performing automated tasking through use of code. Minimum Education: College degree in any technical discipline from an accredited college or university. Disclaimer: The above information has been designed to indicate the general nature and level of work to be performed. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of the contractor assigned to this position. Applying: If you feel you have the knowledge, skills and abilities for this position visit our careers page at ****************** Special Notes: Relocation is not available for these jobs ARMADA provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, amnesty, or status as a covered veteran in accordance with applicable federal, state and local laws. ARMADA complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including, but not limited to, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training. Must be able to successfully pass a background check, and pre-employment drug testing. Job offers are contingent upon results of background check and drug testing.

The Information Security Analyst plays a key role in advancing the company's Governance, Risk & Compliance (GRC) program by protecting enterprise information assets and ensuring compliance with regulatory, contractual, and ethical standards. This position offers hands-on experience across multiple security domains including policy governance, risk management, AI governance, and data security, making it an excellent opportunity for early career professionals or recent graduates passionate about cybersecurity and emerging technology risks. In this role, you will collaborate with teams across Information Security, IT, and Legal to drive initiatives that safeguard sensitive data, maintain compliance obligations, and promote responsible use of artificial intelligence and other advanced technologies. Responsibilities Governance & Policy Management Assist in developing, maintaining, and aligning information security policies with frameworks such as NIST CSF, ISO 27001, SOC 2, CIS, and the NIST AI RMF. Contribute to documentation and control mapping for new or updated regulations related to AI, privacy, and data protection (e.g., GDPR, CCPA, NIST 800-53 Rev 5). Support internal policy review cycles, ensuring consistent version control and executive approval. Risk Management Participate in enterprise risk assessments, including third-party, application, and AI model risk reviews. Help identify, document, and track remediation of security and privacy risks within the GRC platform (e.g., Drata, ServiceNow GRC, OneTrust, Vanta, etc.). Support the development of risk metrics and dashboards for leadership reporting. Learn to evaluate AI-related risks such as model bias, data leakage, data lineage, model transparency, and unintended data exposure. Data Governance & Data Security Assist with data classification, retention, and handling standards, ensuring sensitive data is appropriately protected. Support data inventory and mapping efforts to improve visibility where critical data resides. Help review access controls, encryption standards, and secure data transfer processes in coordination with IT teams. Collaborate with the IT team to ensure alignment between data quality, privacy, and security controls. Compliance & Audit Support Gather and organize evidence for internal and external audits (ISO 27001, PCI, HIPAA, etc.). Maintain control documentation and track audit remediation activities. Support continuous monitoring of compliance requirements and updates to regulatory obligations, including emerging AI governance and data-related laws. AI Governance Support Contribute to inventories of AI tools and use cases across the enterprise. Assist in risk assessments for AI systems, ensuring they align with responsible AI principles such as fairness, accountability, and transparency. Collaborate with IT and legal teams to ensure that AI use complies with company policies. Security Awareness & Communication Help design and distribute training materials related to cybersecurity, data protection, and responsible AI practices. Support internal campaigns promoting secure data handling and ethical technology usage. Prepare metrics, dashboards, and presentations for leadership briefings. Continuous Improvement Participate in projects that automate or streamline GRC processes, such as policy lifecycle management or risk scoring. Stay informed about new threats, regulatory trends, and AI governance frameworks. Engage in ongoing professional development and certification opportunities. Qualifications Bachelor's degree in Cybersecurity, Computer Science, Information Systems, Data Science, or a related field is preferred 0-2 years of experience in cybersecurity, risk management, compliance, or data governance (internship or coursework acceptable). Understanding of cybersecurity principles, risk management, and data privacy fundamentals. Basic familiarity with AI systems, data governance concepts, or information security practices. Strong analytical, communication, and documentation skills. Ability to manage multiple priorities in a fast-paced environment. Proficient in Microsoft Excel, PowerPoint, and data analysis or GRC tools. Exposure to frameworks such as NIST CSF, ISO 27001, SOC 2, NIST AI RMF, or COBIT. Must be able to work in the U.S. without sponsorship Per applicable state requirements, the annual pay range for this position ($60,500 - $84,000) which consists of base salary (subject to performance), reflects the hiring range for candidates. Also note, an individual's offer may vary from this range as it may be impacted by additional factors, including but not limited to the candidate's hiring location, qualifications, experience, and market factors.

Mindlance is a national recruiting company which partners with many of the leading employers in the Life Sciences, IT, and Financial Services sectors, feel free to check us out at ************************* Job DescriptionClient: Healthcare/ Pharma Job Title: Sr. IT Consultant/Security Engineer Location: Raritan, NJ 08869 DURATION:- 11+ Months Job Overview: • The Information Security Analyst/Engineer will be vital in ensuring the protection of Pharmaceutical information assets, by partnering with project teams and business associates across the enterprise, to deliver secure solutions for high risk initiatives. The successful candidate must: Have both broad and deep knowledge of the principles of Risk Management, Information Security, and Regulatory Compliance. A detailed understanding of Privacy regulations, and the requirements of HIPAA / ACA, PCI, or other statutory or regulatory sources, is both necessary and required. Strong knowledge of security frameworks • Knowledge of IT frameworks like SDLC or ITIL is a significant plus. • Have in-depth technical knowledge of Information Technology, including intimate familiarity with as many as possible of the following, in order of importance: Big Data technologies such as Hadoop, and other technologies and the security standards applicable to them, Public cloud computing services (AWS VPC, Microsoft Azure), server (UNIX, Windows), networking (base TCP/IP and upper-level protocols e.g. HTTP, SFTP, REST ...), database (Oracle 10, MS-SQL), storage (SAN, NAS), directory (AD), familiarity with the principles and protocols of cryptography and common cryptographically solutions is necessary. • Have a BA / BS in computer science, information technology, or related field, and 5+ years of demonstrable field experience; or no degree but 8+ years of experience. Either a broad-based security certification, such as CISSP or equivalent, or analytical technical certification, such as GCIA / GCFA / GCED or similar, is preferred. Have the credibility and presence to act as a security subject matter expert within a project; and the ability to quickly grasp complex multi-discipline architectures to identify and mitigate or remove risk, and to assess against Pharmaceutical policy requirements and industry best practices in order to advise partners on secure configuration of different technologies. • Possess superior communication skills, both oral and written, and to all levels of management in the organization, and the ability to lead, influence, or contribute to a team of peers. Experience working within globally distributed virtual teams is necessary. Additional Information Thanks & Regards, Shipra Chauhan | Team Recruitment | ************ Mindlance Inc.