Cyber security analyst jobs in Bethlehem, PA

The Information Security Engineer is responsible for ensuring the secure operation of systems, applications, and networks. This role involves implementing and supporting security solutions, maintaining policies and standards, conducting vulnerability audits, and collaborating with SOC teams on remediation and risk reduction. Key Responsibilities: Implement and support security tools and projects. Partner with the SOC for incident response and remediation. Serve as a handoff point between projects and ongoing operations. Support and mentor Level 1 security analysts. Conduct risk assessments and vulnerability audits. Maintain and enhance security policies, standards, and procedures. Qualifications: Bachelor's degree or equivalent experience (technical certification + 10 years IT experience). 5+ years of experience in Information Security. Hands-on experience with enterprise firewall technologies and infrastructure communication analysis. Familiarity with scripting, APIs, and automation. Experience with HIPAA, PCI, and NIST CSF frameworks. Experience with SIEM tools, DLP, and user behavior analysis. Certifications such as CompTIA Security+, CEH, or CISSP required. Tech Stack: Defender for Endpoint (EDR) Proofpoint (email security) Palo Alto firewalls Tenable / BigFix Managed SOC tools (log correlation, alerts) Microsoft 365, Active Directory Preferred Skills: Experience with EDR, risk scoring, and vulnerability prioritization. Experience coordinating across SOC and infrastructure teams. Familiarity with Proofpoint, BigFix, or Tenable. MFA implementation experience.

About the Role We are seeking a Security Analyst II to support our IAMO Transformation Program, contributing to the configuration, implementation, and support of the new SailPoint IdentityIQ (IIQ) platform. This role plays a key part in advancing our Identity and Access Management (IAM) capabilities through automation, governance, and improved operational efficiency. The ideal candidate will leverage technical expertise in SailPoint and IAM processes to help reduce manual provisioning, streamline access management, and strengthen security controls across the enterprise. Key Responsibilities Configure, customize, and implement SailPoint IdentityIQ (IIQ) solutions to support enterprise IAM transformation. Provide ongoing SailPoint product support including design, implementation, maintenance, and troubleshooting activities. Develop and maintain workflows, forms, roles, policies, reports, certifications, and segregation of duties (SOD) controls. Perform business-critical analysis to improve application access request and workflow processes within IAM. Support access provisioning and remediation for audit findings, client onboarding, and offboarding activities. Ensure compliance with corporate access certification and revocation policies. Partner with internal stakeholders to meet Client Service Level Objectives and internal project deadlines. Required Skills & Experience 3-5 years of experience in Identity and Access Management (IAM) or Cybersecurity. Hands-on experience with SailPoint IdentityIQ (IIQ) design, customization, and support. Strong understanding of IAM processes including Joiner, Mover, Leaver, Certification, and SOD workflows. Proficiency in Project Management and Business Analysis practices. Ability to identify, troubleshoot, and resolve complex IAM functional and technical issues. Preferred Technical Skills Excel, PowerPoint, SharePoint, and Jira proficiency.

Delta Information Systems, Inc. is seeking a highly skilled Information Security Specialist to protect and secure critical systems, data, and intellectual property in a fast-paced Aerospace & Defense environment. This role is responsible for implementing and managing security controls, ensuring compliance with strict regulatory requirements, and defending against advanced cyber threats. The ideal candidate will bring deep technical knowledge, strong problem-solving skills, and the ability to work across teams to maintain the confidentiality, integrity, and availability of sensitive information that supports our national security mission. This is a fully onsite position located in Horsham, PA. Key Responsibilities Implement, monitor, and maintain security tools, including firewalls, intrusion detection/prevention systems, endpoint protection, and SIEM platforms. Perform continuous monitoring, vulnerability assessments, penetration testing, and risk analysis of systems and networks. Ensure compliance with DoD, NIST 800-171, CMMC, ITAR, DFARS, and other regulatory frameworks. Champion the company's certification to CMMC Level 2. Develop, document, and enforce cybersecurity policies, procedures, and incident response plans. Support Government and customer security audits, preparing evidence and remediation plans as required. Investigate and respond to cybersecurity incidents, performing root-cause analysis and recommending corrective actions. Collaborate with IT, Engineering, Program Management, and Security teams to embed cybersecurity best practices into operations and product development. Provide cybersecurity awareness training to employees with a focus on handling sensitive defense-related data. Stay current on emerging cyber threats, nation-state tactics, and evolving compliance regulations impacting aerospace and defense. Qualifications Required: Bachelor's degree in Information Security, Computer Science, or related field (or equivalent experience). 5+ years of experience in information security, IT security operations, or cybersecurity. Strong knowledge of NIST 800-171, CMMC, and DFARS cybersecurity requirements. Experience developing, implementing and achieving CMMC compliance. Experience supporting DoD or government contracts with cybersecurity compliance needs. Hands-on experience with security infrastructure: SIEM, IDS/IPS, endpoint security, and network monitoring tools. Strong understanding of Windows, Linux, and cloud environments (Microsoft Office 365, Deltek Costpoint). Excellent analytical, documentation, and communication skills. U.S. Citizenship (required due to defense industry regulations). Preferred: Active security clearance (Secret or higher), or ability to obtain one. Relevant certifications: CISSP, CISM, Security+, CEH, or GIAC. Experience with RMF (Risk Management Framework) and STIG compliance. Familiarity with secure software development, DevSecOps practices, or classified system security. Compensation Competitive salary Outstanding benefits package 100% Paid Coverage for Medical, Dental, and Vision 401(k) Employer Match Employee Stock Ownership Program (company funded) Life Insurance (company funded) Short-Term Disability (company funded) Long-Term Disability (company funded) Vacation & Sick Holidays: 11 days HealthCare FSA Dependent Care FSA What We Offer Opportunities for training, certifications, and career growth. A mission-driven culture where your work contributes to national security. Exposure to advanced technologies and programs critical to the aerospace and defense sector. About Delta Information Systems, Inc. Delta Information Systems (DIS) is an industry-leading supplier of high-quality aerospace telemetry products for Flight Test, Missile Test, Range Safety, Launch Support and Satellite Command and Control applications. Their products address the complete telemetry chain from Data Acquisition, Storage, Transport and Distribution to Telemetry Processing and Display. DIS customers include all DoD entities, all Major Primes, Integrators, Gov Labs, Aircraft & Missile Manufacturers, & Launch Facilities. In addition, Delta Information Systems (DIS) designs and develops sophisticated electronic equipment that is specifically designed to reliably operate in harsh environments. They deliver critical video communications capability for manned and unmanned Intelligence, Surveillance and Reconnaissance (ISR) programs.

We are looking for a Security-Focused Platform Engineer / Site Reliability Engineer to maintain secure, scalable infrastructure and services. This role is responsible for ensuring operational reliability while embedding security into all aspects of infrastructure and platform engineering. W2 position - No C2C opportunities at this time Key Responsibilities Maintain secure and scalable infrastructure and services. Manage container orchestration and cloud security. Monitor for configuration drift and enforce infrastructure policies. Support high availability and secure deployment and operations practices. Implement infrastructure-as-code with security controls. Monitor system health and enforce runtime policies. Collaborate with stakeholders on secure service mesh, events, and API gateways. Qualifications Experience maintaining scalable and secure infrastructure. Background in container orchestration and cloud security. Ability to identify and remediate configuration drift. Knowledge of high availability and secure deployment practices. Hands-on experience with infrastructure-as-code and security controls. Ability to monitor system health and enforce runtime policies. Experience collaborating with stakeholders on secure service mesh, events, and API gateways. Programming & Scripting Used · Languages: Python, Bash, Shell, SQL, Java (basic), Scala (for big data, good to have) · Paradigms: Object-Oriented Programming (OOP), Functional Programming · Automation & Scripting: Python scripting for automation, Linux shell scripting Operating Systems & Containers · System programing, performance tuning, networking · OCP, Kubernetes (K8s), Helm, Terraform, container orchestration and deployment Big Data & Data Engineering · Frameworks: Apache Spark, Hadoop, Hive, Presto (nice to have) · ETL Tools: Apache Airflow, NiFi (good to have) · Data Pipelines: Batch and streaming (Kafka, Flink) · Object Storage: S3, Azure Blob Storage, MinIO · Data Formats: Parquet/Avro, ORC, JSON, CSV AI/ML & MTC (Model Training & Consumption) (Nice to have) · Frameworks or LLM modeling · Model Ops: MLflow, Kubeflow, SageMaker · Data Science: Feature engineering, model deployment, inference pipelines Security & Access Control · Access Models: RBAC (Role-Based Access Control), ABAC (Attribute-Based Access Control) · Data Protection: Encryption at rest and in transit, TLS/SSL, KMS (Key Management Services) · Compliance: GDPR, HIPAA (if applicable), IAM policies System Design & Architecture (good to have, at least at conceptual level) · Design Principles: Microservices, Event-driven architecture, Serverless · Scalability: Load balancing, caching (Redis, Memcached), horizontal scaling · High Availability: Failover strategies, disaster recovery, monitoring (Prometheus, Grafana)

The Security Architect main role is to design, implement, and oversee our cybersecurity strategy, ensuring robust protection against evolving threats. The ideal candidate will have 7-10 years of experience in cybersecurity architecture, security operations, and risk management with a strong focus on enterprise security solutions, cloud security, identity & access management (IAM), and security best practices. The Security Architect must have hands-on experience with internet secure gateway, EDR, MDR, ITDR, secure email gateway, firewalls, MFA, scripting, policies, data classification, and cloud security controls. This role requires deep expertise in security frameworks, architecture principles, security automation, and compliance standards (NIST, CIS, ISO 27001, Zero Trust, etc.). Essential Functions Develop and maintain a comprehensive security architecture covering on-premises, cloud, and hybrid environments. Design security solutions that align with business objectives while mitigating risk. Ensure Zero Trust principles, network segmentation, and security best practices are enforced across the enterprise. Architect cloud security strategies, leveraging best practices for Azure and GCP. Lead security investigations, conduct root cause analysis, and document incident response actions. Provide threat intelligence and recommend proactive security measures to mitigate risk. Implement and maintain cloud security controls in Azure and GCP. Optimize cloud security solutions for web and network protection. Ensure Active Directory (AD) and IAM policies align with best practices. Support identity governance, access reviews, and privileged access management (PAM). Oversee the continuous best practice is leveraged for data classification policies and enforce data protection controls. Conduct security assessments and ensure compliance with industry standards (PCI, NIST, CIS). Recommend, evaluate, and implement new security technologies based on business needs and threat landscape. • Work with DevOps and IT teams to integrate security automation, security-as-code, and DevSecOps principles. Additional Functions Threat Modeling & Risk Management: Conduct threat modeling, risk assessments, and security reviews for applications, infrastructure, and networks. Provide technical leadership in responding to security incidents, forensic analysis, and root cause investigations. Develop and maintain security policies, standards, and playbooks for security operations. Collaborate with IT and business units to ensure security compliance with regulatory frameworks (PCI DSS, NIST, ISO 27001, SOC 2). Identity & Access Management (IAM) & Authentication: Design and enhance IAM policies, privileged access management (PAM), and role-based access control (RBAC). Enforce strong authentication and MFA strategies using Okta, Microsoft Authenticator, and AD. Define identity threat detection and response (ITDR) strategies. Security Governance & Compliance: Ensure security controls align with industry frameworks (NIST CSF, ISO 27001, CIS, Zero Trust, MITRE ATT&CK). Assist with audit, regulatory compliance, and security assessments. Conduct penetration testing, red/blue teaming exercises, and vulnerability management programs. Provide security guidance for third-party risk management and vendor security evaluations. Leadership & Collaboration: Act as a subject matter expert (SME) in cybersecurity architecture and best practices. Provide mentorship and training to security engineers and analysts. Work cross-functionally with IT, DevOps, and executive leadership to align security strategy with business goals. Develop security roadmaps and strategic initiatives for continuous security improvement. Maintain and fine-tune security configurations across various security platforms. Identify security gaps and recommend security enhancements and process improvements. Develop playbooks and automation scripts to enhance security operations efficiency. Conduct vulnerability assessments and penetration testing to identify security weaknesses in systems and applications. Develop and implement security policies, procedures, and standards to ensure compliance with industry's best practices and regulatory requirements. Investigate security breaches and other security incidents to determine the root cause and implement corrective actions. Stay up-to-date on the latest security threats and vulnerabilities and recommend appropriate security measures. Collaborate with other IT teams to ensure that security is integrated into all aspects of the organization's IT infrastructure. Participate in security audits and assessments to identify and address security gaps. Develop and maintain incident response plans and procedures. Evaluate and recommend security technologies and solutions to improve the organization's security posture. Qualifications 7-10 years of experience in cybersecurity architecture, security operations, or cloud security. Deep understanding of: Enterprise security architectures, security frameworks (NIST, CIS, Zero Trust, ISO 27001), and best practices Email secure gateway (Proofpoint, Mimecast) Firewalls (Palo Alto, Cisco) and network security principles Cloud security (Azure, GCP) and security automation IAM, MFA, AD, Okta, Microsoft Authenticator Endpoint security, EDR, ITDR, and threat intelligence Data classification, DLP, and information protection Experience designing secure architectures for large-scale enterprises and cloud environments. Strong knowledge of DevSecOps, security automation, and scripting (Python, PowerShell, Terraform). Excellent communication and leadership skills, capable of influencing security strategies across the organization. CISSP Certifications (Required): CISM and CCSP is plus A bachelor's degree in computer science, information systems, or a related experience. 7-10 years of experience in cybersecurity, security operations, or network security. Hands-on expertise with: Zscaler, CrowdStrike, Microsoft Defender, Sophos Proofpoint (Email Security Gateway) EDR & ITDR solutions Palo Alto & Cisco Firewalls Okta, Microsoft Authenticator (MFA), Active Directory (AD), IAM Cloud Security (Azure and GCP) Data classification and protection strategies Strong knowledge of threat intelligence, SIEM, vulnerability management, and incident response. Experience with security frameworks such as PCI, NIST, ISO 27001, CIS Benchmarks. Strong analytical, problem-solving, and communication skills. Ability to work independently and collaboratively in a fast-paced environment. Excellent communication and interpersonal skills, capable of collaborating effectively with cross-functional teams. Working Conditions & Physical Demands This position requires in person office presence at least 4x a week.

Select Cyber is looking for a Junior Security & Strategy Analyst for a client SOC office in Northern New Jersey. The employer is a world leader in cybersecurity services so your career will be in great hands! The position requires an interest in technology, leadership, and strategy, with a focus on information security. Although we prefer 1-3 years experience, New College Grads (with a computer science degree can apply! This position will assist in duties including, but not limited to, the following: Staying aware of the latest security threats, assessing impact, and suggesting solutions in addressing the emerging risks Use state-of-the-art software to monitor and report on potential cyber threats affecting our client Partnering across a variety of different teams to assess vulnerabilities, and conduct security reviews Help assess organizational cyber risk through industry standard frameworks Requirements Must have a degree in Business, Technology or related field Ability to manage/prioritize projects and tasks In-depth knowledge of diverse and emerging technology concepts, strategies, and methodologies Benefits FULL Competitive Benefits including 401K and medical

Founded over 35 years ago, First Quality is a family-owned company that has grown from a small business in McElhattan, Pennsylvania into a group of companies, employing over 5,000 team members, while maintaining our family values and entrepreneurial spirit. With corporate offices in New York and Pennsylvania and 8 manufacturing campuses across the U.S. and Canada, the companies within the First Quality group produce high-quality personal care and household products for large retailers and healthcare organizations. Our personal care and household product portfolio includes baby diapers, wipes, feminine pads, paper towels, bath tissue, adult incontinence products, laundry detergents, fabric finishers, and dishwash solutions. In addition, we manufacture certain raw materials and components used in the manufacturing of these products, including flexible print and packaging solutions. Guided by our values of humility, unity, and integrity, we leverage advanced technology and innovation to drive growth and create new opportunities. At First Quality, you'll find a collaborative environment focused on continuous learning, professional development, and our mission to Make Things Better. We are actively seeking an experienced Cyber Security Analyst to join our Security Operations Center in Great Neck, New York, or work in a hybrid capacity from CT, GA, NY, NJ, PA, or SC. In this role, you will be responsible for incident detection, investigation and response, rules development tuning and improvement, defining and developing automations, and incorporating Threat Intelligence and Threat Hunting activities to enhance detection and mitigation strategies. Primary responsibilities include: * Incident Detection and Response - Monitor and analyze alerts generated by SIEM/SOAR platforms and user reports, investigate security incidents, and execute containment and eradication procedures to minimize impact and restore normal operations. * Tuning & Optimization - Continuously refine detection rules and SOC processes to reduce false positives, enhance detection accuracy, and improve overall operational efficiency. * Research & Development - Explore emerging threats and attack techniques to develop and implement new detection rules to expand visibility and strengthen the organization's security posture. * Threat Hunting - Proactively hunt for hidden threats by analyzing logs and identifying gaps missed by existing security tools and improve security posture. * Threat Intelligence - Review threat intelligence feeds, channels and articles to identify potential risks and proactively strengthen defenses. * Automation Development - Design, implement, and maintain automation solutions to streamline SOC workflows, reduce manual effort, and accelerate incident response times. * Reporting - Prepare and present comprehensive reports on key SOC activities, metrics, and security trends to stakeholders and management. * Penetration Testing - Participate in Red and Purple Team exercises to assess and improve the effectiveness of security controls and incident response capabilities. The ideal candidate should possess the following: * Bachelor's degree in Computer Security, Cybersecurity, Information Security, or a related field preferred. Additional relevant experience may be considered in lieu of a degree. * Experience with advanced SIEM content development, including custom correlation rules, dashboards, and reporting. * Minimum of 1 year of experience working in a Security Operations Center (SOC) environment, either in-house or with a Managed Security Service Provider (MSSP). * Proficiency in scripting languages such as Python, PowerShell, or Bash for automating security tasks and processes. * Direct involvement in end-to-end incident response, including root cause determination and post-incident reporting. * Experience monitoring and securing cloud environments (e.g., Microsoft Azure, AWS, Google Cloud Platform). * Hands-on experience working with SIEM (e.g. Splunk, Microsoft Sentinel, Qradar) * Familiarity with EDR solutions like CrowdStrike, SentinelOne, Microsoft Defender for Endpoint or Cortex XDR. * Understanding and familiarity with interpreting common log sources for monitoring and investigation (e.g. Firewall, Azure AD, Windows Security Log, Email, Proxy\URL Filtering etc.) * Solid grasp of prevalent attack types, including phishing, brute-force attacks, malware, and data exfiltration techniques. * Excellent verbal and written communication skills, with the ability to collaborate effectively with team members both within and outside the SOC. * High level of situational awareness and problem sensitivity, with the ability to proactively identify issues and escalate concerns as appropriate. * Demonstrated proactive mindset, strong sense of responsibility, and urgency in addressing security incidents and tasks. * Ability to work independently, manage multiple priorities, and succeed in a fast-paced, dynamic environment. * Strong motivation and willingness to continually learn and grow, adapting to new tools and evolving threat landscapes. What We Offer You We believe that by continuously improving the quality of our benefits, we can help to raise the quality of life for our team members and their families. At First Quality you will receive: * Competitive base salary and bonus opportunities * Paid time off (three-week minimum) * Medical, dental and vision starting day one * 401(k) with employer match * Paid parental leave * Child and family care assistance (dependent care FSA with employer match up to $2500) * Bundle of joy benefit (year's worth of free diapers to all team members with a new baby) * Tuition assistance * Wellness program with savings of up to $4,000 per year on insurance premiums * ...and more! The estimated annual base salary range for this position is $110,000 - $140,000. Base pay is only part of our total compensation package, which also includes an attractive annual discretionary bonus and robust suite of employee benefits for which you are eligible to participate in starting on your first day of employment. Base pay offered will be determined on an individualized basis and we will consider your location, experience, and other job-related factors. First Quality is committed to protecting information under the care of First Quality Enterprises commensurate with leading industry standards and applicable regulations. As such, First Quality provides at least annual training regarding data privacy and security to employees who, as a result of their role specifications, may come in to contact with sensitive data. First Quality is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, sexual orientation, gender identification, or protected Veteran status.

Do you want to be part of a collaborative team handling potentially challenging situations as a leader of our cyber incident response and threat mitigation? The ideal candidate demonstrates analytical skills, leadership, and curiosity in threat reduction efforts. A qualified candidate should be a collaborative self-starter who has a combination of strong technical aptitude, knowledge of security attack methods/stages (e.g., MITRE), a strong mindset, strong written and oral communication and can also inspire and develop talent. They must partner across the firm to drive identification, containment, investigations, response and recovery. As part of Guardian, the successful candidate must live by the Guardian operating principles of thinking big & growing, accelerate operational excellence, wowing the consumer, and be able to lead through change with courage. **You have** + The knowledge, experience, length of education needed to accomplish the desired end results. + 7+ years broad/deep technology experience including public clouds + 3+ years of leader experience in a security role, preferably involving incident response + Incident response methodologies and evidence handline + Strong written and oral communication skills + Experience working across functions including business, legal, HR, communications, IT. + Analytical and curious attitude + Knowledge of threat hunting and risk mitigation + Knowledge of NIST CSF, MITRE, and others frameworks, malware analysis concepts, types of attacks and attackers, common vulnerabilities. + Experience with financial services or regulated entities, US privacy regulations. + Ability to think in a structured and creative manner to address cyber incidents + Ability to process cyber threat intelligence and translate into actionable mitigation techniques and strategies. + Ability to lead a diverse high performing team. + Ability to accelerate impact and lead positive cyber security change. + Good knowledge of SIEM tools (Splunk preferred) and logging/monitoring, insider and UBA concepts and application. + BS/MS in relevant experience in cyber security and/or industry related certifications desired + A continuous & lifelong learner. **You will** + Lead a team of cyber security incident response and threat mitigation engineering professionals. + Be responsible for planning, design, operating Guardian's cyber incident response and cyber threat mitigations operations across the areas. + Run our Corporate Incident Response Team as related to cybersecurity - coordinating actions and responses across teams. + Manage the plans, playbooks, quick reference guides necessary - and out-of-band communication plans. + Engage with 1st line teams to develop muscle memory and ensure containment actions (shutdown authorities are clear).Coordinate with business continuity/disaster recovery teams to ensure integrated approach to large events. + Be responsible for triaging & leading cyber security incidents advanced from the security operations center + Manage third-party incident retainers and prepare for any future engagements. + Participate-in / coordinate periodic exercises with third-parties. + Ensure quality of security incident handling and cyber threat mitigation work. + Ensure incidents are appropriately tracked, reported and after-action reports documented. Ensure metrics are timely and accurate. + Drive our user behavior analytics (UBA) program working with the business to develop and improve appropriate logging monitoring. Develop standard operating procedures for our 1st line SOC based on threats/observed incidents. + Proactively identify gaps and opportunities in our logging and monitoring processes. + Host monthly incident response calibration/collaboration meetings across HR, physical security, fraud, legal, compliance to collaborate on issues and shared threats and knowledge + Communicate to various levels of the organization, both written and oral concisely and clearly. + Provide strong technical understanding of security control monitoring process at different layers. + Identify (and champion where applicable) risk mitigation. + Collaborate with other leaders across cybersecurity to help define and complete cybersecurity strategy, financial, vendor and talent management. + Contribute to the enterprise organizational Data Loss Prevention program + Lead, manage, guide, and mentor the staff on a regular basis, including selection/retention, goal setting, annual reviews, and compensation planning and career development. + Provide recommendations to management & leadership team to increase effectiveness of security technology solutions to mitigate cyber threats and handle incidents. + Respond to and assist with due diligence and internal / external security audit requests. + Identify and act on opportunities to further enhance and refine security incident handling & cyber threat mitigation processes & capabilities. **Location and Travel** + Three days a week at a Guardian office in Holmdel, NJ, Bethlehem, PA, or New York, NY. + 20% travel to other Guardian Offices as needed **Reporting Relationships** As our Head of Cyber Incident Response Threat Services, you will report to Guardian's Chief Information Security Officer. **Salary Range:** $148,940.00 - $244,685.00 The salary range reflected above is a good faith estimate of base pay for the primary location of the position. The salary for this position ultimately will be determined based on the education, experience, knowledge, and abilities of the successful candidate. In addition to salary, this role may also be eligible for annual, sales, or other incentive compensation. **Our Promise** At Guardian, you'll have the support and flexibility to achieve your professional and personal goals. Through skill-building, leadership development and philanthropic opportunities, we provide opportunities to build communities and grow your career, surrounded by diverse colleagues with high ethical standards. **Inspire Well-Being** As part of Guardian's Purpose - to inspire well-being - we are committed to offering contemporary, supportive, flexible, and inclusive benefits and resources to our colleagues. Explore our company benefits at *********************************************** . _Benefits apply to full-time eligible employees. Interns are not eligible for most Company benefits._ **Equal Employment Opportunity** Guardian is an equal opportunity employer. All qualified applicants will be considered for employment without regard to age, race, color, creed, religion, sex, affectional or sexual orientation, national origin, ancestry, marital status, disability, military or veteran status, or any other classification protected by applicable law. **Accommodations** Guardian is committed to providing access, equal opportunity and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. Guardian also provides reasonable accommodations to qualified job applicants (and employees) to accommodate the individual's known limitations related to pregnancy, childbirth, or related medical conditions, unless doing so would create an undue hardship. If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact applicant_accommodation@glic.com . **Current Guardian Colleagues: Please apply through the internal Jobs Hub in Workday.** Every day, Guardian helps our 29 million customers realize their dreams through a range of insurance and financial products and services. Our Purpose, to inspire well-being, guides our dedication to the colleagues, consumers, and communities we serve. We know that people count, and we go above and beyond to prepare them for the life they want to live, focusing on their overall well-being - mind, body, and wallet. As one of the largest mutual insurance companies, we put our customers first. Behind every bright future is a GuardianTM. Learn more about Guardian at guardianlife.com .

This is an opportunity to join Ascot Group - one of the world's preeminent specialty risk underwriting organizations. Designed as a modern-era company operating through an ecosystem of interconnected global operating platforms, we're bound by a common mission and purpose: One Ascot. Our greatest strength is a talented team who flourish in a collaborative, inclusive, and entrepreneurial culture, steeped in underwriting excellence, integrity, and a passion to find a better way, The Ascot Way. The Ascot Way guides our people and our organization. Our underwriting platforms collaborate to find creative ways to deploy our capital in a true cross-product and cross-platform approach. These platforms work as one, deploying our capital creatively through our unique Fusion Model: Client Centric, Risk Centric, Technology Centric. Built to be resilient, Ascot maximizes client financial security while delivering bespoke products and world class service - both pre- and post-claims. Ascot exists to solve for our clients' brightest tomorrow, through agility, collaboration, resilience, and discipline. Job Summary: As part of our 24x7 Cybersecurity Defense function, the SOC Analyst (L2) will be responsible for investigating security incidents, improving detection content and supporting the overall monitoring, detection and cybersecurity incident response activities. This involves working closely with the members of the internal Cybersecurity team and our Managed Security Service Provider (MSSP). Acting as an escalation point for L1/L2 SOC analysts, this resource will work within an expanding cybersecurity team, collaborating with cybersecurity managers, IT Infrastructure, and Deskside Support Teams. You must be detail-oriented, diligent, and capable of managing multiple aspects of the incident response lifecycle simultaneously. You will be supporting a 24X7 Cybersecurity Defense function and will be required to work in shifts that will vary based on operational needs to support the global footprint across the UK and US time zones. This resource will additionally be responsible for maintaining detection content on the detection tool, (detection rules, log ingestion, parsers, forwarders), maintaining playbooks, SOC documentation and supporting integrations and log sources associated with the overall Cybersecurity Defense solution. This role will be in the office with a hybrid work schedule. Responsibilities: * Monitor our security tools to triage and respond to suspicious events and abnormal activities, capable of performing deep-dive incident investigations. * Serve as a point of escalation for the L1, L2 SOC Analysts, and the point of contact for our MSSP, coordinating response efforts with other groups and stakeholders with varying technical expertise, such as IT, Legal, business etc. * Develop and implement advanced security protocols and incident response procedures and improve our threat intelligence processes. * Stay current with evolving threats, vulnerabilities, tools, technologies and threat actor TTPs to help improve detection and response capabilities. * Provide oversight and governance over the daily operations of the MSSP and SOC team at a global level. * Mentor and provide training to junior SOC team members. * Develop and refine standard operating procedures in the form of run books and playbooks for incident response and threat detection. Create and make improvements to procedures and playbooks. Conduct technical analysis, log reviews, and assessments of cybersecurity incidents throughout the incident management lifecycle. * Work with end users where appropriate on security related incident and request workflow. * Document and manage incident cases to utilize information for stakeholder engagement to provide insight, intelligent recommendations, risk reporting and lessons learned. * Work in scheduled shift patterns when required. * Conduct in-depth security investigations, log analysis, network/email traffic assessment, and evaluate other data sources to identify root causes, assess impact, and gather evidence for response and mitigating actions. * Implement detection use cases within our SIEM for our expanding estate using appropriate scripting languages. * Manage log sources, log ingestion volumes, detection content and overall SIEM solution system health, maintenance, and upgrades. * Assist with additional ad hoc projects as required. Requirements: * Cybersecurity related bachelor's degree or related field. * Minimum of 8 years of experience in a security operations role, SOC engineering and or a cybersecurity technical engineering role. * Exposure to building and migrating log sources onto a new SIEM platform, creating detection content, log parsers and detection engineering will be preferred. Alternatively, candidates that have worked in senior technical roles in a Managed Security Service Provider (MSSP) will be preferred. * Preference will be given to candidates who also have additional technical and cybersecurity certifications covering both defensive and offensive security such as CompTIA Security+, Certified SOC Analyst (CSA), Certified Ethical Hacker (CEH), CySA+, CISSP, GSEC, GCIH, CCSP, Microsoft SC-200, CISSP-ISSMP, CTIA, OSCP. * Candidates must have solid experience and knowledge of typical enterprise technologies. On-premises and cloud hosting, Windows and Linux operating systems (OS), Microsoft Azure, M365 and the ability to detect signs of compromise in these systems. * Possess a growth mindset and is willing to learn how to resolve technical security issues. * Demonstrate a working and genuine interest and talent in Cybersecurity. * Demonstrate detail orientation and can take a structured approach to procedures and working instructions. * Work and maintain a calm structured mindset even when under pressure. * Possess an aptitude for understanding and analyzing data when troubleshooting. * Strong written communication, critical thinking, and analysis skills, including the ability to present potential risks and actual findings to a wide audience. Ability to communicate complex problems to a non-technical audience. * Must have a working understanding of key security concepts and attack types such as phishing, malware, vulnerabilities, Cyber Kill Chain, and attack stages. * A strong analytical mindset, capable of digesting a wide range of information to make practical judgements based on available data and context. * Experience with security tools and technologies, including SIEM, intrusion detection systems, EDR, XDR, log analysis, and malware analysis. * Understand threat actor tactics, techniques and procedures, have familiarity with the MITRE-ATT&CK Framework and different stages of an attack lifecycle. * Maintain a desire to keep learning, with a curious and creative growth mindset. * This position may be filled at a different level, depending on experience* Compensation Actual base pay could vary and may be above or below the listed range based on factors including but not limited to experience, subject matter expertise, and skills. The base pay is just one component of Ascot's total compensation package for employees. Other rewards may include an annual cash bonus and other forms of discretionary compensation awarded by the Company. The salary range for this role in the NY Metro and Chicago, IL area is $105,000 - $120,000. Company Benefits The Company provides a competitive benefits package that includes the following (eligibility requirements apply): Health and Welfare Benefits: Medical (including prescription coverage), Dental, Vision, Health Savings Account, Commuter Account, Health Care and Dependent Care Flexible Spending Accounts, Life Insurance, AD&D, Work/Life Resources (including Employee Assistance Program), and more Leave Benefits: Paid holidays, annual Paid Time Off (includes paid state /local paid leave where required), Short-term Disability, Long-term Disability, Other leaves (e.g., Bereavement, FMLA, Adoption, Maternity, Military, Primary & Non-Primary Caregiver) Retirement Benefits: Contributory Savings Plan (401k) #L1 Hybrid

Hours: 40 Pay Details: $87,000 - $151,000 USD TD is committed to providing fair and equitable compensation opportunities to all colleagues. Growth opportunities and skill development are defining features of the colleague experience at TD. Our compensation policies and practices have been designed to allow colleagues to progress through the salary range over time as they progress in their role. The base pay actually offered may vary based upon the candidate's skills and experience, job-related knowledge, geographic location, and other specific business and organizational needs. As a candidate, you are encouraged to ask compensation related questions and have an open dialogue with your recruiter who can provide you more specific details for this role. Line of Business: Technology Solutions Job Description: The Information Security Specialist - Penetration Tester defines, develops and/or implements Technology Controls / Information Security related policies, programs, tools and provides specialized expertise and guidance on assessing risks, identifying potential gaps and providing security solutions to mitigate risks and protect the Bank. Participates on projects of moderate to high complexity and provides complex reporting, analysis, and assessments at the functional, business line or enterprise level for own area. Responsibilities: Conduct Penetration Tests: Perform thorough and methodical penetration testing on web applications, mobile, AI, network infrastructures, and other systems to identify security vulnerabilities. Vulnerability Assessment: Assess and analyze security weaknesses, and provide actionable recommendations to mitigate risks and improve overall security posture. Report Findings: Document and communicate findings clearly and effectively to both technical and non-technical stakeholders. Prepare comprehensive reports with recommendations for remediation. Develop and Execute Test Plans: Design and execute detailed test plans Stay Current: Keep up-to-date with the latest security trends, vulnerabilities, and tools to ensure testing methodologies are current and effective. Collaborate with Teams: Work closely with IT and development teams to understand system architectures, provide guidance on security best practices, and support the implementation of security improvements. Perform Risk Assessments: Evaluate and assess potential security risks related to new and existing systems and technologies. Compliance: Ensure that penetration testing practices comply with relevant regulations, standards, and organizational policies Depth & Scope: Participates on complex, comprehensive or large projects and initiatives Acts as a lead expert resource in technology controls / information security for project teams, the business / organization and/or outside vendors Has advanced knowledge of organization, technology controls / security/ risk issues Education & Experience: Bachelor's degree preferred Information security certification / accreditation an asset 7+ years of relevant experience Expert knowledge of IT security and risk disciplines and practices Preferred Qualifications : Proficiency in penetration testing tools such as Metasploit, Burp Suite, Nmap, and Kali. Knowledge of common web application vulnerabilities (e.g., OWASP Top Ten) and network security principles. Experience with penetration testing in AI, cloud environments (e.g., AWS, Azure) and PCI testing. Familiarity with security standards and frameworks Certifications: Relevant certifications such as Offensive Security Certified Professional (OSCP), Certified Ethical Hacker (CEH), or GIAC Penetration Tester (GPEN) are highly desirable. Physical Requirements: Never: 0%; Occasional: 1-33%; Frequent: 34-66%; Continuous: 67-100% Domestic Travel - Occasional International Travel - Never Performing sedentary work - Continuous Performing multiple tasks - Continuous Operating standard office equipment - Continuous Responding quickly to sounds - Occasional Sitting - Continuous Standing - Occasional Walking - Occasional Moving safely in confined spaces - Occasional Lifting/Carrying (under 25 lbs.) - Occasional Lifting/Carrying (over 25 lbs.) - Never Squatting - Occasional Bending - Occasional Kneeling - Never Crawling - Never Climbing - Never Reaching overhead - Never Reaching forward - Occasional Pushing - Never Pulling - Never Twisting - Never Concentrating for long periods of time - Continuous Applying common sense to deal with problems involving standardized situations - Continuous Reading, writing and comprehending instructions - Continuous Adding, subtracting, multiplying and dividing - Continuous The above statements are intended to describe the general nature and level of work being performed by people assigned to this job. They are not intended to be an exhaustive list of all responsibilities, duties and skills required. The listed or specified responsibilities & duties are considered essential functions for ADA purposes. Who We Are: TD is one of the world's leading global financial institutions and is the fifth largest bank in North America by branches/stores. Every day, we deliver legendary customer experiences to over 27 million households and businesses in Canada, the United States and around the world. More than 95,000 TD colleagues bring their skills, talent, and creativity to the Bank, those we serve, and the economies we support. We are guided by our vision to Be the Better Bank and our purpose to enrich the lives of our customers, communities and colleagues. TD is deeply committed to being a leader in customer experience, that is why we believe that all colleagues, no matter where they work, are customer facing. As we build our business and deliver on our strategy, we are innovating to enhance the customer experience and build capabilities to shape the future of banking. Whether you've got years of banking experience or are just starting your career in financial services, we can help you realize your potential. Through regular leadership and development conversations to mentorship and training programs, we're here to support you towards your goals. As an organization, we keep growing - and so will you. Our Total Rewards Package Our Total Rewards package reflects the investments we make in our colleagues to help them and their families achieve their financial, physical and mental well-being goals. Total Rewards at TD includes base salary and variable compensation/incentive awards (e.g., eligibility for cash and/or equity incentive awards, generally through participation in an incentive plan) and several other key plans such as health and well-being benefits, savings and retirement programs, paid time off (including Vacation PTO, Flex PTO, and Holiday PTO), banking benefits and discounts, career development, and reward and recognition. Learn more Additional Information: We're delighted that you're considering building a career with TD. Through regular development conversations, training programs, and a competitive benefits plan, we're committed to providing the support our colleagues need to thrive both at work and at home. Colleague Development If you're interested in a specific career path or are looking to build certain skills, we want to help you succeed. You'll have regular career, development, and performance conversations with your manager, as well as access to an online learning platform and a variety of mentoring programs to help you unlock future opportunities. Whether you have a passion for helping customers and want to expand your experience, or you want to coach and inspire your colleagues, there are many different career paths within our organization at TD - and we're committed to helping you identify opportunities that support your goals. Training & Onboarding We will provide training and onboarding sessions to ensure that you've got everything you need to succeed in your new role. Interview Process We'll reach out to candidates of interest to schedule an interview. We do our best to communicate outcomes to all applicants by email or phone call. Accommodation TD Bank is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, status as a protected veteran or any other characteristic protected under applicable federal, state, or local law. If you are an applicant with a disability and need accommodations to complete the application process, please email TD Bank US Workplace Accommodations Program at ***************. Include your full name, best way to reach you and the accommodation needed to assist you with the applicant process.

At Customers Bank, we believe in working hard, working smart, working together to deliver memorable customer experiences and having fun. Our vision, mission, and values guide us along our path to achieve excellence. Passion, attitude, creativity, integrity, alignment, and execution are cornerstones of our behaviors. They define who we are as an organization and as individuals. Everyone is encouraged to have personal development plans. By doing so, our team members are on their way to achieve their highest potential and be successful in their personal and professional lives. This role is required to be ONSITE in Malvern, PA Monday through Thursday with Friday remote. Must be eligible to work in the U.S. without requiring sponsorship now or in the future. Who is Customers Bank? Founded in 2009, Customers Bank is a super-community bank with over $22 billion in assets. We believe in dedicated personal service for the businesses, professionals, individuals, and families we work with. We get you further, faster. Focused on you: We provide every customer with a single point of contact. A dedicated team member who's committed to meeting your needs today and tomorrow. On the leading edge: We're innovating with the latest tools and technology so we can react to market conditions quicker and help you get ahead. Proven reliability: We always ground our innovation in our deep experience and strong financial foundation, so we're a partner you can trust. What you'll do: * Control Testing & Evaluation: Assist in definition of and execute testing procedures to assess the design and effectiveness of key internal controls across business units, technology, and operational processes. * Risk & Compliance Alignment: Ensure testing activities are aligned with regulatory standards (SOX, FFIEC, FDIC, etc.) and internal policies. * Issue Identification & Reporting: Document test results, identify control deficiencies, and provide clear recommendations for remediation. * Collaboration: Work closely with business process owners, auditors, compliance, and risk teams to ensure timely resolution of identified issues. * Process Improvement: Recommend enhancements to testing methodologies, control design, and risk management practices to strengthen the bank's control environment. Maintain awareness of industry regulatory environment and threat landscape. * Documentation & Communication: Prepare executive-ready reports, dashboards, and presentations for senior management and regulators, and information technology peers. * Continuous Monitoring: Participate in ongoing monitoring and follow-up activities to confirm remediation effectiveness and sustainability. What do you need? * Must-Haves * 3+ years of experience in internal audit, compliance testing, risk management, or internal controls. * Strong knowledge of information security and IT risk control frameworks (e.g., COSO, COBIT, NIST). * Understanding of financial, operational, and IT control environments. * Strong analytical skills with attention to detail and accuracy. * Excellent written and verbal communication skills with the ability to present complex findings clearly. * Bachelor's degree in information systems, or related field. * Key Skills * Risk and control assessments in highly regulated environments * Understanding of information technology infrastructure (networking, Active Directory, backups, etc.) * Process analysis and documentation. * Strong interpersonal skills to work across departments. * Proficiency with Microsoft Office applications (Excel, Word, PowerPoint). * Develop and maintain working relationships with audit, GRC, and IT teams to promote continuous control awareness and improvements. * Nice-to-Haves * Professional certifications such as CIA, CISSP, CISA, Microsoft certifications, or CRMA. * Experience with GRC (Governance, Risk, and Compliance) tools. * Banking or financial services industry experience Customers Bank is an equal opportunity employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also provide "reasonable accommodations", upon request, to qualified individuals with disabilities, in accordance with the Americans with Disabilities Act and applicable state and local laws. Diversity Statement: At Customers Bank, we believe in working smart, working together, and having fun while delivering innovative solutions and memorable experiences for our customers. We are committed to the continual advancement of a culture which reflects the value we place on diversity, equity, and inclusion. We honor the diverse experiences, perspectives, and identities of our team members, and we recognize that it is their passion, creativity, and integrity that drives our success. Step into your future with us! Let's take on tomorrow.

Who We Are… Since our founding in 1901, Limbach's primary core value has always been simple: We Care. That commitment extends to our people, our customers, and the communities we serve-driving a culture of belonging across our industry. Limbach Facility Services LLC, a subsidiary of Limbach Holdings, Inc., (NASDAQ: LMB), is a leading building systems solutions firm delivering mission-critical systems that support life's most important moments. We specialize in revitalizing and maintaining HVAC, mechanical, electrical, plumbing, and control systems within existing facilities-ensuring buildings are always ready to perform when it matters most. Learn more about Limbach by checking out our YouTube channel: We Are Limbach - YouTube From healthcare and education to government and commercial facilities, we partner with building owners and operators to safeguard reliability, efficiency, and comfort where it's needed most. Our vision is to create value for building owners targeting opportunities for long term relationships. Our purpose is to create great opportunities for people. Learn more about Limbach's commitment to our people and career opportunities, straight from our employees via the Limbach Unlocked podcast: Limbach Unlocked - Why We Chose Limbach We carry out our vision and purpose through a commitment to our four core values… * We Care * We Act with Integrity * We Are Innovative * We Are Accountable The Benefits & Perks… * Base salary range of $120K - $130K * Full portfolio of medical, dental, and vision benefits, along with 401K plan and company match. * HSA, FSA, and life insurance offerings. * Maximize your professional development with our award-winning Learning & Engagement team. * Engage in our "We Care" culture through our ERGs, brought to you by EMBRACE. * Career pathing flexibility and mobility. Who You Are… As Security Analyst / Engineer, you will serve as the organization's primary, hands-on security operations lead. Reporting directly to the CIO, the candidate will triage SOC outputs, tune detection logic, drive automated response through SOAR playbooks, own the vulnerability management lifecycle, and lead incident response from detection through remediation and post-incident lessons learned. They act as a trusted partner to our outsourced SOC, the quarterback for IR, and the technical voice to the CIO and Board on operational security posture working closely with our IT Operations leader. This Position… Some examples of the work you might do includes: * Security Operations & Monitoring: Serves as the primary liaison to our outsourced SOC and vCISO. Triage, validate, and prioritize alerts from SIEM (e.g., Google Chronicle, GrayMatter, or equivalent). Ensures log integrity, enrichment, and actionable alerting. * SOAR & Automation: Builds, maintains, and iterates SOAR playbooks (Google SOAR or comparable) to automate containment, enrichment, and evidence collection; lowers MTTR by automating low-risk actions while preserving human judgment for high-impact events. * Incident Response: Lead detection → containment → eradication → recovery workflows. Owns post-incident reviews, creates remediation roadmaps, and tracks closure of corrective actions. Conducts regular tabletop exercises and maintains IR runbooks and escalation paths. * EDR/MDR/XDR Management: Administers and tunes EDR/MDR/XDR platforms (deployment health, telemetry, detection rules, containment capabilities). Investigates endpoint events, performs root cause analysis, and coordinates remediation with IT operations. * Vulnerability Management: Operates the vulnerability management program (Rapid7, Tenable.io, or equivalent): schedules scans, triages findings, prioritizes by risk and asset criticality, and shepherds remediation with engineering teams. Proposes and verifies system hardening measures and baselines. * Detection Engineering: Authors correlation rules, analytic searches, and detection content; reduces false positives while increasing meaningful detections. Builds dashboards and KPIs that communicate detection coverage and efficacy. * M&A & Integration Security: Leads security due diligence and integration activities for acquisitions: identities & accesses reviews, vulnerability scans, endpoint posture checks, and integration playbooks to onboard new entities into Limbach's security baselines. * Training & Knowledge Transfer: Develops and delivers IR and detection training for IT and business teams. Produces clear operational documentation, SOPs, and playbooks. Coaches SOC engineers and champions continuous improvement. * Reporting & Executive Communication: Produces monthly operational and executive risk reports (incidents, vulnerability trends, MTTR, coverage gaps). Briefs the CIO and Board with concise risk-based recommendations. * Third-Party Coordination: Manages relationships and SLAs with MDR/MSSP/MDR providers, forensic firms, and other security partners. What You Need… * 5+ years of progressive, hands-on cybersecurity experience, with significant time spent in SOC and incident response environments. * Demonstrated expertise with SIEM and SOAR platforms (Google Chronicle, GrayMatter, Chronicle SOAR, or comparable). * Proven track record managing EDR/MDR/XDR solutions and performing endpoint investigations. * Hands-on experience owning vulnerability programs with Rapid7, Tenable.io, or similar tooling. * Experience writing detection logic, playbooks, and incident runbooks; demonstrable success in alert tuning and automation. * Real-world experience coordinating cross-functional incident response activities and driving remediation to completion. * Scripting and automation skills (PowerShell, Python, Bash) to automate enrichment, containment, and evidence collection. * Strong Windows and Linux administration/forensics fundamentals; network fundamentals and packet-level troubleshooting. * Familiarity with cloud security (Azure, Microsoft 365, Intune, Conditional Access) and endpoint management tools. * Knowledge of security controls, hardening standards, and configuration baselines. * Ability to read and interpret logs and telemetry across endpoints, network devices, and cloud services. * Superior written and verbal communication; able to explain technical findings to non-technical and executive audiences. * Decisive under pressure, methodical in evidence collection, and disciplined in documentation. * Collaborative, tactful, and experienced at working with cross-functional teams (IT ops, HR, Legal, vendor partners). * Strong project management and organizational skills with an eye for measurable outcomes. * Ability to travel up to 15% of the time. Preferred Qualifications: * Certifications: CISSP, GCIH, GCFA, ECIH, or Security+ (or equivalent). * Prior role as a dedicated incident responder or IR team lead. * Experience with Microsoft Defender for Endpoint, Azure Security Center, and native cloud telemetry. * Familiarity with compliance frameworks (SOC 2, NIST CSF/800-171, ISO 27001) and how detection/IR maps to them. * Experience in multi-site enterprise environments and with M&A integration security. Conduct Standards: * Maintains appropriate Company confidentiality at all times. * Protects the assets of the Company and ethically upholds the Code of Conduct & Ethics in all situations. * Cultivates and promotes the "Hearts & Minds" safety culture. * Consistently exemplifies the Core Values of the Company (we CARE, we act with INTEGRITY, we are INNOVATIVE, and we are ACCOUNTABLE). Work Environment: * This position operates primarily in an office environment and routinely utilizes standard office equipment, such as computers, phones, copiers, and filing cabinets. * The Company's Remote Work Policy is applicable to this position. Physical Demands: * In performing the duties of this job, the incumbent is regularly required to talk, hear, perform repetitive motion, and possess an appropriate degree of both visual acuity and manual dexterity. * This is considered a sedentary position, which means possible exertion up to ten (10) pounds of force occasionally, and/or negligible amount of force frequently or constantly to lift, carry, push, pull, or otherwise move objects. This job description is intended to describe the general nature of work being performed by the individual who assumes this role, not an exhaustive list of responsibilities. Duties, responsibilities, and activities may change at any time, with or without notice, as business needs dictate. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of this position. Limbach Facility Services LLC is an Equal Opportunity Employer. #LFS

Why us? You will be part of a team that believes that believes in employees success! They are a dynamic, fast growing company with great opportunities and an employee focused company culture. Join this fantastic team today and make a difference in your life and the lives of those around you! They are an equal opportunity employer and value diversity at our company. Job Description Strong knowledge of Information Security concepts such as: •Encryption, Cloud and Mobile Device Security •Data Loss and Prevention tools and solutions •Risk-Threat Analysis and Vulnerability Assessments •Enterprise Security Monitoring, Role-Based Access Control (RBAC) •Identity and Access Management, Computer Forensic •IT Audit and Compliance, Regulatory Requirements (HIPAA, CMS, FISMA, et. al.) •Knowledge of common vulnerability tools, and the ability to identify basic categories of vulnerability. What's in it for YOU? Salary: $120000 to $140000 10% bonus, exceptional perks and benefits Professional development training, mentoring, career coaching, and more! Sounds like you? then ping us with your most updated resume. We'd love to talk to you! We are excited about the companies growth and the role you will play with them. Qualifications Desired Skills & Experience: You hold a Bachelor's degree in any domain. You are certified in CISSP, or CISA, or CEH, required. You have more than 10 years experience working in the IT security function. You have working experience in the health care and/or financial services industries with project management and program management experience. You have good experience with Operating System, Database, Network and Application Security. Additional Information All your information will be kept confidential according to EEO guidelines.

A best-in-class city that attracts best-in-class talent, Philadelphia is an incredible place to build a career. From our thriving arts scene and rich history to our culture of passion and grit, there are countless reasons to love living and working here. With a workforce of over 30,000 people, and more than 1,000 different job categories, the City of Philadelphia offers boundless opportunities to make an impact. As an employer, the City of Philadelphia values inclusion, integrity, innovation, empowerment, and hard work above all else. We offer a vibrant work environment, comprehensive health care and benefits, and the experience you need to grow and excel. If you're interested in working with a passionate team of people who care about the future of Philadelphia, start here. What We Offer: * Impact - The work you do here matters to millions. * Growth - Philadelphia is growing, why not grow with it? * Diversity & Inclusion - Find a career in a place where everyone belongs. * Benefits - We care about your well-being. The Office of Innovation & Technology (OIT) is the central IT agency for the City of Philadelphia headed by the Chief Information Officer (CIO). OIT oversees all major information and communications technology initiatives for the City of Philadelphia - increasing the effectiveness of the information technology infrastructure, where the services provided are advanced, optimized, and responsive to the needs of the City of Philadelphia's businesses, residents, and visitors. OIT responsibilities include: identifying the most effective approach for implementing new information technology directions throughout city government; improving the value of the city's technology assets and the return on the city's technology investments; ensuring data security continuity; planning for continuing operations in the event of disruption of information technology or communications services; and supporting accountable, efficient and effective government across every city department, board, commission and agency. Job Description The Information Security Analyst - Security Operations Center (SOC) position will play a critical role in the City of Philadelphia's, Information Security Group's, monitoring, detecting, analyzing, and responding to cybersecurity threats in real time. This position is responsible for safeguarding the City's digital infrastructure by leveraging advanced security tools, threat intelligence, and incident response protocols. The ideal candidate will have hands-on experience in a SOC environment, a strong understanding of cyber threat landscapes, and the ability to collaborate across departments. Essential Functions * Monitor and analyze security events using SIEM and other SOC tools. * Detect, investigate, and respond to cybersecurity incidents. * Conduct vulnerability assessments and penetration testing. * Document and communicate risks, incidents, and remediation plans. * Develop and maintain security monitoring procedures and incident response playbooks. * Track and report on the effectiveness of security controls and technologies. * Support compliance efforts with relevant regulatory frameworks (e.g., NIST, CJIS, HIPAA). * Participate in security projects and continuous improvement initiatives. * Perform other duties as assigned. Competencies, Knowledge, Skills and Abilities An Information Security Analyst plays a critical role in protecting the City's information systems and data from security breaches, cyber threats, and other vulnerabilities. Some core competencies required for this position include, but not limited to: Technical Proficiency * Experience with SIEM, EDR, IDS/IPS, firewalls, and vulnerability management tools. (e.g, Splunk, Crowdstrike, Nessus, Rapid7, CloudFlare) * Strong understanding of Windows, Linux, and network security principles. * Familiarity with GRC platforms and forensic tools. Cybersecurity Expertise * Knowledge of threat intelligence, attack vectors, and incident response. * Understanding of regulatory frameworks (e.g, NIST, HIPAA, CJIS, PCI-DSS, OWASP, etc.). * Ability to conduct ethical hacking and penetration testing using available tools is preferred but not required. Analytical & Communication Skills * Strong critical thinking and problem-solving abilities. * Ability to communicate technical issues to non-technical stakeholders. * Skilled in writing clear, actionable reports and documentation. Professional Attributes * High ethical standards and commitment to confidentiality. * Adaptability to evolving threats and technologies. * Collaborative mindset and ability to work across departments. * Continuous learner and cybersecurity community contributor. Qualifications * Minimum of 3 years of experience in a SOC or cybersecurity analyst role. * Experience in government, higher education, or large enterprise environments preferred. * Bachelor's degree in Computer Science, Information Security, or related field preferred. * Relevant industry and/or vendor certifications (e.g., CompTIA Security+, CEH, GCIA, GCIH, CISSP) required. * Must pass a CJIS background check. * Must be a Philadelphia resident within six months of hire. Or an acceptable combination of the above acceptable to OIT. Additional Information Salary: $70k-$90k Important: To be considered, candidates must provide a cover letter and resume. All applications should include the following: * A one-page cover letter clarifying your interest and qualifications for the role. It really helps us understand why you're interested in this position. We read every single one! * Your resume or curriculum vitae. * Optionally, an online professional portfolio or public GitHub account. We won't accept or review incomplete applications. Work Setting: in-person (onsite) Discover the Perks of Being a City of Philadelphia Employee: * We offer Comprehensive health coverage for employees and their eligible dependents * Our wellness program offers eligibility into the discounted medical plan * Employees receive paid vacation, sick leave, and holidays * Generous retirement savings options are available * Pay off your student loans faster - As a qualifying employer, City of Philadelphia employees are eligible to participate in the Public Service Loan Forgiveness program. Join the ranks of hundreds of employees who have already benefited from this program and achieved student loan forgiveness. * Enjoy a Free Commute on SEPTA - Starting September 1, 2023, eligible City employees will no longer have to worry about paying for SEPTA public transportation. Whether you're a full-time, part-time, or provisional employee, you can seize the opportunity to sign up for the SEPTA Key Advantage Program and receive free Key cards for free rides on SEPTA buses, trains, trolleys, and regional rails. * Unlock Tuition Discounts and Scholarships - The City of Philadelphia has forged partnerships with over a dozen esteemed colleges and universities in the area, ensuring that our employees have access to a wide range of tuition discounts and scholarships. Experience savings of 10% to 40% on your educational expenses, extending not only to City employees but in some cases, spouse and dependents too! Join the City of Philadelphia team today and seize these incredible benefits designed to enhance your financial well-being and personal growth! * The successful candidate must be a city of Philadelphia resident within six months of hire Effective May 22, 2023, vaccinations are no longer required for new employees that work in non-medical, non-emergency or patient facing positions with the City of Philadelphia. As a result, only employees in positions providing services that are patient-facing medical care (ex: Nurses, doctors, emergency medical personnel), must be fully vaccinated. The City of Philadelphia is an Equal Opportunity employer and does not permit discrimination based on race, ethnicity, color, sex, sexual orientation, gender identity, religion, national origin, ancestry, age, disability, marital status, source of income, familial status, genetic information or domestic or sexual violence victim status. If you believe you were discriminated against, call the Philadelphia Commission on Human Relations at ************ or send an email to *****************.

ADP is Hiring a Lead Information Security Analyst - Identity Unlock Your Career Potential: Global Security Organization at ADP. Do you have a passion for going on the offensive to safeguard critical information? As ADP's Global Security Organization (GSO), we know that our clients rely on us for human capital management solutions, but beyond that, they entrust us with one of their most valuable assets -- their employee data. We are honored by this trust and are laser focused on securing data at every step in the information lifecycle, ensuring integrity, confidentiality and compliance with industry and government regulations at all times. From the cloud to the data center and across every emerging device, you'll join a team of experts in the GSO who are always staying one step ahead in this ever-changing world of data by continually evolving our strategies and technologies to protect ADP and our clients. Like what you see? Apply now! Learn more about ADP at tech.adp.com/careers Responsibilities: Develop and lead IAM security programs, with a primary focus on Active Directory (on-prem and Azure AD), identity lifecycle management, authentication systems, and overall directory hygiene Provide security oversight and guidance for directory services (Active Directory, Azure AD), including accounts, Group Policy, OU structure, domain trusts, and federation services. Oversight and compliance monitoring for role-based access control (RBAC), conditional access, and least privilege principles across AD and cloud identity platforms. Oversight and compliance monitoring for SSO, MFA, Privileged Access Management (PAM), and Identity Governance & Administration (IGA) tools. Align IAM configurations and controls to meet compliance, audit, and security requirements as necessary (e.g., CIS, SOX, NIST, ISO 27001). Mentor junior team members in support of IAM security program via process documentation and knowledge sharing. Analyze identity-related incidents and participate in incident response and root cause analysis. Knowledge of modern identity strategies (Zero Trust, passwordless authentication, Just-In-Time access). To Succeed in This Role: You will have a bachelor's degree or equivalent. Skills: 5+ years of experience in IAM or Security Operations, with hands-on expertise in Active Directory and Azure AD Strong knowledge of identity protocols (LDAP, Kerberos, SAML, OAuth2, OpenID Connect) Experience with hybrid identity environments, including Azure AD Connect, conditional access, and authentication flows Familiarity with IAM and PAM solutions such as SailPoint, CyberArk, etc. Understanding of security frameworks (NIST, ISO, CIS) and regulatory compliance requirements (SOX, HIPAA, GDPR) Strong knowledge of Cloud IAM concepts and implementations across the major cloud providers (AWS, Azure, OCI, GCP) Strong scripting or automation skills (e.g., PowerShell, Python) Excellent analytical, communication, and documentation skills What are you waiting for? Apply today! Find out why people come to ADP and why they stay: **************************** (ADA version: **************************** )

ADP is Hiring a Lead Information Security Analyst - Identity Unlock Your Career Potential: Global Security Organization at ADP. Do you have a passion for going on the offensive to safeguard critical information? As ADP's Global Security Organization (GSO), we know that our clients rely on us for human capital management solutions, but beyond that, they entrust us with one of their most valuable assets -- their employee data. We are honored by this trust and are laser focused on securing data at every step in the information lifecycle, ensuring integrity, confidentiality and compliance with industry and government regulations at all times. From the cloud to the data center and across every emerging device, you'll join a team of experts in the GSO who are always staying one step ahead in this ever-changing world of data by continually evolving our strategies and technologies to protect ADP and our clients. Like what you see? Apply now! Learn more about ADP at tech.adp.com/careers Responsibilities: Develop and lead IAM security programs, with a primary focus on Active Directory (on-prem and Azure AD), identity lifecycle management, authentication systems, and overall directory hygiene Provide security oversight and guidance for directory services (Active Directory, Azure AD), including accounts, Group Policy, OU structure, domain trusts, and federation services. Oversight and compliance monitoring for role-based access control (RBAC), conditional access, and least privilege principles across AD and cloud identity platforms. Oversight and compliance monitoring for SSO, MFA, Privileged Access Management (PAM), and Identity Governance & Administration (IGA) tools. Align IAM configurations and controls to meet compliance, audit, and security requirements as necessary (e.g., CIS, SOX, NIST, ISO 27001). Mentor junior team members in support of IAM security program via process documentation and knowledge sharing. Analyze identity-related incidents and participate in incident response and root cause analysis. Knowledge of modern identity strategies (Zero Trust, passwordless authentication, Just-In-Time access). To Succeed in This Role: You will have a bachelor's degree or equivalent. Skills: 5+ years of experience in IAM or Security Operations, with hands-on expertise in Active Directory and Azure AD Strong knowledge of identity protocols (LDAP, Kerberos, SAML, OAuth2, OpenID Connect) Experience with hybrid identity environments, including Azure AD Connect, conditional access, and authentication flows Familiarity with IAM and PAM solutions such as SailPoint, CyberArk, etc. Understanding of security frameworks (NIST, ISO, CIS) and regulatory compliance requirements (SOX, HIPAA, GDPR) Strong knowledge of Cloud IAM concepts and implementations across the major cloud providers (AWS, Azure, OCI, GCP) Strong scripting or automation skills (e.g., PowerShell, Python) Excellent analytical, communication, and documentation skills What are you waiting for? Apply today! Find out why people come to ADP and why they stay: https://youtu.be/ODb8lxBrxrY (ADA version: https://youtu.be/IQjUCA8SOoA )

Hours: 40 Pay Details: $87,000 - $151,000 USD TD is committed to providing fair and equitable compensation opportunities to all colleagues. Growth opportunities and skill development are defining features of the colleague experience at TD. Our compensation policies and practices have been designed to allow colleagues to progress through the salary range over time as they progress in their role. The base pay actually offered may vary based upon the candidate's skills and experience, job-related knowledge, geographic location, and other specific business and organizational needs. As a candidate, you are encouraged to ask compensation related questions and have an open dialogue with your recruiter who can provide you more specific details for this role. Line of Business: Technology Solutions Job Description: The Information Security Specialist - Penetration Tester defines, develops and/or implements Technology Controls / Information Security related policies, programs, tools and provides specialized expertise and guidance on assessing risks, identifying potential gaps and providing security solutions to mitigate risks and protect the Bank. Participates on projects of moderate to high complexity and provides complex reporting, analysis, and assessments at the functional, business line or enterprise level for own area. Responsibilities: * Conduct Penetration Tests: Perform thorough and methodical penetration testing on web applications, mobile, AI, network infrastructures, and other systems to identify security vulnerabilities. * Vulnerability Assessment: Assess and analyze security weaknesses, and provide actionable recommendations to mitigate risks and improve overall security posture. * Report Findings: Document and communicate findings clearly and effectively to both technical and non-technical stakeholders. Prepare comprehensive reports with recommendations for remediation. * Develop and Execute Test Plans: Design and execute detailed test plans * Stay Current: Keep up-to-date with the latest security trends, vulnerabilities, and tools to ensure testing methodologies are current and effective. * Collaborate with Teams: Work closely with IT and development teams to understand system architectures, provide guidance on security best practices, and support the implementation of security improvements. * Perform Risk Assessments: Evaluate and assess potential security risks related to new and existing systems and technologies. * Compliance: Ensure that penetration testing practices comply with relevant regulations, standards, and organizational policies Depth & Scope: * Participates on complex, comprehensive or large projects and initiatives * Acts as a lead expert resource in technology controls / information security for project teams, the business / organization and/or outside vendors * Has advanced knowledge of organization, technology controls / security/ risk issues Education & Experience: * Bachelor's degree preferred * Information security certification / accreditation an asset * 7+ years of relevant experience * Expert knowledge of IT security and risk disciplines and practices Preferred Qualifications : * Proficiency in penetration testing tools such as Metasploit, Burp Suite, Nmap, and Kali. * Knowledge of common web application vulnerabilities (e.g., OWASP Top Ten) and network security principles. * Experience with penetration testing in AI, cloud environments (e.g., AWS, Azure) and PCI testing. * Familiarity with security standards and frameworks Certifications: Relevant certifications such as Offensive Security Certified Professional (OSCP), Certified Ethical Hacker (CEH), or GIAC Penetration Tester (GPEN) are highly desirable. Physical Requirements: Never: 0%; Occasional: 1-33%; Frequent: 34-66%; Continuous: 67-100% * Domestic Travel - Occasional * International Travel - Never * Performing sedentary work - Continuous * Performing multiple tasks - Continuous * Operating standard office equipment - Continuous * Responding quickly to sounds - Occasional * Sitting - Continuous * Standing - Occasional * Walking - Occasional * Moving safely in confined spaces - Occasional * Lifting/Carrying (under 25 lbs.) - Occasional * Lifting/Carrying (over 25 lbs.) - Never * Squatting - Occasional * Bending - Occasional * Kneeling - Never * Crawling - Never * Climbing - Never * Reaching overhead - Never * Reaching forward - Occasional * Pushing - Never * Pulling - Never * Twisting - Never * Concentrating for long periods of time - Continuous * Applying common sense to deal with problems involving standardized situations - Continuous * Reading, writing and comprehending instructions - Continuous * Adding, subtracting, multiplying and dividing - Continuous The above statements are intended to describe the general nature and level of work being performed by people assigned to this job. They are not intended to be an exhaustive list of all responsibilities, duties and skills required. The listed or specified responsibilities & duties are considered essential functions for ADA purposes. Who We Are: TD is one of the world's leading global financial institutions and is the fifth largest bank in North America by branches/stores. Every day, we deliver legendary customer experiences to over 27 million households and businesses in Canada, the United States and around the world. More than 95,000 TD colleagues bring their skills, talent, and creativity to the Bank, those we serve, and the economies we support. We are guided by our vision to Be the Better Bank and our purpose to enrich the lives of our customers, communities and colleagues. TD is deeply committed to being a leader in customer experience, that is why we believe that all colleagues, no matter where they work, are customer facing. As we build our business and deliver on our strategy, we are innovating to enhance the customer experience and build capabilities to shape the future of banking. Whether you've got years of banking experience or are just starting your career in financial services, we can help you realize your potential. Through regular leadership and development conversations to mentorship and training programs, we're here to support you towards your goals. As an organization, we keep growing - and so will you. Our Total Rewards Package Our Total Rewards package reflects the investments we make in our colleagues to help them and their families achieve their financial, physical and mental well-being goals. Total Rewards at TD includes base salary and variable compensation/incentive awards (e.g., eligibility for cash and/or equity incentive awards, generally through participation in an incentive plan) and several other key plans such as health and well-being benefits, savings and retirement programs, paid time off (including Vacation PTO, Flex PTO, and Holiday PTO), banking benefits and discounts, career development, and reward and recognition. Learn more Additional Information: We're delighted that you're considering building a career with TD. Through regular development conversations, training programs, and a competitive benefits plan, we're committed to providing the support our colleagues need to thrive both at work and at home. Colleague Development If you're interested in a specific career path or are looking to build certain skills, we want to help you succeed. You'll have regular career, development, and performance conversations with your manager, as well as access to an online learning platform and a variety of mentoring programs to help you unlock future opportunities. Whether you have a passion for helping customers and want to expand your experience, or you want to coach and inspire your colleagues, there are many different career paths within our organization at TD - and we're committed to helping you identify opportunities that support your goals. Training & Onboarding We will provide training and onboarding sessions to ensure that you've got everything you need to succeed in your new role. Interview Process We'll reach out to candidates of interest to schedule an interview. We do our best to communicate outcomes to all applicants by email or phone call. Accommodation TD Bank is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, status as a protected veteran or any other characteristic protected under applicable federal, state, or local law. If you are an applicant with a disability and need accommodations to complete the application process, please email TD Bank US Workplace Accommodations Program at ***************. Include your full name, best way to reach you and the accommodation needed to assist you with the applicant process.

Ask IT Consulting Inc, backed by a $500 million Microtek group company, provides an industry leading blend of technology, business consulting, and outsourcing services. Ask IT is a minority-owned enterprise; it has been founded on providing the highest quality possible and on the devotion to customer satisfaction. ASK IT consulting is an equal opportunity employer, which is a global staffing, consulting and technology solutions company, offering industry-specific solutions to fortune 500 clients and worldwide corporations. Job Description The Information Security Specialist (ISS) is responsible for developing and documenting information security policies and standards, in addition to planning, coordinating, and implementing security measures for information systems. Years of Relevant Experience: 5 plus years Preferred Education 4 year college degree or equivalent technical study • -Define, develop and implement information security & risk management policies, procedures & best practices to comply with industry standards • -Develop plans to safeguard computer files against accidental or unauthorized • modification, destruction, or disclosure and to meet emergency data processing • needs. Monitor use of data files and regulate access to safeguard information in • computer files. • -Document and maintain a repository with version control of all policies, procedures and best practices • -Perform compliance reviews, risk management functions, test executions and encryptions for application and infrastructure service levels • -Monitor use of data files and safeguard computer files against authorized access and unauthorized access • -Modify computer security files to incorporate new software, correct errors or access changes • -Perform risk assessments and execute tests of data processing system to ensure • functioning of data processing activities and security measures. • -Encrypt data transmissions and erect firewalls to conceal confidential information as it • is being transmitted and to keep out tainted digital transfers. • -Identify and track issues, risks and action items. • -Document information security policies, standards, and procedures spanning and • encompassing the range of topics such as organization security, asset ID and • classification, personal security, communications and operations management, • access control, system development and maintenance, business continuity • management, and compliance. • -Confer with users to discuss issues such as computer data access needs, security • violations, and programming changes. • -Train users and promote security awareness to ensure system security and to • improve server and network efficiency. Qualifications Prior experience in the following are essential for the role: • Websense 7.8 • E policy Orchestrator 4.6 • Mc Afee email gateway (MEG) 7.6 • Airwatch 8.0.6.0 Additional Information If you are interested in finding out more about opportunities near you, if you are in need of a staffing firm such as ours, or if you just have a question regarding your resume and career path, please email me at ryanaskitc.com

Opportunity Information Security Analyst to support cybersecurity initiatives across various network systems, focusing on protecting data integrity and system security. They will implement the Risk Management Framework, conduct audits, monitor for vulnerabilities, manage encryption, and respond to security breaches. The Information Security Analyst will also perform routine IT tasks with varying complexity to maintain overall system protection. Key Responsibilities Implement and manage the Risk Management Framework (RMF) to ensure compliance and secure system operations Provide ongoing cybersecurity support across a variety of network systems Conduct IT audits, develop and refine monitoring strategies, review access controls, identify system vulnerabilities, manage data encryption, and respond to security incidents Perform a range of routine and complex IT tasks to support daily operations and system integrity Safeguard the confidentiality, integrity, and availability of computer networks, systems, and data Qualifications Requirements Bachelor's Degree and 4+ years of experience OR, Associate's degree with 6+ years of experience OR, High School Degree and 10+ years of experience ISC2, CISSP, or similar certification with customer approval Active Top Secret or Q security clearance Preferred Qualifications Excellent customer support experience and soft skills to ensure end-user satisfaction Ability to lead small teams or projects through cross functional coordination/collaboration with other departments Assist key stakeholders in overall project execution and find solutions through creative problem solving Ability to demonstrate proven success with adaptability - willingness to evolve with technology while ensuring data accuracy standards Salary 100-130k About IMG Founded in 1987, IMG is a leading small business that exemplifies competence, integrity and follow-through. We consistently provide customer focused professional services, which ensures our company is recognized for continually exceeding expectations. We believe that at the core of our success stand our people. Our people have provided professional services in the Information Technology field for our customers with a commitment to customer satisfaction for over 35 years. IMG Benefits: Health, dental, vision, and life insurance Short term and long term disability insurance 401(k) with generous company match Health Savings Accounts (HSA) Personal leave plus paid federal holidays Professional development and training assistance IMG is an equal opportunity employer including disability and protected veterans or other characteristics protected by law.