Cyber security analyst jobs in Brookhaven, NY - 404 jobs

We invite you to review our current business services professionals openings to learn about the opportunities available across the firm. About Us Skadden, Arps, Slate, Meagher & Flom LLP has forged a reputation as one of the most prestigious law firms in the world. Relying on innovation, intellect, teamwork and tenacity, our lawyers deliver the highest quality advice and novel solutions to our clients' legal issues. We are known for handling the most complex transactions, litigation/controversy issues, and regulatory matters, as well as for the strong partnerships we build with clients and each other. Our attorneys, who reflect a broad range of experiences and perspectives, work together seamlessly across 50-plus practices and 21 offices in the world's major financial centers. The Opportunity We are seeking two Network Security Analysts to join our Firm. These positions will be based in our White Plains office (hybrid), and please note the roles have different shift times, listed below. The Network Security Analysts are responsible for implementing and supporting network security solutions for the Firm and, implementing and enforcing practical solutions to secure the Firm's internal and external network infrastructure. Available Shift Times (EST- Hybrid) 1.) Saturday - Sunday: 7:00 a.m. - 8:00 p.m. EST & Monday 7:00 a.m. - 7:00 p.m. 2.) Monday - Friday: 2:00 p.m. - 10:00 p.m. Note: The scheduled hours listed may be flexible and will be discussed during the interview process. Responsibilities Performs daily review of automated security reports and escalate as necessary. Responds to system generated security alerts and coordinate responses. Assists with internal audits, vulnerability scans and risk assessments. Assists with annual penetration testing, review of findings and tracking issue resolution. Participates in evaluating new technologies or new versions of existing products. Works with project teams to implement secure network connectivity solutions. Writes and maintains technical documentation including procedures and troubleshooting guides. Demonstrates effective interpersonal, written and verbal communication skills to facilitate effective work relationships with others. Manages Firm resources responsibly. Complies with and understands Firm operation, policies and procedures. Performs other related duties as assigned. Qualifications Knowledge of relevant firm computer software programs (e.g., Outlook, Excel, PowerPoint), with the ability to learn new software and operating systems Proficient with Access, Project and Visio Thorough knowledge of network management and security technologies and approaches Thorough knowledge of security techniques, latest protocols and defenses Proficient with Microsoft Active Directory and Operating Systems Basic ability to program scripts and batch files Demonstrates effective interpersonal and communication skills, both verbally and in writing Demonstrates close attention to detail Excellent analytical, troubleshooting, organizational, and planning skills Ability to handle multiple projects and shifting priorities Ability to handle sensitive matters and maintain confidentiality Ability to organize and prioritize work Ability to work well in a demanding and fast-paced environment Ability to work well independently as well as effectively within a team Ability to use discretion and exercise independent and sound judgment Flexibility to adjust hours and work the hours necessary to meet operating and business needs Education/Experience Bachelor's degree or equivalent Minimum of two years' experience in multi-national enterprise IT Culture & Life at Skadden What makes Skadden special is our people and the culture, community and spirit of collaboration we have created. We believe in teamwork and inspiring each other to be our best in an atmosphere that promotes professionalism and excellence in all that we do. We know that inclusion and drawing on the strength of a wide spectrum of talent only make us better and is vital to the firm's success. Our goal is for everyone at the firm to enjoy a challenging career with opportunities for development and growth and to support the well-being of our attorneys and business services professionals. Benefits The overall well-being of our team is important to us. We offer generous benefits to help you achieve wellness in all areas of your life. Competitive salaries and year-end discretionary bonuses. Comprehensive health care (medical, dental, vision), savings plan/401(k) and voluntary benefits. Generous paid time off. Paid leave options, including parental. In-classroom, remote, and on-demand learning and professional development opportunities. Robust well-being classes and programs. Opportunities to give back and make an impact in local communities. For further details, please visit: ******************************************************* Skadden is an Equal Opportunity Employer (Disability/Vet/other protected categories). For more information, please visit Skadden.com/careers. The starting base salary for this position is expected to be within the range listed under Salary Details. Actual salary will be determined based on skills, experience (to the extent relevant) and other-job related factors, consistent with applicable law. Salary Details $125,000 -$140,000 EEO Statement Skadden is an Equal Opportunity Employer. It does not discriminate against applicants or employees based on any legally impermissible factor including, but not limited to, race, color, religion, creed, sex, national origin, ancestry, age, alienage or citizenship status, marital or familial status, domestic partnership status, caregiver status, sexual orientation, gender, gender identity or expression, change of sex or transgender status, genetic information, medical condition, pregnancy, childbirth or related medical conditions, sexual and reproductive health decisions, disability, any protected military or veteran status, or status as a victim of domestic or dating violence, sexual assault or offense, or stalking. Applicants who require an accommodation during the application process should contact Lara Bell at **************. Skadden Equal Employment Opportunity Policy Skadden Equal Employment Opportunity Policy Applicants Have Rights Under Federal Employment Law Applicants Have Rights Under Federal Employment Law In accordance with the Transparency in Coverage Rule, click here to review machine-readable files made available by UnitedHealthcare: Transparency in Coverage

Client Name: City of New York Contract Length (in weeks): 52 Hybrid: 3 days in office/2 days remote. SCOPE OF SERVICES The forensics Analyst will investigate network intrusions and other cyber incidents to determine cause, extent and consequences of the breach. TASKS: Investigate network intrusions and other cybersecurity incidents to determine the cause and extent of the breach. Includes ability to perform host -based and network -based forensic analysis. Research and develop new techniques, and procedures to continually improve the digital forensics process. Produce high quality written work product presenting complex technical issues clearly and concisely. Managing and maintaining the analysis labs and forensics tools leveraged for investigations. Ensuring data is collected and preserved within industry standard best practices and in alignment evidence integrity requirements. Assisting the Cyber Emergency Response Team during critical incidents. RequirementsMANDATORY SKILLS/EXPERIENCE Note: Candidates who do not have the mandatory skills will not be considered Minimum 4 years of experience in Threat Management/Forensics Investigations/Incident Response environment Proficient in performing digital forensic investigations on a variety of platforms and operating systems with a deep understanding of digital forensics processes and tools. DESIRABLE SKILLS/EXPERIENCE: Experience with a wide range of forensic tools (TZWorks, X -Ways, SIFT, AXIOM, Volatility, etc.) Experience with memory analysis tools (i.e. Volatility) Experience with Linux and open source tools Experience investigating intrusions on Windows and Linux/Unix operating systems Knowledge of gathering, accessing, and assessing evidence from computer systems and electronic devices Knowledge of virtual environments Knowledge of forensic imaging techniques Knowledge of Microsoft Windows operating system and Windows artifacts Knowledge of Linux/UNIX operating systems and artifacts Knowledge of MAC OS operating system and forensics artifacts Knowledge of file systems Strong analytical skills

Canandaigua National Bank What does a Cyber Security Analyst do? A Cyber Security Analyst at Canandaigua National Bank is responsible for designing, maintaining, and operating secure network environments, monitoring and analyzing security events, and ensuring compliance with organizational and regulatory standards. This role involves vulnerability management, incident response, system optimization, and collaboration across departments to safeguard enterprise information systems. Network & Security Operations Design, maintain, and operate highly secure communication networks. Perform real-time monitoring and analysis of security events from multiple sources. Conduct in-depth network security analysis, incident response, and threat intelligence. Detect and remediate intrusions across infrastructure, applications, and security devices. Oversee patch management analysis, deployment, and monitoring. Perform vulnerability scanning, risk assessment, and remediation prioritization. Compliance & Governance Ensure adherence to security policies, standards, and regulatory requirements. Provide input to security controls and compliance frameworks. Support internal/external audits with documentation and evidence. Cooperate with risk management practices and organizational safety standards. Systems & Application Management Plan, design, and implement efficient information systems supporting business functions. Ensure compatibility and interoperability of complex computing systems. Review and improve existing systems for efficiency and security. Assist in deploying new applications and enhancements. Maintain integrity and security of enterprise data across hosts and databases. Perform network and security audits, asset management, and maintain technical documentation. Recommend and implement upgrades, patches, and reconfigurations. Develop and maintain policies and procedures for system administration and change management. Collaboration & Communication Coordinate with internal teams and other departments for smooth information flow. Communicate with management and staff to align goals and activities. Respond to inquiries promptly within policy guidelines. Maintain records and provide required reports. Continuous Improvement & Education Participate in continuing education to stay current with evolving threats. Work with Information Security Risk Office to measure program effectiveness. Support IT Security Alert Response and participate in incident/problem management. What is needed to be successful in this role? Associate degree in Computer Science, Information Science, Management Information Systems, Business Administration, or related field required. Bachelor's degree preferred. Equivalent combination of education and experience will be considered. Specialized education and training relating to computer systems and applications. A minimum of five (5) years' experience in related positions normally required, three (3) of which in Cyber Security field. Proven experience in overseeing the implementation of hardware and software solutions, systems, or products. Strong knowledge of network security, routing, switching, and security technologies (e.g., SIEM, antivirus, firewalls, IDS/IPS). Experience with vulnerability management, patching, and compliance frameworks. Familiarity with regulatory requirements and risk management practices. Excellent analytical, problem-solving, and communication skills. Commitment to ongoing professional development in cybersecurity. What makes working at Canandaigua National Bank different? Our Core Values guide how we serve, lead, and grow alongside our community. By working wholeheartedly , feeling empowered, acting with courage, being authentic, and serving with a noble spirit, WE CAN fortify healthy lives by doing what's right for our customers and the community. Our culture nurtures passionate employees and offers great rewards including: Medical, dental, vision, FSA, HSA options for both part-time and full-time employees. Medical coverage is also offered for domestic partners. Paid holidays, vacation, and sick time. Retirement benefits that include a 401(k), Profit Sharing, and Employee Stock Ownership Plan (ESOP). Training & development opportunities. Tuition assistance. Community focused volunteer opportunities. Award winning wellness program that promotes a solid work/life balance. Banking perks and discount programs. Our goal is to ensure that our bank, employees, and our community thrive and grow, now and for the next 135 years. We're in it for the long haul. What truly sets us apart from other financial institutions is the quality and commitment of our employees. We've assembled a diverse team of people who share a primary focus: to provide exceptional service for our customers. As an organization, we are committed to hiring, training, developing, promoting, and celebrating employees from historically disadvantaged groups. At Canandaigua National Bank, we welcome the unique contributions that you can bring in terms of ethnicity, race, sex, gender identity and expression, nation of origin, age, languages spoken, veteran's status, religion, disability, sexual orientation, education, and culture. Canandaigua National Bank remains an independent, community bank. If you want to be a part of something special, join us today! Compensation range - $35 - $43/hr. The actual salary offered within the range is dependent on a variety of factors including, but not limited to, relevant experience, qualifications, skills, level offered, and performance expectations. Canandaigua National Corporation and its subsidiaries encourage diversity in the workplace; we are an Equal Opportunity Employer. Minority/Female/Sexual Orientation/Gender Identity/Disability/Veteran.

Job Title: Cyber Command Forensic Analyst SCOPE OF SERVICES: The forensics Analyst will investigate network intrusions and other cyber incidents to determine cause, extent and consequences of the breach. TASKS: · Research and develop new techniques, and procedures to continually improve the digital forensics process. · Produce high quality written work product presenting complex technical issues clearly and concisely. · Managing and maintaining the analysis labs and forensics tools leveraged for investigations. · Ensuring data is collected and preserved within industry standard best practices and in alignment evidence integrity requirements. · Assisting the Cyber Emergency Response Team during critical incidents. · Investigate network intrusions and other cybersecurity incidents to determine the cause and extent of the breach. Includes ability to perform host -based and network -based forensic analysis. MANDATORY SKILLS/EXPERIENCE: · Minimum 4 years of experience in Threat Management/Forensics Investigations/Incident Response environment · Proficient in performing digital forensic investigations on a variety of platforms and operating systems with a deep understanding of digital forensics processes and tools. Requirements DESIRABLE SKILLS/EXPERIENCE: · Experience with a wide range of forensic tools (FTK, X -Ways, SIFT, AXIOM, EnCase, etc.) · Experience with memory analysis tools (i.e. Volatility, MemProcFS) · Experience with Linux and open source tools · Experience investigating intrusions on Windows and Linux/Unix operating systems · Experience with performing forensics collections in cloud environments (AWS, Azure, GCP) · Knowledge of gathering, accessing, and assessing evidence from computer systems and electronic devices · Knowledge of virtual environments · Knowledge of forensic imaging techniques · Knowledge of Microsoft Windows operating system and Windows artifacts · Knowledge of Linux/UNIX operating systems and artifacts · Knowledge of mac OS operating system and forensics artifacts · Knowledge of file systems · Strong analytical skills Skills: · Incident Management · Threat Management · Cyber Security

Job Description We is seeking a talented Cyber Security Analyst. As a Cyber Security Analyst, you will play a key role in ensuring the security and integrity of our organization's data and systems. Requirements Responsibilities: Monitor, detect, and respond to cyber threats and security incidents, Conduct vulnerability assessments and penetration testing to identify potential weaknesses in our systems, Develop and implement security measures and best practices to protect against cyber attacks, Stay up-to-date with the latest cyber security trends and technologies, Collaborate with cross-functional teams to identify security risks and implement appropriate solutions, Provide training and guidance to employees on cyber security awareness and best practices. Requirements: Bachelor's degree in Computer Science, Information Security, or a related field, Proven experience in cyber security or a related role, Strong knowledge of security protocols and tools, Ability to analyze and interpret complex data and make informed decisions, Excellent problem-solving and communication skills, Relevant certifications (e.g. CISSP, CISM) are preferred but not required. Benefits About Us Zone IT Solutions is an Australia-based Recruitment Company. We specialise in Digital, ERP and larger IT Services. We offer flexible, efficient and collaborative solutions to any organisation that requires IT, experts. Our agile, agnostic and flexible solutions will help you source the IT Expertise you need. If you are looking for new opportunities, your profile at *******************************. Also, follow our LinkedIn page for new job opportunities and more. Zone IT Solutions is an equal-opportunity employer, and our recruitment process focuses on essential skills and abilities.

Join our global Cyber team as a Wordings Analyst supporting the Global Cyber Wordings Manager in the strategic development and governance of our Cyber and Tech policy suite, including Liberty Cyber Resolution and Liberty Tech Resolution. This role is a hands-on business enabler: you will help translate complex legal and regulatory requirements into clear, market-ready wordings, maintain our global clause library, support manuscript negotiations, and produce practical tools that empower underwriters and strengthen broker confidence. It's an excellent opportunity for an early-career insurance wordings or legal professional to build expertise in a fast-moving, global specialty line and make a visible impact on growth, innovation, and client experience. Key responsibilities: Wording library and drafting support Maintain and expand the global wording library centered on Liberty Cyber Resolution and Liberty Tech Resolution, including endorsements, exclusions, and guidance notes. Redline and prepare first drafts of standard clauses and endorsements; ensure consistency with definitions, coverage intent, and plain-language standards. Track version control, change logs, approvals, and archiving; Assist with localization for different jurisdictions, coordinating translations and filing documentation with Legal/Compliance. Commercial enablement Build practical tools (playbooks, FAQs, objection-handling guides, coverage summaries) to help regional teams position our products and close deals efficiently. Prepare broker/client comparison decks and battlecards; support pitches, RFP/RFI responses, and manuscript negotiations with clause comparisons and recommended alternatives. Triage wording queries from regions; track SLAs and referral approvals per the global governance framework. Partner closely with Underwriting, Product, Global Cyber Engagement, Claims, Legal/Compliance, and regional leaders to deliver accurate, timely support and uphold governance standards. Regulatory and legal stewardship Monitor and synthesize global regulatory and market developments (e.g., Lloyd's cyber war/systemic guidance, GDPR, DORA, NIS2, sanctions) into succinct briefs and recommended wording actions. Maintain audit-ready documentation; assist with regulatory filings or attestations where required. Claims partnership and feedback loop Collaborate with Claims to capture lessons from disputes and litigation trends; draft guidance notes and propose clarifications to improve coverage certainty. Support coverage position letters and documentation packs with research, citations, and clause histories. Innovation and product development support Help draft prototype wordings for new propositions Check alignment between underlying policy wordings and reinsurance treaty/facultative clauses. Administer wording management tools, ensuring robust version control, approval workflows, and usage analytics. Build dashboards and trackers for adoption of standard forms, deviation rates, SLA performance, disputes, and audit findings; provide monthly reporting to stakeholders. Qualifications Bachelor's degree in business, economics, or other quantitative field. Minimum 3 years, typically 4 years or more of relevant work experience. 2 - 5 years of experience in insurance wordings, legal/paralegal support, underwriting support, or product documentation; cyber specialty experience preferred. Strong drafting, redlining, and proofreading skills with a plain-language mindset and exceptional attention to detail. Working knowledge of insurance policy structures, endorsements, exclusions, and coverage interpretation; familiarity with cyber war/systemic language, sanctions, and privacy regulations is advantageous. Research and synthesis skills to translate complex regulatory/legal topics into practical guidance and actionable updates. Proficiency with MS Word (advanced track changes/redlining), Excel (trackers and dashboards), PowerPoint (training/pitch materials), and document/enablement tools. Collaborative, service-oriented approach; comfortable operating in a global matrix and meeting defined SLAs. Curiosity about cybersecurity risks and the incident response ecosystem; willingness to learn common threat scenarios to inform practical drafting. About Us Pay Philosophy: The typical starting salary range for this role is determined by a number of factors including skills, experience, education, certifications and location. The full salary range for this role reflects the competitive labor market value for all employees in these positions across the national market and provides an opportunity to progress as employees grow and develop within the role. Some roles at Liberty Mutual have a corresponding compensation plan which may include commission and/or bonus earnings at rates that vary based on multiple factors set forth in the compensation plan for the role. At Liberty Mutual, our goal is to create a workplace where everyone feels valued, supported, and can thrive. We build an environment that welcomes a wide range of perspectives and experiences, with inclusion embedded in every aspect of our culture and reflected in everyday interactions. This comes to life through comprehensive benefits, workplace flexibility, professional development opportunities, and a host of opportunities provided through our Employee Resource Groups. Each employee plays a role in creating our inclusive culture, which supports every individual to do their best work. Together, we cultivate a community where everyone can make a meaningful impact for our business, our customers, and the communities we serve. We value your hard work, integrity and commitment to make things better, and we put people first by offering you benefits that support your life and well-being. To learn more about our benefit offerings please visit: *********************** Liberty Mutual is an equal opportunity employer. We will not tolerate discrimination on the basis of race, color, national origin, sex, sexual orientation, gender identity, religion, age, disability, veteran's status, pregnancy, genetic information or on any basis prohibited by federal, state or local law. Fair Chance Notices California Los Angeles Incorporated Los Angeles Unincorporated Philadelphia San Francisco We can recommend jobs specifically for you! Click here to get started.

Darktrace is a global leader in AI for cybersecurity that keeps organizations ahead of the changing threat landscape every day. Founded in 2013, Darktrace provides the essential cybersecurity platform protecting nearly 10,000 organizations from unknown threats using its proprietary AI. The Darktrace Active AI Security Platform™ delivers a proactive approach to cyber resilience to secure the business across the entire digital estate - from network to cloud to email. Breakthrough innovations from our R&D teams have resulted in over 200 patent applications filed. Darktrace's platform and services are supported by over 2,400 employees around the world. To learn more, visit ************************* Job Description: Launch Your Cybersecurity Career with Darktrace! Are you detail-oriented, curious, and ready to make an impact? Darktrace is hiring entry-level Cyber Security Analysts to join our team of experts protecting businesses from cyber threats. You'll receive full training, work with cutting-edge AI technology, and gain hands-on experience in a fast-paced environment. About the Role As a Cyber Security Analyst at Darktrace, you will play a critical role in safeguarding our customers' digital environments. You'll analyze technical data, identify potential threats, and provide actionable insights to ensure peace of mind for our clients. This role combines investigative work, report writing, customer interaction, consultancy, threat intelligence and technical problem-solving in a fast-paced Security Operations focused environment. Please Note: This role is Hybrid. 3 days in office. Key Responsibilities Investigate alerts and network traffic using the Darktrace platform and supporting tools. Draft clear, technical reports for customers on identified threats and recommended actions. Assist in assessing risks and implementing basic security measures. Identify emerging threat trends and analyze campaigns across customer environments. Respond to customer inquiries via email or chat with concise, accurate information. Collaborate with team members to share strategies and best practices. Contribute to internal and external knowledge sharing, including technical blog posts. Stay current on cybersecurity trends and developments. Support customers in adopting and optimizing the Darktrace platform through consultancy efforts. Maintain strict standards for data security and confidentiality. Qualifications & Skills Strong attention to detail and analytical thinking. Ability to work independently and as part of a team. Excellent written and verbal communication skills. Organizational skills to manage multiple tasks and meet deadlines. Basic understanding of cybersecurity principles and incident response. Problem-solving mindset with the ability to break down complex issues. Preferred Experience Familiarity with network protocols and security concepts. Technical writing or reporting experience. Bachelor's degree in Cybersecurity, Computer Science, or related field (or equivalent experience). Fluent in Spanish and/or Portuguese, capable of technical writing and delivery of consultancy service in language a plus What We Offer Comprehensive training and ongoing professional development. Opportunities for career growth in a rapidly expanding industry. Collaborative, inclusive work environment. Base $75k-$85k. Final offer will be determined based on years of experience and location. Benefits: 100% medical, dental and vision insurance, plus dependents Paid parental leave Pet insurance Discount Life insurance Commuter benefits 401(k) Employee Assistance Program

States: MA, NH, RI, ME, CT, VT, NJ, NY is home office based. Meet the Team You will provide guidance and assist Security Sellers and Account teams within the territory in a pre-sales technical role, showcasing Cisco security product solutions, setting up demonstrations, explaining features and benefits to customers, and designing and configuring products to address specific customer security needs. You will form relationships with our customer's key decision-makers, positioning Cisco security solutions aligned accurately to their requirements. You will be a part of an outstanding technical pre-sales team in our Global Security Sales Organization (GSSO), responsible for driving the success of Cisco's Security Portfolio and focusing on protecting Customer Application Environments no matter where they live (on-prem / any cloud). Our mission is simple: democratize security by making it easy and effective for everyone. We're transforming security from the ground up by solving the world's most pressing geopolitical challenge - safe, secure information access. We engineer our business to enable our customers to easily address their ever-evolving security challenges. We believe that impactful work is rewarding work and that our team is at its best when everyone feels empowered to bring their whole self to work. We learn together by hiring for cultural contribution, not cultural fit, and recognize that diversity in background and thought are essential to building high-impact teams. We invest in growth and learning opportunities and encourage our people to never stop learning. We foster collaboration and believe in being recognized (and rewarded!) for hard work. We champion a healthy work-life balance. We're kinder than necessary. Together we build for the future by designing simple solutions for complex problems. And that's why we're the most loved and trusted name in security. Your Impact As an advisor to the customer, you'll be working with technology experts to craft architectures and configure products to meet customer-specific needs, are prepared to lead all technical aspects of pre-sales activities, and position security solutions effectively against competing offerings. You are an aggressive starter, self-starter with the ability to build executive relationships, develop and execute sales strategies and tactics that improve Cisco's opportunity with a customer environment, position and promote the partner and customer value proposition for Cisco security architecture, articulate Cisco's product and business strategies, and create the demand that makes deals happen! You will: - Serve as the subject matter expert in Cisco security solutions - Provide guidance and assist account teams within the territory in building solutions to address specific customer security needs - Understand business requirements for a customer base and be able to translate them into technical requirements - Understand and articulate Cisco's architecture and services within security technologies - Create, present, and document technical solutions - Perform in-depth and high-level technical presentations for customers partners and prospects - Drive identified major account opportunities (i.e. technical consulting, upper-level management presentations, and Cisco technology solutions) while allowing local account teams to maintain long-term ownership Who You Are You are passionate about the customer experience and excited about new technology. You are a true teammate and love to learn. Being a self-starter, our SEs act as an industry domain authority, and strive to help Cisco make customers for life. Minimum Qualifications -Minimum of 4 years of pre-sales experience -Hands on experience with one or more of these Cisco Security Products (or their competitive equivalent): ******************************************************************** - Experience with whiteboard discussions that transform customer requirements into security solutions Preferred Qualifications - History of successful quota achievement. - Ability to demo / POV any of these Cisco Security products (the more the better): ******************************************************************** - Knowledge of public clouds AWS, Azure, GCP, and OCI. - Experience with incident response a plus - Experience with administering security for a company (e.g. purchased and deployed Cisco security products as a customer) is a plus. - Solid presentation and interpersonal skills. - Highly motivated self-starter who does not need day-to-day management - Experience with APIs and scripting languages **Why Cisco?** At Cisco, we're revolutionizing how data and infrastructure connect and protect organizations in the AI era - and beyond. We've been innovating fearlessly for 40 years to create solutions that power how humans and technology work together across the physical and digital worlds. These solutions provide customers with unparalleled security, visibility, and insights across the entire digital footprint. Fueled by the depth and breadth of our technology, we experiment and create meaningful solutions. Add to that our worldwide network of doers and experts, and you'll see that the opportunities to grow and build are limitless. We work as a team, collaborating with empathy to make really big things happen on a global scale. Because our solutions are everywhere, our impact is everywhere. We are Cisco, and our power starts with you. **Message to applicants applying to work in the U.S. and/or Canada:** The starting salary range posted for this position is $217,200.00 to $274,100.00 and reflects the projected salary range for new hires in this position in U.S. and/or Canada locations, not including incentive compensation*, equity, or benefits. Individual pay is determined by the candidate's hiring location, market conditions, job-related skillset, experience, qualifications, education, certifications, and/or training. The full salary range for certain locations is listed below. For locations not listed below, the recruiter can share more details about compensation for the role in your location during the hiring process. U.S. employees are offered benefits, subject to Cisco's plan eligibility rules, which include medical, dental and vision insurance, a 401(k) plan with a Cisco matching contribution, paid parental leave, short and long-term disability coverage, and basic life insurance. Please see the Cisco careers site to discover more benefits and perks. Employees may be eligible to receive grants of Cisco restricted stock units, which vest following continued employment with Cisco for defined periods of time. U.S. employees are eligible for paid time away as described below, subject to Cisco's policies: + 10 paid holidays per full calendar year, plus 1 floating holiday for non-exempt employees + 1 paid day off for employee's birthday, paid year-end holiday shutdown, and 4 paid days off for personal wellness determined by Cisco + Non-exempt employees** receive 16 days of paid vacation time per full calendar year, accrued at rate of 4.92 hours per pay period for full-time employees + Exempt employees participate in Cisco's flexible vacation time off program, which has no defined limit on how much vacation time eligible employees may use (subject to availability and some business limitations) + 80 hours of sick time off provided on hire date and each January 1st thereafter, and up to 80 hours of unused sick time carried forward from one calendar year to the next + Additional paid time away may be requested to deal with critical or emergency issues for family members + Optional 10 paid days per full calendar year to volunteer For non-sales roles, employees are also eligible to earn annual bonuses subject to Cisco's policies. Employees on sales plans earn performance-based incentive pay on top of their base salary, which is split between quota and non-quota components, subject to the applicable Cisco plan. For quota-based incentive pay, Cisco typically pays as follows: + .75% of incentive target for each 1% of revenue attainment up to 50% of quota; + 1.5% of incentive target for each 1% of attainment between 50% and 75%; + 1% of incentive target for each 1% of attainment between 75% and 100%; and + Once performance exceeds 100% attainment, incentive rates are at or above 1% for each 1% of attainment with no cap on incentive compensation. For non-quota-based sales performance elements such as strategic sales objectives, Cisco may pay 0% up to 125% of target. Cisco sales plans do not have a minimum threshold of performance for sales incentive compensation to be paid. The applicable full salary ranges for this position, by specific state, are listed below: New York City Metro Area: $223,000.00 - $330,300.00 Non-Metro New York state & Washington state: $217,200.00 - $315,300.00 * For quota-based sales roles on Cisco's sales plan, the ranges provided in this posting include base pay and sales target incentive compensation combined. ** Employees in Illinois, whether exempt or non-exempt, will participate in a unique time off program to meet local requirements. Cisco is an Affirmative Action and Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, national origin, genetic information, age, disability, veteran status, or any other legally protected basis. Cisco will consider for employment, on a case by case basis, qualified applicants with arrest and conviction records.

ABOUT THE JOB The ACLU seeks applicants for the full-time position of Cybersecurity Engineer in the Information Security Department of the ACLU's National office in New York, NY. This is a hybrid role that has in-office requirements of two (2) days per week or eight (8) days per month. Director of Security Architecture & Engineering, this hands-on technical role is responsible for securing the ACLU's infrastructure, endpoints, and cloud services by reducing vulnerability risk, improving control enforcement, and operationalizing core data protection strategies. This role is ideal for a security engineer who thrives at the intersection of infrastructure, identity, and data - someone ready to roll up their sleeves to turn policy into technical enforcement. The engineer will drive progress across cloud posture, endpoint compliance, DLP, and insider risk detection, ensuring controls are not just defined but deployed, measurable, and resilient in production environments. This position is part of a collective bargaining unit. It is represented by ACLU Staff United (ASU). WHAT YOU'LL DO Reporting to the Director of Security Architecture & Engineering, the Cybersecurity Engineer will be accountable for executing core infrastructure and endpoint security priorities across cloud, network, and device environments. YOUR DAY TO DAY Implement and manage cloud security posture tooling and alerts, ensuring visibility into configuration drift, overexposure, and high-risk services. Lead the vulnerability management lifecycle - including scanning, prioritization, stakeholder coordination, remediation tracking, and reporting. Deploy and enforce secure configuration baselines across managed devices (Windows, mac OS, mobile), including disk encryption, patch compliance, and privileged access. Identify exposed services and reduce attack surface across infrastructure and endpoint environments using automation and policy-based enforcement. Develop and maintain secure configuration management practices across IAM, network segmentation, endpoint posture, and SaaS platforms. Engineer and support enterprise Data Loss Prevention (DLP) tooling, including policy definition, control enforcement, and incident response workflows across email, endpoint, and cloud. Implement and tune insider threat detection signals using endpoint telemetry, behavior analytics, and identity context, in coordination with Security Operations. Serve as a technical escalation point for endpoint, cloud, and identity security issues impacting control integrity or coverage. FUTURE ACLU'ERS WILL Be committed to advancing the mission of the ACLU Center and embed the principles of equity, inclusion and belonging in their work by demonstrating commitment to diversity with an approach that respects and values multiple perspectives Be committed to work collaboratively and respectfully toward resolving obstacles and conflicts WHAT YOU'LL BRING Demonstrated experience in security engineering, cloud/infrastructure security, or endpoint protection. Strong working knowledge of DLP, data classification, and endpoint telemetry tooling (e.g., Microsoft Purview, Intune, Defender for Endpoint, Jamf, etc.). Hands-on experience with vulnerability management platforms and remediation coordination. Experience designing and deploying secure configurations across Windows, mac OS, and mobile environments. Familiarity with insider risk detection tooling or behavioral analytics platforms is a strong plus. Proficiency with scripting or infrastructure-as-code (e.g., PowerShell, Python, Terraform). Excellent communication and cross-functional collaboration skills, particularly across IT, Legal, and Privacy stakeholders. Commitment to securing digital systems in a mission-driven and rights-centered environment. COMPENSATION The ACLU is committed to equity, transparency, and clarity in pay. Consistent with our compensation philosophy, there is a set salary for each role based on geographic work location. The annual salary for this position is $137,206(Level - F), reflecting the salary of a position based in New York, NY. Salaries are subject to a regional pay adjustment if authorization is granted to work outside of the location listed in this posting. For details on our pay structure, please visit: ************************************************************************ WHY THE ACLU For over 100 years, the ACLU has worked to defend and preserve the individual rights and liberties guaranteed by the Constitution and laws of the United States. Whether it's ending mass incarceration, achieving full equality for the LGBTQ+ community, establishing new privacy protections for our digital age, or preserving the right to vote or the right to have an abortion, the ACLU takes up the toughest civil liberties cases and issues to defend all people. We know that great people make a great organization. We value our people and know that what we offer is essential not just their work, but to their overall well-being. At the ACLU, we offer a broad range of benefits, which include: Time away to focus on the things that matter with a generous paid time-off policy Focus on your well-being with comprehensive healthcare benefits (including medical, dental and vision coverage, parental leave, gender affirming care & fertility treatment) Plan for your retirement with 401k plan and employer match We support employee growth and development through annual professional development funds, internal professional development programs and workshops OUR COMMITMENT TO ACCESSIBILITY, EQUITY, DIVERSITY & INCLUSION Accessibility, equity, diversity and inclusion are core values of the ACLU and central to our work to advance liberty, equality, and justice for all. For us diversity, equity, accessibility, and inclusion are not just check-the-box activities, but a chance for us to make long-term meaningful change. We are a community committed to learning and growth, humility and grace, transparency and accountability. We believe in a collective responsibility to create a culture of belonging for all people within our organization - one that respects and embraces difference; treats everyone equitably; and empowers our colleagues to do the best work possible. We are as committed to anti-oppression, anti-ableism, and anti-racism internally as we are externally. Because whether we're in the courts or in the office, we believe ‘We the People' means all of us. With this commitment in mind, we strongly encourage applications from all qualified individuals without regard to race, color, religion, gender, sexual orientation, gender identity or expression, age, national origin, marital status, citizenship, disability, veteran status and record of arrest or conviction, or any other characteristic protected by applicable law. The ACLU is committed to providing reasonable accommodation to individuals with disabilities. If you are a qualified individual with a disability and need assistance applying online, please email ************************ . If you are selected for an interview, you will receive additional information regarding how to request an accommodation for the interview process. The Department of Education has determined that employment in this position at the ACLU does not qualify for the Public Service Loan Forgiveness Program.

We are seeking a Senior Security DevOps Engineer who will be responsible for a variety of objectives resulting in risk mitigation and remediation of internal & external security threats. This role performs advanced threat analysis, threat intelligence gathering & reporting, incident response activities, improves accuracy of security systems, improves existing processes, and works on Cybersecurity focused projects. Contract to hire Onsite 2 days a week located in New York Cybersecurity - Cyber Intelligence & Incident Response Responds to and remediates email, endpoint, threat intelligence, and network-based threats; provides forensic investigation and support. Provides after-hours support as needed for response activities. Integration experience. Collaborates with cross divisional and Cybersecurity teams to continuously improve security capabilities and response to threats in the most efficient and effective manner. Assists with projects to implement advanced technologies to prevent & identify malicious behavior within cloud environments, networks, endpoints, and email technologies. Operates products such as SIEM, SOAR, threat intelligence platforms, advanced email protection, EDR, cloud security products, IDS/IPS, Zero Trust tooling, and other security technologies. Scripting experience. Implements and performs threat analysis utilizing industry standard frameworks (kill chain/diamond model) and techniques. Proposes and helps review security plans and policies to improve environmental security. Maintains and produces metrics, operational playbooks, process diagrams and documentation for the Cybersecurity program. AWS and/or Azure knowledge. Produces and distributes operational and tactical threat intelligence reports. Other duties may be assigned as needed to address new security threats facing the enterprise. Ability to: Demonstrate great teamwork and partnership with internal teams for resolution of security-based issues. Python programming tasks and understand of programming in general. Perform security event correlation, triage, and analysis. Apply security Threat Intelligence while responding to and investigating security events or Incidents. Identify when an application, network, system, or user has been compromised by an internal or external threat. Work on multiple projects to improve security capabilities. Exercise strong understanding of defense-in-depth security best practices. Apply security engineering and architecture concepts to best understand how to employ the most effective security monitoring, response, and threat reporting. Demonstrate effective communication of security issues and topics to management and others. Work well under pressure and within a high paced environment. Maintain operational guidelines and standards for Cybersecurity.

NYU Langone Health is a fully integrated health system that consistently achieves the best patient outcomes through a rigorous focus on quality that has resulted in some of the lowest mortality rates in the nation. Vizient Inc. has ranked NYU Langone the No. 1 comprehensive academic medical center in the country for three years in a row, and U.S. News & World Report recently placed nine of its clinical specialties among the top five in the nation. NYU Langone offers a comprehensive range of medical services with one high standard of care across 6 inpatient locations, its Perlmutter Cancer Center, and over 320 outpatient locations in the New York area and Florida. With $14.2 billion in revenue this year, the system also includes two tuition-free medical schools, in Manhattan and on Long Island, and a vast research enterprise with over $1 billion in active awards from the National Institutes of Health. For more information, go to NYU Langone Health , and interact with us on LinkedIn , Glassdoor , Indeed , Facebook , Twitter , YouTube and Instagram . Position Summary: We have an exciting opportunity to join our team as a Sr. II Security Analyst - Vulnerabilities. In this role, the successful analyst will be part of the Penetration Testing and Vulnerabilities Management team. The group is an agile team that effectively test and manage security vulnerabilities for the Medical Center. As a member of the team, the analyst will review a large volume of security event data from a variety of sources with the goal of identifying vulnerabilities and following up with remediation. Job Responsibilities: Run weekly and on-demand vulnerability scan with Rapid7(InsightVM) Perform data analysis and report based on preset criteria Proactively discover and enumerate vulnerabilities that may not be caught by our scanning tool (e.g. devices default passwords and open Windows shares) Coordinate remediation efforts with infrastructure teams and application owners Analyze threat intelligence reports, write risk analysis report for zero-day critical vulnerabilities Write custom scripts and macros to accomplish and/or automate tasks as needed Work with infrastructure and all other stakeholders to remediate/mitigate vulnerabilities Work with stakeholders to harden equipment, operating systems and applications Using Checkmarx, work with development teams to improve app security via secure coding practices Manage 30+ servers that fall under our group's purview (InsightVM, Checkmarx), including daily maintenance, patch and upgrade Conduct security product evaluation and recommendation Propose and draft security standards Work tickets assigned to IT Security in Ivanti ticketing system Minimum Qualifications: To qualify you must have a Bachelor's degree from an accredited college/university; Master's degree from an accredited college/university preferred Minimum 6 years of progressive experience in IT security policy and compliance management programs for healthcare or academic medical centers; interaction with and support of clients; risk management and other GRC responsibilities within a large healthcare organization. Demonstrated experience with IT security governance, security education, security scorecards, and ability to work under aggressive deadlines with competing priorities. Qualified candidates must be able to effectively communicate with all levels of the organization. NYU Langone Health provides its staff with far more than just a place to work. Rather, we are an institution you can be proud of, an institution where you'll feel good about devoting your time and your talents. At NYU Langone Health, we are committed to supporting our workforce and their loved ones with a comprehensive benefits and wellness package. Our offerings provide a robust support system for any stage of life, whether it's developing your career, starting a family, or saving for retirement. The support employees receive goes beyond a standard benefit offering, where employees have access to financial security benefits, a generous time-off program and employee resources groups for peer support. Additionally, all employees have access to our holistic employee wellness program, which focuses on seven key areas of well-being: physical, mental, nutritional, sleep, social, financial, and preventive care. The benefits and wellness package is designed to allow you to focus on what truly matters. Join us and experience the extensive resources and services designed to enhance your overall quality of life for you and your family. NYU Langone Health is an equal opportunity employer and committed to inclusion in all aspects of recruiting and employment. All qualified individuals are encouraged to apply and will receive consideration. We require applications to be completed online. View Know Your Rights: Workplace discrimination is illegal. NYU Langone Health provides a salary range to comply with the New York state Law on Salary Transparency in Job Advertisements. The salary range for the role is $97,589.95 - $142,987.71 Annually. Actual salaries depend on a variety of factors, including experience, specialty, education, and hospital need. The salary range or contractual rate listed does not include bonuses/incentive, differential pay or other forms of compensation or benefits. To view the Pay Transparency Notice, please click here

About Ramp At Ramp, we're rethinking how modern finance teams function in the age of AI. We believe AI isn't just the next big wave. It's the new foundation for how business gets done. We're investing in that future - and in the people bold enough to build it. Ramp is a financial operations platform designed to save companies time and money. Our all-in-one solution combines payments, corporate cards, vendor management, procurement, travel booking, and automated bookkeeping with built-in intelligence to maximize the impact of every dollar and hour spent. More than 50,000 businesses, from family-owned farms to e-commerce giants to space startups, have saved $10B and 27.5M hours with Ramp. Founded in 2019, Ramp powers the fastest-growing corporate card and bill payment platform in America, and enables over $100 billion in purchases each year. Ramp's investors include Lightspeed Venture Partners, Thrive Capital, Sands Capital, General Catalyst, Founders Fund, Khosla Ventures, Sequoia Capital, Greylock, Redpoint, and ICONIQ, as well as over 100 angel investors who were founders or executives of leading companies. The Ramp team comprises talented leaders from leading financial services and fintech companies-Stripe, Affirm, Goldman Sachs, American Express, Mastercard, Visa, Capital One-as well as technology companies such as Meta, Uber, Netflix, Twitter, Dropbox, and Instacart. Ramp has been named to Fast Company's Most Innovative Companies list and LinkedIn's Top U.S. Startups for more than 3 years, as well as the Forbes Cloud 100, CNBC Disruptor 50, and TIME Magazine's 100 Most Influential Companies. About the Role Ramp's Enterprise Security team is responsible for keeping our people, data, and internal tools safe while enabling a fast‑moving, AI‑driven business. As a Senior Security Analyst (Corporate Security), you'll own and scale core security programs across identity, endpoints, SaaS, and data. You'll be the primary driver for Insider Risk, DLP, SaaS posture, and endpoint security across both our corporate and FedRAMP‑aligned environments-designing strategy, implementing controls, and measuring outcomes. Ramp is agent‑first: we rely heavily on AI assistants and automated workflows. You'll ensure those capabilities are securely rolled out to the business, not blocked. Hybrid in NYC: This role is based in New York City and requires working in‑person at our HQ (near Madison Square Park) at least 2 days per week. This is a senior, hands‑on individual contributor role (IC5), not a people‑management or SOC Tier 1 position. What You'll Do * Own core enterprise security programs Lead and continuously improve Insider Risk and DLP across Ramp-from policies and detections to playbooks, case handling, and stakeholder training. * Secure SaaS at scale Manage and harden our SaaS stack (SSPM/CASB and native controls): * Remediate misconfigurations * Remove stale accounts/admins * Enforce key rotation and safe OAuth scopes * Gate risky apps and integrations * Run sovereign / FedRAMP‑aligned environments Operate sovereign Google Workspace and Okta tenants with strict access, monitoring, and logging. Partner with GRC to ensure controls align to NIST 800‑53/800‑171 and FedRAMP‑aligned requirements without slowing down the business. * Modernize identity & access Work with IT and Security Engineering to enforce: * Phishing‑resistant MFA * Device‑aware and context‑aware access * Least privilege and just‑in‑time (JIT) patterns * SCIM‑based lifecycle management * Strong break‑glass access patterns and reviews * Harden endpoints and network Help keep our mac OS and Windows fleets secure at scale using EDR, MDM, and disk encryption; drive patch SLAs; and enforce ZTNA/SSE policies (e.g., Cloudflare WARP) for secure access to internal resources. * Measure, review, and improve Define and track key metrics (coverage, policy efficacy, MTTD/MTTR, configuration drift). Run regular control health reviews and drive remediation with partner teams. * Automate and simplify Use scripting, APIs, or workflow tools to reduce manual toil in enterprise security operations (e.g., account hygiene, access reviews, configuration checks, alert triage). * Partner & communicate Collaborate closely with IT, Engineering, Legal, People, and GRC. Write clear docs, runbooks, and decision records that make it easy for others to operate and build on your work. What You Need * Experience level * 3+ years in enterprise/corporate security engineering or operations, with hands‑on ownership of security controls for identity, endpoints, SaaS, or data. * You're comfortable being the primary owner of programs, not just following an existing playbook. * Eligibility * U.S. citizenship is required for this role due to the nature of our sovereign / FedRAMP‑aligned environments. * Technical background * Practical experience implementing and tuning Insider Risk, DLP, SaaS posture, or endpoint security in a cloud‑first environment. * Hands‑on administration of a modern identity provider and collaboration suite-Okta and Google Workspace are ideal, but similar experience (e.g., Azure AD / Entra ID, Microsoft 365) is highly relevant. * Familiarity with tools and concepts like EDR, MDM, SSPM/CASB, DSPM, and ZTNA/SSE, and experience hardening mac OS and/or Windows at scale. * Experience aligning controls to at least one security framework or regulated environment (e.g., FedRAMP, NIST 800‑53/171, SOC 2, ISO 27001) and translating requirements into practical enterprise controls. * How you work * You can spot gaps, design pragmatic remediations, and drive them to completion across multiple teams. * You're comfortable using automation (scripts, workflows, or low‑code tools) to make security more scalable and less manual. * You communicate clearly-whether you're writing a runbook, summarizing risk tradeoffs, or explaining a control choice to non‑security partners. * You enjoy partnering with IT and Engineering to get things shipped, not just documented. Nice-to-Haves * Experience operating sovereign or public‑sector / regulated tenants (e.g., FedRAMP, StateRAMP, or similar). * Background scaling security in a high‑growth, cloud‑first startup or scale‑up environment (ideal but not required). * Experience securing or enabling AI/agent workflows inside an enterprise. * Intermediate scripting skills (e.g., Python, Bash, PowerShell) for automation and integrations. * Relevant certifications (e.g., CISSP, CISM, Security+, GIAC) or equivalent real‑world depth. Benefits (for U.S.-based full-time employees) * 100% medical, dental & vision insurance coverage for you * Partially covered for your dependents * One Medical annual membership * 401k (including employer match on contributions made while employed by Ramp) * Flexible PTO * Fertility HRA (up to $5,000 per year) * WFH stipend to support your home office needs * Wellness stipend * Parental Leave * Relocation support to NYC or SF (as needed) * Pet insurance Referral Instructions If you are being referred for the role, please contact that person to apply on your behalf. Other notices Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records. Ramp Applicant Privacy Notice

Company

Information Security Specialist Job Responsibilities: Safeguards information system assets by identifying and solving potential and actual security problems. Information Security Specialist Job Duties: Protects system by defining access privileges, control structures, and resources. Recognizes problems by identifying abnormalities; reporting violations. Implements security improvements by assessing current situation; evaluating trends; anticipating requirements. Determines security violations and inefficiencies by conducting periodic audits. Upgrades system by implementing and maintaining security controls. Keeps users informed by preparing performance reports; communicating system status. Maintains quality service by following organization standards. Maintains technical knowledge by attending educational workshops; reviewing publications. Contributes to team effort by accomplishing related results as needed. Information Security Specialist Skills and Qualifications: System Administration, Network Security, Problem Solving, Information Security Policies, Informing Others, Process Improvement, On\-Call, Network Troubleshooting, Firewall Administration, Network Protocols, Routers, Hubs, and Switches. "}}],"is Mobile":false,"iframe":"true","job Type":"Full time","apply Name":"Apply Now","zsoid":"641401441","FontFamily":"Verdana, Geneva, sans\-serif","job OtherDetails":[{"field Label":"Industry","uitype":2,"value":"Technology"},{"field Label":"City","uitype":1,"value":"Brooklyn"},{"field Label":"State\/Province","uitype":1,"value":"New York"}],"header Name":"Information Security Specialist","widget Id":"**********00072311","is JobBoard":"false","user Id":"**********00133003","attach Arr":[],"custom Template":"3","is CandidateLoginEnabled":true,"job Id":"**********00267067","FontSize":"12","location":"Brooklyn","embedsource":"CareerSite","indeed CallBackUrl":"https:\/\/recruit.zoho.com\/recruit\/JBApplyAuth.do","logo Id":"2qf78d018cc5be94b40bbbcb719566377b192"}

Principal Information Security Analyst (Tier 2) As a Principal Information Security Analyst within Gen Digital's global Security Operations Center (SOC), you will play a key role in strengthening threat detection and response across the organization. The role focuses on improving SOC monitoring and detection processes through technical expertise, continuous development, and close collaboration with other security teams. In this position, you will serve as a senior specialist, leading automation and detection engineering efforts, mentoring junior analysts and contributing to projects that enhance security visibility and overall SOC performance. Operating in a follow-the-sun model, the SOC ensures 24/7 global coverage, with regional teams working during their respective business hours and sharing on-call responsibilities for weekend. Key Responsibilities: * Monitor, analyze, and correlate security alerts and events across multiple platforms (SIEM, WAF, EDR, email, cloud, network, and threat intelligence tools) to identify and validate suspicious or malicious activity * Continuously develop and fine-tune detection rules, correlation searches, security policies, and dashboards to improve visibility, reduce false positives, and increase alert accuracy across security platforms * Support and mentor Tier 1 analysts in alert triage, escalation quality, and use of tools * Collaborate with security engineers on automation and enrichment initiatives to streamline operational workflows and improve detection efficiency * Maintain complete and up-to-date documentation for all detection use cases, workflows and process improvements * Participate in security projects and collaborate with internal stakeholders (e.g., Incident Response, Security Engineering, Application Security, and IT) to enhance detection coverage, visibility, and response capabilities * Support the execution of incident response playbooks Qualification and Work Experience: * 3-5 years of hands-on experience in SOC operations, cybersecurity monitoring, or related areas such as detection engineering or threat analysis * Solid understanding of networking concepts (TCP/IP, DNS, HTTP/S) and how they apply to security monitoring and threat analysis * Strong knowledge of cybersecurity principles, common attack techniques, and threat types (e.g., phishing, malware, brute force, web application attacks) * Proven experience working with security logs, alerts, and structured data across multiple platforms (SIEM, EDR, WAF, cloud, and network telemetry) * Hands-on experience with SIEM platforms - Splunk preferred - including detection content development, rule tuning, and dashboard creation * Familiarity with Web Application Firewall (WAF) technologies and the ability to analyze or tune related alerts and policies * Understanding of cloud security concepts and experience with monitoring tools for major providers (AWS, Azure, GCP) * Working knowledge of scripting or automation (e.g., Python, PowerShell, or API-based integrations) to support analysis and enrichment workflows * Experience using AI-based tools to support daily SOC operations, including data analysis, investigation, documentation, and collaboration * Strong analytical and problem-solving skills with attention to detail and curiosity for continuous learning * Effective communication and documentation skills in English, both written and verbal * Experience collaborating across teams (e.g., Security Engineering, Incident Response, Application Security) on detection improvements or automation projects * Prior experience in a Security Operations Center (SOC) or similar environment is highly preferred * Familiarity with the fintech environment or experience supporting financial services infrastructure is considered a strong advantage #LI-AS1 Gen is proud to be an equal-opportunity employer, committed to diversity and inclusivity. We base employment decisions on merit, experience, and business needs, without considering race, color, national origin, age, religion, sex, pregnancy, genetic information, disability, medical condition, marital status, sexual orientation, gender identity or expression, military or veteran status, or other unlawful factors. Gen prohibits discrimination based on these protected characteristics and recruits talented candidates from diverse backgrounds. We consider individuals with arrest and conviction records and do not discriminate against employees for discussing their own pay or that of other employees or applicants. Learn more about pay transparency. To conform to U.S. export control regulations, applicant should be eligible for any required authorizations from the U.S. Government.

About Us Legora is on a mission: to redefine how legal work gets done. From the very start we have been very clear about the fact that we are not building a solution for lawyers, we are building it with them, because it is the only way to make sure it gets done the right way; working side-by-side every step of the way. Our AI-native workspace empowers legal professionals not just to work faster - but to ask better questions, unlock new insights. Every day, we push the boundaries of legal tech to make complex processes smarter, faster, and more human. From thousands of documents analysed in minutes to intelligent workflows designed in collaboration with leading practices, we're turning possibility into reality. Today we are trusted by global firms like Cleary Gottlieb, Goodwin, Bird & Bird and Linklaters in over 40 countries, but we have no plans on stopping here. We ship fast, we iterate effectively, and we scale rapidly - not by accident, but by design. When you join Legora, you become part of a team that believes "good enough" isn't good enough and that the way to win is together, by empowering lawyers to do their best work with technology that truly understands them. If you're excited by building from first principles, working with exceptional people, and accelerating change in a high-stakes, high-impact domain-then this is the moment and the place. We're not just shaping the future of legal tech - we're defining it. Ready to join us in building the intelligent future of law? The role At Legora, protecting our clients' highly sensitive legal data is fundamental to everything we do. We're building a security and compliance program designed for the AI era: Zero Trust architecture, rigorous governance, and continuous compliance as non-negotiables. We are expanding our security team to help shape, drive, and scale our governance, risk, and compliance programs. You will work at the intersection of policy, risk management, audit readiness, and cutting-edge technology to ensure we maintain ISO 27001, SOC 2 Type II, and ISO 42001 compliance while enabling the business to move fast. This is a hands-on, high-impact role where you'll manage our Information Security Management System (ISMS), conduct risk assessments, coordinate audits, and serve as a trusted advisor to both internal teams and external clients. Your strength will be your knowledge of the E2E processes of how our product is built. You will utilize this to treat security risks in a modern way that fits our modern tech stack. *This role can be either based in Stockholm, Sweden or NYC, US. For both locations, we have a 5-day in-office policy, we believe building together in person drives better outcomes. What you will be doing: Own and maintain the ISMS in accordance with ISO 27001 and ISO 42001, ensuring all policies, procedures, and controls are documented, implemented, and continuously improved. Lead the company's compliance efforts for SOC 2 Type II and support future SOX ITGC readiness, working closely with Finance and Engineering to map business processes and establish IT controls. Develop, implement, and maintain information security policies, standards, and procedures that are lightweight, actionable, and aligned with regulatory frameworks including GDPR, ISO 27001, SOC 2, and ISO 42001. Conduct regular risk assessments, threat modeling, and gap analyses to identify security risks and prioritize remediation efforts across the organization. Coordinate internal and external audits, penetration tests, and compliance assessments - ensuring continuous audit readiness and managing remediation plans. Manage vendor risk by conducting third-party security reviews, due diligence assessments, and ongoing vendor monitoring programs. Be a primary point of contact for client security questionnaires, due diligence requests, audit reports (SOC 2, ISO certificates), and contractual security commitments. Support secure AI governance by defining policies and controls that protect data in AI workflows, prevent adversarial use, and ensure responsible AI practices aligned with ISO 42001. Drive security awareness and training across the organization, including new joiners and regular security education sessions. Collaborate with Engineering teams on incident response planning, ensuring lessons learned are incorporated into policies and risk management processes. Track and report on security metrics, KPIs, and compliance status to leadership, providing actionable insights and recommendations. Who you are You have 3+ years of experience in GRC, information security, compliance, or audit roles, ideally in a high-growth technology or SaaS environment. Alternatively you are an experienced software engineer who is transitioning into Information Security. You have hands-on experience implementing and managing ISO 27001 and SOC 2 Type II, NIST 800-53 compliant compliance programs. You might have achieved desirable certifications such as CISSP, CISM, CISA, or ISO 27001 Lead Auditor. You have knowledge of governance frameworks, risk management methodologies, and data protection regulations (ERM, GDPR, CCPA, ISO 42001, SOX ITGC). You understand Zero Trust principles and OWASP top 10 risks and how to apply them across identity, devices, dev-ops processes and cloud services. You can confidently engage with technical teams on topics like cloud security (Azure), infrastructure-as-code, secure development practices, and AI system security. You have strong analytical and organizational skills, with the ability to remain focus amongst multiple audits, assessments, and compliance initiatives. You have excellent communication and stakeholder management skills, able to translate security & compliance requirements into clear, actionable guidance for technical and non-technical audiences. Experience with securing AI/ML workflows and building automation with GenAI tools (for example Zapier, n8n) is a big plus. Legora is an Equal Opportunity Employer At Legora, we believe great teams are built on diversity of thought and experience. We're proud to be an equal opportunity employer and committed to creating an inclusive, high-performance culture where everyone can do their best work. We welcome people of all backgrounds and don't discriminate based on race, color, religion, national origin, gender, gender identity or expression, sexual orientation, age, disability, veteran status, or any other characteristic protected by law.

Position Overview: The Information Security Analyst plays a crucial role in safeguarding an organization's sensitive data, systems, and networks from potential cyber threats and attacks. This role involves monitoring, analyzing, and responding to security incidents, as well as implementing proactive measures to mitigate risks and ensure compliance with industry standards and HIPAA/HITECH regulations. Responsibilities: Monitoring and Incident Response: Monitor network traffic, system logs, and security alerts to identify and investigate potential security incidents. Analyze and respond to security breaches, malware infections, and other cyber threats promptly. Collaborate with cross-functional teams to contain and mitigate security incidents effectively. Vulnerability Assessment and Management: Conduct regular vulnerability assessments to identify weaknesses in the organization's systems, networks, and applications. Implement patches and updates to address vulnerabilities, ensuring systems are up to date and secure. Security Policies and Procedures: Develop and maintain information security policies, standards, and procedures. Educate employees on security best practices and ensure adherence to established security policies. Security Audits and Compliance: Participate in internal and external security audits, ensuring compliance with regulatory requirements and industry standards. Prepare and provide documentation for audit purposes. Security Tools and Technologies: Manage and maintain security tools such as firewalls, intrusion detection systems, anti-virus software, and encryption technologies. Research and recommend new security technologies and solutions to enhance the organization's security posture. Threat Intelligence: Stay current with emerging threats, vulnerabilities, and security trends. Utilize threat intelligence sources to proactively identify and mitigate potential risks. Incident Documentation and Reporting: Document incident details, analysis, and response actions in a clear and organized manner. Provide regular and ad-hoc security reports to management, highlighting key findings and recommendations. Security Awareness and Training: Organize security training and awareness programs for employees to promote a culture of security consciousness. Our Benefits Medical, and Dental & Vision (optional) 401(K) with employer match Paid Parental Leave policy

Public Health Solutions (PHS) is a 501(c)3 non-profit community-based organization (CBO) that has existed for 70 years to improve health equity and address health-related social needs (HRSN) for historically underserved marginalized communities. As the largest public health nonprofit serving New York City, we improve health outcomes and help communities thrive by providing services directly to vulnerable families, supporting community-based organizations through our long-standing public-private partnerships, and bridging the gap between healthcare and community services. We focus on a wide range of public health issues including food and nutrition, health insurance, maternal and child health, sexual and reproductive health, tobacco control, and HIV/AIDS. Learn more about our work at healthsolutions.org. PHS administers WholeYouNYC (WYNYC), a coordinated community resource network that builds trustworthy and reliable pathways between healthcare providers, health plans and CBOs providing critical resources in the community that address the social drivers of health. WYNYC brings together over 100 organizations offering various programs - such as food, housing, employment, health insurance, and sexual health services - across all five boroughs. These services and programs make it possible for New Yorkers to live their healthiest lives and ultimately reduce health disparities and advance health equity. To date, our network has already impacted thousands of lives through community partnerships and referrals, generating millions in estimated healthcare savings. New York State (NYS) recently announced the availability of $500M statewide to support Social Care Network (SCN) lead entities responsible for coordinating social care delivery in various regions across the state. Public Health Solutions (PHS) and our WYNYC network were awarded the role of regional SCN for Brooklyn, Manhattan, and Queens. This is a grant-funded position ending March 31, 2027. Program Description: The Information Security Analyst is responsible for supporting and maintaining the organization's information security and compliance program in accordance with applicable federal, state, and contractual requirements, including the NYS OHIP, Common Security Framework (CSF), and HIPAA Security practices. This position plays a critical role in safeguarding organizational assets by monitoring information systems, evaluating security controls, and coordinating incident response activities. The Analyst will collaborate closely with internal IT resources, the managed Security Operations Center (SOC), and external partners to ensure adherence to established policies, standards, and regulatory obligations. Key Responsibilities Regulatory Compliance and Risk Management Support and maintain compliance with OHIP PM-17 standards, NYS security requirements, HITRUST CSF, and HIPAA regulations. Participate in internal and external security audits, assessments, and certification readiness efforts. Document and maintain evidence of compliance activities, corrective action plans, and remediation tracking. Assist in the periodic review and revision of information security policies, standards, and procedures. Security Operations Monitor and respond to alerts generated through the organization's SIEM and security monitoring platforms, in coordination with the SOC. Investigate, triage, and document security incidents and vulnerabilities in accordance with established escalation protocols. Prepare and distribute regular security and compliance reports to IT leadership. Microsoft 365 and Azure Security Administer and maintain controls within the Microsoft 365 Security & Compliance Center, including data loss prevention (DLP), auditing, retention, and threat protection. Implement and review Azure Cloud security configurations, including conditional access, identity protection, and secure baselines. Monitor privileged access and ensure adherence to least-privilege and separation-of-duties principles. Coordination and Communication Serve as a liaison with the SOC and external vendors for incident response, threat intelligence, and log management activities. Collaborate with infrastructure, application, and compliance teams to align security practices with organizational objectives. Qualifications and Experience: Education: Associate or Bachelor's degree in IT, Computer Science, or related field or equivalent. Experience: Minimum of one(1) to three (3) years of professional experience in information security, cybersecurity operations, or IT compliance. Demonstrated knowledge of, NYS OHIP, and HIPAA compliance frameworks. Proficiency with Microsoft 365 Security & Compliance Center, Azure Security Center, and Defender for Cloud. Experience with SIEM platforms (e.g., Microsoft Sentinel, Splunk, LogRhythm) and associated reporting functions. Familiarity with security incident response, vulnerability management, and risk assessment methodologies. Strong written and verbal communication skills, with the ability to produce audit-ready documentation and reports Desired Skills: Professional certifications such as CompTIA Security+, CISSP, CCSK, Microsoft Certified: Security Operations Analyst Associate, or HITRUST CCSFP. Prior experience supporting compliance efforts within a public health, nonprofit, or governmental organization. Key Attributes for Success Strong eagerness to learn and develop new technical skills. A proactive and problem-solving mindset. Attention to detail and ability to document IT processes clearly. Ability to work both independently and collaboratively within an IT team. Willingness to take on new challenges in a fast-paced IT environment. Reports To: Information Security Manager Direct Reports: This position has no direct reports Benefits: • Hybrid Work Schedule. • Generous Paid Time Off and Holidays. • An attractive and comprehensive benefits package including Medical, Dental and Vision. • Flexible Spending Accounts and Commuter Benefits. • Company Paid Life Insurance and Disability Coverage. • 403(b) + employer matching and discretionary company contributions. • College Savings Plan. Ongoing training and continuous opportunities for professional growth and development. At PHS, we place immense value on diversity within our teams, understanding that varied backgrounds and experiences significantly enhance our community and propel us toward our goals. If you find you don't have experience in all the areas listed above, we still encourage you to apply and share your background and experiences in your application. We are eager to discover how your unique perspective can bring positive transformations to our team and help advance our mission of creating healthier, more equitable communities. We look forward to learning more about you! PHS is proud to be an equal opportunity employer and encourages applications from women, people of color, persons with disabilities, LGBTQIA+ individuals, and veterans. 9am- 5pm 35 hours

Anthropic's mission is to create reliable, interpretable, and steerable AI systems. We want AI to be safe and beneficial for our users and for society as a whole. Our team is a quickly growing group of committed researchers, engineers, policy experts, and business leaders working together to build beneficial AI systems. About the Role We're looking for an Operating Systems Security Engineer to harden and secure the OS layer of our infrastructure. You'll be responsible for designing and implementing OS-level security controls, from kernel hardening to runtime protection, ensuring our systems can withstand sophisticated attacks while maintaining the performance required for AI model training. This is a hands-on role where you'll work with cutting-edge hardware and implement novel security solutions for environments that don't exist anywhere else in the world. You'll need to balance extreme security requirements with the operational needs of researchers training models at unprecedented scale. What You'll Do: Design and implement hardened OS configurations for AI workloads across diverse hardware platforms Minimize attack surfaces by removing as many unnecessary components as possible from kernelspace and userspace Develop kernel security policies using SELinux, AppArmor, and custom Linux Security Modules and runtime enforcement mechanisms Implement and maintain full-disk encryption solutions for diverse storage systems Build security infrastructure for AI systems, research environments, and production services Create OS-level attestation and integrity monitoring systems Apply security patches, develop patches for custom kernel modules, and kernel hardening configurations Design secure boot processes and trusted execution environments Work with container teams to ensure proper workload isolation at the kernel level Design privilege separation and mandatory access control policies Implement secure update mechanisms for OS components Build tooling for security configuration management and compliance verification Serve as a subject matter expert for OS security questions and designs Who You Are: 5+ years of experience in operating systems security or kernel development Deep knowledge of Linux internals, including kernel subsystems and security frameworks (SELinux, AppArmor, seccomp, etc.) Experience with kernel hardening techniques and exploit mitigation Strong programming skills in C and systems programming languages Experience with eBPF for security monitoring and enforcement Understanding of virtualization and containerization security Track record of identifying and fixing OS-level security vulnerabilities Experience with security-focused Linux distributions Strong candidates may also have: Kernel development experience or contributions to Linux kernel Experience with real-time or embedded operating systems Knowledge of hardware security features and their OS integration Experience with secure boot technologies Experience with confidential computing and memory encryption technologies (SEV, TDX, SGX) Background in vulnerability research, exploit development, or fuzzing Experience with formal methods for OS verification Knowledge of hardware security features and their OS integration (TPM, HSM, secure enclaves) Deadline to apply: None. Applications will be reviewed on a rolling basis. The expected base compensation for this position is below. Our total compensation package for full-time employees includes equity, benefits, and may include incentive compensation. Annual Salary:$300,000-$405,000 USDLogistics Education requirements: We require at least a Bachelor's degree in a related field or equivalent experience. Location-based hybrid policy: Currently, we expect all staff to be in one of our offices at least 25% of the time. However, some roles may require more time in our offices. Visa sponsorship: We do sponsor visas! However, we aren't able to successfully sponsor visas for every role and every candidate. But if we make you an offer, we will make every reasonable effort to get you a visa, and we retain an immigration lawyer to help with this. We encourage you to apply even if you do not believe you meet every single qualification. Not all strong candidates will meet every single qualification as listed. Research shows that people who identify as being from underrepresented groups are more prone to experiencing imposter syndrome and doubting the strength of their candidacy, so we urge you not to exclude yourself prematurely and to submit an application if you're interested in this work. We think AI systems like the ones we're building have enormous social and ethical implications. We think this makes representation even more important, and we strive to include a range of diverse perspectives on our team. How we're different We believe that the highest-impact AI research will be big science. At Anthropic we work as a single cohesive team on just a few large-scale research efforts. And we value impact - advancing our long-term goals of steerable, trustworthy AI - rather than work on smaller and more specific puzzles. We view AI research as an empirical science, which has as much in common with physics and biology as with traditional efforts in computer science. We're an extremely collaborative group, and we host frequent research discussions to ensure that we are pursuing the highest-impact work at any given time. As such, we greatly value communication skills. The easiest way to understand our research directions is to read our recent research. This research continues many of the directions our team worked on prior to Anthropic, including: GPT-3, Circuit-Based Interpretability, Multimodal Neurons, Scaling Laws, AI & Compute, Concrete Problems in AI Safety, and Learning from Human Preferences. Come work with us! Anthropic is a public benefit corporation headquartered in San Francisco. We offer competitive compensation and benefits, optional equity donation matching, generous vacation and parental leave, flexible working hours, and a lovely office space in which to collaborate with colleagues. Guidance on Candidates' AI Usage: Learn about our policy for using AI in our application process