Cyber security analyst jobs in California - 698 jobs

WHO WE ARE: Headquartered in Southern California, Skechers-the Comfort Technology Company -has spent over 30 years helping men, women, and kids everywhere look and feel good. Comfort innovation is at the core of everything we do, driving the development of stylish, high-quality products at a great value. From our diverse footwear collections to our expanding range of apparel and accessories, Skechers is a complete lifestyle brand. ABOUT THE ROLE: Skechers is seeking a passionate Application Security Engineer to join our team and serve as a security champion who bridges the gap between development and security operations. This role is critical to strengthening our security posture by embedding security practices throughout the software development lifecycle and fostering a security-first culture across our development teams. The ideal candidate will be a hands-on security professional who thrives on collaboration, enjoys mentoring developers, and has the technical expertise to identify vulnerabilities while providing practical remediation guidance. You will play a pivotal role in scaling our application security program and ensuring our applications are secure by design. WHAT YOU'LL DO: Successfully integrate security practices into development workflows, resulting in measurable reduction of security vulnerabilities in production applications Conduct thorough security-focused code reviews that identify critical vulnerabilities while providing actionable feedback to development teams Establish and implement efficient processes for triaging, prioritizing, and tracking remediation of security findings with clear SLAs and accountability measures Enhance developer engagement through proactive security awareness initiatives, building trusted relationships that enable developers to implement secure coding practices throughout the development process. Assist with management and optimization of SAST, DAST, OSS, WAF, and other application security tools to maximize coverage and minimize false positives Provide analysis and support as needed during security incidents to contribute to faster resolution times WHAT YOU'LL BRING: Proficiency with application security tools including SAST, DAST, dependency scanning, and WAF technologies Strong understanding of common web application vulnerabilities (OWASP Top 10) and secure coding practices Experience with at least one programming language (Java, Python, JavaScript, C#, or similar) Knowledge of API security, authentication mechanisms, and authorization frameworks Familiarity with DevSecOps practices and CI/CD pipeline integration REQUIREMENTS: 3-5 years of hands-on application security experience with demonstrated expertise in secure code review Retail or e-commerce experience a plus The pay range for this position is $110,000-$155,000/yr USD.

Job Description Forhyre is seeking a talented individual that will be able to provide security architecture support and interface across the program as needed. This support includes, but is not limited to, cybersecurity solutions, providing technical strategy for solutions, guidance, policy, and implementations. The successful candidate for this position is a highly motivated individual, with a strong IT security background who excels integrating, operating, and deploying security technology and solutions and interacts well with both internal teams and clients. Note: U.S. citizens and those authorized to work in the U.S. are encouraged to apply. We are unable to sponsor at this time. Responsibilities: Engineer, implement and monitor security measures for the protection of computer systems, networks and information Develop and implement security policies and controls to support the Cyber Security framework Manage the existing cyber security training program across global, multilingual business Assists in ensuring global Information security program meets all industry regulations, standards, and compliance requirements Drive adoption of infrastructure security best practices and work with Information Technology teams to ensure security standards are maintained Implement technology to proactively scan Information Technology environment for security breaches and suspicious activity Continuous improvement in the areas of Information Security technologies, techniques and processes Develops and maintains an effective system for the distribution of regular key performance indicator reports and dashboard Ability to interpret penetration test results and describe issues and fixes to non-security expert Responsible for leading an accurate & comprehensive status reporting to the executive steering committee Create and implement SOP/ process improvement initiatives to achieve outcomes that align or exceed the expectations of strategic roadmap Skills & Experience Bachelor's degree and 12+ years of experience; additional years of directly applicable experience may be accepted in lieu of a degree. Certified Information Systems Security Professional (CISSP) 8+ years hands-on experience designing or implementing security solutions, including all related documentation and artifacts Analytical ability, problem-solving skills, and ability to break down complex problems into actionable steps Extensive experience in design and development of enterprise security architectures. Experience must include a wide range of work in creating diagrams and documentation with all components that comprise IT systems including network topology. Strong knowledge and experience in secure enterprise architecture design, especially with regard to IAM, NDR, EDR, SIEM, AI/ML, and other cybersecurity tools and resultant applications Experience selecting effective methods, techniques, and evaluation criteria to achieve desired outcomes Previous experience developing architectures, strategies, strategic plans, roadmaps, and technical standards for the federal IT enterprise environment. Vulnerability Assessment testing and/or Penetration Testing (preferred) Robotic Process Automation/Intelligent Automation (preferred) Business case development supporting security technology solutions (preferred) Additional certifications demonstrating cybersecurity/technical mastery (preferred)

Our client seeking a Cyber Security Operations Analyst to support an operations team that supports a large government customer. The candidate will be relied upon to assist teammates and perform troubleshooting as needed. The candidate should excel in a fast-paced work environment and be willing to face new challenges. Qualifications • Proficiency with vulnerability scanning, remediation and reporting • Knowledge in web application scanning using various tools • Demonstrated proficiency with Windows, UNIX, & LINUX operating systems • Experience working in a customer service information technology environment • Network security and system security experience • Ability to discuss real world troubleshooting; problems and solutions encountered • Knowledge of IT security best practices, US federal government standards, regulations and policy (FedRamp, TIC, NIST 800-37rev1 & 800-53rev3) • Must be motivated and able to work independently • Proven project leadership (PowerPoint presenting, MS Project Planning) • Experience working with change implementation in a controlled environment • Excellent verbal, written communication and technical writing skills Bachelors Degree in Computer Science or a related technical discipline, or the equivalent combination of education, professional training or work experience. 2-5 years of related experience in data security administration. Experience using some of the following tools: o Nessus o Tenable Security Center o Netsparker o WebInspect o BurpSite Additional Information Work with blue Stone recruiting to find your next Cyber Security role. You can find us at ******************************* We look forward to speaking with you.

Duties and Responsibilities Maintain and operate cybersecurity technology and and provide expertise in area of focus (e.g. Risk Assessments, Controls Engineering or Incident Response). Collaborates with the business to understand their needs in order to tailor security offerings unique to their environment. Uses working knowledge of IT system functionality, architecture and capabilities to effectively diagnose and troubleshoot issues with some assistance. Conducts competitive analyses on (in-use and alternative) cyber technologies and documents recommendations for our environment. Provides awareness and guidance within Sempra Infrastructure community on secure business processes, architecture design, and technical controls. Maintains awareness of evolving cybersecurity threats and best practices for mitigation. Develops procedures and guidelines for implementing information security systems and practices. Develops and aggregates metrics to measure, monitor and report on the effectiveness of information security controls and compliance with information security policies. Performs other duties as assigned (no more than 5% of duties). Education Bachelor's degree in Computer Science or other science or technology major or equivalent experience required. Experience Minimum of 2-5 years of direct experience within the information security field required. In-depth experience in at least one cybersecurity discipline required. Experience with projects of moderately sized security related initiatives to successful completion required. Demonstrated experience in vendor selection, testing, implementation, and operations of a broad array of security technologies required. Knowledge, Skills and Abilities Familiarization with Endpoint protection software such as Trellix and Microsoft Defender. Familiarization in deploying vulnerability management agents. Experience deploying logging agents and configurations. Knowledge of firewalls and security zone. Experience working in an Operation Technology (OT), ICS / SCADA environment. Experience with SCADA network protocols. Experience with OT network monitoring tools (such as but not limited to: Dragos, Cybervision, CyberX). Ability to take initiative and work independently when needed. Ability to maintain, upgrade and recommend operational cybersecurity tools. Ability to work with Cybersecurity OT Engineering to make recommendations for new tools and capabilities. Ability to work effectively on multiple projects within a team structure and excellent written and oral communication skills. Licenses and Certifications Certified Information Systems Security Professional (CISSP) certification, Global Information Security Professional (GISP) certification, Global Information Assurance Certification (GIAC), Certified Information Systems Auditor (CISA), or Certified Internal Auditor (CIA) certificate preferred. Targeted professional cybersecurity certifications (i.e. forensics and incident response) preferred. Other Qualifications Bilingual in English/Spanish preferred.

Mindlance is a national recruiting company which partners with many of the leading employers across the country. Feel free to check us out at ************************* Hope you are doing fine, Please have a look at the job description and if you are comfortable with the role and responsibilities please revert with your updated resume. Job title:- Threat Intelligence Analyst/Security Analyst Location:- San Francisco CA Duration:- 6- 12 Months Contract Responsibilities: • Differentiate, collect, and evaluate technical and open source data to produce threat intelligence products; • Identify credible, new intelligence and subject matter resources relative to current/emerging threats; • Analyze reports to understand threat campaign techniques and lateral movements and extract indicators of compromise (IOCs). • Manage and maintain threat intelligence platforms and feeds • Conduct research on emerging products, services, protocols, and standards relative to the information security arena Required Qualifications: • 3-5 year's experience performing threat i management operational activities, including threat intelligence gathering and analysis, and threat metrics development and reporting • Experience working with large/multi-national organizations • Demonstrated use of analytic tools and platforms • In-depth knowledge of information security threats Windows and Unix/Linux platforms • The demonstrated ability to work effectively in a collaborative team environment as an individual contributor. • The ability to provide support after normal business hours, as needed. Preferred Qualifications: • Direct experience with Threat intelligence Platform tools • Experience with developing threat intelligence briefings Additional Information Thanks & Regards, Vikrant Thakur ************

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we're counting on your unique voice and perspective to help EY become even better. Join us and build an exceptional experience for yourself, and a better working world for all. The exceptional EY experience. It's yours to build. EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. Today's world is fuelled by vast amounts of information. Data is more valuable than ever before. Protecting data and information systems is central to doing business, and everyone in EY Information Security has a critical role to play. Join a global team of almost 950 people who collaborate to support the business of EY by protecting EY and client information assets! Our Information Security professionals enable EY to work securely and deliver secure products and services, as well as detect and quickly respond to security events as they happen. Together, the efforts of our dedicated team helps protect the EY brand and build client trust. Within Information Security we blend risk strategy, digital identity, cyber defense, application security and technology solutions as we consider the entire security lifecycle. You will join a team of hardworking, security-focused individuals dedicated to supporting, protecting and enabling the business through innovative, secure solutions that provide speed to market and business value. The opportunity Cyber Triage and Forensics (CTF) Incident Analyst will work as a senior member of the technical team responsible for security incident response for EY. The candidate will work as an escalation point for suspect or confirmed security incidents. Responsibilities include performing digital forensic analysis, following security incident response standard methodologies, malware analysis, identify indicators of compromise, support remediation or coordinate remediation efforts of a security incident, and develop documentation to support the security incident response process. Your key responsibilities Investigate, coordinate, bring to resolution, and report on security incidents as they are brought up or identified Forensically analyze end user systems and servers found to have possible indicators of compromise Analysis of artifacts collected during a security incident/forensic analysis Identify security incidents through ‘Hunting' operations within a SIEM and other relevant tools Interface and connect with server owners, system custodians, and IT contacts to pursue security incident response activities, including: obtaining access to systems, digital artifact collection, and containment and/or remediation actions Provide consultation and assessment on perceived security threats Maintain, manage, improve and update security incident process and protocol documentation Regularly provide reporting and metrics on case work Resolution of security incidents by identifying root cause and solutions Analyze findings in investigative matters, and develop fact based reports Be on-call to deliver global incident response Skills and attributes for success Resolution of security incidents by identifying root cause and solutions Analyze findings in investigative matters, and develop fact-based reports Proven integrity and judgment within a professional environment Ability to appropriately balance work/personal priorities To qualify for the role you must have Bachelors or Masters Degree in Computer Science, Information Systems, Engineering or a related field 5+ years experience in incident response, computer forensics analysis and/or malware reverse engineering; Understanding of security threats, vulnerabilities, and incident response; Understanding of electronic investigation, forensic tools, and methodologies, including: log correlation and analysis, forensically handling electronic data, knowledge of the computer security investigative processes, malware identification and analysis; Be familiar with legalities surrounding electronic discovery and analysis; Experience with SIEM technologies (i.e. Splunk); Deep understanding of both Windows and Unix/Linux based operating systems; Ideally, you'll also have Hold or be willing to pursue related professional certifications such as GCFE, GCFA or GCIH Background in security incident response in Cloud-based environments, such as Azure Programming skills in PowerShell, Python and/or C/C++ Understanding of the best security practices for network architecture and server configuration What we look for Demonstrated integrity in a professional environment Ability to work independently Have a global mind-set for working with different cultures and backgrounds Knowledgeable in business industry standard security incident response process, procedures, and life cycle Excellent teaming skills Excellent social, communication, and writing skills What we offer you The compensation ranges below are provided in order to comply with United States pay transparency laws. Other geographies will follow their local salary guidelines, which may not be a direct conversion of published US salary range/s. At EY, we'll develop you with future-focused skills and equip you with world-class experiences. We'll empower you in a flexible environment, and fuel you and your extraordinary talents in a diverse and inclusive culture of globally connected teams. Learn more. We offer a comprehensive compensation and benefits package where you'll be rewarded based on your performance and recognized for the value you bring to the business. The base salary range for this job in all geographic locations in the US is $87,700 to $164,000. The salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is $105,200 to $186,400. Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options. Join us in our team-led and leader-enabled hybrid model. Our expectation is for most people in external, client serving roles to work together in person 40-60% of the time over the course of an engagement, project or year. Under our flexible vacation policy, you'll decide how much vacation time you need based on your own personal circumstances. You'll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being. Are you ready to shape your future with confidence? Apply today. EY accepts applications for this position on an on-going basis. For those living in California, please click here for additional information. EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. EY | Building a better working world EY is building a better working world by creating new value for clients, people, society, and the planet, while building trust in capital markets. Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow. EY teams work across a full spectrum of services in assurance, consulting, tax, strategy, and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories. EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status, or any other legally protected basis, including arrest and conviction records, in accordance with applicable law. EY is committed to providing reasonable accommodation to qualified individuals with disabilities including veterans with disabilities. If you have a disability and either need assistance applying online or need to request an accommodation during any part of the application process, please call 1-800-EY-HELP3, select Option 2 for candidate related inquiries, then select Option 1 for candidate queries and finally select Option 2 for candidates with an inquiry which will route you to EY's Talent Shared Services Team (TSS) or email the TSS at **************************.

Dynamic Solutions Technology, LLC, a premier strategic services firm that meets IT and Service needs for commercial and government clients. We are is seeking a full-time Information Security Analyst to support DoD customer. This position is to provide support in the China Lake, CA area. Responsibilities: Serves as a team member providing network monitoring and scanning functions. Provides network vulnerability scanning to ensure IAVA compliance and remediation. Provides antivirus management using antivirus tools. Provides wireless scanning using network detection software. Implements system security policies, and scans Provides Cybersecurity reporting requirements to appropriate authorities. Provides assistance for personnel / users needing information/assistance with Information Assurance (IA) related issues. Directly supports Information Assurance (IA) requirements, within the immediate area of responsibility (AOR), managing and tracking system administrator elevated level of access to network resources. Works with team members to identify IA trends and suggests long-term strategies to help mitigate IA issues. Assesses procedures and identifies opportunities to improve customer service. Champions customer service and sets and monitors parameters for customer service excellence. Qualifications Requirements: Active SECRET clearance Bachelor's Degree in Engineering, Computer Science, or Information Assurance 6 years' additional work experience may be substituted for a Bachelor's Degree Min 3 to 10 years of relevant focused experience Must meet specific certification and training requirements in accordance with DoD 8570.1-M, DoDD 8570.1 Experience and Skills: Excellent oral and written skills. Excellent critical thinking skills. Proficient in Microsoft applications such as Word, Excel, PowerPoint, and Outlook. Ability to work independently and as a team member

The pay range for this position at commencement of employment is expected to be between $104,400 and $171,000/year. However, base pay offered may vary depending on multiple individualized factors, including market location, job-related knowledge, skills, and experience. If hired, employee will be in an "at-will position" and the Company reserves the right to modify base salary (as well as any other discretionary payment or compensation program) at any time, including for reasons related to individual performance, Company or individual department/team performance, and market factors. We are Alibaba Cloud's Network and Application Security R&D Team, specializing in the research, development, operations, and management of foundational network security and application security. Our core mandate revolves around advancing the capabilities of DDoS Protection, Web Application Firewall (WAF), and Cloud Firewall solutions. As a young, dynamic team with deep technical expertise and R&D excellence, we deliver robust network traffic security and application security services to users, committed to safeguarding their network infrastructure and application-layer security. Core Responsibilities: System Construction and Maintenance ●Deploy, monitor, and maintain cloud security product systems (including foundational services, operation platforms, consoles, and security components such as cloud firewalls, DDoS protection, and WAF), ensuring high availability and security. ● Participate in disaster recovery and circuit breaker drills for high-availability systems to enhance stability and risk resilience. Product Release and Management ● Lead the release of cloud security foundational services and core network security products, conduct independent operational testing, and ensure post-launch stability and performance. Operational Observability Management ●Configure and manage hardware/software monitoring systems (e.g., Prometheus) for 24/7 real-time monitoring and rapid response, ensuring timely issue detection and resolution. Automated Operations Development ● Design and develop automated operation and maintenance tools/platforms to improve efficiency, reduce manual intervention, and optimize system performance. Service Support and Troubleshooting ● Monitor system logs, independently troubleshoot application issues, propose solutions, and collaborate with R&D teams for fixes and validation. Capacity Planning and Budget Management ● Develop annual capacity plans and budgets based on product usage and scaling needs, ensuring rational resource allocation and utilization.

The Cyber Defense Analyst is responsible for using data collected from various cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events within their environments for the Defense Language Institute Foreign Language Center (DLIFLC) Academic Network Labor Contract to administer, maintain, secure, and accredit the DLIFLC Academic Network which provides the IT environment for 100% of the DLIFLC teaching and instructing for all students, staff, faculty, and guests in a learning environment at the unclassified level. Responsibilities · The primary goal is to mitigate threats and enhance the organization's security posture. Data Analysis: Utilize data from cyber defense tools to analyze and interpret security events. · Threat Mitigation: Identify and respond to potential threats to mitigate risks. · Incident Response: Participate in incident response activities to address security breaches. · Continuous Monitoring: Maintain ongoing surveillance of network traffic and security alerts. · Collaboration: Work with all teams to implement effective defense strategies and improve overall security measures. Qualifications Required: · AA/AS from an accredited college or university or substitute with 3+ years experience with any one of the following IAT Level II (CySA+, Security+, CND, or SSCP) Certification and CE/OS Certification. · Relevant Skills: Microsoft Defender for Endpoint, ACAS, Palo Alto Networks, GitLab, BurpSuite, MacOS, iPadOS, Windows, and RedHat Enterprise Linux. · Secret Clearance Salary Range: $115,000 - $122,000 The above salary range represents a general guideline. Integral Federal considers a number of factors when determining base salary offers such as the scope and responsibilities of the position and the candidate's experience, education, skills and current market conditions. Depending on the position, employees may be eligible for overtime, shift differential, and/or discretionary bonuses in addition to base pay. Company Overview Integral partners with federal defense, intelligence, and civilian leaders to tackle their most important challenges and deliver positive outcomes. Since our founding in 1998, we have helped clients leverage existing and emerging technologies to transform their enterprises, empower growth, drive innovation, and build sustainable success. The forward-leaning solutions we deliver are tailored to each mission with a focus on keeping our nation safe and secure. Integral is headquartered in McLean, VA and serves clients throughout the country. We offer a comprehensive total rewards package including paid parental leave and immediate vesting in our 401(k). Give us a try and become part of a curated group of professionals at Integral Federal! Our package also includes: · Medical, Dental & Vision Insurance · Flexible Spending Accounts · Short-Term and Long-Term Disability Insurance · Life Insurance · Paid Time Off & Holidays · Earned Bonuses & Awards · Professional Training Reimbursement · Paid Parking · Employee Assistance Program Equal Opportunity Employer/Protected Veteran/Disability

BAI, a defense contractor, is seeking a highly skilled and experienced Cyber Accreditation Specialist with 5+ years of experience for Department of Defense (DoD) programs at the Naval Base Point Mugu located near Camarillo, CA. The Cyber Accreditation Specialist will be responsible for the development, coordination, and maintenance of cyber accreditation packages, primarily focusing on Risk Management Framework (RMF) artifacts, inheritance mapping, and Plan of Action & Milestones (POA&M) management supporting the Navy's Authority To Operate initiatives. This role ensures compliance with relevant DoD and federal cybersecurity guidelines and contributes to our organization's mission support objectives by securing critical Navy information systems. Opportunities for career advancement, excellent benefits and stability are some of the advantages of our well-established, employee-focused company. Salary The typical annual salary range for this position is $95,000.00 USD to $150,000.00 USD. Salary will be based on current qualifications, directly related experience, geographic location, and possible contractual requirements which could fall outside of this range. Salary The typical annual salary range for this position is $95,000.00 USD to $150,000.00 USD. Salary will be based on current qualifications, directly related experience, geographic location, and possible contractual requirements which could fall outside of this range. Responsibilities Cyber Accreditation Package Development: Develop and maintain RMF artifacts, including System Security Plans (SSP), generate & control implementation evidence, inheritance maps, and POA&Ms Coordination and Compliance: Coordinate with Authorizing Officials (AO) and Information System Security Managers (ISSM) to define an Authority to Operate (ATO) plan, develop an interim risk acceptance strategy, and manage control inheritance from enterprise services and range systems Reference Compliance: Ensure that all activities and documentation are compliant with the latest DoD and federal cybersecurity standards, such as: DoDI 8510.01 Risk Management Framework (RMF) NIST SP 800-53 Rev. 5 NIST SP 800-171 (CUI) DoD Zero Trust Reference Architecture DoD Cloud Security Requirements Guide (SRG) / FedRAMP baselines (aligned to IL5 unless otherwise directed) Qualifications 5+ years of experience in cybersecurity, specifically in the development and coordination of cyber accreditation packages Demonstrated experience with RMF, SSP development, and POA&M management Familiarity with DoD and federal cybersecurity guidelines, including DoDI 8510.01, NIST SP 800-53 Rev. 5, NIST SP 800-171, DoD Zero Trust Reference Architecture, and DoD Cloud SRG/FedRAMP baselines Strong analytical and problem-solving skills Ability to effectively coordinate and communicate with various stakeholders, including AO, ISSM, and other cybersecurity professionals Current Security+ Certificate IAM Level 2 as per DoD Directive 8570.01; and experience working with the DIACAP/Risk Management Framework processes Excellent communication and interpersonal skills-verbal, non-verbal, written, and listening-for staff, customer and organizational level communications, both formal and informal Ability to work independently, self-starter Working knowledge and use of Microsoft Office suite programs, MS Word, Excel, Access, and PowerPoint Preferred Qualifications: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or equivalent certification Experience with cloud security and FedRAMP compliance EDUCATION Degree: BS or BA degree in Cybersecurity, Information Technology, or a related field. Allowable Substitution: An additional 6 years of relevant work experience may be substituted for a bachelor's degree, or 4 additional years of work experience with a relevant associate degree. CLEARANCE - SECRET Condition of Employment: The applicants selected will be subject to a security investigation and must meet and sustain eligibility requirements for access to controlled and classified information. CITIZENSHIP The applicant must have US citizenship at the time of application. BAI is an Equal Opportunity Employer. All qualified applicants receive consideration for employment without regard to race, color, religion, sex, national origin, disability, veteran status, or any other non-merit based factors made unlawful by federal, state or local laws

Analyzes information security practices to ensure alignment with industry standards and guidelines. Identifies, investigates, and resolves security breaches detected by security solutions. Contributes to the creation and maintenance of security policies, standards, guidelines, and procedures. Leads and delivers staff training on information security and breach prevention. What You Will Do: Staying current on information security trends, news and security standards, especially those related to the healthcare industry Participating in the development of security standards and best practices for the organization Participating in the evaluation, design and implementation of new information security solutions to protect the organization's computer networks from cyber-attacks Assessing the efficacy of existing security measures and processes to ensure that these measures and processes meet Health Insurance Portability and Accountability Act (HIPAA) and Federal Information System Controls Audit Manual (FISCAM) security standards and making recommendations for improvement Recommending security enhancements to management and senior ITS staff Analyzing software and systems requirements and providing objective advice on the level of security risks and remediation options Monitoring computer networks for security issues in order to reduce the risk of security incidents Leading investigation of security breaches and other cyber security incidents in collaboration with the Information Security Manager and the infrastructure team Documenting security breaches and assessing the damage caused Collaborating with the infrastructure team to ensure security measures and software to protect systems and information infrastructure, including firewalls and data encryption programs, are up to date Conducting system vulnerability audits and assessments on a proactive basis and collaborating with the infrastructure team to perform tests and uncover network vulnerabilities Managing efforts with vendors on annual security audit, including pen testing Assisting with developing and documenting preventive measures to ensure system security Staying informed of best practices and new developments in the field, analyzing applicability, making related recommendations, and developing written documentation of adopted practices Documenting computer security procedures, and tests Assisting with the development of policies, procedures, standards, and guidelines related to information security Developing information, training materials and presentations to educate the organization about information security management, data security, and prevention of breaches Assisting staff with the installation and utilization of new security products and procedures Conferring with staff regarding issues such as computer data access needs, security violations, and programming changes Monitoring systems and providing frequent training to staff regarding how to detect and avoid phishing attempts Reviewing any violations of security procedures and providing remedial training to staff, as needed Performs other duties as assigned You Will Be Successful If: In-depth knowledge of HIPAA and FISCAM security guidelines. Strong understanding of firewalls, proxies, SIEM, antivirus, and IDPS concepts. Proficiency with operating systems, virtualization, and security systems. High proficiency in Windows-based PC systems and Microsoft Office Suite. Working knowledge of penetration testing, patch management, and security frameworks (NIST, ISO 27001, COBIT). Familiarity with project management principles and customer service practices. Awareness of emerging security technologies such as AI, IoT, and blockchain. Strong analytical, problem-solving, and decision-making skills. Clear and concise writing and communication skills, with ability to present technical content to non-technical audiences. Experience creating training materials and leading staff training. Ability to manage multiple priorities, meet deadlines, and adapt to shifting needs. Leadership ability to facilitate meetings, resolve issues, and guide staff. Strong collaboration skills and diplomacy across teams and levels of the organization. Willingness to respond to after-hours information security incidents. What You Will Bring: Bachelor's degree in Information Technology, Cybersecurity, Computer Science, or a related field. 8 years of professional level information technology experience 3 years of experience performing information security functions in a health care environment (a Master?s degree may substitute for two years of the required experience); or an equivalent combination of education and experience may be qualifying Experience working in the health care industry Certification as a Certified Information Systems Security Professional (CISSP) issued by the International Information System Security Certification Consortium (ISC2), Certified Information Security Manager (CISM) issued by the Information Systems Audit and Control Association (ISACA), and/or Certified Ethical Hacker (CEH) issued by the Council of E-commerce Consultants (EC-Council), or equivalent

Information Security Specialist III Position Type: Full-time Salary Range: $145,000 - $170,000 requires active security clearance Years of Experience: 10+ years experience Roles and Responsibilities: This role is a senior cybersecurity professional responsible for ensuring the secure design, implementation, testing, and operation of advanced airborne communication systems used in military and defense applications. This role combines expertise in both tactical data links and comprehensive information security, typically within the DoD Risk Management Framework (RMF). Requirements Minimum ten (10) years' of demonstrated technical experience in Cybersecurity, Engineering, Test & Evaluation, of Assessment & Authorization (A&A) within the last fifteen (15) years including: Assist or develop system security policy and ensure compliance with change management and configuration control processes. Plan and coordinate IT security program and policies supporting command leadership mission and goals. All phases of Information Assurance (IA) evaluations involving Communications Security (COMSEC) and Cryptologic Material Systems (CMS) for ATDL systems and training for COMSEC ATDL military systems, including: Secure data unit design, integration, and test Modernized cryptographic policy administration and implementation Cryptographic keying materials and keys Security Verification Testing Platform Cybersecurity and TEMPEST testing Desired Skills/Qualifications: Ten (10) years of demonstrated technical experience to include: Management and issuance of keymat to operational, test, and allied communities; acting as the alternate Advanced Tactical Data Links Keymat Controlling Authority (CONAUTH). U.S. Naval Fleet technical data calls, working groups, and action items related to initial implementation of ATDL cryptographic components. Benefits Paid Vacation, Sick Time and Holidays Medical, Dental, Life and Disability Insurance 401K with Employer Contribution Matching Service Disabled Veteran Owned Business Equal Opportunity Employer ISO 9001:2015 Certified Company ***************

Job Description Mount Indie is seeking a highly skilled and experienced Cyber Accreditation Specialist with 5+ years of experience for Department of Defense (DoD) programs at the Naval Base Point Mugu located near Camarillo, CA. The Cyber Accreditation Specialist will be responsible for the development, coordination, and maintenance of cyber accreditation packages, primarily focusing on Risk Management Framework (RMF) artifacts, inheritance mapping, and Plan of Action & Milestones (POA&M) management supporting the Navy's Authority To Operate initiatives. This role ensures compliance with relevant DoD and federal cybersecurity guidelines and contributes to our organization's mission support objectives by securing critical Navy information systems. Responsibilities Cyber Accreditation Package Development: Develop and maintain RMF artifacts, including System Security Plans (SSP), generate & control implementation evidence, inheritance maps, and POA&Ms Coordination and Compliance: Coordinate with Authorizing Officials (AO) and Information System Security Managers (ISSM) to define an Authority to Operate (ATO) plan, develop an interim risk acceptance strategy, and manage control inheritance from enterprise services and range systems Reference Compliance: Ensure that all activities and documentation are compliant with the latest DoD and federal cybersecurity standards, such as: DoDI 8510.01 Risk Management Framework (RMF) NIST SP 800-53 Rev. 5 NIST SP 800-171 (CUI) DoD Zero Trust Reference Architecture DoD Cloud Security Requirements Guide (SRG) / FedRAMP baselines (aligned to IL5 unless otherwise directed) Qualifications 5+ years of experience in cybersecurity, specifically in the development and coordination of cyber accreditation packages BS or BA degree in Cybersecurity, Information Technology, or a related field. An additional 6 years of relevant work experience may be substituted for a bachelor's degree, or 4 additional years of work experience with a relevant associate degree. Active Secret Clearance Demonstrated experience with RMF, SSP development, and POA&M management Familiarity with DoD and federal cybersecurity guidelines, including DoDI 8510.01, NIST SP 800-53 Rev. 5, NIST SP 800-171, DoD Zero Trust Reference Architecture, and DoD Cloud SRG/FedRAMP baselines Strong analytical and problem-solving skills Ability to effectively coordinate and communicate with various stakeholders, including AO, ISSM, and other cybersecurity professionals Current Security+ Certificate IAM Level 2 as per DoD Directive 8570.01; and experience working with the DIACAP/Risk Management Framework processes Excellent communication and interpersonal skills-verbal, non-verbal, written, and listening-for staff, customer and organizational level communications, both formal and informal Ability to work independently, self-starter Working knowledge and use of Microsoft Office suite programs, MS Word, Excel, Access, and PowerPoint Preferred Qualifications: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or equivalent certification Experience with cloud security and FedRAMP compliance

Analyzes information security practices to ensure alignment with industry standards and guidelines. Identifies, investigates, and resolves security breaches detected by security solutions. Contributes to the creation and maintenance of security policies, standards, guidelines, and procedures. Leads and delivers staff training on information security and breach prevention. What You Will Do: Staying current on information security trends, news and security standards, especially those related to the healthcare industry Participating in the development of security standards and best practices for the organization Participating in the evaluation, design and implementation of new information security solutions to protect the organization's computer networks from cyber attacks Assessing the efficacy of existing security measures and processes to ensure that these measures and processes meet Health Insurance Portability and Accountability Act (HIPAA) and Federal Information System Controls Audit Manual (FISCAM) security standards and making recommendations for improvement Recommending security enhancements to management and senior ITS staff Analyzing software and systems requirements and providing objective advice on the level of security risks and remediation options Monitoring computer networks for security issues in order to reduce the risk of security incidents Leading investigation of security breaches and other cyber security incidents in collaboration with the Information Security Manager and the infrastructure team Documenting security breaches and assessing the damage caused Collaborating with the infrastructure team to ensure security measures and software to protect systems and information infrastructure, including firewalls and data encryption programs, are up to date Conducting system vulnerability audits and assessments on a proactive basis and collaborating with the infrastructure team to perform tests and uncover network vulnerabilities Managing efforts with vendors on annual security audit, including pen testing Assisting with developing and documenting preventive measures to ensure system security Staying informed of best practices and new developments in the field, analyzing applicability, making related recommendations, and developing written documentation of adopted practices Documenting computer security procedures, and tests Assisting with the development of policies, procedures, standards, and guidelines related to information security Developing information, training materials and presentations to educate the organization about information security management, data security, and prevention of breaches Assisting staff with the installation and utilization of new security products and procedures Conferring with staff regarding issues such as computer data access needs, security violations, and programming changes Monitoring systems and providing frequent training to staff regarding how to detect and avoid phishing attempts Reviewing any violations of security procedures and providing remedial training to staff, as needed Performs other duties as assigned You Will Be Successful If: In-depth knowledge of HIPAA and FISCAM security guidelines. Strong understanding of firewalls, proxies, SIEM, antivirus, and IDPS concepts. Proficiency with operating systems, virtualization, and security systems. High proficiency in Windows-based PC systems and Microsoft Office Suite. Working knowledge of penetration testing, patch management, and security frameworks (NIST, ISO 27001, COBIT). Familiarity with project management principles and customer service practices. Awareness of emerging security technologies such as AI, IoT, and blockchain. Strong analytical, problem-solving, and decision-making skills. Clear and concise writing and communication skills, with ability to present technical content to non-technical audiences. Experience creating training materials and leading staff training. Ability to manage multiple priorities, meet deadlines, and adapt to shifting needs. Leadership ability to facilitate meetings, resolve issues, and guide staff. Strong collaboration skills and diplomacy across teams and levels of the organization. Willingness to respond to after-hours information security incidents. What You Will Bring: Bachelor's degree in Information Technology, Cybersecurity, Computer Science, or a related field. 8 years of professional level information technology experience 3 years of experience performing information security functions in a health care environment (a Master?s degree may substitute for two years of the required experience); or an equivalent combination of education and experience may be qualifying Experience working in the health care industry Certification as a Certified Information Systems Security Professional (CISSP) issued by the International Information System Security Certification Consortium (ISC2), Certified Information Security Manager (CISM) issued by the Information Systems Audit and Control Association (ISACA), and/or Certified Ethical Hacker (CEH) issued by the Council of E-commerce Consultants (EC-Council), or equivalent

at The Azoff Music Company LLC Information Security Analyst About the RoleWe are looking for an Information Security Ånalyst to operate and maintain our information security systems. As a mid-size entertainment company with global reach, we manage sensitive intellectual property and digital assets that demand the highest level of security. This role will be responsible for helping to design, implement, and maintain a robust information security program that aligns with business objectives and compliance requirements. Key Responsibilities Governance, Risk Management, and Compliance Establish and maintain security policies, standards, and procedures that comply with applicable regulations (e.g., GDPR, CCPA, SOC 2, ISO 27001, PCI-DSS). Oversee risk assessments and audits, ensuring remediation plans are executed effectively. Manage vendor security evaluations and third-party risk management programs. Operational Security Oversee incident detection, response, and recovery processes to ensure rapid containment and resolution of security events. Implement and monitor security controls across endpoints, networks, and cloud infrastructure. This may include selecting, implementing, and monitoring security software, reviewing network settings like firewall rules and access policies, inspecting hardware and software for vulnerabilities. Lead vulnerability management, penetration testing, and threat intelligence initiatives. Awareness and Culture Develop and deliver ongoing security training and awareness programs for all employees. Champion a culture of security across departments, ensuring staff understand their role in protecting company assets. Mentor junior technical staff on information security best practices, operations, and technology. Technology and Innovation Partner with IT and digital teams to integrate security into technology architecture and workflows. Evaluate and implement advanced security tools, automation, and analytics for proactive threat management. Stay current with emerging threats, trends, and technologies in cybersecurity and the entertainment industry. Qualifications Bachelor's degree in Computer Science, Information Security, or a related field. 5+ years of progressive experience in information security. Proven experience supporting enterprise security programs, preferably in media, entertainment, or technology environments. Strong knowledge of cloud security, identity and access management, and data loss prevention. Strong knowledge of Conditional Access Policies and Device Compliance in Microsoft Entra ID. Experience implementing and managing SSO and SCIM configurations. Familiarity managing PAM solutions like Microsoft Privileged Identity Management. Strong programming (Python) and/or scripting skills (PowerShell/Bash) Familiarity with common device management tools like Intune, Jamf, Mosyle, Addigy, etc. Professional certifications such as Security +, Network +, CISSP, CCSP or CASP, or similar highly desired. Excellent communication and stakeholder management skills - able to translate complex technical risks into clear business implications. The base salary range for this role is $120,000 - $150,000 depending upon experience.Our offices are located in Westwood Village, Los Angeles, CA. Employees work in the office Monday through Thursday and from home on Fridays. We offer a very competitive benefits package, annual bonus, and a creative and dynamic working environment. We are a fully vaccinated workforce. Successful candidates will be required to show proof of being vaccinated against COVID-19. You are up to date when you have received a two-dose series and a booster, or a single dose series and a booster. Reasonable accommodations will be considered on a case-by-case basis for exemptions to this requirement in accordance with applicable law. Disclaimer: This job description only provides an overview of job responsibilities that are subject to change. We are an Equal Opportunity Employer

Are you passionate about administrating and enforcing solutions that safeguard data? Are your interested in serving your fellow team and the community? If so, we want to talk to you - we are currently looking for Service Superstars to join our Team! An Information Security Analyst 1 takes a lead role in the research, design, and implementation of all information security related hardware or software; including operating systems and communications products, coordinating implementations with third party vendors and supporting representatives as needed. This role also serves as a liaison between vendors and other departments on information security related projects. Duties and Essential Functions: Service * Personally, provides exceptional member service; uses Service Standards in every work-related interaction. * Ensures that exceptional member service is being provided to members and team members, at all times. * Serves as a strong example of leadership in work ethic, professionalism, and conduct. * Promotes a harmonious work environment that motivates others towards team participation, goal setting/accomplishment, and personal development. Daily Operations * Assists in the management of multiple information security systems, ensuring proper integration of the components with computer systems, network equipment and other devices. * Assists in research of data security needs and requirements for current and future systems. * Performs regular vulnerability analysis for intentional and unintentional systems misuse and identifies appropriate counter measures. * Takes a supporting role in the management of the Credit Union's information security program including establishing, implementing and monitoring of information security, incident response procedures and policies, system configuration standards and ongoing risk assessments. * Assists the credit union management team with the creation, modification, and implementation of Information Security policies and standards. * Performs routine audits of security databases including Active Directory, Anti-Virus, Data Loss Prevention (DLP), Group Policy, Remote Authentication Dial-In User Service (RADIUS), and regularly reviews other security logging systems. Designs and/or implements changes to these systems in response to any discovered vulnerabilities. * Performs regular audits of credit union procedures including new hire/transfer/separation process, configuration checklists, firewall changes, Uniform Resource Locator (URL)/Spam filter changes, DLP changes, file permission changes, inventory changes, equipment changes, and system health checks. * Takes a supporting role in the management of Credit Union patch management, anti-virus, Spam filtering, DLP, URL filtering, and intrusion prevention systems. * Assists with the development and implementation of active directory group policy objects with an emphasis on enhancing computer systems security. * Manages the creation, deletion, or alteration of systems access for Credit Union team members. Makes key decisions on whether to honor system access requests and responds appropriately. * Takes a supporting role in the research, design, and implementation of all information security related hardware or software including operating systems and communications products; assists with coordination of implementations with third party vendors and supports representatives as needed; serves as a liaison between vendors and other departments on information security related projects. * Conducts various training and instruction programs for credit union team members on the secure use of e-mail and the internet as well as operating systems, networking, computer applications and databases. * Assists in the evaluation of new projects and proposes systems for security risks and makes recommendations for implementation to management. * Takes supporting role in analyzing, planning and implementing projects including software, in-house development, hardware, and networks to provide new products and services to members of the credit union and to improve the effectiveness of member data security. Performs capacity planning and tuning of information security systems to assure maximum availability and optimal utilization; directs/assists with hardware and software upgrades as needed. * Develops project scope and timeline documents for individual projects per Information Systems (IS) Department standards. * Stays current with evolving trends in information security related hardware, applications, development, and the internet. * Provides guidance and assistance on technical skills to other IS staff. * Provides regular documentation and reports on the progress of information security initiatives as well as provides suggestions or plans to further improve the credit union's security efforts. * Other duties as deemed necessary and assigned by Supervisor to achieve the goals of the department and the Credit Union. Benefits Include: (not a complete list) Wellbeing * Weekly pay * 401K Retirement Savings Plan with company match * Paid time off accrual begins upon hire, 15 paid vacation days, 11 paid holidays * Paid sick leave * Company-provided life insurance at twice your annual salary * Financial Education Programs * DoorDash DashPass Health * Medical, Dental, and Vision Insurance for part-time and full-time employees * Modern Health * Care.com subscription * Teladoc Career Development * Career development opportunities * Team members are eligible to apply for assistance with educational expenses through ArrowHeart's scholarship program. To learn more about Arrowhead Credit Union and our service culture, visit our Career page, and our ArrowHeart Foundation. The pay range for this position is listed below. Starting pay for successful applicants is generally within the minimum to midpoint of the pay range. Our consideration for pay is designed to support career growth and development over time. Offers extended depend on a variety of job-related factors, including but not limited to individual experience, knowledge, training, education, geographic location, market demands, and internal equity. Pay range: Minimum: $35.11/hourly| Midpoint: $43.89/hourly | Maximum: $52.67/hourly

Requirements Bachelor's degree in Cybersecurity, Computer Science, or related field. 3+ years of experience in information assurance or cybersecurity. DoD 8570 IAT Level II certification (Security+ CE, CySA+, or equivalent). Familiarity with NIST, DISA STIGs, and DoD RMF compliance. Must possess an active Secret Clearance - Required This contractor and subcontractor shall abide by the requirements of 41 CFR §§ 60-1.4(a), 60-300.5(a) and 60-741.5(a). These regulations prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities and prohibit discrimination against all individuals based on their race, color, religion, sex, sexual orientation, gender identity or national origin. Moreover, these regulations require that covered prime contractors and subcontractors take affirmative action to employ and advance in employment individuals without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status or disability. Salary Description $88,000-$102,000

The Information Security Analyst supports the organization's centralized information security program across both Tribal Administration and Soboba Casino operations. This role focuses on monitoring and analyzing security alerts, conducting vulnerability assessments, supporting incident response, and validating security controls. The Analyst collaborates with IT teams, business units, and vendors to identify security gaps, track remediation efforts, and support audit and compliance requirements. The role emphasizes analysis, investigation, validation, and reporting of security issues, rather than day-to-day system administration. Duties/Responsibilities Monitor, review, and analyze security alerts, logs, and reports across enterprise systems, including SIEM platforms (e.g., Splunk, QRadar, Sentinel). Conduct vulnerability assessments and coordinate remediation tracking with IT teams, departments, and vendors. Lead security incident investigations, including analysis, documentation, containment, and post-incident reviews, in coordination with the Information Security Manager and operational teams. Coordinate and analyze penetration testing activities and vulnerability scans using tools such as Tenable, Nessus, or Qualys. Design, perform, and report on security system and end-user activity audits. Validate the effectiveness of security controls and recommend improvements based on risk analysis and threat intelligence. Track and report on security findings, remediation progress, and risk trends. Support internal and external audits, compliance reviews, and regulatory requirements (e.g., PCI-DSS, HIPAA, NIGC) through evidence collection and analysis. Research emerging threats, vulnerabilities, and security trends to support continuous improvement of the security program. Translate technical security findings into clear, risk-based recommendations for IT teams and executive leadership. Collaborate with the Information Security Manager and CIO to support enterprise risk management initiatives. Perform risk-based analysis of security events, vulnerabilities, and incidents to determine potential business impact. Support third-party and vendor security assessments and risk reviews. Assist with security awareness initiatives, including user education, phishing simulations, and training campaigns. Develop and maintain security findings, investigation records, and remediation documentation. Participate in continuous improvement of the information security program based on evolving threats, technologies, and organizational needs. Engage in cross-functional collaboration with IT, compliance, legal, and operational teams to ensure alignment of security objectives. Perform special projects and other responsibilities, tasks, or duties as requested. Education / Qualifications Must be at least 21 years of age. High School Diploma or GED equivalent, required. Bachelors in computer science or related field, or equivalent work experience, preferred. Industry-recognized security certifications such as Security+, SSCP, or equivalent preferred; advanced certifications (e.g., CISSP, GIAC) are a plus. Minimum of three (3) years of experience in systems, network, or security administration in enterprise environments with direct involvement in information security functions, such as security monitoring, vulnerability assessment, incident investigation, or control validation, preferred. Any combination of education, experience, and training that provides the required knowledge, skills, and abilities. Must have excellent verbal and written communication skills to promote a positive and professional image. Broad hands-on knowledge of firewalls, intrusion detection systems, anti-virus software, data encryption, and other industry-standard techniques and practices, preferred. In-depth technical knowledge of enterprise network, endpoint, and platform operating systems within heterogeneous environments, preferred. Working technical knowledge of enterprise operating systems and platforms across Windows and Linux-based environments, preferred. Strong knowledge of TCP/IP and network administration/protocols, preferred. Hands-on experience with devices such as hubs, switches, and routers, preferred. Knowledge of data privacy and data protection practices, along with familiarity with information security frameworks and best practices such as NIST, CIS, and ISO standards, preferred. Must be able to provide evidence of eligibility to work in the United States of America. Certificates, licenses, and registration Ability to obtain and maintain a valid Soboba Tribal Gaming Commission license. Required to submit to and obtain negative results on all drug and/or alcohol testing. Soboba Casino Resort Benefits Full-time team members are eligible to participate in a variety of group health and wellness benefits upon timely submission of appropriate enrollment forms. Coverage effective dates vary by plan and additional information will be provided to you during New Hire Orientation. Benefit offerings may change from time-to-time, but presently, Soboba Casino resort offers the following: 401k Plan Basic Life Insurance (employer paid) with the option to purchase Supplemental Life Insurance Medical available to employees at a significantly reduced cost. Dental & Vision paid for the employee. Employee Assistance Program Wellness Program (Annual Health Fair, Wellness Education, and Incentive Programs) Paid Time Off Soboba Casino Resort Team Member Recognition including, but not limited to: Reward and Recognition Program (Quarterly, and Annually) Team member Incentives Discounted Team member meal

The Information Security Analyst will be tasked with monitoring and identifying organizational security risks, detecting attack methods and sources, and preserving electronic evidence when required. This role requires expertise in analyzing, recommending, designing, implementing, and maintaining systems and processes that safeguard business and client data. Core responsibilities include conducting risk assessments, performing security analyses, and creating remediation strategies. The individual should be capable of working independently while contributing to security programs as part of the incident response team. Strong written communication skills are essential for preparing formal reports. Professional fluency in English and Portuguese is required. This is an onsite position in Brazil, five days per week, offered as a 6-12 month contract with potential for extension or conversion to a full-time role. Responsibilities but not limited to: - IT Security Administration: Focus on minimizing downtime and ensuring scalability by addressing security risks across systems and networks. - Application Security Alignment: Guarantee that security architecture, designs, plans, controls, and policies comply with IT standards and overall security requirements. - Documentation: Develop and maintain detailed records for all security systems and networks, updating documentation whenever changes occur. - Project Participation: Contribute to initiatives and projects centered on information security. - Program Support: Assist with implementing, maintaining, and monitoring the information security program, including gap analysis, risk assessments, third-party evaluations, procedure development, recurring processes, and incident response. - Solution Deployment: Handle integration, initial configuration, and upgrades of new and existing security solutions following industry best practices. - Operating Systems Expertise: Demonstrate advanced knowledge of Linux, Windows, and OS X environments. - Cloud Security: Apply experience in securing cloud infrastructures such as AWS and Azure. - Vulnerability Management: Lead efforts to identify and remediate security weaknesses in networks and systems, providing technical guidance and support. - Policy Development: Create, implement, and maintain internal procedures to safeguard data and manage incident response effectively. - Collaboration: Work with project teams and system architects to design secure systems and project plans that meet established security standards. - Threat Awareness: Stay informed on current and emerging security threats and design architectures to mitigate potential risks. We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to ********************.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: **************************************************** Skills and Requirements · Knowledge with Security solutions: SIEM, IAM, PAM, EDR/XDR, CSAM, CASB, Proxies, ZTNA · Solid security understanding with Microsoft security controls (AD, Entra, O365, Intune MDM, etc) · Minimum 7+ years of experience in information technology security or equivalent combination of education and experience · Security+, CISSP, CISA or SANS GIAC certification · Understanding of application, network, operating system, and core infrastructure security concepts. · Knowledge on security monitoring tools such as UTM, IPS, IDS and other security appliances · Project management, organizational and prioritizing skills · Understanding of WAN, MPLS, and technologies such as VoIP beneficial · Working knowledge of common information technology management frameworks such as ISO/IEC 27001, ITIL, COBIT, and NIST