Cyber security analyst jobs in Cedar Hills, UT

*****CANDIDATE MUST BE US Citizen (due to contractual/access requirements)***** **For candidates residing within a 50-mile radius of a Highmark office, a hybrid work schedule of three days per week (Tuesday, Wednesday, and Thursday) in the office is required.** The Cyber User Behavior Engineer is a pivotal role at Highmark, dedicated to enhancing our organization's security by cultivating a robust "security-first" culture. This individual will lead the design, implementation, and ongoing management of comprehensive security awareness programs. Their primary responsibility will be to educate, train, and inspire all Highmark employees to effectively identify and report security threats, ensuring adherence to Highmark's security policies and industry best practices. This role is crucial in minimizing human-centric security risks and fostering a vigilant and informed workforce. **ESSENTIAL RESPONSIBILITIES** + Develop, implement, and continuously improve a proactive program to identifying internal threats. + Establish close relationships with business stakeholders outside of the security discipline, working closely with privacy, physical security, fraud, legal, human resources and senior leadership. + Perform predictive analysis of behavior, anomalies, and concerns to identify internal threats. + Execute campaigns designed to improve enterprise security posture. + Continually enhance insider risk program to increase efficiencies and measure program effectiveness and report accordingly on progress. + Utilize change management methodologies to mitigate identified security risks. + Provide insider threat support to security operations and incident response teams in advance of and during cyber security incidents. + Ensure clear lines of communication including but not limited to; transparency to the business on upcoming security initiatives, identifying impact to the business and to consumers, helping shape remediation, and developing external and internal communications. + Ensure the education and awareness program is aligned with the Information Security Program, Policies and Standards. + Other duties as assigned or requested. **EDUCATION** **Required** + Bachelor's Degree in Business Education, Marketing or Information Systems **Substitutions** + Six (6) years relevant, progressive experience **Preferred** + Bachelors in Information Security **EXPERIENCE** **Required** + 3 years in IT or IT Security Focus + 3 years of Insider Threat Program focus To include: + 3 years with Human Intelligence (HUMINT) **OR** as an Open-source Intelligence Analyst **Preferred** + 1-3 years in a Security Awareness or adjacent role **LICENSES or CERTIFICATIONS** **Required** + None **Preferred** + Security + **OR** + GSEC **OR** + CISSP **OR** + CERT Insider Threat + SANS Security Awareness Professional (SSAP) Proofpoint Certified Security Awareness Specialist **SKILLS** + Change Management + Presentation Delivery + Prioritizing + Analytical and Logical Reasoning/Thinking + Communication Skills + Cyber Security + User Behavior + Continuous Improvement **Language (Other than English):** None **Travel Requirement:** 0% - 25% **PHYSICAL, MENTAL DEMANDS and WORKING CONDITIONS** **Position Type** Office-based Teaches / trains others regularly Frequently Travel regularly from the office to various work sites or from site-to-site Rarely Works primarily out-of-the office selling products/services (sales employees) Never Physical work site required Yes Lifting: up to 10 pounds Occasionally Lifting: 10 to 25 pounds Rarely Lifting: 25 to 50 pounds Never **_Disclaimer:_** _The job description has been designed to indicate the general nature and essential duties and responsibilities of work performed by employees within this job title. It may not contain a comprehensive inventory of all duties, responsibilities, and qualifications required of employees to do this job._ **_Compliance Requirement_** _: This job adheres to the ethical and legal standards and behavioral expectations as set forth in the code of business conduct and company policies._ _As a component of job responsibilities, employees may have access to covered information, cardholder data, or other confidential customer information that must be protected at all times. In connection with this, all employees must comply with both the Health Insurance Portability Accountability Act of 1996 (HIPAA) as described in the Notice of Privacy Practices and Privacy Policies and Procedures as well as all data security guidelines established within the Company's Handbook of Privacy Policies and Practices and Information Security Policy._ _Furthermore, it is every employee's responsibility to comply with the company's Code of Business Conduct. This includes but is not limited to adherence to applicable federal and state laws, rules, and regulations as well as company policies and training requirements._ Highmark Health and its affiliates prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities and prohibit discrimination against all individuals based on any category protected by applicable federal, state, or local law. We endeavor to make this site accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact the email below. For accommodation requests, please contact HR Services Online at ***************************** California Consumer Privacy Act Employees, Contractors, and Applicants Notice Req ID: J272819

Prime Time Consulting, a GRVTY Company, provides clients with expert intelligence analysis services. Our clients include defense contractors, industrial and service corporations, and departments and agencies of the U.S. Federal Government. Computer Network Defense AnalystWe are actively searching for Computer Network Defense Analysts (CNDAs), located in Utah, to support our team. We have varying levels of CNDAs, depending on years of experience and education.Job Duties Conduct computer network defense. Conduct target development for use or decision by Government personnel. Analyze and produce intelligence information. Conduct computer/network security to provide advice to the Government. Create and maintain documentation of their analysis. Ensure to routinely follow oversight and compliance Acquire/share job knowledge/skill Partner with team members on the contract, including government personnel and other partner companies Qualifications Degree in Computer Science or equivalent technical field Level 1 - 6 years of experience can replace 2 years of experience with AA degree Level 2 - 9 years of experience can replace 4 years of experience with BS degree Level 3 - 12 years of experience can replace up to 6 years of experience with MS degree Level 4 - 15 years of experience can replace up to 9 years with Doctorate degree Strong communication skills Works well in a team and alone Working knowledge of Microsoft Office Suite Company Perks At PTC, a GRVTY Company, we believe that when our employees thrive, our company thrives. That's why we offer a comprehensive and competitive benefits package designed to support your well-being, growth, and work-life balance. Robust health plan including medical, dental, and vision Health Savings Account with company contribution Annual Paid Time Off and Paid Holidays Paid Parental Leave 401k with generous company match Training and Development Opportunities Award Programs Variety of Company Sponsored Events Prime Time Consulting, a GRVTY Company, is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran and will not be discriminated against on the basis of disability. Anyone requiring reasonable accommodations should email [email protected] with requested details. A member of the HR team will respond to your request within 2 business days. Please review our current job openings and apply for the positions you believe may be a fit. If you are not an immediate fit, we will also keep your resume in our database for future opportunities.We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

Join our team - and take the next step in achieving a fulfilling career! What We Do At CardWorks, we aim to help people connect with possibility and opportunity using our financial servicing expertise. Building meaningful, long-term relationships with consumers, our employees, and our clients is what matters most. Who We Are CardWorks, Inc. is a diversified consumer finance service provider and parent company of CardWorks Servicing, LLC, Merrick Bank and Carson Smithfield, LLC. CardWorks Servicing, LLC provides end-to end operational servicing functions for credit cards, secured cards, and installment loans. We service consumer and small business loans across the credit spectrum and offers backup servicing and due diligence services to capital providers and trustees. Merrick Bank is an FDIC-insured Utah Industrial Loan Bank. Merrick operates three main business lines: credit cards, recreational lending, and merchant services. Carson Smithfield, LLC provides a variety of post-charge-off debt recovery services, including digital self-service, IVR, live agent, and external agency management. Position Summary We are seeking a highly skilled Senior Cyber Security Engineer to join our dynamic team in the financial sector. This role emphasizes mentoring and tactical oversight in safeguarding our organization's information systems against cyber threats. The ideal candidate will possess a deep understanding of cyber security principles and technologies, along with the ability to own and lead projects while mentoring junior team members. Essential Functions Key responsibilities include: Work with team lead and direct leadership to implement comprehensive cyber security strategies that align with team and organizational goals while also maintaining regulatory requirements. Lead programs, mentor junior engineers and analysts, and help develop a high-performing cyber security team, acting as a point of technical escalation. Maintain in-scope program implementation, road mapping and maturity best practices. Keep a “real time” status on the latest cyber security trends, technologies, and best practices, helping to integrate them into the organization's security framework. Assist in authoring and enforcing security policies, standards, and procedures to create efficiencies and mitigate risks to ensure compliance with industry regulations. Support the SOC during incident response efforts, coordinating with the SOC team internally to facilitate resolutions effectively. Participate in incident response plans as well as regular drills and reviews to ensure preparedness. Collaborate cross-functionally with teams and stakeholders. Establish and maintain relationships to properly support security initiatives enterprise wide. Report on program metrics as well as potential gaps identified to the team lead and direct leadership providing insights and recommendations for improvement. Senior Cyber Security Engineer is also responsible for familiarity with tooling and cross-train with other security functions as assigned: Endpoint security controls - Monitor ticketing and requests for all endpoint controls and respond to events and outages in a troubleshooting capacity. Data loss prevention - Address tickets for block remediation and apply rule changes as needed. Cloud access security brokering - Monitor incoming requests and apply proper validation and remediation steps as needed. Email security - Perform triage and remediation of tickets related to email security. Additional Essential Functions Define and enforce policies for endpoint security and DLP aligned with regulatory and business requirements. Develop and maintain operational playbooks and escalation procedures. Administer and optimize Microsoft Defender XDR and DLP tools across the enterprise. Lead tool upgrades, configuration changes, and integration efforts with SIEM and SOAR platforms. Incident Triage & Response Analyze and triage security alerts from Defender XDR and DLP platforms. Lead investigations into endpoint-related incidents and data exfiltration attempts. Generate regular reports on endpoint and DLP effectiveness, coverage, and incident trends. Compliance with Laws & Regulations Collaborate with compliance and risk teams to ensure audit readiness and policy adherence. Responsible for complying with all the Bank's internal control policies and procedures. Responsible for understanding and complying with all laws and regulations to which the Bank is subject. Responsible for communicating problems in operations, noncompliance with the code of conduct, noncompliance with laws and regulations, policy violations, or illegal acts. Education and Experience Bachelor's degree in Cybersecurity, Information Security, or a related field. Equivalent experience will also be considered. 7+ years of experience in risk management, security awareness, or a related role within the finance industry. Experience in developing and delivering training programs is highly desirable. Relevant certifications such as CISSP, CISM, or advanced SANS are highly desirable. Summary of Qualifications Highly proficient in the management and use of the Microsoft Security Tool Suite. 1+ years of Morphisec experience preferred. Proficient in scripting languages such as Python, PowerShell with relation to API, automation and metric collection. Thorough understanding of current cyber threat and risk landscape. Experience with industry tooling (e.g., Workday, Dayforce, KnowBe4, Cybsafe, Tanium, etc.). Solid understanding of web application frameworks, APIs, microservices, and cloud environments (AWS, Azure, GCP). Good experience with highly regulated industries, and specifically the banking industry (including FDIC regulations) is preferred. Demonstrated skills with security concepts, defense-in-depth strategies, security tools, and protocols. “White-hat” mentality, with a healthy sense of paranoia (security awareness and risk). Positive, inquisitive, can-do attitude. Self-starter, requires minimal oversight to perform as expected, work well independently and as part of a team. Comfortably perform well under pressure, deliver to commitments on tight deadlines. Meticulous attention to detail. Passion for cybersecurity and technology trends, news, and hacking techniques. The salary range for this position, if located in NY Metro/NY State is $130,105 to $144,561. However, please note that the salary range will vary for other geographic areas. #indhp Our Employee Value Proposition Competitive Pay, including a Bonus Target or Variable Pay Incentive Program Benefits Package -Medical, Dental, and Vision (plus much more) 401(k) Plan with Company Match Short- & Long-Term Disability Wellness Programs Group Life and AD&D Insurance Paid Vacation, Sick Days and bank Holidays Employee Engagement Activities including Employee Appreciation Day, DEI Employee Resource Groups, Corporate Social Responsibility, Service Recognition We offer a total rewards package comprised of a competitive base rate of pay, variable pay incentive programs based on the role, and a comprehensive benefit suite. Offered rates of pay are determined based on job-related knowledge, relevant experience, skills, certifications, and geographic location. We are an equal opportunity employer, and we evaluate qualified applicants without regard to race, color, religion, sex, national origin, disability, veteran status or any other legally protected characteristic. We will conduct a thorough background check for all hires in compliance with applicable .

The Company You'll Join Carta connects founders, investors, and limited partners through world-class software, purpose-built for everyone in venture capital, private equity and private credit. Trusted by 65,000+ companies in 160+ countries, Carta's platform of software and services lays the groundwork so you can build, invest, and scale with confidence. Carta's Fund Administration platform supports 9,000+ funds and SPVs, representing nearly $185B in assets under management, with tools designed to enhance the strategic impact of fund CFOs. Recognized by Fortune, Forbes, Fast Company, Inc. and Great Places to Work, Carta is shaping the future of private market infrastructure. Together, Carta is creating the end-to-end ERP platform for private markets. Traditional ERP solutions don't work for Private Funds. Private capital markets need a comprehensive software solution to replace outdated spreadsheets and fragmented service providers. Carta's software for the Office of the Fund CFO does just that - it's a new category of software to make private markets look more like public markets - a connected ERP for private capital. For more information about our offices and culture, check out our Carta careers page. The Problems You'll Solve At Carta, our employees set out on a mission to unlock the power of equity ownership for more people in more places. We believe that the problems we solve today unlock the opportunities of tomorrow. As a Senior Security Analyst, you'll directly shape and strengthen our detection and response capabilities, help mature our security operations, and ultimately protect the organization from evolving threats. You'll play a critical role in leading incidents, developing internal tools and playbooks, and reducing response times through automation and continuous improvement. You'll serve as a point-of-contact for incidents and collaborate with stakeholders to shape the future of Carta's security posture. Here are some problems we'd love for you to help us solve: Lead investigation and response efforts for security incidents, and coordinate with internal stakeholders and external partners when necessary. Own detection use-case development and write and tune alerts to improve signal-to-noise ratio across our environments. Maintain and continually improve security incident response plans, playbooks, and related documentation. Apply Terraform to ensure consistent, secure, and scalable infrastructure deployment and detection pipelines. Develop and maintain internal tooling and automations to improve analyst efficiency for alert triage, IOC enrichment, and evidence collection. Elevate the Security team by coaching peers, mentoring junior analysts, and setting high standards for detection quality and incident handling. Own and execute technical security projects, including scoping, building, testing, deploying, and iterating. Conduct threat hunting and utilize threat intelligence to proactively identify and mitigate emerging risks. Participate in on-call rotation and continuously improve readiness and handovers. The Team You'll Work With You will be part of a security-minded team that believes in progress over perfection and where security culture and mindset is key. Our team is rethinking how detection and response activities can be accomplished in innovative ways. We focus on solving business problems while minimizing and managing risk exposure for Carta. About You We're looking for candidates who have: Deep experience in triaging, investigating, and remediating security events and incidents across multiple technology stacks. Strong experience with SIEM (e.g., Splunk, Panther, Sentinel), EDR (e.g. SentinelOne, CrowdStrike), and other security tooling (e.g., CASB, SSE, SWG). Working knowledge of Terraform and Infrastructure as Code principles to secure and scale detection/response infrastructure. Solid understanding and a proven ability to apply detection engineering and threat modeling concepts using MITRE ATT&CK or similar frameworks. Excellent judgement and the ability to handle ambiguity and make balanced decisions when working with complex situations. Demonstrated ability to mentor peers, raise technical standards, and influence team maturity. Proven ability to proactively collaborate with cross-functional teams to influence security priorities and guide risk-based decisions. Excellent written and verbal communication skills, including the ability to effectively communicate cybersecurity risk across technical and non-technical audiences. 6+ years of experience in incident management, detection engineering, and security operations. At Carta, you're not just an employee. You're a builder who is creating infrastructure that accelerates innovation and empowers more ownership. Cartans are helpful, relentless, unconventional and kind; representing Carta's Identity Traits. They work collaboratively and cross functionally to challenge the status quo; working towards a common goal of creating more owners in the private markets. Salary Carta's compensation package includes a market competitive salary, equity for all full time roles, exceptional benefits, and, for applicable roles, commissions plans. Our expected cash compensation (salary + commission if applicable) range for this role is: $151,810 - $178,600 in Seattle, WA $159,800 - $188,000 in San Francisco, CA; Santa Clara, CA; New York, NY We are hiring for multiple levels and locations, so final offers may vary from the amounts listed based on geography, experience and expertise, and other factors. Disclosures: We are an equal opportunity employer and are committed to providing a positive interview experience for every candidate. If accommodations due to a disability or medical condition are needed, please connect with the talent partner via email. Carta uses E-Verify in the United States for employment authorization. See the E-Verify and Department of Justice websites for more details. For information on our data privacy policies, see Privacy, CA Candidate Privacy, and Brazil Transparency Report. Please note that all official communications from us will come from an @carta.com or @carta-external.com domain. Report any contact from unapproved domains to ******************.

Mindlance is a national recruiting company which partners with many of the leading employers in the Life Sciences, IT, and Financial Services sectors, feel free to check us out at ************************* Job Description Job Title: Network Security Analyst Duration: 6 Months Location: Lehi, UT Required: • Minimum 3+ years exp. • Experience with implementing policy on firewalls (Juniper & Palo alto experience preferred) • Review requests for new firewall policy • Understanding of IP stack • Ability to prioritize work and meet defined SLAs • Good communication skills - both verbal and written Additional Information Thanks & Regards, ______________________________________________________________________________________________________ Vikram Bhalla | Team-Recruitment | Mindlance, Inc. | Office: **************

Responsible for the planning, design and build of security architectures; oversees the implementation of network and computer security and ensures compliance with corporate security policies and procedures. **Responsibilities** Responsible for advanced planning, design and build of security systems, applications, environments and architectures; oversees the implementation of security systems, applications, environments and architectures and ensures compliance with information security standards and corporate security policies and procedures. Provides technical advice and direction to support the design and development of secure architectures. May participate in an incident management team, bringing advanced-level skills to respond to security events in line with Oracle incident response playbooks. Investigates purported intrusions and breaches, and oversees root cause analysis. Coordinates incidents with other business units and may act as Incident Commander of serious incidents. Develops new methods, and playbooks, as well as sophisticated scripts, applications, and tools, and trains others in their use. May participate in an incident management team, responding to security events in line with Oracle incident response playbooks. Investigates purported intrusions and breaches, and oversees root cause analysis. Coordinates incidents with other business units and may act as incident commander of serious incidents. Participates in developing new methods, playbooks throughout Oracle. Evaluates existing and proposed technical architectures for security risk, provides technical advice to support the design and development of secure architectures and recommends security controls to mitigate those risks. Evaluations of internal security architecture may include design assessment, risk assessment, and threat modeling. Brings advanced-level skills to research, evaluate, track, and manage information security threats and vulnerabilities in situations where in-depth analysis of ambiguous information is required, and where computer programming/scripting knowledge is required. Work with Senior management to develop and implement a multi-year security roadmap Focus on operational and strategic level tasks, and provide counsel and guidance to the junior level security operations engineers in the department. Disclaimer: **Certain US customer or client-facing roles may be required to comply with applicable requirements, such as immunization and occupational health mandates.** **Range and benefit information provided in this posting are specific to the stated locations only** US: Hiring Range in USD from: $109,200 to $223,400 per annum. May be eligible for bonus and equity. Oracle maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect Oracle's differing products, industries and lines of business. Candidates are typically placed into the range based on the preceding factors as well as internal peer equity. Oracle US offers a comprehensive benefits package which includes the following: 1. Medical, dental, and vision insurance, including expert medical opinion 2. Short term disability and long term disability 3. Life insurance and AD&D 4. Supplemental life insurance (Employee/Spouse/Child) 5. Health care and dependent care Flexible Spending Accounts 6. Pre-tax commuter and parking benefits 7. 401(k) Savings and Investment Plan with company match 8. Paid time off: Flexible Vacation is provided to all eligible employees assigned to a salaried (non-overtime eligible) position. Accrued Vacation is provided to all other employees eligible for vacation benefits. For employees working at least 35 hours per week, the vacation accrual rate is 13 days annually for the first three years of employment and 18 days annually for subsequent years of employment. Vacation accrual is prorated for employees working between 20 and 34 hours per week. Employees working fewer than 20 hours per week are not eligible for vacation. 9. 11 paid holidays 10. Paid sick leave: 72 hours of paid sick leave upon date of hire. Refreshes each calendar year. Unused balance will carry over each year up to a maximum cap of 112 hours. 11. Paid parental leave 12. Adoption assistance 13. Employee Stock Purchase Plan 14. Financial planning and group legal 15. Voluntary benefits including auto, homeowner and pet insurance The role will generally accept applications for at least three calendar days from the posting date or as long as the job remains posted. Career Level - IC4 **About Us** As a world leader in cloud solutions, Oracle uses tomorrow's technology to tackle today's challenges. We've partnered with industry-leaders in almost every sector-and continue to thrive after 40+ years of change by operating with integrity. We know that true innovation starts when everyone is empowered to contribute. That's why we're committed to growing an inclusive workforce that promotes opportunities for all. Oracle careers open the door to global opportunities where work-life balance flourishes. We offer competitive benefits based on parity and consistency and support our people with flexible medical, life insurance, and retirement options. We also encourage employees to give back to their communities through our volunteer programs. We're committed to including people with disabilities at all stages of the employment process. If you require accessibility assistance or accommodation for a disability at any point, let us know by emailing accommodation-request_************* or by calling *************** in the United States. Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans' status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law.

Ready to be pushed beyond what you think you're capable of? At Coinbase, our mission is to increase economic freedom in the world. It's a massive, ambitious opportunity that demands the best of us, every day, as we build the emerging onchain platform - and with it, the future global financial system. To achieve our mission, we're seeking a very specific candidate. We want someone who is passionate about our mission and who believes in the power of crypto and blockchain technology to update the financial system. We want someone who is eager to leave their mark on the world, who relishes the pressure and privilege of working with high caliber colleagues, and who actively seeks feedback to keep leveling up. We want someone who will run towards, not away from, solving the company's hardest problems. Our ******************************** is intense and isn't for everyone. But if you want to build the future alongside others who excel in their disciplines and expect the same from you, there's no better place to be. While many roles at Coinbase are remote-first, we are not remote-only. In-person participation is required throughout the year. Team and company-wide offsites are held multiple times annually to foster collaboration, connection, and alignment. Attendance is expected and fully supported. Coinbase stores more digital currency than any company in the world, making us a top tier target on the internet. Security is core to our mission and has been a key competitive differentiator for us as we scale worldwide. Essential to scaling is building and running a security compliance program that reflects how we protect the data and assets in our care, to open the doors with customers, regulators, auditors, and other external stakeholders. If you love working with fast moving companies to grow and scale security compliance engines and create positive change across the business, we'd like to speak with you about joining our team. Coinbase is looking for a Security Compliance Senior Analyst to drive the second line of defense IT SOX initiatives and help mature the IT SOX program. *What you'll be doing (ie. job duties):* * Lead Security and IT initiatives to support the SOX roadmap and advance program maturity * Assist with SOX planning activities, including scoping of IT systems and creating training material to owners in preparation for SOX audit * Lead security control gap assessments over SOX control environment, recommend remediation plans and track through completion * Assess SOX implications of new products, update relevant controls, and communicate requirements to product organization and other stakeholders * Provide ongoing reporting to stakeholders and leadership on above responsibilities and communicate progress and escalations management * Perform SOX audit and control impact analysis as a result of security and technology incidents and partner with owning teams on control uplift activities * Build close relationships with stakeholder teams including Security, IT, Infrastructure, Engineering, Data, and Finance to advise on SOX requirements and ensure excellence in control ownership * Create and improve SOX procedural documentation, including process documentation, data flow diagrams, and uplifting templates * Work closely with internal and external auditors to educate them about a complex technology control environment * Oversee quality of audit initiatives, identify and analyze process gaps, provide guidance and expertise to team members * Develop creative solutions to prove risk mitigation and solve for complex audit problems faced by the crypto industry * Identify opportunities to address systemic program challenges, recommend solutions and drive efficiency through AI and automation *What we look for in you (ie. job requirements):* * Minimum of 5+ years of security/IT compliance or equivalent experience * Strong knowledge and hands-on experience in Internal Controls over Financial Reporting, SOX 404 frameworks, and testing to support compliance * Prior experience at a big 4 accounting firm * Experience leading compliance initiatives from start to finish * Proven understanding and audit experience of cloud technologies, AWS preferred * Ability to effectively and autonomously accomplish outcomes across cross-functional teams in ambiguous situations with minimal supervision * Strong oral and written communication skills * Ability to multitask, direct cross functional work, and hold others accountable to committed deadlines in a fast paced environment * Ability to communicate with technical / non-technical stakeholders to align on shared outcomes * Experience in Financial services, Big Tech, or FinTech *Nice to haves:* * BA or BS in a technical field or equivalent experience * Security certifications e.g. CISA, CISSP, CISM or other relevant certifications * Experience auditing in Crypto space Position ID: P73675 \#LI-Remote *Pay Transparency Notice:* Depending on your work location, the target annual salary for this position can range as detailed below. Full time offers from Coinbase also include bonus eligibility + equity eligibility**+ benefits (including medical, dental, vision and 401(k)). Pay Range: $167,280-$196,800 USD Please be advised that each candidate may submit a maximum of four applications within any 30-day period. We encourage you to carefully evaluate how your skills and interests align with Coinbase's roles before applying. Commitment to Equal Opportunity Coinbase is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, sex, gender expression or identity, sexual orientation or any other basis protected by applicable law. Coinbase will also consider for employment qualified applicants with criminal histories in a manner consistent with applicable federal, state and local law. For US applicants, you may view the *********************************************** in certain locations, as required by law. Coinbase is also committed to providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please contact us at accommodations*********************************** *Global Data Privacy Notice for Job Candidates and Applicants* Depending on your location, the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) may regulate the way we manage the data of job applicants. Our full notice outlining how data will be processed as part of the application procedure for applicable locations is available ********************************************************** By submitting your application, you are agreeing to our use and processing of your data as required. *AI Disclosure* For select roles, Coinbase is piloting an AI tool based on machine learning technologies to conduct initial screening interviews to qualified applicants. The tool simulates realistic interview scenarios and engages in dynamic conversation. A human recruiter will review your interview responses, provided in the form of a voice recording and/or transcript, to assess them against the qualifications and characteristics outlined in the job description. For select roles, Coinbase is also piloting an AI interview intelligence platform to transcribe and summarize interview notes, allowing our interviewers to fully focus on you as the candidate. *The above pilots are for testing purposes and Coinbase will not use AI to make decisions impacting employment*. To request a reasonable accommodation due to disability, please contact accommodations[at]coinbase.com

We are looking for a Data Security Analyst for our long-term multiyear project out of Salt Lake City, Utah. Build software libraries and services to provide secure-by-default services to software engineering teams, including authentication systems, secure service architectures, endpoint control solutions, and cloud controls · Partner with colleagues from across engineering and risk to ensure an outstanding developer experience that satisfies the firm's security needs · Collaborate on feature design and problem solving · Help to provide frictionless integration with the firm's runtime, deployment and SDLC technologies · Manage the full lifecycle of software components, from requirements through design, testing, development, release and demise · Help to communicate and promote best practices for security engineering across the firm · Engage in production troubleshooting Basic Qualifications · A strong grounding in security concepts, including secure coding practices, trusted computing and principles of authentication and authorization · A good understanding of public key and symmetric key cryptography · The ability to reason about performance, security, and process interactions in complex distributed systems · Proficiency in designing, developing and testing cross-platform software in one or more of Java, Golang or C#; open to using multiple languages · Experience developing, deploying and supporting software across the full Continuous Delivery life-cycle · The ability to understand and effectively debug both new and existing software · Experience meeting demands for high availability, low latency and scale · The ability to communicate technical concepts effectively, both in writing and orally, as well as the interpersonal skills required to collaborate effectively with colleagues across diverse engineering teams Preferred Qualifications · An understanding of regulated environments, e.g. financial services · Experience building services using public cloud providers such as AWS, Azure or GCP · Experience with threat modeling and risk assessment · Experience of practical security engineering in a Linux and/or Windows environment · Familiarity with service mesh concepts and service-oriented architectures · Familiarity with data protection principles and solutions · Experience with deploying software to containerized environments - Kubernetes/Docker · Experience monitoring, measuring, auditing and supporting software · Scripting skills using Python, PowerShell or bash · Experience with Terraform or similar infrastructure-as-code platforms, as a user and/or as a service provider

Our Deloitte Cyber team understands the unique challenges and opportunities businesses face in cybersecurity. Join our team to deliver powerful solutions to help our clients navigate the ever-changing threat landscape. Through powerful solutions and managed services that simplify complexity, we enable our clients to operate with resilience, grow with confidence, and proactively manage to secure success. Recruiting for this role ends on 12/31/25 The team Our Cyber Defense & Resilience offering assists clients in defending against advanced threats by transforming security operations, monitoring technology, data analytics, and threat intelligence. Helps manage and protect dynamic attack surfaces and provides rapid crisis and cyber incident response, ensuring clients can be ready for, respond to, and recover from business disruptions. Work You'll Do + Lead the design and deployment of Next-Generation SOC platforms, like Cortex XSIAM, including advanced detection rules and SOAR playbooks, and SIEM ingestion. + Integrate diverse log and telemetry sources, ensuring data quality and normalization. + Develop and optimize automated response workflows for incident containment and remediation. + Advise clients on advanced use cases, threat detection, and automation strategies. + Collaborate with cross-functional teams for solution enhancements and threat intelligence integration. + Present technical findings and recommendations to stakeholders. Required Qualifications + BA/BS degree in a technical field (e.g., Computer Science, Cyber Security) + 4-6 years of progressively responsible experience in cloud, network, or identity security domains, demonstrating increasing levels of responsibility, technical depth, and leadership over time + 3-4 years of experience with Security Operations tools and platforms including Cortex XSIAM, Cortex XDR, Splunk, or similar SIEM technologies + 3-4 years of Security Operations Center experience demonstrating expertise in detection engineering, automation and playbook development, or SOC maturity methodologies + 3-4 years of experience with one or more cloud service providers (AWS, GCP, Azure) and native security tools + 3-4 years of experience with management of log sources, data normalization, ingestion and manipulation of data + 3-4 years of experience working with detection and response platforms (EDR) like Microsoft Defender, Cortex XDR, CrowdStrike + 3-4 years of experience with governance, risk, or compliance initiatives involving common frameworks + Certifications including Palo Alto Networks' PCNSE or Certified Cybersecurity Associate or equivalent and/or similar cybersecurity certifications + Ability to travel up to 50%, on average, based on the work you perform and the clients and industries/sectors you serve. + Limited immigration sponsorship may be available Preferred Qualifications + Experience with Palo Alto Networks' platform of solutions including, but not limited to, next-generation firewalls, Cortex & Prisma Cloud, and Prisma Access, XDR, etc. + Strong understanding of vendor competitive analysis within Security Operations (e.g., competitive differences between competing SIEM solutions) + Proficiency with advanced scripting, playbook development within a SIEM, SOAR or Security platform + Basic proficiency with network routing protocols (e.g., BGP, ECMP) and network architecture concepts (e.g., network segmentation), in support of on-premise and secure cloud infrastructure use cases + Ability to communicate and advise on solution design based on client use-cases, requirements, or other success criteria + Previous consulting or "Big 4" experience + Relevant advanced cybersecurity or related network engineering certifications (e.g., CISSP, CEH, CCSP) Information for applicants with a need for accommodation: ************************************************************************************************************ The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $102,500 - $188,900. You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.

Lightspeed is a leading provider of cloud-based software for dealerships and Original Equipment Manufacturers (OEMs), serving the Powersport, Marine, RV, Trailer, Outdoor Power Equipment, and Golf Cart industries. Lightspeed's Dealer Management Solution (DMS) enables dealerships to optimize their end-to-end business operations, including sales, parts, service, rentals, accounting, and Customer Relationship Management (CRM). When implemented into their daily operations, Lightspeed helps dealers increase their profitability by selling more units, service, and parts, all while creating a more streamlined experience for customers. For nearly 40 years, Lightspeed has been empowering 4,500+ dealers across North America with the tools and technology they need to manage their dealerships. The Senior Security Analyst is responsible for team lead activities, such as monitoring, analyzing, and responding to security incidents across enterprise systems, cloud environments, and networks. This role ensures the confidentiality, integrity, and availability of organizational information through proactive detection, incident response, and continuous improvement. The ideal candidate will have a strong technical background in leading threat analysis, SIEM integration and management, vulnerability management, and incident handling. What you'll do: Monitor and investigate security alerts and events across SIEM, EDR, and network systems. Conduct root cause analysis and coordinate remediation of security incidents. Lead vulnerability assessments and ensure timely patching and mitigation. Develop and maintain incident response playbooks and escalation procedures. Collaborate with IT, DevOps, and Development teams to strengthen overall security posture. Lead proactive threat hunting and continuous tuning of detection mechanisms. Support internal and external audits (e.g., SOC 2) and risk assessments by providing evidence and guidance. Perform firewall management, including rule changes, troubleshooting, and SOP development for hybrid cloud/on-prem environments. Lead to red/blue team exercises and implement findings to improve defenses. Coordinate and assist with enterprise pen-tests, risk assessments, and compliance initiatives. Serve as a lead security advisor to business and technical teams, providing guidance on secure design, risk mitigation, and compliance using industry frameworks and best practices. What you should have: Qualifications: Bachelor's degree in Cybersecurity, Information Technology, or a related field, or equivalent experience. 8+ years of experience in information security, incident response, or SOC operations. Proven hands-on experience with SIEM tools (Splunk, Sentinel, QRadar, etc.) and EDR/XDR platforms (CrowdStrike, Darktrace, Microsoft Defender). Strong experience securing and monitoring cloud environments (AWS, Azure). Deep knowledge of security frameworks (NIST CSF, ISO 27001, SOC 2). Advanced scripting and automation proficiency (Python, PowerShell, Terraform). Excellent analytical, problem-solving, and communication skills. Preferred Qualifications: Relevant certifications such as AWS Security, CISSP, GCIH, GCIA, GPEN, GWAPT preferred. Experience integrating AI and automation into security operations workflows. Hands-on experience performing dynamic application security testing and red team exercises across endpoint and cloud environments. Expert-level networking and firewall expertise with platforms such as Palo Alto, Cisco, or Checkpoint. Master's degree in Cybersecurity, Information Technology, or a related field. Inclusion and Diversity at Lightspeed: At Lightspeed, we celebrate the uniqueness of every individual and encourage diverse perspectives. We believe that inclusion drives innovation and fosters meaningful connections. We are committed to building an environment where everyone feels valued and empowered to make an impact. Equal Employment Opportunity Statement: Lightspeed is an Equal Opportunity Employer and is dedicated to building a diverse and inclusive workforce. All qualified applicants will be considered for employment without regard to race, color, creed, ancestry, national origin, gender, sexual orientation, gender identity, gender expression, marital status, religion, age, disability, veteran status, or any other protected category. Important Note: Applicants must be authorized to work in the U.S. Ready to apply? Take the next step in your career-apply today and join a team where your skills will make an impact!

Job DescriptionAt Veracity, we aim to be a different kind of insurance partner - one that is free from outside investors, venture capital, or the pressures of a corporate parent. Ours is a culture of empowerment - one that believes in effort, results, and accountability. We believe that transparency fosters trust, trust fosters growth, and that growth drives innovation. Our commitment to rigorous evaluation and relentless execution lead to rapid evolution. We answer only to the small business owners we serve, and this independence allows us to stay focused on what matters most: helping their businesses thrive by providing expert guidance and best-in-class insurance policies. We're growing fast and want you to be a part of it! We're seeking a talented, detail-oriented Information Security and Compliance Analyst to join our team. Reporting to the Technical Operations and Information Security Manager, this role is responsible for supporting the organization's cybersecurity posture by maintaining and enhancing security policies, controls, and monitoring systems, and ensuring compliance with frameworks such as SOC 2 and PCI DSS to protect company and client data. Key Responsibilities Strengthen the organization's cybersecurity posture by implementing, maintaining, and improving security policies, standards, and technical controls Monitor security tools and system activity to identify, investigate, and escalate potential threats or vulnerabilities Support vulnerability management, including performing scans, tracking remediation, and validating fixes Maintain accurate, audit-ready documentation and coordinate evidence collection for SOC 2, PCI DSS, and other compliance frameworks Support incident response processes, including triage, documentation, and post-incident follow-up Assist with user access reviews, control testing, risk assessments, and security awareness efforts Collaborate with IT, Engineering, and Compliance teams on secure configurations, remediation plans, and cross-functional security initiatives Participate in routine policy, procedure, and control reviews to ensure alignment with regulatory requirements and security best practices Maintain detailed logs and reports of security activities, metrics, and compliance obligations Identify opportunities to strengthen controls, streamline processes, and enhance overall security program maturity Required to perform other duties as requested, directed, or assigned Requirements and Qualifications Bachelor's degree in information systems, IT, Cybersecurity, or a related field 2-3 years of experience in security compliance, auditing, or governance (SOC 2 experience preferred) Strong integrity, attention to detail, and accountability in handling sensitive or regulated information Proactive problem-solving skills with the ability to anticipate and address risks effectively Strong collaboration and communication skills with experience working across technical and compliance teams Ability to remain composed and effective under pressure, including during audits and security incident Perks Health, dental, and vision plans Amazing work-life balance with 4 weeks of Paid Time Off 10 Paid Company Holidays with 2 floating holidays 401K Programs with employer match Personal assistance programs for support in a healthy personal and work life Why Veracity? Here at Veracity, you'll be part of a team of trailblazers and visionaries. We're not just revolutionizing the way people “do” insurance; we are creating a whole new paradigm. Here, you will experience a vibrant and inclusive workplace where your ideas matter! With us, you have a chance to: Engage in groundbreaking projects that are reshaping the insurance landscape Collaborate with a group of dedicated, like-minded professionals Experience a culture that prioritizes growth and development Compensation Range: $75k/yr - $85k/yr We are proud to be an equal-opportunity employer. We are committed to providing equal opportunities to all qualified applicants, regardless of race, color, religion, sex, national origin, disability, or any other legally protected characteristics. If you need accommodation, please let us know during the interview process. Powered by JazzHR tg FX77drAm

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. We are seeking a highly skilled and experienced Identity and Access Management (IAM) Engineer to join our team. In this pivotal role, you will be instrumental in designing, implementing, and managing IAM solutions that secure our enterprise applications and facilitate the secure, efficient, and seamless integration of identity and access systems in context of our rapid growth through Mergers and Acquisitions. You will ensure robust access controls, streamline user experiences, and maintain operational continuity across our diverse IT landscape. The ideal candidate will have deep technical expertise in modern IAM principles, protocols and products along with strong management and communication skills. **Responsibilities:** + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **M&A Integration Strategy & Execution:** Lead the planning, design, and execution of IAM integration strategies for M&A activities, ensuring alignment with overall business and security objectives. This includes assessing the IAM landscapes of merging entities to identify challenges and solutions. + **Identity System Merging & Consolidation:** Manage the complex process of merging disparate identity providers, user directories (e.g., Active Directory, Azure AD, LDAP), and access management systems from acquired companies into the existing infrastructure. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), Privileged Access Management (PAM), and Role-Based Access Control (RBAC) frameworks. + **Security & Compliance:** Ensure IAM systems and processes comply with regulatory requirements (e.g., GDPR, HIPAA, SOX) and internal security policies, providing auditable records of access activities. Protect against data breaches by ensuring only authorized personnel can access sensitive information. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Collaboration & Communication:** Coordinate cross-functional teams, including Information Security, IT Operations, HR, and Application Development, to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical stakeholders. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA, and privileged access management (PAM). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Experience with scripting languages (e.g., PowerShell, Python) for automation and integration. + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Understanding of DevOps practices. + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + **M&A Specific Skills:** Proven track record of managing complex integration projects, including assessing existing IAM capabilities, workflow, systems, and processes of acquired entities. Ability to navigate the complexities of integrating diverse identity infrastructures. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. + Adaptability to stay ahead of evolving IAM technologies and security threats. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

MetTel is a global communications solutions provider with the most complete suite of fully managed services that focus on secure connectivity, and network and mobility services. We simplify communications and networking for business and government agencies. Our customers include many of the Fortune 500, and Gartner recognizes us as an industry leader. We have the broadest portfolio of technology and integrated partnerships, as well as our private network, which we use to create tailored solutions design, deployment, and ongoing management, driving cost savings, efficiency, innovation, and the ability to focus on core objectives. We believe that each team member is a key to the success and sustainability of the group. In order to achieve this, we offer an environment where all professionals can grow and develop their skills and competencies, collaborate with diverse professionals, share knowledge and enjoy a rewarding career. <> We are looking for a highly motivated and experienced Senior Security Engineer to join our growing Security & Compliance team! Roles and Responsibilities: In this role, you will be responsible for implementing, managing, and optimizing security functions related to perimeter and access security, as well as providing support to security operation teams. ENGINEERS ONLY - This is not an Analyst role. Plan, implement and manage Enterprise cybersecurity access control technologies including multi-factor authentication, single sign-on, radius, and TACACS. Configure and manage EDR and/or XDR, host-based firewalls. Manage public key infrastructure (PKI) systems. Configure, manage and optimize network firewalls, network intrusion detection and prevention system (IDS/IPS), virtualized firewalls. Implement and operate DMZs, web application firewalls, reverse and forward proxies. Configure security logging, establish logging baselines for security events and assist in implementation of security event detection through SIEM. SIEM Management, upgrade and patching. Perform vulnerability remediation within established timeline. Perform secure design reviews of new and existing systems and applications. Proven ability to work independently, lead projects with precision and accountability, and deliver results within established deadlines. Develop security procedures for implementation of security controls based on NIST 800-53 Risk Management Framework. Desired Skills and Experience: Bachelor's degree in computer science. (Computer Security/Information Security degree preferred), in lieu of a degree, additional experience will be considered. A minimum of 8+ years of experience in a Security Engineer role or similar. Knowledge of Authentication, End Point Security, Network Security, Identity and Access Management solutions. Knowledge of and experience with intrusion detection/prevention systems and SIEM software. Experience analyzing network and host-based security events. Familiarity with network security architectures, including DMZs, VPNs, and segmentation. Strong understanding of information security principles and best practices. Experience with incident and change management. Knowledge of incident response life cycle and steps. Knowledge of TCP/IP protocols, network analysis, and network/security applications. Additional criteria: Ability to work onsite at one of our office locations (Washington DC, Salt Lake City, Utah, New York City, Holmdel, New Jersey) Relevant certifications (e.g., CISA, CISSP, CRISC, F5, Cisco, Fortinet, Splunk) are a plus. Knowledge of: Strong Authentication, End Point Security, Internet Policy Enforcement, Firewalls, Web Content Filtering, Database Activity Monitoring (DAM), Public Key Infrastructure (PKI), Data Loss Prevention (DLP), Identity and Access Management (IAM) solutions Occasional travel required Keywords: Network Security Engineer, #NetworkSecurityEngineer, #Network, #Security, #SIEM, #CISA, #EDR, #XDR, LinkedIn, Telecommunications, #TelecommunicationJobs, Verizon, T-Mobile, Network Security, #NetworkSecurity, ATT, Cybersecurity, #SaltLakeCity, #NetworkSecurityJobsNearMe, Indeed, Google, Network Services MetTel is an Equal Opportunity Employer and considers applicants for all positions without regard to race, color, religion or belief, sex, age, national origin, citizenship status, marital status, military/veteran status, genetic information, sexual orientation, gender identity, physical or mental disability or any other characteristic protected by applicable laws. To learn more about our company visit us at **************

Salt Lake City Utah Exp 2-5 yrs Deg Bachelors Relo Bonus Occasional Travel Job Description • Mobile application development using Java running on Android, with special emphasis on security system integration and monitoring features. • Working in a fast-pace environment with a cross-functional group of HW, FW, SW engineers. • Working within the agile SW development model, using Scrum methodology. ITEMIZED DESCRIPTION OF DUTIES: • Android application development on multiple devices, screen sizes and layouts. • Research, development and debugging of security areas of home control application. • Develop and coordinate design tasks and schedules with the cross functional design teams. • Branching and merging of code using a modern source code repository. • Conduct cross functional design reviews, develop and conduct validation testing routines needed to insure highly reliable best in class quality products. • Participate in the development processing and scheduling for predictable and accurate on time delivery of products. NEEDED SKILLS AND EXPERIENCE: • Android development in Java. • C++ development and accessing via JNI. • Debugging and testing, including unit testing, of your own code. • Video streaming experience is desirable. • Experience with embedded scripting languages is desirable. Bonus for Lua experience. • Experience with other mobile platforms, specifically iOS, is a plus. MINIMUM QUALIFICATIONS: • Bachelor's degree in computer science or computer engineering. • 2 years Android application development Additional Information All your information will be kept confidential according to EEO guidelines. Direct Staffing Inc

Who We Are Legato Security is an information security firm founded upon the belief that every organization has the right to keep its data private and secure. Our mission is to build close partnerships with our clients, serving them not as just a vendor, but as trusted advisors helping to build effective, proactive plans. Our focus is always on both the technical and human elements within an organization. We believe in comprehensive strategies designed to harden networks, deflect attackers, and rapidly recover from any accidents. As technology progresses, so do our tactics, ensuring our experts are always prepared to serve forward-looking leaders eager to stay ahead of emerging threats. Position Overview Legato Security is seeking a Security Engineer to join our MSSP engineering team with a primary focus on Microsoft 365 security engineering. You will lead and support security configuration and management across Entra ID (Azure AD), Intune, Conditional Access, and the Microsoft Defender suite, while also operating and optimizing SIEM, EDR, and Email Security platforms for our customers. You will mentor junior team members, collaborate directly with clients, and drive continuous improvement in reliability, visibility, and detection outcomes. Specific Job Responsibilities Design, implement, and maintain secure configurations across Entra ID (Identity Protection, MFA, Conditional Access, PIM), Intune (device compliance, configuration profiles, app protection, endpoint security baselines), and Microsoft 365 Defender (Defender for Endpoint/Identity/Office 365; DLP) to reduce risk and improve posture. Perform tenant health reviews, roadmap recommendations, and architecture guidance aligned to best practices. Independently resolve complex platform issues; escalate critical problems with comprehensive analysis. Develop and refine queries, dashboards, and reports across various SIEM and EDR solutions to improve visibility and meet customer requests. Manage log source onboarding and tuning, parser normalization, licensing and ingestion health to maintain accuracy and performance. Administer updates, patches, and configurations on managed security systems. Manage and optimize RBAC with least privilege and auditing; maintain separation of duties. Perform monthly health checks to validate uptime, data quality, and control effectiveness; proactively remediate issues. Provide actionable recommendations on security configurations; act as a trusted advisor to clients. Work client requests end-to-end in the ticketing system, populating required fields, documenting findings, linking related tickets, and closing issues promptly. Ensure all activities comply with organizational policies and regulatory requirements (e.g., CMMC, GDPR, HIPAA, PCI-DSS). Contribute to cross-functional projects; stay current with emerging threats, technologies, and compliance standards; implement security best practices. Qualifications Required Qualifications: Bachelor's degree (or equivalent experience) in cybersecurity, information technology, computer science, or a related field. Hands-on administration of Microsoft 365 security: Entra ID (Azure AD), Intune, Conditional Access, and Microsoft Defender products (Endpoint, Identity, Office 365). Proven experience administering SIEM, EDR, and email security solutions in an MSSP or enterprise environment. Ability to create complex queries, detections, dashboards, and reports in SIEM/EDR solutions. Strong troubleshooting skills for agent issues and policy configurations at both global and local levels. Proficiency across Windows, Unix/Linux, and mac OS operating environments. Scripting familiarity with PowerShell, Python or Bash. Strong knowledge of firewalls/UTMs, IDS/IPS, VPNs; excellent log analysis capabilities. Preferred Qualifications: Microsoft security certifications (e.g., SC-300, SC-200, AZ-500, MD-102) or equivalent. Experience administering Splunk Enterprise and Splunk Cloud (content management, data onboarding, search head/indexer administration, basic performance tuning). Experience with Cribl (e.g., Cribl Stream) or similar observability pipelines. Vendor-specific certifications such as Sumo Logic Cloud SIEM Administrator, CrowdStrike CCFA/CCFR/CCFH, Google Associate Cloud Engineer, Microsoft Azure Security Engineer Associate, AWS Cloud Practitioner. Strong written and verbal communication skills with direct client-facing experience. Perks · Start-up company in a growth phase with opportunity for advancement based on performance · Start-up culture with an office in downtown Salt Lake City, UT · Competitive medical and dental benefits for employee and family members · Other company-provided benefits such as short-term disability, basic life insurance, children's orthodontia, with additional voluntary benefits available, and 401K match · Flexible Paid Time Off policy · Professional Development opportunities specific to role

Bookmark this Posting Print Preview | Apply for this Job Please see Special Instructions for more details. About UIT: University Information Technology (UIT), the central IT service provider for the University of Utah, reports to the U's Chief Information Officer and is responsible for many of the U's shared IT services including the wired and wireless network; Campus Information Services (CIS) portal; UMail, telephone, and online collaboration; digital learning technologies; information security; software licensing; and a host of other IT systems and services. About the University of Utah: Located in Salt Lake City, the U is the flagship institution of the State of Utah's system of higher education, home to arts and museum venues and a member of the BIG-12 Conference. Skiing and snowboarding opportunities are a short distance from campus, and opportunities to pursue activities from biking to hiking to fishing abound. Salt Lake City is home to the Utah Symphony and Opera, Ballet West, professional sports teams, and a wide range of other cultural and recreational activities. The University of Utah offers a comprehensive benefits package for eligible employees including: * Excellent health, dental, and wellness coverage at affordable rates * 14.2% retirement contributions * Generous paid leave time * 11 paid holidays per year * 50% tuition reduction for employees after completing probationary period, and spouse, and dependent children after three years * Flex spending accounts * Free transit on most UTA services * Employee discounts on a variety of products and services including cell phones & plans, entertainment, health and fitness, restaurants, retail, and travel * Professional development opportunities * A wellness program to promote health and quality of life * Learn more about the great benefits of working for University of Utah: benefits.utah.edu For more information regarding how our salary and benefit offerings impact the overall compensation here at the University of Utah, please see our Total Compensation Calculator: ****************************************** Announcement Details Open Date 12/15/2025 Requisition Number PRN43780B Job Title Information Security Analysts Working Title Information Security Analysts Career Progression Track P00 Track Level P5 - Expert, P4 - Advanced, P3 - Career FLSA Code Computer Employee Patient Sensitive Job Code? No Standard Hours per Week 40 Full Time or Part Time? Full Time Shift Day Work Schedule Summary Monday - Friday, 8:00 AM - 5:00 PM. Some nights or weekends are possible based on a rotating on call shift. This is a hybrid position. VP Area President Department 00954 - UIT Systems & Security Location Campus City Salt Lake City, UT Type of Recruitment External Posting Pay Rate Range $88,000 - $131,300 Close Date 02/28/2026 Priority Review Date (Note - Posting may close at any time) Job Summary Information Security Analysts The incumbent will play a critical role in safeguarding regulated data across the enterprise by monitoring and analyzing the organization's data security posture. This position focuses on configuring Data Security Posture Management (DSPM) settings and policies, interpreting results, creating reports, identifying risks, and ensuring compliance. The analyst will take a risk-based approach to assess and remediate issues related to unauthorized storage or transmission of regulated data across cloud and on-premise environments. Learn more about the great benefits of working for University of Utah: benefits.utah.edu The department may choose to hire at any of the below job levels and associated pay rates based on their business need and budget. Responsibilities Data Security Monitoring * Review and analyze DSPM tool outputs to identify misconfigurations, unauthorized data flows, and storage of regulated data in non-approved locations. * Monitor the movement of sensitive data across cloud and on-prem systems, ensuring compliance with internal policies and regulatory requirements. Risk Assessment & Governance * Apply a risk-based methodology to prioritize remediation efforts. * Maintain applicable risk register entries and document findings for governance reporting. Collaboration * Partner with the Enterprise Security team to validate technical controls. * Work closely with the Chief Data Officer and Privacy Office to align DSPM findings with data governance and privacy requirements. Compliance & Policy Alignment * Ensure adherence to frameworks such as NIST CSF, CIS 18, and other applicable regulations (e.g., HIPAA, FERPA, etc. etc.). * Support audits and compliance reviews by providing DSPM-related evidence. Reporting & Communication * Prepare dashboards and reports for leadership summarizing DSPM findings, trends, and risk posture. * Communicate actionable insights to stakeholders in clear, business-focused language. Minimum Qualifications EQUIVALENCY STATEMENT: 1 year of higher education can be substituted for 1 year of directly related work experience (Example: bachelor's degree = 4 years of directly related work experience). Department may hire employee at one of the following job levels: Information Security Analyst, III: Requires a bachelor's (or equivalency) + 6 years or a master's (or equivalency) + 4 years of directly related work experience. Information Security Analyst, IV: Requires a bachelor's (or equivalency) + 8 years or a master's (or equivalency) + 6 years of directly related work experience. Information Security Analyst, V: Requires a bachelor's (or equivalency) + 10 years or a master's (or equivalency) + 8 years of directly related work experience. Preferences Certifications such as CISSP, CRISC, or equivalent. Master's degree in information security or another relevant field. Experience with a DSPM tool. 3+ years that are specifically tied to GRC experience. Type Benefited Staff Special Instructions Summary About UIT: University Information Technology (UIT), the central IT service provider for the University of Utah, reports to the U's Chief Information Officer and is responsible for many of the U's shared IT services including the wired and wireless network; Campus Information Services (CIS) portal; UMail, telephone, and online collaboration; digital learning technologies; information security; software licensing; and a host of other IT systems and services. About the University of Utah: Located in Salt Lake City, the U is the flagship institution of the State of Utah's system of higher education, home to arts and museum venues and a member of the BIG-12 Conference. Skiing and snowboarding opportunities are a short distance from campus, and opportunities to pursue activities from biking to hiking to fishing abound. Salt Lake City is home to the Utah Symphony and Opera, Ballet West, professional sports teams, and a wide range of other cultural and recreational activities. The University of Utah offers a comprehensive benefits package for eligible employees including: * Excellent health, dental, and wellness coverage at affordable rates * 14.2% retirement contributions * Generous paid leave time * 11 paid holidays per year * 50% tuition reduction for employees after completing probationary period, and spouse, and dependent children after three years * Flex spending accounts * Free transit on most UTA services * Employee discounts on a variety of products and services including cell phones & plans, entertainment, health and fitness, restaurants, retail, and travel * Professional development opportunities * A wellness program to promote health and quality of life * Learn more about the great benefits of working for University of Utah: benefits.utah.edu For more information regarding how our salary and benefit offerings impact the overall compensation here at the University of Utah, please see our Total Compensation Calculator: ****************************************** Additional Information The University of Utah values candidates who have experience working in settings with students from diverse backgrounds and possess a strong commitment to improving access to higher education for historically underrepresented students. Individuals from historically underrepresented groups, such as minorities, women, qualified persons with disabilities and protected veterans are encouraged to apply. Veterans' preference is extended to qualified applicants, upon request and consistent with University policy and Utah state law. Upon request, reasonable accommodations in the application process will be provided to individuals with disabilities. The University of Utah is an Affirmative Action/Equal Opportunity employer and does not discriminate based upon race, ethnicity, color, religion, national origin, age, disability, sex, sexual orientation, gender, gender identity, gender expression, pregnancy, pregnancy-related conditions, genetic information, or protected veteran's status. The University does not discriminate on the basis of sex in the education program or activity that it operates, as required by Title IX and 34 CFR part 106. The requirement not to discriminate in education programs or activities extends to admission and employment. Inquiries about the application of Title IX and its regulations may be referred to the Title IX Coordinator, to the Department of Education, Office for Civil Rights, or both. To request a reasonable accommodation for a disability or if you or someone you know has experienced discrimination or sexual misconduct including sexual harassment, you may contact the Director/Title IX Coordinator in the Office of Equal Opportunity and Affirmative Action: Director/ Title IX Coordinator Office of Equal Opportunity and Affirmative Action (OEO/AA) 383 University Street, Level 1 OEO Suite Salt Lake City, UT 84112 ************ ************ Online reports may be submitted at oeo.utah.edu For more information: *************************************** To inquire about this posting, email: ******************* or call ************. The University is a participating employer with Utah Retirement Systems ("URS"). Eligible new hires with prior URS service, may elect to enroll in URS if they make the election before they become eligible for retirement (usually the first day of work). Contact Human Resources at ************** for information. Individuals who previously retired and are receiving monthly retirement benefits from URS are subject to URS' post-retirement rules and restrictions. Please contact Utah Retirement Systems at ************** or ************** or University Human Resource Management at ************** if you have questions regarding the post-retirement rules. This position may require the successful completion of a criminal background check and/or drug screen. ************************************ This report includes statistics about criminal offenses, hate crimes, arrests and referrals for disciplinary action, and Violence Against Women Act offenses. They also provide information about safety and security-related services offered by the University of Utah. A paper copy can be obtained by request at the Department of Public Safety located at 1658 East 500 South. Posting Specific Questions Required fields are indicated with an asterisk (*). * * What is your highest level of completed education? * None * High School Diploma or Equivalent * Associate Degree * Bachelor's Degree * Master's Degree * Doctorate Degree * * How many years of related work experience do you have? * Less than 6 years * 6 years or more, but less than 9 years * 9 years or more, but less than 12 years * 12 years or more, but less than 15 years * 15 years or more Applicant Documents Required Documents * Resume * Cover Letter * List of References Optional Documents

Job Description Please Note: This is a Utah-based hybrid position which will require some regular in-office days each week. Additionally, employment with BambooHR is contingent on passing both a background and credit check. Essential Job Duties We're seeking a Security Engineer at BambooHR, who will be responsible for designing, implementing, and maintaining security measures to protect our systems, networks, and data from unauthorized access and cyberattacks. You will work closely with cross-functional teams to assess vulnerabilities, develop robust security architectures, and provide expert guidance on best practices in cybersecurity. You will: Security Architecture Design: Collaborate with other teams to design and implement robust security architectures for systems, networks, and applications. Conduct security reviews and assessments to identify vulnerabilities and propose effective mitigation strategies. Security Operations: Lead incident response efforts, investigating and resolving security incidents in a timely manner. Monitor and analyze security alerts, conduct regular security assessments, and implement continuous improvement initiatives. Risk Management: Evaluate and prioritize security risks, and develop strategies to mitigate those risks. Work with stakeholders to ensure that security measures align with business objectives while maintaining a strong security posture. Security Policies and Compliance: Develop and enforce security policies, procedures, and standards. Ensure compliance with relevant regulatory requirements and industry best practices Security Awareness and Training: Provide training and awareness programs to educate employees on security best practices. Stay current with industry trends and emerging threats to continuously enhance the organization's security posture. Collaboration and Leadership: Collaborate with cross-functional teams, including IT, development, and operations, to integrate security measures into the development and operational processes. Mentor and provide guidance to junior security team members. Automation and AI: Drive automation initiatives for security tasks to streamline workflows. What You Need to Get the Job Done Bachelor's degree in Computer Science, Information Security, or a related field. 4 years of experience in a security engineering role, with a focus on designing and implementing security solutions. Hands-on experience securing modern cloud infrastructure, including AWS, Kubernetes, Infrastructure as Code (IaC), and CI/CD pipelines. Solid understanding of networking protocols, information security concepts, and security best practices. Experience with security tools and technologies, such as SIEM, IDS/IPS, firewalls, and endpoint protection. Excellent communication and interpersonal skills, with the ability to convey complex security concepts to non-technical stakeholders. Ability to lead and drive security initiatives in a collaborative and fast-paced environment. Professional certifications such as CISSP, CISM, or equivalent are desirable. "AI/Automation First" Mindset: Experience identifying opportunities and implementing automated solutions. AI at BambooHR: At BambooHR, we believe in leveraging cutting-edge technology to empower people and transform HR. We're actively integrating AI into our solutions and workflows to enhance efficiency and drive innovation. To that end, we're looking to our existing team members and future hires to share this forward-thinking mindset: individuals who are curious about AI's potential, eager to learn and adapt, and ready to explore how intelligent tools can elevate their work along with BambooHR's impact on setting people free to do great work. Join us in reimagining the future of HR! What You'll Love About Us A Great Company Culture that has been recognized by multiple organizations like Inc, and Salt Lake Tribune Comprehensive health, life, and disability insurance Generous leave policies that include 4 weeks of vacation, 12 company holidays, parental leave, and volunteer time off so you can enjoy quality of life 401k plans with up to 6% company match $2000 Paid-Paid Vacation bonus EAP through Headspace Check out all our benefits that benefit you About Us At BambooHR, we're building something different: we're building a people intelligence platform that transforms HR and sets people free to do great work! We're a proven market leader driving innovation while building lasting success through thoughtful, sustainable growth. Here, you'll find a place that champions growth: both professional and personal, both individual and collective. We invest in potential, giving you the space to stretch your capabilities and turn good ideas into reality while providing the safety net of a supportive, values-driven culture. Our approach combines meaningful work with meaningful lives, offering competitive benefits, professional development, and the flexibility to thrive both in and outside the office. What sets us apart isn't just what we do, but how we do it: with openness, integrity, and a shared commitment to doing the right thing. Join us in creating HR software that makes work better for everyone, while we make work better for you. BambooHR is committed to the full inclusion of all qualified individuals and will ensure that persons with disabilities are provided reasonable accommodations throughout the hiring process. If you would like to request accommodations, please let your recruiter know. BambooHR is An Equal Opportunity Employer--M/F/D/V Because our team members are trusted to handle sensitive information, we require all candidates that receive and accept employment offers to complete a background check before being hired. For information on California Privacy Policy, click here. Our process utilizes AI as an assistant to efficiently process and analyze candidate data. Recruiters and hiring managers maintain full oversight and accountability, ensuring that all final selection and rejection decisions are human-made and based solely on objective job qualifications. Please see our General Privacy Notice and California Privacy Notice for more details. See our AI Guidelines for Candidates for details on how BambooHR uses AI in recruiting, how we expect candidates to use AI, and what is not allowed.

About GoodLeap:GoodLeap is a technology company delivering best-in-class financing and software products for sustainable solutions, from solar panels and batteries to energy-efficient HVAC, heat pumps, roofing, windows, and more. Over 1 million homeowners have benefited from our simple, fast, and frictionless technology that makes the adoption of these products more affordable, accessible, and easier to understand. Thousands of professionals deploying home efficiency and solar solutions rely on GoodLeap's proprietary, AI-powered applications and developer tools to drive more transparent customer communication, deeper business intelligence, and streamlined payment and operations. Our platform has led to more than $30 billion in financing for sustainable solutions since 2018. GoodLeap is also proud to support our award-winning nonprofit, GivePower, which is building and deploying life-saving water and clean electricity systems, changing the lives of more than 1.6 million people across Africa, Asia, and South America. Position Summary The GoodLeap security team is responsible for both business enablement and safeguarding the organization's information assets; it is involved in virtually all aspects of the business, from product safety and resilience, to building security paved roads, customer, partner, and regulatory trust, managing technology governance and compliance, and ensuring the privacy, and safety of GoodLeap's customers, partners, and employees information. The senior security engineer role provides a unique opportunity to shape the security and resilience of GoodLeap corporate systems, services, and operational processes. In this role, you will work closely with product, engineering, IT, and business teams within GoodLeap, acting as the key individual with both the authority and responsibility to ensure the safety and resilience of enterprise systems, products, and services. Your oversight will encompass: - Enterprise systems:Identifying potential misuse and abuse cases, proposing solutions to address these scenarios, and identifying product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. - Build-time controls: Managing applications/products security controls and activities during development. - Runtime controls: Overseeing security measures at runtime, from prevention to detection and response. Additionally, you will be involved with aspects of internally built products and represent all areas of security, spanning governance, risk, and compliance (GRC) to security monitoring, for a number of departments/teams. You will also have the authority and ability to involve other security team members as needed. While you will take on multiple responsibilities-from advisor to builder and beyond-your primary focus will be designing and building security patterns and practices for services and processes, and fostering strong relationships with product, business, and engineering. Essential Job Duties & Responsibilities Lead, participate in, and contribute to partnerships between security, IT, General & Administrative teams, engineering, product, and operations teams to build, orchestrate, and automate security controls and services in GoodLeap enterprise systems, products, services, and operational processes. Identify potential misuse and abuse cases in enterprise systems, propose solutions to address these scenarios, and identify product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. Support or develop components of the security analytics platform. Contribute to investigations, threat hunting, and incident response activities in a supporting role. Collaborate with the monitoring and response team to create playbooks for specific incident response scenarios related to the products and services you oversee. These investigations, incidents, and playbooks may address security, fraud, privacy, resilience, and related concerns. Support the security operations team with the vulnerability management lifecycle for products and services under your purview. Ensure technical alignment for the products and services you oversee with team initiatives, including GRC, security operations, and monitoring and response activities. Required Skills, Knowledge & Abilities Strong communicator with the ability to lead technical architecture discussions, drive technical decisions, and effectively communicate with non-technical audiences. Expertise in agile product lifecycles. Ideally, you have experience in a product manager or engineering manager role and understand how SaaS products (B2B, B2B2C, and B2C) are built, including roadmap planning and feature and defect prioritization. Experience with threat modeling methodologies, with the ability to create efficient and scalable approaches to conducting such assessments. Familiarity with AWS services, including KMS, SST, Container Registry, ELBs, Lambda, API Gateway, CloudTrail, and IAM (knowledge of GCP and/or Azure is a plus). Proven ability to establish credibility and build trust with business, engineers, and operational staff; confident yet humble. Hands-on experience with managing security for core enterprise systems, e.g., ERP, HCM, Salesforce, etc. Strong understanding of both human and non-human identity management and common enterprise and consumer authentication standards and use cases. Practical experience with CI/CD pipelines and DevOps tools, including Infrastructure-as-Code (IaC) tools like Terraform, Pulumi, or CDK; GitHub and GitHub Actions; artifact management; and secrets management tools like Doppler and HashiCorp Vault. Passionate about learning new technologies. While you're not expected to know everything, you should demonstrate a willingness and ability to learn as needed. Prior experience interfacing and supporting with G&A teams, internal product teams, and other cross-functional areas. Proficiency in writing automation scripts in multiple languages, with prior experience automating security processes in cloud or SaaS environments. Experience engaging with vendors in design partnerships. Experience overseeing vulnerability and threat management at the platform and application levels. Familiarity with penetration testing and red team exercises, including manual verification, exploitation, and lateral movement. Ability to balance a high-level view of security strategy with attention to detail, ensuring thorough and effective execution. Additional Information Regarding Job Duties and s: Job duties include additional responsibilities as assigned by one's supervisor or other managers related to the position/department. This job description is meant to describe the general nature and level of work being performed; it is not intended to be construed as an exhaustive list of all responsibilities, duties and other skills required for the position. The Company reserves the right at any time with or without notice to alter or change job responsibilities, reassign or transfer job position or assign additional job responsibilities, subject to applicable law. The Company shall provide reasonable accommodations of known disabilities to enable a qualified applicant or employee to apply for employment, perform the essential functions of the job, or enjoy the benefits and privileges of employment as required by the law. If you are an extraordinary professional who thrives in a collaborative work culture and values a rewarding career, then we want to work with you! Apply today! We are committed to protecting your privacy. To learn more about how we collect, use, and safeguard your personal information during the application process, please review our Employment Privacy Policy and Recruiting Policy on AI.

About Us: We are the leader in human-centric cybersecurity. Half a million customers, including 87 of the Fortune 100, rely on Proofpoint to protect their organizations. We're driven by a mission to stay ahead of bad actors and safeguard the digital world. Join us in our pursuit to defend data and protect people. How We Work: At Proofpoint, you'll be part of a global team that breaks barriers to redefine cybersecurity, guided by our BRAVE core values: Bold in how we dream and innovate, Responsive to feedback, challenges, and opportunities, Accountable for results and best-in-class outcomes, Visionary in future-focused problem-solving, Exceptional in execution and impact. Corporate Overview Proofpoint is a leading cybersecurity company protecting organizations' greatest assets and biggest risks: vulnerabilities in people. With an integrated suite of cloud-based solutions, Proofpoint helps companies around the world stop targeted threats, safeguard their data, and make their users more resilient against cyber-attacks. Leading organizations of all sizes, including more than half of the Fortune 1000, rely on Proofpoint for people-centric security and compliance solutions mitigating their most critical risks across email, the cloud, social media, and the web. We are singularly devoted to helping our customers protect their greatest assets and biggest security risk: their people. That's why we're a leader in next-generation cybersecurity. Protection Starts with People. The Role We are looking for a seasoned Staff Product Security Engineer to lead and advance our product and application security initiatives. This role demands deep technical expertise across all facets of product security and secure software development, including significant experience working in FedRAMP-compliant environments. The ideal candidate will be hands-on, strategic, and serve as a security champion across product engineering teams. Based in Draper Utah, this key role will drive key product and application security initiatives for Proofpoint Product portfolio. Key Responsibilities Product Security Leadership: Define and implement product and application security strategies throughout the SDLC. Security Architecture & Design: Collaborate with product and engineering teams to design secure architectures for web, mobile, and cloud-based applications. Secure Development: Integrate security best practices into CI/CD pipelines, promote secure coding practices, and conduct code reviews and threat modeling sessions. Security Assessments: Lead and perform penetration testing, static/dynamic code analysis, and security reviews for internally developed and third-party applications. FedRAMP Compliance: Ensure security controls align with FedRAMP Moderate or High baselines and provide security documentation and support for FedRAMP audits and continuous monitoring. Tooling & Automation: Develop and maintain automated security testing tools, workflows, and integrations to scale security across product teams. Security Incident Response: Assist in investigation and remediation of security incidents related to products and applications. Support Security Compliance Initiatives: Support various Compliance initiatives such as SOC2, ISO27001 Mentorship & Advocacy: Educate engineers on secure development practices, influence engineering culture, and act as a liaison between security and engineering teams. What You Bring Experience: 8+ years in Cloud security engineering with a focus on application/product security; experience in FedRAMP-authorized environments is required. Technical Expertise: Deep understanding of OWASP Top 10, secure coding, threat modeling, authentication/authorization, cryptography, and cloud-native application security. Compliance Knowledge: Strong grasp of FedRAMP, NIST 800-53, and other regulatory frameworks. Experience with Data Governance and Securing AI applications desirable. Certifications: CISSP, CSSLP, GWAPT, or equivalent are a plus. Tools & Languages: Experience with tools like SAST/DAST, SCA, container security, and languages like Python, Java, JavaScript, or Go. Soft Skills: Strong communication and collaboration skills with the ability to drive cross-functional initiatives. US Citizen required. Why Proofpoint Protecting people is at the heart of our award-winning lineup of cybersecurity solutions, and the people who work here are the key to our success. We're a customer-focused and a driven-to-win organization with leading-edge products. We are an inclusive, diverse, multinational company that believes in culture fit, but more importantly ‘culture-add', and we strongly encourage people from all walks of life to apply. We believe in hiring the best and the brightest to help cultivate our culture of collaboration and appreciation. Apply today and explore your future at Proofpoint! #LifeAtPFPT #LI-AN1 Why Proofpoint? At Proofpoint, we believe that an exceptional career experience includes a comprehensive compensation and benefits package. Here are just a few reasons you'll love working with us: • Competitive compensation • Comprehensive benefits • Learning & Development: We are committed to the growth and development of our team members, offering a range of programs including leadership and professional development workshops, stretch project assignments, and mentoring opportunities to help employees reach their full potential. • Flexible work environment: [Remote options, hybrid schedules, flexible hours, etc.]. • Annual wellness and community outreach days • Always on recognition for your contributions • Global collaboration and networking opportunities Our Culture: Our culture is rooted in values that inspire belonging, empower purpose and drive success-every day, for everyone. We encourage applications from individuals of all backgrounds, experiences, and perspectives. If you need accommodation during the application or interview process, please reach out to accessibility@proofpoint.com. How to Apply Interested? Submit your application here ********************************************** We can't wait to hear from you! Consistent with Proofpoint values and applicable law, we provide the following information to promote pay transparency and equity. Our compensation reflects the cost of labor across several U.S. geographic markets, and we pay differently based on those defined markets as set out below. Pay within these ranges varies and depends on job-related knowledge, skills, and experience. The actual offer will be based on the individual candidate. The range provided may represent a candidate range and may not reflect the full range for an individual tenured employee. This role may be eligible for variable compensation and/or equity. We offer a competitive benefits package, including flexible time off, a comprehensive well-being program with two paid Wellbeing Days and two paid Volunteer Days per year, plus a three-week Work from Anywhere option. Base Pay Ranges: SF Bay Area, New York City Metro Area: Base Pay Range: 182,175.00 - 267,190.00 USD California (excludes SF Bay Area), Colorado, Connecticut, Illinois, Washington DC Metro, Maryland, Massachusetts, New Jersey, Texas, Washington, Virginia, and Alaska: Base Pay Range: 146,550.00 - 214,940.00 USD All other cities and states excluding those listed above: Base Pay Range: 132,975.00 - 195,030.00 USD