Cyber security analyst jobs in East Northport, NY - 23 jobs

We invite you to review our current business services professionals openings to learn about the opportunities available across the firm. About Us Skadden, Arps, Slate, Meagher & Flom LLP has forged a reputation as one of the most prestigious law firms in the world. Relying on innovation, intellect, teamwork and tenacity, our lawyers deliver the highest quality advice and novel solutions to our clients' legal issues. We are known for handling the most complex transactions, litigation/controversy issues, and regulatory matters, as well as for the strong partnerships we build with clients and each other. Our attorneys, who reflect a broad range of experiences and perspectives, work together seamlessly across 50-plus practices and 21 offices in the world's major financial centers. The Opportunity We are seeking two Network Security Analysts to join our Firm. These positions will be based in our White Plains office (hybrid), and please note the roles have different shift times, listed below. The Network Security Analysts are responsible for implementing and supporting network security solutions for the Firm and, implementing and enforcing practical solutions to secure the Firm's internal and external network infrastructure. Available Shift Times (EST- Hybrid) 1.) Saturday - Sunday: 7:00 a.m. - 8:00 p.m. EST & Monday 7:00 a.m. - 7:00 p.m. 2.) Monday - Friday: 2:00 p.m. - 10:00 p.m. Note: The scheduled hours listed may be flexible and will be discussed during the interview process. Responsibilities Performs daily review of automated security reports and escalate as necessary. Responds to system generated security alerts and coordinate responses. Assists with internal audits, vulnerability scans and risk assessments. Assists with annual penetration testing, review of findings and tracking issue resolution. Participates in evaluating new technologies or new versions of existing products. Works with project teams to implement secure network connectivity solutions. Writes and maintains technical documentation including procedures and troubleshooting guides. Demonstrates effective interpersonal, written and verbal communication skills to facilitate effective work relationships with others. Manages Firm resources responsibly. Complies with and understands Firm operation, policies and procedures. Performs other related duties as assigned. Qualifications Knowledge of relevant firm computer software programs (e.g., Outlook, Excel, PowerPoint), with the ability to learn new software and operating systems Proficient with Access, Project and Visio Thorough knowledge of network management and security technologies and approaches Thorough knowledge of security techniques, latest protocols and defenses Proficient with Microsoft Active Directory and Operating Systems Basic ability to program scripts and batch files Demonstrates effective interpersonal and communication skills, both verbally and in writing Demonstrates close attention to detail Excellent analytical, troubleshooting, organizational, and planning skills Ability to handle multiple projects and shifting priorities Ability to handle sensitive matters and maintain confidentiality Ability to organize and prioritize work Ability to work well in a demanding and fast-paced environment Ability to work well independently as well as effectively within a team Ability to use discretion and exercise independent and sound judgment Flexibility to adjust hours and work the hours necessary to meet operating and business needs Education/Experience Bachelor's degree or equivalent Minimum of two years' experience in multi-national enterprise IT Culture & Life at Skadden What makes Skadden special is our people and the culture, community and spirit of collaboration we have created. We believe in teamwork and inspiring each other to be our best in an atmosphere that promotes professionalism and excellence in all that we do. We know that inclusion and drawing on the strength of a wide spectrum of talent only make us better and is vital to the firm's success. Our goal is for everyone at the firm to enjoy a challenging career with opportunities for development and growth and to support the well-being of our attorneys and business services professionals. Benefits The overall well-being of our team is important to us. We offer generous benefits to help you achieve wellness in all areas of your life. Competitive salaries and year-end discretionary bonuses. Comprehensive health care (medical, dental, vision), savings plan/401(k) and voluntary benefits. Generous paid time off. Paid leave options, including parental. In-classroom, remote, and on-demand learning and professional development opportunities. Robust well-being classes and programs. Opportunities to give back and make an impact in local communities. For further details, please visit: ******************************************************* Skadden is an Equal Opportunity Employer (Disability/Vet/other protected categories). For more information, please visit Skadden.com/careers. The starting base salary for this position is expected to be within the range listed under Salary Details. Actual salary will be determined based on skills, experience (to the extent relevant) and other-job related factors, consistent with applicable law. Salary Details $125,000 -$140,000 EEO Statement Skadden is an Equal Opportunity Employer. It does not discriminate against applicants or employees based on any legally impermissible factor including, but not limited to, race, color, religion, creed, sex, national origin, ancestry, age, alienage or citizenship status, marital or familial status, domestic partnership status, caregiver status, sexual orientation, gender, gender identity or expression, change of sex or transgender status, genetic information, medical condition, pregnancy, childbirth or related medical conditions, sexual and reproductive health decisions, disability, any protected military or veteran status, or status as a victim of domestic or dating violence, sexual assault or offense, or stalking. Applicants who require an accommodation during the application process should contact Alex Taylor at **************. Skadden Equal Employment Opportunity Policy Skadden Equal Employment Opportunity Policy Applicants Have Rights Under Federal Employment Law Applicants Have Rights Under Federal Employment Law In accordance with the Transparency in Coverage Rule, click here to review machine-readable files made available by UnitedHealthcare: Transparency in Coverage

Document and analyze Identity and Access Management (IAM) processes, procedures, and controls to ensure accuracy, consistency, and alignment with organizational standards. Troubleshoot and resolve identity-related issues identified through reports, alerts, or incident tickets. Create and maintain detailed IAM system and workflow documentation based on business and technical requirements. Collaborate with business stakeholders and IT leadership to design, develop, and enhance IAM operational workflows using existing technologies and services. Develop, execute, and document test cases to validate IAM workflow enhancements and system changes. Build and maintain business-facing reports and dashboards using Power BI, SQL queries, and LDAP queries across targeted identity repositories. Communicate effectively with team members, cross-functional partners, and business units to ensure consistent understanding of IAM processes and initiatives. Support the governance, maintenance, and execution of IAM operational workflows, including responding to and resolving team service requests and incidents. Conduct data analysis to identify, investigate, and remediate user data inconsistencies, anomalies, and policy deviations. Participate in on-call rotation as needed to support critical IAM functions and operational continuity. Highly Preferred Skills: 2-5 years of experience as an IAM Analyst, Business Analyst, or similar technical/functional role. Strong business analysis skills, including requirements gathering, process mapping, and workflow design. Experience writing and executing test cases, test scripts, and test plans. Familiarity with IAM systems and concepts such as identity lifecycle management, authentication, authorization, roles, and entitlements. Experience with IAM tools (e.g., Okta, SailPoint, Azure AD/Entra ID, Duo) is preferred but not required. Working knowledge of SQL, Power BI, or other reporting tools is a plus. Strong documentation skills using MS Word, Excel, Visio, or similar tools. Excellent verbal and written communication skills; able to translate between business and technical language. Detail-oriented, analytical thinker, and effective problem solver. Willingness to participate in testing activities and occasional on-call or after-hours support if needed. Job Description Protects the organization's digital assets from unauthorized access. This includes securing both online and on-premise infrastructures, responding to alerts, mitigating risks before breaches occur and guiding the efforts to contain, triage and recover from cyber incidents when they occur. Job Responsibility Works on moderately complex assignments to protect computer systems, networks, and data from loss and potential service interruptions due to cyber incidents. Analyzes and documents security risks, breaches, and incidents using independent judgment within defined procedures to determine appropriate actions and approaches. Analyzes, reports, and responds to detected cyber incidents. Uses cybersecurity tools to proactively search for and identify threats to systems and networks. Installs and operates security software and measures to protect systems and information infrastructure. Collaborates with the security team and peers to perform tests and find network weaknesses which could lead to a cyber security incident. Makes decisions based on precedent, previous experience and professional guidelines. Researches and recommends cyber security enhancements and tools. Works with management to develop and enhance cyber security best practices. Researches and keeps current on the latest cyber security intelligence technologies, trends, and standards. Trains junior level staff on network and cyber security technologies and procedures. Performs related duties as required. All responsibilities noted here are considered essential functions of the job under the Americans with Disabilities Act. Duties not mentioned here, but considered related are not essential functions. Job Qualification Bachelor's degree in Computer Science, Cyber Security or related field, required. Certifications including but not limited to Security+, CISSP, CISM, CEH, ISSAP, ISSEP, or GSEC, required. 2-4 years of related experience, required. *Additional Salary Detail The salary range and/or hourly rate listed is a good faith determination of potential base compensation that may be offered to a successful applicant for this position at the time of this job advertisement and may be modified in the future.When determining a team member's base salary and/or rate, several factors may be considered as applicable (e.g., location, specialty, service line, years of relevant experience, education, credentials, negotiated contracts, budget and internal equity).

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we're counting on your unique voice and perspective to help EY become even better. Join us and build an exceptional experience for yourself, and a better working world for all. The exceptional EY experience. It's yours to build. EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. Today's world is fuelled by vast amounts of information. Data is more valuable than ever before. Protecting data and information systems is central to doing business, and everyone in EY Information Security has a critical role to play. Join a global team of almost 950 people who collaborate to support the business of EY by protecting EY and client information assets! Our Information Security professionals enable EY to work securely and deliver secure products and services, as well as detect and quickly respond to security events as they happen. Together, the efforts of our dedicated team helps protect the EY brand and build client trust. Within Information Security we blend risk strategy, digital identity, cyber defense, application security and technology solutions as we consider the entire security lifecycle. You will join a team of hardworking, security-focused individuals dedicated to supporting, protecting and enabling the business through innovative, secure solutions that provide speed to market and business value. **The opportunity** Cyber Triage and Forensics (CTF) Incident Analyst will work as a senior member of the technical team responsible for security incident response for EY. The candidate will work as an escalation point for suspect or confirmed security incidents. Responsibilities include performing digital forensic analysis, following security incident response standard methodologies, malware analysis, identify indicators of compromise, support remediation or coordinate remediation efforts of a security incident, and develop documentation to support the security incident response process. **Your key responsibilities** + Investigate, coordinate, bring to resolution, and report on security incidents as they are brought up or identified + Forensically analyze end user systems and servers found to have possible indicators of compromise + Analysis of artifacts collected during a security incident/forensic analysis + Identify security incidents through 'Hunting' operations within a SIEM and other relevant tools + Interface and connect with server owners, system custodians, and IT contacts to pursue security incident response activities, including: obtaining access to systems, digital artifact collection, and containment and/or remediation actions + Provide consultation and assessment on perceived security threats + Maintain, manage, improve and update security incident process and protocol documentation + Regularly provide reporting and metrics on case work + Resolution of security incidents by identifying root cause and solutions + Analyze findings in investigative matters, and develop fact based reports + Be on-call to deliver global incident response **Skills and attributes for success** + Resolution of security incidents by identifying root cause and solutions + Analyze findings in investigative matters, and develop fact-based reports + Proven integrity and judgment within a professional environment + Ability to appropriately balance work/personal priorities **To qualify for the role you must have** + Bachelors or Masters Degree in Computer Science, Information Systems, Engineering or a related field + 5+ years experience in incident response, computer forensics analysis and/or malware reverse engineering; + Understanding of security threats, vulnerabilities, and incident response; + Understanding of electronic investigation, forensic tools, and methodologies, including: log correlation and analysis, forensically handling electronic data, knowledge of the computer security investigative processes, malware identification and analysis; + Be familiar with legalities surrounding electronic discovery and analysis; + Experience with SIEM technologies (i.e. Splunk); + Deep understanding of both Windows and Unix/Linux based operating systems; **Ideally, you'll also have** + Hold or be willing to pursue related professional certifications such as GCFE, GCFA or GCIH + Background in security incident response in Cloud-based environments, such as Azure + Programming skills in PowerShell, Python and/or C/C++ Understanding of the best security practices for network architecture and server configuration **What we look for** + Demonstrated integrity in a professional environment + Ability to work independently + Have a global mind-set for working with different cultures and backgrounds + Knowledgeable in business industry standard security incident response process, procedures, and life cycle + Excellent teaming skills + Excellent social, communication, and writing skills **What we offer you** The compensation ranges below are provided in order to comply with United States pay transparency laws. Other geographies will follow their local salary guidelines, which may not be a direct conversion of published US salary range/s. At EY, we'll develop you with future-focused skills and equip you with world-class experiences. We'll empower you in a flexible environment, and fuel you and your extraordinary talents in a diverse and inclusive culture of globally connected teams. Learn more . We offer a comprehensive compensation and benefits package where you'll be rewarded based on your performance and recognized for the value you bring to the business. The base salary range for this job in all geographic locations in the US is $87,700 to $164,000. The salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is $105,200 to $186,400. Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options. Join us in our team-led and leader-enabled hybrid model. Our expectation is for most people in external, client serving roles to work together in person 40-60% of the time over the course of an engagement, project or year. Under our flexible vacation policy, you'll decide how much vacation time you need based on your own personal circumstances. You'll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being. **Are you ready to shape your future with confidence? Apply today.** EY accepts applications for this position on an on-going basis. For those living in California, please click here for additional information. EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. **EY | Building a better working world** EY is building a better working world by creating new value for clients, people, society, and the planet, while building trust in capital markets. Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow. EY teams work across a full spectrum of services in assurance, consulting, tax, strategy, and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories. EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status, or any other legally protected basis, including arrest and conviction records, in accordance with applicable law. EY is committed to providing reasonable accommodation to qualified individuals with disabilities including veterans with disabilities. If you have a disability and either need assistance applying online or need to request an accommodation during any part of the application process, please call 1-800-EY-HELP3, select Option 2 for candidate related inquiries, then select Option 1 for candidate queries and finally select Option 2 for candidates with an inquiry which will route you to EY's Talent Shared Services Team (TSS) or email the TSS at ************************** .

Description & Requirements Maximus is seeking a qualified Sr. Technical/Security Analyst for multiple projects, current and upcoming. The qualified candidate will be involved in technical/security planning and assessment projects with potentially multiple state agencies. The position requires the candidate to produce/review security relevant documentation, such as system security plans, POA&Ms, assessment plans, etc., produce technical/security analyses, develop estimates, review and contribute to requirements for large systems-planning efforts in the Child Support, Child Welfare and/or Integrated Eligibility public-sector domains. The individual will report directly to a Senior Manager. Maximus is a matrix-managed organization, which means the individual will have secondary reporting relationships to one or more Project Managers, depending on which projects they are assigned. *This role is remote but requires working standard business hours in the US time zone of the client.* Essential Duties and Responsibilities: - Collaborate with project managers on various initiatives and projects to track progress and provide support as necessary. - Support leadership in ensuring that the project is delivered to specifications, is on time, and within budget. - Work closely with management and work groups to create and maintain work plan documents. - Track the status and due dates of projects. - Manage relationships with project staff responsible for projects. - Produce regular weekly and monthly status reports that could include; work plan status, target dates, budget, resource capacity, and other reports as needed. - Facilitate regular meetings and reviews. - Adhere to contract requirements and comply with all corporate policies and procedures. Job Specific Duties and Responsibilities: -Perform duties independently under the direction of their direct manager and/or Project Managers on specific projects. -Review project documentation and client materials and provide analysis of technical and security related topics. -Participate in client meetings and offer observations and insight on technical and security related topics. -Identify risk areas and potential problems that require proactive attention. -Review and author artifacts and other project documents and identify potential gaps, inconsistencies, or other issues that may put the project at risk. Such artifacts and documents may include but are not limited to: *System Security Plan *Plan of Action and Milestones (POA&M) *Security Assessment Plan *Risk Assessment reports *CMS ARC-AMPE forms and documentation *Data Conversion and Migration Management Plan *Deployment and/or roll-out plans -Perform security assessments, lead security audit and assessment activities, and provide direct security oversight support to assigned clients and projects. -Identify and escalate to the Senior Manager / Project Manager risks, alternatives, and potential quality issues. -Attend interviews, focus groups, or other meetings necessary to gather information for project deliverables in accordance with the project scope of work. -Attend project meetings with the client, subcontractors, project stakeholders, or other Maximus Team members, as requested by the Senior Manager / Project Manager. -Complete project work in compliance with Maximus standards and procedures. -Support team to complete assigned responsibilities as outlined in the Project schedule. -Support all other tasks assigned by Senior Manager / Project Manager. Minimum Requirements - Bachelor's degree in related field. - 7-10 years of relevant professional experience required. - Equivalent combination of education and experience considered in lieu of degree. Job Specific Requirements: -Be available to work during standard client business hours. Projects may involve clients from any US time zone, so it is possible that work outside of the individual's local business hours will be required. -Bachelor's degree from an accredited college or university, or equivalent work experience. -7+ years of experience in information security, with at least 3 years of security-compliance work in a regulated industry. -5+ years of experience working with HIPAA, NIST 800-53 and/or CMS MARS-E or ARC-AMPE security frameworks. -Familiar with operating systems: Windows, Linux/UNIX, OS/X. -Familiar with AI tools, capabilities. -Strong command of cloud computing topics. -Strong command of agile software development practices as well as waterfall development practices. -Strong desktop software skills: proficient in MS Office, Excel, Word, Project. -Ability to explain and communicate technical subjects to non-technical audiences. -Ability to develop advanced concepts, techniques, and standards requiring a high level of interpersonal and technical skills. -Ability to work independently. -Good organizational skills and the ability to manage multiple tasks and deadlines simultaneously. -Strong interpersonal and team building skills, as well as an understanding of client relationship building are essential. -Excellent verbal and writing skills and be comfortable working with customers. -Ability to multi-task with supervision. -Self-motivated fast learner. Preferred Skills: -Prefer a candidate with experience in the Health & Human Services industry, which may include working with programs such as Child Support, Child Welfare, or Integrated Eligibility (SNAP, TANF, and Medicaid). -Preference for security related certifications, such as the CISSP (Certified Information Systems Security Professional). EEO Statement Maximus is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, age, national origin, disability, veteran status, genetic information and other legally protected characteristics. Pay Transparency Maximus compensation is based on various factors including but not limited to job location, a candidate's education, training, experience, expected quality and quantity of work, required travel (if any), external market and internal value analysis including seniority and merit systems, as well as internal pay alignment. Annual salary is just one component of Maximus's total compensation package. Other rewards may include short- and long-term incentives as well as program-specific awards. Additionally, Maximus provides a variety of benefits to employees, including health insurance coverage, life and disability insurance, a retirement savings plan, paid holidays and paid time off. Compensation ranges may differ based on contract value but will be commensurate with job duties and relevant work experience. An applicant's salary history will not be used in determining compensation. Maximus will comply with regulatory minimum wage rates and exempt salary thresholds in all instances. Accommodations Maximus provides reasonable accommodations to individuals requiring assistance during any phase of the employment process due to a disability, medical condition, or physical or mental impairment. If you require assistance at any stage of the employment process-including accessing job postings, completing assessments, or participating in interviews,-please contact People Operations at **************************. Minimum Salary $ 120,000.00 Maximum Salary $ 140,000.00

KPMG Advisory practice is currently our fastest growing practice. We are seeing tremendous client demand, and looking forward we do not anticipate that slowing down. In this ever-changing market environment, our professionals must be adaptable and thrive in a collaborative, team-driven culture. At KPMG, our people are our number one priority. With a wealth of learning and career development opportunities, a world-class training facility and leading market tools, we make sure our people continue to grow both professionally and personally. If you're looking for a firm with a strong team connection where you can be your whole self, have an impact, advance your skills, deepen your experiences, and have the flexibility and access to constantly find new areas of inspiration and expand your capabilities, then consider a career in Advisory. KPMG is currently seeking a Specialist Director, MAST Application Penetration Testing Lead to join our Managed Services practice. Responsibilities: * Lead the strategic delivery of Managed Application Security Testing (MAST) services, ensuring alignment with client objectives and industry best practices * Execute go-to-market (GTM) strategies for MAST offerings, collaborating with cross-functional teams to drive market penetration and revenue growth * Oversee the design and implementation of scalable security testing frameworks across diverse application environments, including cloud-native and hybrid architectures * Provide subject matter expertise in application security, guiding clients through risk assessments, remediation planning, and secure development lifecycle integration * Build and maintain strong client relationships, serving as a trusted advisor and ensuring high levels of satisfaction and retention * Mentor and lead a team of security professionals, fostering a culture of innovation, accountability, and continuous improvement * Act with integrity, professionalism, and personal responsibility to uphold KPMG's respectful and courteous work environment Qualifications: * Minimum eight years of recent experience in application security, penetration testing, or related cybersecurity domains, with at least three years in a leadership or director-level role * Master's degree from an accredited college or university in cybersecurity, computer science, or related field is preferred; Bachelor's degree from an accredited college or university is required * Deep understanding of application security testing methodologies, tools (for example, DAST, SAST, IAST), and secure SDLC practices * Proven experience developing and executing GTM strategies for security services or technology solutions * Strong client-facing skills with the ability to communicate complex technical concepts to non-technical stakeholders * Excellent verbal/written communication, presentation, and analytical skills * Ability to travel as required * Applicants must be authorized to work in the U.S. without the need for employment-based visa sponsorship now or in the future; KPMG LLP will not sponsor applicants for U.S. work visa status for this opportunity (no sponsorship is available for H-1B, L-1, TN, O-1, E-3, H-1B1, F-1, J-1, OPT, CPT or any other employment-based visa) KPMG LLP and its affiliates and subsidiaries ("KPMG") complies with all local/state regulations regarding displaying salary ranges. If required, the ranges displayed below or via the URL below are specifically for those potential hires who will work in the location(s) listed. Any offered salary is determined based on relevant factors such as applicant's skills, job responsibilities, prior relevant experience, certain degrees and certifications and market considerations. In addition, KPMG is proud to offer a comprehensive, competitive benefits package, with options designed to help you make the best decisions for yourself, your family, and your lifestyle. Available benefits are based on eligibility. Our Total Rewards package includes a variety of medical and dental plans, vision coverage, disability and life insurance, 401(k) plans, and a robust suite of personal well-being benefits to support your mental health. Depending on job classification, standard work hours, and years of service, KPMG provides Personal Time Off per fiscal year. Additionally, each year KPMG publishes a calendar of holidays to be observed during the year and provides eligible employees two breaks each year where employees will not be required to use Personal Time Off; one is at year end and the other is around the July 4th holiday. Additional details about our benefits can be found towards the bottom of our KPMG US Careers site at Benefits & How We Work. Follow this link to obtain salary ranges by city outside of CA: ********************************************************************** California Salary Range: $153700 - $319000 KPMG offers a comprehensive compensation and benefits package. KPMG is an equal opportunity employer. KPMG complies with all applicable federal, state and local laws regarding recruitment and hiring. All qualified applicants are considered for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, citizenship status, disability, protected veteran status, or any other category protected by applicable federal, state or local laws. The attached link contains further information regarding KPMG's compliance with federal, state and local recruitment and hiring laws. No phone calls or agencies please. KPMG recruits on a rolling basis. Candidates are considered as they apply, until the opportunity is filled. Candidates are encouraged to apply expeditiously to any role(s) for which they are qualified that is also of interest to them. Los Angeles County applicants: Material job duties for this position are listed above. Criminal history may have a direct, adverse, and negative relationship with some of the material job duties of this position. These include the duties and responsibilities listed above, as well as the abilities to adhere to company policies, exercise sound judgment, effectively manage stress and work safely and respectfully with others, exhibit trustworthiness, and safeguard business operations and company reputation. Pursuant to the California Fair Chance Act, Los Angeles County Fair Chance Ordinance for Employers, Fair Chance Initiative for Hiring Ordinance, and San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.

For over 75 years, BIC has been creating ingeniously simple and joyful products that are a part of every heart and home. As a member of our team, you'll be a part of reigniting a beloved brand as we continue to reimagine everyday essentials in new, sustainable and responsible ways. Our "roll up your sleeves and get the job done" approach to work creates an environment where self-starters, problem solvers and innovative thinkers thrive. BIC team members are empowered to take ownership of their careers and bring their unique perspectives to the table to make a meaningful impact on our mission. It's a colorful world - make your mark by joining the BIC team today. As **Senior Cybersecurity Engineer,** you will collaborate and partner with a global, cross-functional team to build cybersecurity capabilities and improve maturity. This role involves designing, implementing, and managing security technology to protect the company from cyber threats. Besides, you will support incident response, investigations, playbook development and efforts to identify and mitigate risk. **In this role you will:** + Analyze, triage, and investigate alerts from various sources to determine the appropriate response or escalation + Document analysis, findings, and actions for case management and metrics + Support security incident response planning, procedure/playbook development and investigations + Participate in on-call rotation for off-hours escalations + Administer, optimize, and maintain the health of security tools, such as endpoint protection and response (EDR), network detection and response (NDR), and logging pipelines (Syslog/Cribl). + Assist with remediation of identified security risks + Minimum 6 years' experience in Information Technology or Cybersecurity + IT or cybersecurity certifications from industry recognized sources preferred **What you bring to BIC:** + Minimum 6 years' experience in Information Technology or Cybersecurity + IT or cybersecurity certifications from industry recognized sources preferred + Prior experience interpreting or analyzing log data and working with log pipelines + Triaging alerts from various sources, following playbooks, and escalating legitimate issues + Knowledge of security tools such as endpoint protection, firewalls, intrusion prevention, SIEM and EDR (CrowdStrike) + Strong understanding of Windows server and desktop operating systems, networking fundamentals, security concepts, Active Directory, Microsoft Azure, Office 365. + In-depth analytical and problem-solving skills to resolve complex issues BIC is an Equal Opportunity Employer. We strongly commit to hiring people with different backgrounds and experiences to help us build better products, make better decisions, and better serve our customers. We do not discriminate based upon race, religion, color, national origin, gender, sexual orientation, veteran status, disability status, or similar characteristics. All employment is decided based on qualifications, merit, and business need. BIC is not seeking assistance or accepting unsolicited resumes from search firms for this employment opportunity. Regardless of past practice, all resumes submitted by search firms to any team member at BIC via email, or directly to a BIC team member in any form without a valid written search agreement in place for that position will be deemed the sole property of BIC, and no fee will be paid in the event the candidate is hired by BIC as a result of the referral or through other means.

**Duration: 12 months contract (with possible extension)** ***Note: Open to candidates who are willing to relocate at their own expense.** + The Workday Application Security Analyst is responsible for ensuring the confidentiality, integrity, and availability of data within the Workday system. + They design, implement, and maintain security configurations, including roles, permissions, and access controls, to protect organizational data and comply with company policies, industry standards, and regulatory requirements. **Job Functions & Responsibilities** + Develop and implement security roles, domain security policies, data and business process security within Workday + Ensure secure integration with other on‐premise and cloud applications like GRC tools + Configure and manage access permissions to ensure users have the appropriate level of access to data and functionality + Ensure compliance with company policies, industry standards (like SOC 2), and regulatory requirements (like GDPR) + Conduct regular security audits and assessments to identify vulnerabilities and areas for improvement + Assist in investigating and responding to security incidents, identifying root causes, and implementing preventive measures + Collaborate with IT, HR, and other stakeholders to align security efforts with business needs and ensure effective communication of security policies and procedures + Create and maintain documentation for security policies, procedures, and configurations, and provide training to users on security best practices + Stay abreast of Workday updates, industry trends, and emerging security threats to continuously improve security configurations and processes + Familiarity with other ERPs like SAP is preferred + Familiarity with GRC and Workday SoD (Segregation of Duties) management is desired **Skills** + SAP ERP (S/4 HANA is a plus) + Workday + Active Directory group management + GRC AC 10.1 and above + Microsoft Clienture + SuccessFactors + Applicable functional knowledge for SAP security areas like Finance, MM, ISU billing, etc. + SAP audit & compliance **Education & Certifications** + Bachelor's degree in engineering, IT, or related field + 7-10 years of hands‐on industry experience in Workday Security implementation and administration + Strong ITGC compliance knowledge for Workday + Familiarity with Workday risk management and GRC integration + Ability to identify, analyze, and resolve complex security and compliance issues + Strong interpersonal and communication skills, with the ability to effectively collaborate with diverse teams ** About US Tech Solutions:** US Tech Solutions is a global staff augmentation firm providing a wide range of talent on-demand and total workforce solutions. To know more about US Tech Solutions, please visit *********************** (*********************************** . US Tech Solutions is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Montefiore is ranked among the top hospitals nationally and regionally by U.S. News & World Report. For more than 100 years we have been innovating new treatments, procedures, and approaches to patient care, producing stellar outcomes and raising the bar for academic medical centers in the region and around the world. Our work to improve health outcomes in underserved communities is unparalleled in the United States. Our workforce is among the most diverse in the US: Montefiore associates speak 60+ languages. This is a hybrid position requiring being on-site as needed. ________________________________________ We are seeking a skilled and detail-oriented CMDB Engineer to join our IT team. This role will be responsible for developing, managing, and optimizing our ServiceNow Configuration Management Database (CMDB), supporting Discovery, service graph connectors, third-party data integrations, and IRE configuration. This role is critical to ensuring visibility, accuracy, and reliability of Configuration Items (CIs) throughout their lifecycle using the ServiceNow platform. ________________________________________ Responsibilities include: • Manage and enhance the ServiceNow CMDB, ensuring accuracy, completeness, and alignment with ITIL standards. • Configure and extend ServiceNow Patterns to improve data ingestion and normalization. • Deep knowledge of how to troubleshoot ServiceNow Discovery-related issues. • Maintain and enhance the ServiceNow CMDB following the Common Service Data Model (CSDM) framework. • Collaborate with infrastructure, network, and application teams to ensure proper CI identification and relationships. • Manage integration with other technologies (e.g., SCCM, vCenter, SolarWinds, etc.) feeding the CMDB. • Create and maintain CMDB documentation, architecture diagrams, and training materials. • Manage and maintain the Identification and Reconciliation Engine (IRE) rules. • Monitor and improve the CMDB Health Dashboard, ensuring ongoing health and governance of the “3 C's” - Completeness, Correctness, and Compliance. • Audit and validate CI data regularly to ensure appropriate CI class assignments, relationships, and attributes. • Oversee and optimize MID server health and ensure discovery schedules are accurate and up to date by liaising with the Network team. • Support audits, compliance, and risk initiatives by ensuring the integrity and traceability of CMDB data. Requirements include: • 7+ years of experience in an enterprise IT organization • Minimum of 3-5 years of hands-on experience with ServiceNow CMDB and Discovery • ServiceNow Certified System Administrator (CSA) certification is required to be eligible for this role. • Strong knowledge and practical experience with ServiceNow CSDM framework and the IRE configuration. • Experience with CI data normalization, reconciliation, and health reporting • Experience with third-party integrations like AWS, SCCM and JAMF • Proficiency in CMDB data modeling, CI class categorization, and relationship mapping. • Strong analytical and troubleshooting skills to manage data quality and Discovery issues. • Experience configuring and maintaining MID Servers and Discovery Schedules. • Bachelor's degree or equivalent experience. Preferred: • Other ServiceNow certifications such as Certified Implementation Specialist - CMDB, Discovery Fundamentals, is a plus. Department: Montefiore Information Technology Bargaining Unit: Non Union Campus: YONKERS Employment Status: Regular Full-Time Address: 3 Odell Plaza, Yonkers Shift: Day Scheduled Hours: 8:30 AM-5 PM Req ID: 224883 Salary Range/Pay Rate: $112,500.00 - $150,000.00 For positions that have only a rate listed, the displayed rate is the hiring rate but could be subject to change based on shift differential, experience, education or other relevant factors. To learn more about the “Montefiore Difference” - who we are at Montefiore and all that we have to offer our associates, please click here. Montefiore is an equal employment opportunity employer. Montefiore will recruit, hire, train, transfer, promote, layoff and discharge associates in all job classifications without regard to their race, color, religion, creed, national origin, alienage or citizenship status, age, gender, actual or presumed disability, history of disability, sexual orientation, gender identity, gender expression, genetic predisposition or carrier status, pregnancy, military status, marital status, or partnership status, or any other characteristic protected by law. SF-DICE-MIT; LI-SC1-REDIRECT

This role is Hybrid, 3 days a week to any local, US based UL Solutions Office. We are seeking a highly skilled Cloud Security Engineer with strong Application Security expertise to join our security architecture team. This role will be responsible for designing, implementing, and maintaining secure cloud environments and applications across multi-cloud platforms, with a focus on Azure. The ideal candidate will have hands-on experience with cloud-native security tools, DevSecOps practices, and compliance frameworks such as NIST 800-53, SOC 2, and CIS Controls. Cloud Security Engineering + Design and implement security controls for cloud infrastructure (Azure, AWS, GCP). + Develop and maintain security architecture patterns (e.g., hub-and-spoke, Zero Trust). + Integrate security tools such as Wiz, Microsoft Defender for Cloud, Silverfort, and Terraform. + Conduct threat modeling and risk assessments for cloud-native services. + Collaborate with IAM, SOC, and GRC teams to align cloud security with enterprise policies. Application Security + Perform secure code reviews, static/dynamic analysis, and vulnerability assessments. + Integrate security into CI/CD pipelines using tools like Snyk, Checkmarx, or Veracode. + Guide development teams on secure coding practices and OWASP Top 10. + Design and implement API security strategies including OAuth2, OpenID Connect, and mTLS. + Support remediation of application vulnerabilities and provide technical guidance. Compliance & Governance + Map cloud and application security controls to compliance frameworks (NIST 800-53, SOC 2, CIS). + Assist in audits and evidence collection for regulatory compliance. + Maintain documentation of security architecture, policies, and procedures. + Bachelor's degree in Computer Science, Cybersecurity, or related field. + 3-4 years of experience in cloud security engineering and application security. + Strong understanding of Azure security services and architecture. + Experience with infrastructure-as-code (Terraform, Bicep). + Familiarity with Snowflake security features and data protection strategies. + Knowledge of identity and access management (Azure AD, Conditional Access, MFA). + Hands-on experience with DevSecOps tools and practices. Preferred Qualifications + Certifications: Azure Security Engineer Associate, CISSP, CCSP, OSCP, or GIAC. + Experience with multi-subscription Azure environments. + Familiarity with Zero Trust architecture and implementation. + Experience with security automation and orchestration. Soft Skills + Strong analytical and problem-solving skills. + Excellent communication and collaboration abilities. + Ability to work independently and in cross-functional teams. + Passion for continuous learning and staying current with security trends. What you'll experience working for ULS UL Solutions has been pioneering change since 1894 and we're still leading the way. From day one, we've blazed a trail protecting the planet and everyone on it. Our teams have influenced billions of products, plus services, software offerings and more. We break things, burn things and blow things up. All in the name of safety science. That's where you come in - because none of it could happen without you. It takes passion to protect people, problem-solving to safeguard personal data and conviction to make the world a more sustainable place. It takes bold ideas and brilliant minds to build a better world for future generations across the globe. This is more than a job. It's a calling. A passion to use our expertise and play our part in creating a more secure, sustainable world today - and tomorrow. As a member of our safety science community, you'll use your ideas, your energy and your ambition to innovate, challenge and ultimately, help create a safer world. Everyone here is unique. But we're also a global community, working together to help create a safer world. Join UL Solutions and you can connect with the brightest minds in the business, all bringing their distinct perspectives and diverse backgrounds together to deliver real change. Empowering our customers to keep the world safe means thinking ahead. It means investing in training and empowering our people to learn and innovate. At UL Solutions, we help build a better future - one where everyone benefits. Join UL Solutions to be at the center of safety. To learn more about us and the work we do, visit UL.com Total Rewards: We understand compensation is an important factor as you consider the next step in your career. The estimated salary range for this position is $95,000 to $120,000 and is based on multiple factors, including job-related knowledge/skills, experience, geographical location, as well as other factors. This position is eligible for annual bonus compensation with a target payout of 10% of the base salary. This position also provides health benefits such as medical, dental and vision; wellness benefits such as mental and financial health; and retirement savings (401K) commensurate with the standard rewards offered in each individual location or country. We also provide full-time employees with paid time off including vacation (15 days), holiday including floating holidays (12 days) and sick time off (72 hours). #LI-SG2 #LI-Hybrid UL LLC has been and will continue to be an equal opportunity employer. To assure full implementation of this equal employment policy, we will take steps to assure that: Persons are recruited, hired, assigned and promoted without regard to race, color, age, sex or gender, sexual orientation, gender identity, gender expression, transgender status, religion, creed, national origin, ethnicity, citizenship, ancestry, disability, genetic information, military or veteran status, pregnancy, marital or familial status, or any other protected category under applicable law.

The Information Security Analyst plays a key role in advancing the company's Governance, Risk & Compliance (GRC) program by protecting enterprise information assets and ensuring compliance with regulatory, contractual, and ethical standards. This position offers hands-on experience across multiple security domains including policy governance, risk management, AI governance, and data security, making it an excellent opportunity for early career professionals or recent graduates passionate about cybersecurity and emerging technology risks. In this role, you will collaborate with teams across Information Security, IT, and Legal to drive initiatives that safeguard sensitive data, maintain compliance obligations, and promote responsible use of artificial intelligence and other advanced technologies. Responsibilities Governance & Policy Management Assist in developing, maintaining, and aligning information security policies with frameworks such as NIST CSF, ISO 27001, SOC 2, CIS, and the NIST AI RMF. Contribute to documentation and control mapping for new or updated regulations related to AI, privacy, and data protection (e.g., GDPR, CCPA, NIST 800-53 Rev 5). Support internal policy review cycles, ensuring consistent version control and executive approval. Risk Management Participate in enterprise risk assessments, including third-party, application, and AI model risk reviews. Help identify, document, and track remediation of security and privacy risks within the GRC platform (e.g., Drata, ServiceNow GRC, OneTrust, Vanta, etc.). Support the development of risk metrics and dashboards for leadership reporting. Learn to evaluate AI-related risks such as model bias, data leakage, data lineage, model transparency, and unintended data exposure. Data Governance & Data Security Assist with data classification, retention, and handling standards, ensuring sensitive data is appropriately protected. Support data inventory and mapping efforts to improve visibility where critical data resides. Help review access controls, encryption standards, and secure data transfer processes in coordination with IT teams. Collaborate with the IT team to ensure alignment between data quality, privacy, and security controls. Compliance & Audit Support Gather and organize evidence for internal and external audits (ISO 27001, PCI, HIPAA, etc.). Maintain control documentation and track audit remediation activities. Support continuous monitoring of compliance requirements and updates to regulatory obligations, including emerging AI governance and data-related laws. AI Governance Support Contribute to inventories of AI tools and use cases across the enterprise. Assist in risk assessments for AI systems, ensuring they align with responsible AI principles such as fairness, accountability, and transparency. Collaborate with IT and legal teams to ensure that AI use complies with company policies. Security Awareness & Communication Help design and distribute training materials related to cybersecurity, data protection, and responsible AI practices. Support internal campaigns promoting secure data handling and ethical technology usage. Prepare metrics, dashboards, and presentations for leadership briefings. Continuous Improvement Participate in projects that automate or streamline GRC processes, such as policy lifecycle management or risk scoring. Stay informed about new threats, regulatory trends, and AI governance frameworks. Engage in ongoing professional development and certification opportunities. Qualifications Bachelor's degree in Cybersecurity, Computer Science, Information Systems, Data Science, or a related field is preferred 0-2 years of experience in cybersecurity, risk management, compliance, or data governance (internship or coursework acceptable). Understanding of cybersecurity principles, risk management, and data privacy fundamentals. Basic familiarity with AI systems, data governance concepts, or information security practices. Strong analytical, communication, and documentation skills. Ability to manage multiple priorities in a fast-paced environment. Proficient in Microsoft Excel, PowerPoint, and data analysis or GRC tools. Exposure to frameworks such as NIST CSF, ISO 27001, SOC 2, NIST AI RMF, or COBIT. Must be able to work in the U.S. without sponsorship Per applicable state requirements, the annual pay range for this position ($60,500 - $84,000) which consists of base salary (subject to performance), reflects the hiring range for candidates. Also note, an individual's offer may vary from this range as it may be impacted by additional factors, including but not limited to the candidate's hiring location, qualifications, experience, and market factors.

SonSoft , Inc. is a USA based corporation duly organized under the laws of the Commonwealth of Georgia. SonSoft Inc is growing at a steady pace specializing in the fields of Software Development, Software Consultancy and Information Technology Enabled Services. Job Description LENGTH: 12 MONTHS, OPTION TO HIRE JOB ID: 1912185274 JOB TITLE: ACTIVE DIRECTORY ENGINEER - SME GC/EAD OR CITIZEN - OPTION TO HIRE POSITION SUMMARY: MUST HAVE a Security Background. Responsible for supporting and maintaining Microsoft Active Directory. Familiar with the Microsoft Windows Server Operating system, , and VMWare Virtualization technologies in the environment. This includes planning for and responding to service outages and other problems, and being a Tier 3 escalation point for moderately complex Active Directory problems beyond the knowledge of other technical support staff. Ensures customer satisfaction by advising customers on preventative maintenance and configurations which may impact product performance. Takes responsibility for potential or desired follow-up services or problem escalation. Fully qualified server engineer. High degree of troubleshooting. Self-starter needing little to no guidance. Additional Information NOTE : ONLY GCEAD , GC AND CITIZEN

What you'll do • Design and implement comprehensive data security architectures, with particular focus on database platforms (primarily SQL Server) • Develop and maintain enterprise-wide encryption strategies for securing structured and unstructured data both in transit and at rest, both and both on-premise and in the cloud • Enhance logging, monitoring and SecOps capabilities of enterprise databases and other data stores • Configure and optimize Identity and Access Management (IAM) solutions across data platforms and repositories to align to least privilege principles • Implement Data Loss Prevention (DLP) strategies and controls • Implement and maintain Information Rights Management (IRM) and Digital Rights Management (DRM) solutions • Design and implement data tokenization strategies where appropriate • Secure data processing pipelines and ensure appropriate controls for data workflows • Create and maintain data security documentation, including policies, procedures, and standards • Collaborate with development teams to ensure security best practices in data handling • Conduct vulnerability assessments of the firm's database architecture and associated data storage and processing systems • Assist in monitoring and managing security patching and upgrade processes for database platforms What's required • Bachelor's degree in computer science, cybersecurity, or related technical field • 6+ years of experience in data/database security engineering and governance • Deep expertise in database security, particularly SQL Server • Comprehensive understanding of data warehouse/data lake architectures and tools, particularly Databricks (required) • Subject matter expertise in Object Storage (eg: S3, Azure Blob, etc) and related security • Understanding of Active Directory Delegation (constrained vs. unconstrained) and associated best practices • Experience with 3rd-party SQL Server security governance and monitoring products (eg: Idera, Solarwinds) • Extensive knowledge of encryption technologies for both structured and unstructured data • Broad knowledge of secure data/file sharing solutions and ETL workflows • Experience designing and implementing data tokenization solutions • Experience with data classification and DLP technologies • Scripting/automation capabilities (eg: SQL, PowerShell, Python) • Commitment to the highest ethical standards Qualifications Ivy league colleges education preferred or huge plus. Additional Information All your information will be kept confidential according to EEO guidelines.

Duration: 6+ Months Experienced Firewall administrator for operational implementation, maintenance and configuration of firewalls. Key Responsibilities: Performs maintenance and changes in firewalls as required. Implementation of new firewalls as required Assists with troubleshooting network connectivity as it relates to firewalls Utilizes change management, request, and ticketing systems, documents status updates and problem resolutions Complete All assignments in a timely manner with an acceptable level of quality Maintains documentation related to work area Completes network change requests Follows documented processes, procedures and policies Performs customer service duties and responds to customer and project requests as defined by management Other related duties assigned as needed. Qualifications/Requirements: Bachelor's degree and with 3 to 4 years of operational experience administering Firewalls 4 or more years networking/firewall background Must have networking TCP/IP routing protocol experience Desired Characteristics: In-depth experience in security aspects of multiple platforms, operating systems, software, communications and network protocols is desired Competency in verbal, written, and presentation communications and interpersonal understanding Ability to understand customer's business needs. Leadership of work teams/groups Ability to work with all levels of employees Highly motivated and able to work effectively under minimal supervision in a fast-paced environment Team-oriented, placing priority on quality and the successful completion of team goals Organization and planning skills that include: time management, project coordination and management, and the ability to handle multiple deadlines and associated pressures. Competency in developing effective solutions to business problems Ability to analyze problems and to make decisions REQUIRED SKILLS YEARS OF EXPERIENCE WHEN THE SKILL WAS LAST USED Expert knowledge of Cisco Security products, ASA and Firepower Expert knowledge of NSX Expert knowledge of Palo Alto systems Security Certifications a Plus Must have networking TCP/IP routing protocol experience Networking/firewall background Operational experience administering Firewalls Additional Information All your information will be kept confidential according to EEO guidelines.

Job Summary: The Network Gift Officer is a dynamic, community-minded leader with strong relationship and organizational skills. Under the general direction of WMCHealth Network's Vice President of Development, the Network Gift Officer will develop, implement and manage fundraising programs that lead to increasing support for several WMCHealth Hospitals and their respective Foundations through identification, qualification, cultivation, solicitation and stewardship of prospective donors. Key responsibilities involve major gift solicitations with special attention on cultivating external relationships and building and engaging the Foundation boards and committees in development initiatives. Responsibilities: * In collaboration with WMCHealth, Vice President of Development, develop and establish short and long-term fundraising plans, goals and strategies for existing and prospective donors that align with the organization's strategic plan. Duties include cultivating individual giving and support of Network and local strategy for fundraising initiatives. * Serve as the front-line fundraiser for several WMCHealth Hospitals and their respective Foundations * Superior ability to establish donor relationships, integrate into and gain the community's trust, and maintain confidence in self and institution. * In collaboration with key partners, manage a portfolio of donors through identification, qualification, cultivation, solicitation and stewardship of donors through donor-centric channels including but not limited to personal face-to-face, direct mail, e-communications and event strategies. * Establishes, builds and maintains strong personal relationships with high-net worth individuals through networking with WMCHealth physicians, board members, grateful patients and the community at large * Develops and actualizes highly customized solicitation strategies for potential donors bonding the strategic objectives and priorities of WMCHealth and a donor's interests. * Maintain data on all fundraising in the CRM database. Manage relationships through data entry in constituent database records for accurate reporting and inclusion in data pulls and financial reporting. * Work with regional leadership on individual board member engagement for the purpose of growing the board, encouraging board participation and managing fundraising opportunities. * Partner with the volunteer board of directors and committees; engage, train, strengthen, and guide boards and committees focusing on major and annual giving. * Assist in identifying annual giving prospects who have the capacity for major gift support and work to develop donor outreach and relationships as appropriate. * Communicate effectively using a high level of written and oral communication skills, persuasiveness, imagination and insight, as evidenced by the ability to present the aims and objectives of the development program in a manner that effectively informs and persuades others. * Actively assist in preparation for Foundation board meetings at respective sites and attend board meetings as required * Maintain confidential information. * Attend outside and network events as part of the events and development teams. * Travel to multiple sites is required. * Establish and maintain effective working relationships with various internal and external constituents. Qualifications/Requirements: Experience: * 5-7 years of fundraising experience, required * Prior healthcare experience, preferred Education: * Bachelor's degree, required * Master's degree, preferred Licenses / Certifications: N/A Other: * Possess a strong work ethic, common sense, accountability, integrity and intuition. * Possess excellent analytical, organizational and time management skills. * Must be results-oriented and have a proven track record of establishing and achieving ambitious goals. * Must be willing to approach the position with a commitment to the mission, vision and values of WMCHealth Network. Special Requirements: * Know and be technically familiar with traditional and innovative fundraising programs, including Salesforce and other PC software.

The OT Security Engineer, Global Information Security (GIS) will have primary responsibility for Crane's Operational Technology security solutions that protect Crane's manufacturing environments. You will implement OT and IoT security solutions throughout the enterprise and ensure that OT/IoT security solutions identify threats, uncover vulnerabilities, and measure risks of operational equipment. Coordinating with both IT and OT teams at all manufacturing sites, you will define and develop security standards and technical solutions. As a subject matter expert in the hardening and defense of OT, you will work with business units to implement security standards, securely modify systems, and implement secure network architectures during implementations of OT related projects to ensure secure system deployments. You will work closely with other GIS functional areas, supporting security engineering, administration, operations, and incident response. You will integrate the OT/IoT security solutions with other GIS and business unit tools such as SIEM, SOAR, AD, and other tools to gain a unified view of security events and respond more effectively to security incidents both for OT and IT. Responsibilities and Duties: * Support and maintain OT/IoT security tool set and associated integrations with other systems * Collaborate with the manufacturing function across lines of business to develop and define security requirements * Design OT security controls for architectures, systems and networks ensuring that alerting to threats is efficient and effective. * Identify and implement supporting security technologies for the identification of threats and defense of OT systems and provide secure methods for remote access. * Work directly with plant leaders, process engineers, and support/system vendors to ensure OT security controls are implemented * Develop and implement standard work supporting the Global OT security function and supporting solutions * Develop and maintain security models, templates, standards and procedures that can be used to leverage security capabilities in projects and operations * Assist in the identification, response, investigation, and remediation of OT security events and incidents as needed * Ensure security best practices are identified and integrated into all approaches and methodologies. * Define requirements and design standards to protect Crane's OT solutions from security threats and for mitigating the impacts of these threats. * Define reference network architectures based on industry best practices and work with business units to implement for OT solutions * Consult on business unit OT projects and provide cybersecurity expertise Qualifications and Competencies: * 2yrs experience with securing Operational Technology and related systems environments * Strong understanding and prior experience with the application of securing OT and related systems * Current deep technical understanding of common OT systems such as PCS, SCADA, PLCs, RTUs, HMIs, CNC * Deep technical understanding of TCP/IP Networking and Firewalls * Deep technical understanding of system integration methods including API's and authentication methods * Knowledgeable in NIST CSF, NIST 800-82, Purdue Model, IEC 62443 standards * Solid foundation cybersecurity domains such as network security, EDR, anomaly detection * Understanding of common OT communications protocols such as MQTT, MODBUS, DNP3, S7, G-code * Comfortable with designing and overseeing the implementation of secure OT architectures * Prior experience in the direct remediation of vulnerabilities or compensating controls within OT environments * Commitment to security training and earning corresponding certifications * Highly motivated with passion for solving complex problems * Excellent verbal and written communication skills, comfortable with presenting to Operational Teams * Flexibility to work outside regularly scheduled/normal business hours as required * Ability and desire to travel both domestically and internationally * Required: Degree in a related field or at least 4 years relevant professional experience * Required: Mobility and ability to be on your feet for long periods in a manufacturing setting * Required: Technical professional security certification such as GICSP, GRID, OSCP, CEH or similar * US Person as defined under EAR PART 772 AND ITAR 120.15 This description has been designed to indicate the general nature and level of work being performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of employees assigned to this job. Crane Company. is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment and will not be discriminated against on the basis of race, color, religion, gender, sexual orientation, general identity, national origin, disability or veteran status.

Title - Chief Information Security Officer Region: Shelton, CT Ready for a fresh, new career? Look no further because one of the world's most iconic brands can help you get there. Why Join Us? At Subway, "better" is baked into our DNA. We are a brand that believes in continued improvement … in our lives, our businesses, and our planet. From the handshake that started our very first sandwich shop to earning our position as one of the world's leading restaurant brands, we've always embraced change and the path ahead. And today, we're making better living way easier. Our purpose is more than the food we serve in our restaurants. It's centered on fueling healthy businesses and healthier lives. It is one of the most exciting times to join the Subway team and contribute to our transformational journey. About the Role: The Chief Information Security Officer is responsible for leading the organization's cybersecurity strategy and operations. This role is focused on protecting company data, systems, and networks from cyber threats, ensuring the confidentiality, integrity, and availability of critical information assets. The CISO develops and implements cybersecurity policies, technologies, and incident response plans to defend against evolving threats and vulnerabilities and drives continuous improvement in the organization's cyber defense posture. Responsibilities: Develop and implement a comprehensive cybersecurity strategy aligned with the organization's business goals, focusing on the protection of data, systems, and networks. Establish and enforce information security policies, standards, and procedures to ensure compliance with relevant laws, regulations, and industry best practices. Develop and oversee incident response plans for operational risks. Oversee incident response plans to effectively address and mitigate the impact of security incidents. Oversee the monitoring of networks and systems for security breaches, vulnerabilities, and suspicious activity; coordinate rapid response to cyber incidents. Continuously assess and prioritize cybersecurity risks, considering emerging threats, vulnerabilities, and technology trends. Select and implement appropriate security controls and technologies to defend against cyber threats. Regularly report on the organization's information security risk posture to executive leadership and relevant stakeholders. Collaborate with IT and business leaders to integrate cybersecurity considerations into technology projects and business processes Manage third-party risk as it relates to cybersecurity, ensuring vendors and partners adhere to company security standards. Foster an information security aware culture by promoting best practices and proactive security/risk management behaviors. Develop and deliver training programs to enhance operational information security awareness across the organization. Implement programs to raise awareness of information security risks among employees and stakeholders. Ability to align cybersecurity with business objectives. Deep expertise in cybersecurity technologies, threat intelligence, and incident response. Strong understanding of network, system, and application security Experience with security operations centers (SOC), vulnerability management, and penetration testing. Leadership and team management skills. In-depth knowledge of cybersecurity technologies and trends. Leadership and team management capabilities. Knowledge of relevant regulatory requirements and industry best practices. (e.g., NIST, ISO 27001, GDPR). Strong knowledge of industry regulations, standards, and best practices. Qualifications: Bachelor's Degree Business, Finance, Risk Management, Information Security, Computer Science, or a related field. 15 or more Extensive experience in cybersecurity, information security, or related technical fields, with a proven track record in leadership roles. Demonstrated experience in designing and managing enterprise cybersecurity programs, incident response, and security operations What do we Offer? Insurance Plans (Medical/Life) Pension/401K/RSP (country specific) Competitive Bonus Mobility Allowance Tuition Reimbursement Company Holidays Volunteering time And Many More….. Actual pay is determined based on several job-related factors including skills, education, training, credentials, qualifications, scope and complexity of role responsibilities, geographic location, performance, and working conditions.

For over 75 years, BIC has been creating ingeniously simple and joyful products that are a part of every heart and home. As a member of our team, you'll be a part of reigniting a beloved brand as we continue to reimagine everyday essentials in new, sustainable and responsible ways. Our "roll up your sleeves and get the job done" approach to work creates an environment where self-starters, problem solvers and innovative thinkers thrive. BIC team members are empowered to take ownership of their careers and bring their unique perspectives to the table to make a meaningful impact on our mission. It's a colorful world - make your mark by joining the BIC team today. As Senior Cybersecurity Engineer, you will collaborate and partner with a global, cross-functional team to build cybersecurity capabilities and improve maturity. This role involves designing, implementing, and managing security technology to protect the company from cyber threats. Besides, you will support incident response, investigations, playbook development and efforts to identify and mitigate risk. In this role you will: Analyze, triage, and investigate alerts from various sources to determine the appropriate response or escalation Document analysis, findings, and actions for case management and metrics Support security incident response planning, procedure/playbook development and investigations Participate in on-call rotation for off-hours escalations Administer, optimize, and maintain the health of security tools, such as endpoint protection and response (EDR), network detection and response (NDR), and logging pipelines (Syslog/Cribl). Assist with remediation of identified security risks Minimum 6 years' experience in Information Technology or Cybersecurity IT or cybersecurity certifications from industry recognized sources preferred What you bring to BIC: Minimum 6 years' experience in Information Technology or Cybersecurity IT or cybersecurity certifications from industry recognized sources preferred Prior experience interpreting or analyzing log data and working with log pipelines Triaging alerts from various sources, following playbooks, and escalating legitimate issues Knowledge of security tools such as endpoint protection, firewalls, intrusion prevention, SIEM and EDR (CrowdStrike) Strong understanding of Windows server and desktop operating systems, networking fundamentals, security concepts, Active Directory, Microsoft Azure, Office 365. In-depth analytical and problem-solving skills to resolve complex issues BIC is an Equal Opportunity Employer. We strongly commit to hiring people with different backgrounds and experiences to help us build better products, make better decisions, and better serve our customers. We do not discriminate based upon race, religion, color, national origin, gender, sexual orientation, veteran status, disability status, or similar characteristics. All employment is decided based on qualifications, merit, and business need. BIC is not seeking assistance or accepting unsolicited resumes from search firms for this employment opportunity. Regardless of past practice, all resumes submitted by search firms to any team member at BIC via email, or directly to a BIC team member in any form without a valid written search agreement in place for that position will be deemed the sole property of BIC, and no fee will be paid in the event the candidate is hired by BIC as a result of the referral or through other means.

Duration: 6+ Months Experienced Firewall administrator for operational implementation, maintenance and configuration of firewalls. Key Responsibilities: Performs maintenance and changes in firewalls as required. Implementation of new firewalls as required Assists with troubleshooting network connectivity as it relates to firewalls Utilizes change management, request, and ticketing systems, documents status updates and problem resolutions Complete All assignments in a timely manner with an acceptable level of quality Maintains documentation related to work area Completes network change requests Follows documented processes, procedures and policies Performs customer service duties and responds to customer and project requests as defined by management Other related duties assigned as needed. Qualifications/Requirements: Bachelor's degree and with 3 to 4 years of operational experience administering Firewalls 4 or more years networking/firewall background Must have networking TCP/IP routing protocol experience Desired Characteristics: In-depth experience in security aspects of multiple platforms, operating systems, software, communications and network protocols is desired Competency in verbal, written, and presentation communications and interpersonal understanding Ability to understand customer's business needs. Leadership of work teams/groups Ability to work with all levels of employees Highly motivated and able to work effectively under minimal supervision in a fast-paced environment Team-oriented, placing priority on quality and the successful completion of team goals Organization and planning skills that include: time management, project coordination and management, and the ability to handle multiple deadlines and associated pressures. Competency in developing effective solutions to business problems Ability to analyze problems and to make decisions REQUIRED SKILLS YEARS OF EXPERIENCE WHEN THE SKILL WAS LAST USED Expert knowledge of Cisco Security products, ASA and Firepower Expert knowledge of NSX Expert knowledge of Palo Alto systems Security Certifications a Plus Must have networking TCP/IP routing protocol experience Networking/firewall background Operational experience administering Firewalls Additional Information All your information will be kept confidential according to EEO guidelines.

What you'll do • Design and implement comprehensive data security architectures, with particular focus on database platforms (primarily SQL Server) • Develop and maintain enterprise-wide encryption strategies for securing structured and unstructured data both in transit and at rest, both and both on-premise and in the cloud • Enhance logging, monitoring and SecOps capabilities of enterprise databases and other data stores • Configure and optimize Identity and Access Management (IAM) solutions across data platforms and repositories to align to least privilege principles • Implement Data Loss Prevention (DLP) strategies and controls • Implement and maintain Information Rights Management (IRM) and Digital Rights Management (DRM) solutions • Design and implement data tokenization strategies where appropriate • Secure data processing pipelines and ensure appropriate controls for data workflows • Create and maintain data security documentation, including policies, procedures, and standards • Collaborate with development teams to ensure security best practices in data handling • Conduct vulnerability assessments of the firm's database architecture and associated data storage and processing systems • Assist in monitoring and managing security patching and upgrade processes for database platforms What's required • Bachelor's degree in computer science, cybersecurity, or related technical field • 6+ years of experience in data/database security engineering and governance • Deep expertise in database security, particularly SQL Server • Comprehensive understanding of data warehouse/data lake architectures and tools, particularly Databricks (required) • Subject matter expertise in Object Storage (eg: S3, Azure Blob, etc) and related security • Understanding of Active Directory Delegation (constrained vs. unconstrained) and associated best practices • Experience with 3rd-party SQL Server security governance and monitoring products (eg: Idera, Solarwinds) • Extensive knowledge of encryption technologies for both structured and unstructured data • Broad knowledge of secure data/file sharing solutions and ETL workflows • Experience designing and implementing data tokenization solutions • Experience with data classification and DLP technologies • Scripting/automation capabilities (eg: SQL, PowerShell, Python) • Commitment to the highest ethical standards Qualifications Ivy league colleges education preferred or huge plus. Additional Information All your information will be kept confidential according to EEO guidelines.