Cyber security analyst jobs in Home Gardens, CA - 91 jobs

CHAOS Industries is redefining modern defense with omniscient systems purpose-built for today's realities. Designed and built by top U.S. military veterans and Silicon Valley innovators, CHAOS Industries' products are powered by Coherent Distributed Networks (CDN™), empowering warfighters, commercial air operators, and border protection teams to act faster, adapt rapidly, and stay ahead of evolving threats. In a world where technological threats move at unprecedented speed, CHAOS Industries delivers advanced sensing and detection solutions that give the ultimate advantage: time. CHAOS Industries was founded in 2022 and has raised $1B in total funding from leading investors including 8VC, Accel, and NEA. The company is headquartered in Los Angeles, with offices in Washington, D.C., San Francisco, and London. For more information, please visit ***************** Role Overview: As a Cybersecurity Engineer at our vibrant Los Angeles headquarters, you will serve as the primary point of contact for all Cybersecurity needs. In this hands-on role, you'll ensure a challenging balance of Cybersecurity and Enablement across the enterprise. You will be one of the first SOC/IR-focused hires and help build our internal SOC and capabilities from the ground up. You'll work closely with the IT team and contribute to company-wide IT initiatives, infrastructure upgrades, and process improvements, providing security inputs and advising best practice, in a dynamic, fast-paced workplace. Responsibilities: Help build and manage the SOC/IR Team and their platforms and processes. Co-own implementation of multiple enterprise Cybersecurity programs. Assist with security architecture reviews, roll outs, enhancements and initiatives. Research and implement security automations and partner with IT and other teams to implement into processes, procedures and baselines. Design, document and implement security solutions for cloud-based systems, including IAM, network security, data protection, DevSecOps, and compliance. Utilize cloud security best practices, including encryption, authentication, authorization, and audit capabilities. Maintain technical proficiency and certifications relevant to security solutions and architectures. Work full-time onsite out of our office in Los Angeles (Hawthorne), California. Minimum Requirements: Bachelor's degree or equivalent experience in business, computer science, or management information systems. 5+ years of experience in technology-driven security solutions within defense or related industries. Deep Experience with EDR, Firewall, SIEM, and other common Cybersecurity solutions. Experience in IT security risk assessments and industry frameworks (NIST 800 series, CMMC, CIS Controls, etc). Strong knowledge of Identity and Access Management (IAM), cryptography, key management, access controls, and security protocols (e.g., Multi-factor, SAML, OAuth, etc). Expertise in Azure/AWS Infrastructure services and cloud security best practices. Strong analytical, system design, and communication skills. Self-motivated, proactive problem solver with the ability to prioritize tasks in a fast-paced, high-pressure environment. Preferred Requirements: Experience either as a SOC Analyst or SOC Engineer Experience with scripting, automations and integration of multiple platforms and data sources. Eligible to obtain and maintain an active U.S. Secret/Top Secret security clearance. Why CHAOS? Health Benefits: Medical, dental, and vision benefits 100% paid for by the company Additional benefits: 401k (+ 50% company match up to 6% of pay), FSA, HSA, life insurance, and more Our Perks: Free daily lunch, ‘No meeting Fridays', unlimited PTO, casual dress code Compensation Components: Competitive base salaries, generous pre-IPO stock option grants, relocation assistance, and (coming soon!) annual bonuses Team Growth: 200 employees and counting across 5 global offices Salary Range: $130,000 - $170,000 The stated compensation range reflects only the targeted base compensation range and excludes additional earnings such as bonus, equity, and benefits. If your compensation requirements fall outside of the range, we still encourage you to apply. The salary range for this role is an estimate based on a range of compensation factors, inclusive of base salary only. Actual salary offer may vary based on (but not limited to) work experience, education and/or training, critical skills, and/or business considerations. #LI-onsite

As a hybrid biomedical equipment/IT technician, a Clinical Cyber Security Engineer usually has a four-year degree or the associated experience to maintain a diverse population of patient care equipment and networked medical devices. A Clinical Cyber Security Engineer has a good knowledge of electronics, schematics, computer operating systems, networking, and security. This individual must have strong project management skills and organizational skills. Often, they must collaborate with the Manager of Clinical Cyber Security Engineering and the facility's IT department and must demonstrate excellent customer service skills. Essential Duties & Responsibilities: Responsible for support and oversight of the clinical information systems under his/her care. This includes the tracking of hardware (configuration items), software and network documentation. Provides user support, systems technical service and support, and participates in system projects as requested. Coordinates and/or implements software patches / updates in collaboration with Clinical Staff, Original Equipment Manufactures and the Hospitals SIT Department. Demonstrates cost containment and financial acumen Maintains a good personal relationship with fellow co-workers, hospital staff, and vendors Maintains an accurate inventory of Networked Medical Devices or devices containing ePHl Works with IT and security staff to identify and mitigate risks; helps to enforce policies and procedures on medical devices and IoT systems Utilizes system management tools and industry best practices to asses security vulnerabilities and risk to medical devices and IoT management Uses project management tools to manage system implementations and change management procedures Acts as a consultant to the facility regarding system hardware/software evaluation and selection Coordinates installation and maintenance of networked medical devices containing PC hardware with facility IT department Performs other duties as assigned** Required Skills Possesses a comprehensive knowledge of electromechanical devices and principles, as well as a thorough understanding of general patient care equipment and can demonstrate the usage of supported devices Basic understanding of life-support and diagnostic support devices and their usage within the healthcare setting Configuration of computer hardware and software, cyber security systems Use and management of operating systems including Microsoft, Linux/Unix and RTOS Configuration and deployment of computer software support tools (i.e. Configuration, Remote Management, Antivirus, Backup and Recovery, Monitoring tools, etc.) Proficient in the use of Microsoft Office products, and the creation of network diagrams using Microsoft Visio or similar software Configuration of basic network components and understanding of routing and subnetting processes Application of CIS, NIST, HITRUST best practices and guidelines to technology devices & systems Knowledge and understanding of human anatomy and physiology Required Competencies Accountability - takes ownership of assigned work and responsibilities, follows through and closes the loop Communication - clearly expresses thoughts and ideas both in written and verbal communications, provides timely information Financial Acumen - Considers financial impact of all decisions Integrity - Can admit mistakes, is direct and truthful Customer Service - demonstrates a "customer-first" mentality, focused on meeting the needs of customers and captures feedback to make improvements Priority Setting - Prioritizes assigned schedules and workload Knowledge - Stay current with technological developments, security trends and best practices in the information technology field. Information Technology - Possesses knowledge and understanding of basic cyber security and IT terminology as it pertains to medical devices and facility IT systems Team Building - Mentors newer technicians, facilitates clear communication amongst the team, demonstrates care and respect for co-workers and colleagues Regulatory - understands the various regulations and best practices that apply to the HTM space (HIPAA, HITECH, Omnibus, SOC, COBIT, ITIL) Attributes Culture - promotes the Vision, Mission and Values that make up the RENOVO culture as well as the culture of the healthcare facility Mechanically inclined - technical skills and abilities to figure out how things work Self-motivated - can work on their own or under limited direction while prioritizing equipment schedules and repair activities. Advanced projects or activities require supervision Open-minded - Willing to listen to opinions and criticism, can switch directions quickly Agility - Can break complex projects into smaller iterative tasks Improvement - willing to learn and grow, wants to update job skills for career growth Confidence - Self-reliant decision maker that doesn't second guess decisions Multi-tasker - Is organized and efficient, handles multiple projects or tasks simultaneously Education/Special Training H.S. Diploma or equivalent required Technical Certificate or DOD training required 4-year College Degree, Certification, or other higher level of education pertaining to this job description preferred CompTIA A+ & Network+ or equivalent certification, CISSP, CCNA, MSCE desired Required Work Hours Forty hours per week during daytime and evening hours. Scheduled work hours may change. Overtime may be required or permitted with prior approval. This position may be included in the on-call rotation for the facility. Reporting and Supervisor Responsibilities The Clinical Systems Engineer reports to - Manager, Biomedical Engineering This position has no supervisory responsibilities Physical Requirements The Clinical Systems Engineer must be able to speak, hear, see, read, write, type, dial, reach, bend, climb, crawl, crouch, kneel, squat, and twist. Must have near vision, far vision, depth perception, and be able to distinguish colors. Must have sensory ability to distinguish hot, cold, range of temperatures, surfaces, fine motor skills, manual dexterity, and detect/distinguish odors. Must be able to carry or lift up to 50 pounds routinely. Travel Travel will be required for this position, unless otherwise specified. Total travel based on project needs and locations Classification FLSA: Non-exempt Administration: Understand and observe company policies and procedures. Relationships: Utilize teamwork in your daily activity and ensure customer satisfaction. Other: Housekeeping - Maintain a clean, orderly appearance of all work areas. Personal appearance - Must observe company dress code always and must have good personal hygiene. Maintain all RENOVO owned equipment including tools, test equipment, computers, and others as specified in proper working condition and ensure annual calibration where appropriate. **Note: This position description does not list every activity, duty, and responsibility of the position and may be altered by RENOVO at any time.

Headquartered in the United States, TP-Link Systems Inc. is a leading global provider of networking devices and smart home products. Consistently ranked as the world's top provider of Wi-Fi devices, TP-Link is dedicated to delivering innovative solutions that improve people's lives by offering faster, more reliable connectivity. Serving customers in over 170 countries, we are committed to expanding our global footprint. At TP-Link Systems Inc., we believe that technology has the power to transform the world for the better. Our mission is to design reliable, high-performance products that connect users worldwide to the limitless possibilities of technology. We are driven by our core values of professionalism, innovation, excellence, and simplicity. Our goal is to help clients achieve outstanding global performance and to provide consumers with a seamless, effortless technology experience. TP-Link Systems Inc. is seeking a skilled and proactive Sr. Security Compliance Analyst who will be responsible for developing and overseeing TP-Link's enterprise security governance framework, ensuring compliance with regulatory requirements, industry standards, and internal policies. This individual will collaborate with cross-functional teams to embed security into business operations, manage risk, and enhance security resilience across TP-Link's enterprise ecosystem. Key Responsibilities: Security Governance & Policy Development Develop, implement, and maintain security policies, standards, and guidelines aligned with industry best practices (e.g., NIST, ISO 27001, CIS). Establish and lead a security governance framework to ensure consistent application of security controls across the enterprise. Risk Management & Compliance Identify, assess, and mitigate security risks across TP-Link's global operations. Ensure compliance with regulatory requirements such as GDPR, CCPA, NIST CSF, and other applicable cybersecurity frameworks. Oversee security audits, risk assessments, and third-party security evaluations. Partner with legal, IT, and business leaders to address security compliance gaps. Third-Party & Supply Chain Security Develop and enforce security requirements for vendors, suppliers, and third-party partners. Conduct security assessments of supply chain partners to identify and mitigate potential risks. Security Awareness & Training Develop and lead security awareness programs to educate employees on cybersecurity risks and best practices. Foster a security-first culture across all levels of the organization. Provide guidance and training on security governance processes for internal stakeholders. Incident Response & Continuous Improvement Support security incident response efforts by ensuring governance processes facilitate rapid detection and response. Lead post-incident analysis to refine security policies and controls. Monitor emerging threats, regulatory changes, and industry trends to evolve TP-Link's security governance strategies. Requirements Qualifications Education: Bachelor's degree in Computer Science, Cybersecurity, Information Security, or a related field. Experience: 5+ years of experience in security governance, risk management, or compliance in a global technology or networking company. Proven track record in developing and implementing security governance frameworks for enterprise security. Experience managing compliance with industry standards and regulations (ISO 27001, NIST CSF, SOC 2, GDPR, CCPA, etc.). Hands-on experience with supply chain security, third-party risk management, and vendor security assessments. Skills: Deep understanding of security frameworks (ISO 27001, NIST, CIS, SOC 2) and regulatory requirements. Strong expertise in risk management methodologies, security policy development, and compliance auditing. Proficient in conducting security assessments, third-party risk evaluations, and internal security reviews. Ability to communicate complex security concepts to business and technical stakeholders effectively. Strong leadership skills with experience in cross-functional collaboration and executive reporting. Benefits Salary range: $100,000-$150,000 Free snacks and drinks, and provided lunch on Fridays Fully paid medical, dental, and vision insurance (partial coverage for dependents) Contributions to 401k funds Bi-annual reviews, and annual pay increases Health and wellness benefits, including free gym membership Quarterly team-building events At TP-Link Systems Inc., we are continually searching for ambitious individuals who are passionate about their work. We believe that diversity fuels innovation, collaboration, and drives our entrepreneurial spirit. As a global company, we highly value diverse perspectives and are committed to cultivating an environment where all voices are heard, respected, and valued. We are dedicated to providing equal employment opportunities to all employees and applicants, and we prohibit discrimination and harassment of any kind based on race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws. Beyond compliance, we strive to create a supportive and growth-oriented workplace for everyone. If you share our passion and connection to this mission, we welcome you to apply and join us in building a vibrant and inclusive team at TP-Link Systems Inc. Please, no third-party agency inquiries, and we are unable to offer visa sponsorships at this time.

Global Service Resources is looking for a contractor in Los Angeles. Shift: 7:00 AM - 6:00 PM (Monday - Thursday) Assignment type: Temporary (10 months w/ high chance of extension or hire) Pay rate: $60-$65/hour Responsibilities: Interpret and implement information security policies and standards Redesign information handling processes to ensure data protection Conduct risk assessments, security audits, and vulnerability testing Develop system security plans, certifications, and accreditation reviews Manage and maintain security tools, patches, and incident tracking Qualifications: 5+ years applying security policies and standards 3+ years in information security analysis Bachelor's degree in IT or Engineering (or equivalent experience) Strong experience with NIST guidelines, risk management, and penetration testing Preferred Skills: Experience with NIST 800-53, vulnerability and gap analysis Security certifications preferred: Security+, CEH, CCSP, CISSP ***LOS ANGELES COUNTY HAS A VERY RIGOROUS INTERVIEW/HIRING/ON-BOARDING PROCESS DUE TO THE CONFIDENTIALITY OF THE POSITION. PLEASE NOTE THAT INTERVIEWS AND BACKGROUND CHECKS MAY TAKE 2 TO 6 WEEKS ALTOGETHER*** Note: You will not receive the same benefits as a direct County employee. You will be eligible for Health Insurance at a Discounted Rate and 5 paid Sick Days after 90 days of employment. E-Verify: All employees are required to comply with E-Verify, an Internet-based system operated by the Department of Homeland Security (DHS) in partnership with the Social Security Administration (SSA). E-Verify electronically verifies employment eligibility by comparing information provided on the I-9 form to records in the DHS and SSA databases. E-Verify check will be conducted, and the successful candidate must pass the E-Verify check. About Us: Global Service Resources is a national recruiter for IT professionals and Healthcare professionals throughout the continental United States. We specialize in government and private short term, per diem, and long-term contracts. We are located in Burbank, CA and take great pride in offering the best paying contract positions on the market! We make a great team! Let us get you to work!

Role: Information Security Analyst Duration: 12+ Months contract Position Details Background Checks Yes Position Description An Information Security Specialist interprets information security policies, standards and other requirements as they relate to internal information system and coordinates the implementation of these and other information security requirements. The Information Security Specialist redesigns and reengineers internal information handling processes so that information is appropriately protected from a wide variety of problems including unauthorized disclosure, unauthorized use, inappropriate modification, premature deletion, and unavailability. The Information Security Specialist will provide highly specialized experience in one or more information, computer, or network security disciplines (e.G. Penetration testing, accreditation, or risk assessment and mitigation);develop system security plans, certification and accreditation reviews;analyze and establish processes for comprehensive systems and data protection;assess and mitigate system security threats and risks;perform security audits, evaluation, risk assessments and make a strategic recommendations;and manages, supports, installs and maintains security tools and systems, and tracks security patches and incidents. Skills Required The Information Security Specialist will possess knowledge and experience in standard methodologies used in certification and accreditation processes;extensive experience following NIST guidelines in risk assessment and management;conducting vulnerability analysis;developing mitigation plans;and performing penetration testing, password protection testing and application security testing. Additional Skills Required Hands-on knowledge in standard methodologies used in certification and accreditation processes;and ability to follow and review NIST guidelines in risk assessment and management. Experience Required This classification must have a minimum of five (5) years of experience applying security policies, standards, testing, modification and implementation. At least three (3) years of that experience must be in information security analysis. Additional Experience Required 3 years in the last 5 years of experience in the following: NIST 800-53;conducting vulnerability analysis;and performing gap analysis and developing mitigation processes for identified risks. Education Required This classification requires the possession of a bachelor's degree in an IT-related or Engineering field. Additional qualifying experience may be substituted for the required education on a year-for-year basis. Additional Education Required One or more of the following Security Certifications: Security +, Certified Ethical Hacker, Cloud Security Professional, CISSP.

GoodLeap is a technology company delivering best-in-class financing and software products for sustainable solutions, from solar panels and batteries to energy-efficient HVAC, heat pumps, roofing, windows, and more. Over 1 million homeowners have benefited from our simple, fast, and frictionless technology that makes the adoption of these products more affordable, accessible, and easier to understand. Thousands of professionals deploying home efficiency and solar solutions rely on GoodLeap's proprietary, AI-powered applications and developer tools to drive more transparent customer communication, deeper business intelligence, and streamlined payment and operations. Our platform has led to more than $30 billion in financing for sustainable solutions since 2018. GoodLeap is also proud to support our award-winning nonprofit, GivePower, which is building and deploying life-saving water and clean electricity systems, changing the lives of more than 1.6 million people across Africa, Asia, and South America. Position Summary The GoodLeap security team is responsible for both business enablement and safeguarding the organization's information assets; it is involved in virtually all aspects of the business, from product safety and resilience, to building security paved roads, customer, partner, and regulatory trust, managing technology governance and compliance, and ensuring the privacy, and safety of GoodLeap's customers, partners, and employees information. The senior security engineer role provides a unique opportunity to shape the security and resilience of GoodLeap corporate systems, services, and operational processes. In this role, you will work closely with product, engineering, IT, and business teams within GoodLeap, acting as the key individual with both the authority and responsibility to ensure the safety and resilience of enterprise systems, products, and services. Your oversight will encompass: * Enterprise systems:Identifying potential misuse and abuse cases, proposing solutions to address these scenarios, and identifying product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. * Build-time controls: Managing applications/products security controls and activities during development. * Runtime controls: Overseeing security measures at runtime, from prevention to detection and response. Additionally, you will be involved with aspects of internally built products and represent all areas of security, spanning governance, risk, and compliance (GRC) to security monitoring, for a number of departments/teams. You will also have the authority and ability to involve other security team members as needed. While you will take on multiple responsibilities-from advisor to builder and beyond-your primary focus will be designing and building security patterns and practices for services and processes, and fostering strong relationships with product, business, and engineering. Essential Job Duties & Responsibilities * Lead, participate in, and contribute to partnerships between security, IT, General & Administrative teams, engineering, product, and operations teams to build, orchestrate, and automate security controls and services in GoodLeap enterprise systems, products, services, and operational processes. * Identify potential misuse and abuse cases in enterprise systems, propose solutions to address these scenarios, and identify product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. * Support or develop components of the security analytics platform. * Contribute to investigations, threat hunting, and incident response activities in a supporting role. * Collaborate with the monitoring and response team to create playbooks for specific incident response scenarios related to the products and services you oversee. These investigations, incidents, and playbooks may address security, fraud, privacy, resilience, and related concerns. * Support the security operations team with the vulnerability management lifecycle for products and services under your purview. * Ensure technical alignment for the products and services you oversee with team initiatives, including GRC, security operations, and monitoring and response activities. Required Skills, Knowledge & Abilities * Strong communicator with the ability to lead technical architecture discussions, drive technical decisions, and effectively communicate with non-technical audiences. * Expertise in agile product lifecycles. Ideally, you have experience in a product manager or engineering manager role and understand how SaaS products (B2B, B2B2C, and B2C) are built, including roadmap planning and feature and defect prioritization. * Experience with threat modeling methodologies, with the ability to create efficient and scalable approaches to conducting such assessments. * Familiarity with AWS services, including KMS, SST, Container Registry, ELBs, Lambda, API Gateway, CloudTrail, and IAM (knowledge of GCP and/or Azure is a plus). * Proven ability to establish credibility and build trust with business, engineers, and operational staff; confident yet humble. * Hands-on experience with managing security for core enterprise systems, e.g., ERP, HCM, Salesforce, etc. * Strong understanding of both human and non-human identity management and common enterprise and consumer authentication standards and use cases. * Practical experience with CI/CD pipelines and DevOps tools, including Infrastructure-as-Code (IaC) tools like Terraform, Pulumi, or CDK; GitHub and GitHub Actions; artifact management; and secrets management tools like Doppler and HashiCorp Vault. * Passionate about learning new technologies. While you're not expected to know everything, you should demonstrate a willingness and ability to learn as needed. * Prior experience interfacing and supporting with G&A teams, internal product teams, and other cross-functional areas. * Proficiency in writing automation scripts in multiple languages, with prior experience automating security processes in cloud or SaaS environments. * Experience engaging with vendors in design partnerships. * Experience overseeing vulnerability and threat management at the platform and application levels. * Familiarity with penetration testing and red team exercises, including manual verification, exploitation, and lateral movement. * Ability to balance a high-level view of security strategy with attention to detail, ensuring thorough and effective execution. $146,000 - $170,000 a year In addition to the above salary, this role may be eligible for a bonus. Additional Information Regarding Job Duties and s: Job duties include additional responsibilities as assigned by one's supervisor or other managers related to the position/department. This job description is meant to describe the general nature and level of work being performed; it is not intended to be construed as an exhaustive list of all responsibilities, duties and other skills required for the position. The Company reserves the right at any time with or without notice to alter or change job responsibilities, reassign or transfer job position or assign additional job responsibilities, subject to applicable law. The Company shall provide reasonable accommodations of known disabilities to enable a qualified applicant or employee to apply for employment, perform the essential functions of the job, or enjoy the benefits and privileges of employment as required by the law. If you are an extraordinary professional who thrives in a collaborative work culture and values a rewarding career, then we want to work with you! Apply today! We are committed to protecting your privacy. To learn more about how we collect, use, and safeguard your personal information during the application process, please review our Employment Privacy Policy and Recruiting Policy on AI. We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

Country: United States of America Onsite U.S. Citizen, U.S. Person, or Immigration Status Requirements: Active and transferable U.S. government issued security clearance is required prior to start date. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance Security Clearance: Secret - Current At Raytheon, the foundation of everything we do is rooted in our values and a higher calling - to help our nation and allies defend freedoms and deter aggression. We bring the strength of more than 100 years of experience and renowned engineering expertise to meet the needs of today's mission and stay ahead of tomorrow's threat. Our team solves tough, meaningful problems that create a safer, more secure world. Raytheon is seeking a well-qualified Systems Security Engineer II (P2) to join our Systems Security Engineering (SSE) team in developing solutions to protect the Warfighter's technology advantage. Systems Security Engineering creates holistic security solutions leveraging Cyber Security, Software Assurance and Supply Chain Risk Management to support Program Protection Implementation on embedded weapons systems. Join our highly visible team and perform technically challenging assignments, which will directly contribute to protecting our nation and our Warfighters. This is an onsite position at Raytheon in Fullerton, CA. What You Will Do Lead the patch team, ensuring on-time delivery of patches to our customer Perform analysis on cybersecurity collected data and test results Validate secure configuration of routers, switches, firewalls, servers, operating systems, applications, and other assets, using DoD approved scanning and assessment tools such as Nessus, STIG, Evaluate STIG, and/or RADIX Create and maintain Linux Bash and Python scripts Create patch artifacts such as patch media and information assurance posture reports Qualifications You Must Have Typically requires a Bachelor's Degree in Science, Technology, Engineering or Mathematics (STEM) and 2 years of prior relevant experience Active and transferable U.S. government issued DoD Secret security clearance is required prior to start date. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance Experience in System Security Engineering, computer technology reverse engineering, cybersecurity or embedded security Qualifications We Prefer Experience with scrum planning and scrum tools such as Jira Experience in the SSE implementation throughout the entire life cycle Experience contributing to a team environment for the purpose of developing creative solutions to technical problems Cyber Certifications in accordance with DoDD 8570/DoDD 8140 such as CISSP, GSLC, CEH Experience supporting the development of Risk Management Framework (RMF) documents and controls validation testing for Authority to Operate (ATO) accreditations Candidate must exhibit an exceptional degree of ingenuity, creativity and resourcefulness Excellent communication, technical writing, oral presentation and interpersonal skills What We Offer Our values drive our actions, behaviors, and performance with a vision for a safer, more connected world. At RTX we value: Trust, Respect, Accountability, Collaboration, and Innovation Relocation Eligible - Relocation assistance is available As part of our commitment to maintaining a secure hiring process, candidates may be asked to attend select steps of the interview process in-person at one of our office locations, regardless of whether the role is designated as on-site, hybrid or remote. The salary range for this role is 72,000 USD - 144,000 USD. The salary range provided is a good faith estimate representative of all experience levels. RTX considers several factors when extending an offer, including but not limited to, the role, function and associated responsibilities, a candidate's work experience, location, education/training, and key skills.Hired applicants may be eligible for benefits, including but not limited to, medical, dental, vision, life insurance, short-term disability, long-term disability, 401(k) match, flexible spending accounts, flexible work schedules, employee assistance program, Employee Scholar Program, parental leave, paid time off, and holidays. Specific benefits are dependent upon the specific business unit as well as whether or not the position is covered by a collective-bargaining agreement.Hired applicants may be eligible for annual short-term and/or long-term incentive compensation programs depending on the level of the position and whether or not it is covered by a collective-bargaining agreement. Payments under these annual programs are not guaranteed and are dependent upon a variety of factors including, but not limited to, individual performance, business unit performance, and/or the company's performance.This role is a U.S.-based role. If the successful candidate resides in a U.S. territory, the appropriate pay structure and benefits will apply.RTX anticipates the application window closing approximately 40 days from the date the notice was posted. However, factors such as candidate flow and business necessity may require RTX to shorten or extend the application window. RTX is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or veteran status, or any other applicable state or federal protected class. RTX provides affirmative action in employment for qualified Individuals with a Disability and Protected Veterans in compliance with Section 503 of the Rehabilitation Act and the Vietnam Era Veterans' Readjustment Assistance Act. Privacy Policy and Terms: Click on this link to read the Policy and Terms

**Country:** United States of America ** Onsite **U.S. Citizen, U.S. Person, or Immigration Status Requirements:** Active and transferable U.S. government issued security clearance is required prior to start date. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance **Security Clearance:** Secret - Current At Raytheon, the foundation of everything we do is rooted in our values and a higher calling - to help our nation and allies defend freedoms and deter aggression. We bring the strength of more than 100 years of experience and renowned engineering expertise to meet the needs of today's mission and stay ahead of tomorrow's threat. Our team solves tough, meaningful problems that create a safer, more secure world. Raytheon is seeking a well-qualified **Systems Security Engineer II (P2)** to join our Systems Security Engineering (SSE) team in developing solutions to protect the Warfighter's technology advantage. Systems Security Engineering creates holistic security solutions leveraging Cyber Security, Software Assurance and Supply Chain Risk Management to support Program Protection Implementation on embedded weapons systems. Join our highly visible team and perform technically challenging assignments, which will directly contribute to protecting our nation and our Warfighters. This is an onsite position at Raytheon in Fullerton, CA. **What You Will Do** + Lead the patch team, ensuring on-time delivery of patches to our customer + Perform analysis on cybersecurity collected data and test results + Validate secure configuration of routers, switches, firewalls, servers, operating systems, applications, and other assets, using DoD approved scanning and assessment tools such as Nessus, STIG, Evaluate STIG, and/or RADIX + Create and maintain Linux Bash and Python scripts + Create patch artifacts such as patch media and information assurance posture reports **Qualifications You Must Have** + Typically requires a Bachelor's Degree in Science, Technology, Engineering or Mathematics (STEM) and 2 years of prior relevant experience + Active and transferable U.S. government issued DoD Secret security clearance is required prior to start date. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance + Experience in System Security Engineering, computer technology reverse engineering, cybersecurity or embedded security **Qualifications We Prefer** + Experience with scrum planning and scrum tools such as Jira + Experience in the SSE implementation throughout the entire life cycle + Experience contributing to a team environment for the purpose of developing creative solutions to technical problems + Cyber Certifications in accordance with DoDD 8570/DoDD 8140 such as CISSP, GSLC, CEH + Experience supporting the development of Risk Management Framework (RMF) documents and controls validation testing for Authority to Operate (ATO) accreditations + Candidate must exhibit an exceptional degree of ingenuity, creativity and resourcefulness + Excellent communication, technical writing, oral presentation and interpersonal skills **What We Offer** + Our values drive our actions, behaviors, and performance with a vision for a safer, more connected world. At RTX we value: Trust, Respect, Accountability, Collaboration, and Innovation + Relocation Eligible - Relocation assistance is available **_As part of our commitment to maintaining a secure hiring process, candidates may be asked to attend select steps of the interview process in-person at one of our office locations, regardless of whether the role is designated as on-site, hybrid or remote._** The salary range for this role is 72,000 USD - 144,000 USD. The salary range provided is a good faith estimate representative of all experience levels. RTX considers several factors when extending an offer, including but not limited to, the role, function and associated responsibilities, a candidate's work experience, location, education/training, and key skills. Hired applicants may be eligible for benefits, including but not limited to, medical, dental, vision, life insurance, short-term disability, long-term disability, 401(k) match, flexible spending accounts, flexible work schedules, employee assistance program, Employee Scholar Program, parental leave, paid time off, and holidays. Specific benefits are dependent upon the specific business unit as well as whether or not the position is covered by a collective-bargaining agreement. Hired applicants may be eligible for annual short-term and/or long-term incentive compensation programs depending on the level of the position and whether or not it is covered by a collective-bargaining agreement. Payments under these annual programs are not guaranteed and are dependent upon a variety of factors including, but not limited to, individual performance, business unit performance, and/or the company's performance. This role is a U.S.-based role. If the successful candidate resides in a U.S. territory, the appropriate pay structure and benefits will apply. RTX anticipates the application window closing approximately 40 days from the date the notice was posted. However, factors such as candidate flow and business necessity may require RTX to shorten or extend the application window. _RTX is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or veteran status, or any other applicable state or federal protected class. RTX provides affirmative action in employment for qualified Individuals with a Disability and Protected Veterans in compliance with Section 503 of the Rehabilitation Act and the Vietnam Era Veterans' Readjustment Assistance Act._ **Privacy Policy and Terms:** Click on this link (******************************************************** to read the Policy and Terms Raytheon Technologies is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.

The System Security Engineer Level II is required to be a highly skilled and hands-on security engineer, and will be responsible for helping to maintain and expand the infrastructure of the entire Cambro network, ensuring that they are protected from cyber threats and attacks, ensuring compliance, and responding to incidents. In this role, the responsibility is to manage, monitor, and maintain our Network IT infrastructure from CVEs, cyber threats, manage and implement device firmware and software updates. Also, the role is required to assist in projects and initiatives to support, upgrade, and maintain our technical environment to improve network security. The role requirement is to be proficient with cybersecurity frameworks including NIS, ISO27001/27002, CIS, HIPAA, CCPA/CPRA and GDPR. The role requires to have a multi-disciplined background including experience with Cybersecurity Operations, firewalls, IDS/IPS, switches, VLANs, routing protocols, IPsec, VPN tunnels, multi factor authentication and e-mail security. In addition, they must have a solid understanding of virtualized servers, Windows workstations and services. This role is required to have the network monitoring skills and technologies for detecting unusual activity, investigate security breaches and lead incidence response. ESSENTIAL JOB FUNCTIONS • Monitor network traffic for anomalies, investigate alerts and respond to security incidents. • Conduct regular vulnerability scans, risk assessments, patch management and mitigation across network devices. • Ensure adherence to cybersecurity frameworks including NIS, ISO27001/27002, CIS, HIPAA, CCPA/CPRA and GDPR. • Able to proactively scan servers and network devices for vulnerable ports and protocols and rogue devices. • Manage our firewall environment with the ability to create route policies and apply cybersecurity recommendations • Install and configure Network Equipment (Switches, Firewalls, and other networking hardware) • Perform (Layer 2) switch administration and configuration on Cisco/Ruckus switches. Including configuring LAGs, interfaces, creating trunks, creating, and managing segmented VLANs. • Possess a solid understanding of Windows Server services and roles including installation and configuration • Create certificates for network devices and servers that have a web management capability • A strong understanding of Windows Active Directory and can design, implement, and configure and troubleshoot Active Directory issues • Create, Manage and Deploy Group Policy Objects (GPO's) to deploy applications and implement security including windows firewalls • Effectively use PowerShell to automate and standardize administrative tasks • Capable of installing a Linux VM and execute basic Linux commands and managing Linux appliances • Manage our virtualized server environment managing, creating VM's and patching the VMware environment. • Strong understanding of Virtual Switches, Port Groups (Distributed and Standard) • Manage the Active Backup for Business on Synology and other advanced Synology administration features • Maintain and monitor Backup solutions. • Manage our users email accounts using the cloud service M365 from Microsoft • Responsible for creating and maintaining server and network documentation to include tasks and procedures • Proactively monitor our network using a variety of tools to help identify potential network and server issues • Assist in patching our entire infrastructure when needed using a variety of tools • Maintains strong technical abilities, knowledge of new and changing technologies • Prepare for emergencies by creating and/or updating action plans • Jumping into time-sensitive projects wherever needed • Showing flexibility and a willingness to learn • Maintain healthy communication with IT Staff, IT Customers and Vendors • Actively participate in IT Infrastructure and Operations projects, managing, completing, communicating, and fully documenting assigned tasks and deliverables. • Maintain reliable and consistent attendance, including being punctual, and dependable in order to meet the needs of the department and the organization. • Execute each essential duty satisfactorily to perform job successfully. • Follows all safety procedures required in work area, wears PPE as needed, attends all safety meetings, and reports safety issues regarding equipment or unsafe/hazardous conditions. • Performs effectively as a team member, able to work well with others, open to receiving and give feedback, and treats everyone with respect. • Takes ownership of own work and behavior, accepts accountability for own actions, encourages solutions, and communicates status of work/projects. • Follow all department quality standards/criteria. Raise concerns and issues to immediate manager. • Able to understand and demonstrate Cambro company culture, display company core values (Safety, Quality, Respect, and Service). • Understands department's key performance indicators and contributes to achieve these goals both individually and as a team. • Maintains reliable and consistent attendance, including being punctual, dependable, and flexible to potential schedule changes to meet the needs of the department and the organization. • Executes each essential duty satisfactorily to perform job successfully. • Follows all safety procedures required in work area, wears PPE as needed, attends all safety meetings, and reports safety issues regarding equipment or unsafe/hazardous conditions. • Performs effectively as a team member, able to work well with others, open to receive and give feedback, and treats everyone with respect. • Takes ownership of own work and behavior, accepts accountability for own actions, encourages solutions, and communicates status of work/projects. • Follows all department quality standards/criteria. Raises concerns and issues to management. • Understands department's key performance indicators (KPIs) and contributes to achieve these goals both individually and as a team. • Other duties as needed or required. ADDITIONAL RESPONSIBILITIES • Ability to be on call 24 hours a day, 7 days a week for global operations, by periodically providing off-hours, evening, and weekend support to accommodate maintenance windows and issue resolution • Occasional travel to various Cambro locations domestically and internationally as required (15%) • May occasionally guide less experienced associates to help with technical projects • Some travel may be required. REQUIRED QUALIFICATIONS The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. • Bachelor's degree (B.A.) from a four-year accredited college or university. • 5-10 years of experience in IT security, network, administration, and support roles. • Ability to interpret a variety of instructions furnished in written, oral, diagram, or schedule form. • Ability to adapt and adjust plans to meet changing needs. • Proficient in Microsoft Office Suite • Experience with Fortinet solutions, EDR, email security solutions • Solid knowledge of cybersecurity frameworks including NIS, ISO27001/27002, CIS, HIPAA, CCPA/CPRA and GDPR. • Solid working knowledge of Layer 2 (VLANs, Inter-VLANs, VTP Domains, bridge groups, MVRP, ACL's) technologies and network segmentation. • Strong knowledge of DNS records including reverse zones and maintaining DNS records • Strong DHCP Knowledge to include DHCP Fail over and able to configure DCHP relay on Switches • Solid understanding of routing protocols, static routes and ARP cache • Proficient in creating and implementing certificates on layer 2 devices (Switches, Firewalls, Linux Appliances) • Strong troubleshooting skills and possess the ability to find security and network issues in a timely manner • Strong Windows administration skills including Active Directory/GPO's and security policies • Solid working knowledge of Virtualization, such as VMware ESXi servers and vCenter 7.x • Solid working knowledge of Veeam/Bacula/Exagrid backup software to manage backup and restore procedures • Must be able to follow instructions and procedures and ask questions if something is unclear • Excellent documentation skills including ability to create network drawings • Self-motivated and energetic with the ability to manage time efficiently without supervision and to work effectively under pressure • Strong customer service and communication skills • Excellent organizational skills and strong sense of urgency • Familiarity with various network types including LANs, WANs, SDWAN, WLANs, SANs, and VoIP networks • Great accuracy and attention to detail PREFERRED QUALIFICATIONS • Experience in Business Continuity and disaster recovery is a plus • Knowledge of Ruckus Access Points and Switches • Knowledge of IBMi PHYSICAL DEMANDS The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Sitting, walking, standing, bending at the neck, bending at the waist, squatting, climbing, kneeling, crawling, twisting at the neck and waist, repetitive use of hands, simple grasping, power grasping, fine manipulation, pushing and pulling, reaching above and below the shoulder, carrying/lifting up to 50 lbs. Driving cars and other IT equipment Working around equipment and machinery Exposure to excessive noise Exposure to dust, gas, fumes or chemicals Working at heights Use of special visual or auditory protective equipment Walking on uneven ground PPE Requirements Safety glasses Steel-toe slip-resistant shoes - When in production area Hearing protection (e.g. ear plugs, ear muffs) - When in production area Face covering (mask) in accordance with company policy. Hardhat/bump camp IT Application COMPENSATION RANGE: $97,000- $120,000 Salary may vary based on experience. CAMBRO is proud to be an equal-opportunity workplace. All qualified applicants will receive consideration for employment without regard to and will not be discriminated against based upon race, color, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, genetic information, military or veteran status, or other characteristics protected by law.

The Information Security Analyst will be tasked with monitoring and identifying organizational security risks, detecting attack methods and sources, and preserving electronic evidence when required. This role requires expertise in analyzing, recommending, designing, implementing, and maintaining systems and processes that safeguard business and client data. Core responsibilities include conducting risk assessments, performing security analyses, and creating remediation strategies. The individual should be capable of working independently while contributing to security programs as part of the incident response team. Strong written communication skills are essential for preparing formal reports. Professional fluency in English and Portuguese is required. This is an onsite position in Brazil, five days per week, offered as a 6-12 month contract with potential for extension or conversion to a full-time role. Responsibilities but not limited to: - IT Security Administration: Focus on minimizing downtime and ensuring scalability by addressing security risks across systems and networks. - Application Security Alignment: Guarantee that security architecture, designs, plans, controls, and policies comply with IT standards and overall security requirements. - Documentation: Develop and maintain detailed records for all security systems and networks, updating documentation whenever changes occur. - Project Participation: Contribute to initiatives and projects centered on information security. - Program Support: Assist with implementing, maintaining, and monitoring the information security program, including gap analysis, risk assessments, third-party evaluations, procedure development, recurring processes, and incident response. - Solution Deployment: Handle integration, initial configuration, and upgrades of new and existing security solutions following industry best practices. - Operating Systems Expertise: Demonstrate advanced knowledge of Linux, Windows, and OS X environments. - Cloud Security: Apply experience in securing cloud infrastructures such as AWS and Azure. - Vulnerability Management: Lead efforts to identify and remediate security weaknesses in networks and systems, providing technical guidance and support. - Policy Development: Create, implement, and maintain internal procedures to safeguard data and manage incident response effectively. - Collaboration: Work with project teams and system architects to design secure systems and project plans that meet established security standards. - Threat Awareness: Stay informed on current and emerging security threats and design architectures to mitigate potential risks. We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to ********************.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: **************************************************** Skills and Requirements · Knowledge with Security solutions: SIEM, IAM, PAM, EDR/XDR, CSAM, CASB, Proxies, ZTNA · Solid security understanding with Microsoft security controls (AD, Entra, O365, Intune MDM, etc) · Minimum 7+ years of experience in information technology security or equivalent combination of education and experience · Security+, CISSP, CISA or SANS GIAC certification · Understanding of application, network, operating system, and core infrastructure security concepts. · Knowledge on security monitoring tools such as UTM, IPS, IDS and other security appliances · Project management, organizational and prioritizing skills · Understanding of WAN, MPLS, and technologies such as VoIP beneficial · Working knowledge of common information technology management frameworks such as ISO/IEC 27001, ITIL, COBIT, and NIST

What you do Be responsible for Pre Sales Support & End User Support for, but not limited to the design, configuration, and operation of complete building low voltage systems, including fire, security, and other low voltage control sub-systems (i.e. lighting, nurse call, data networks, etc.) to meet the intent of the project requirements. Accountable to field teams for quality, timeliness and efficiency of designs. Develops complex software programs, commissions and troubleshooting to ensure proper operations of the building control system. Provides detailed information and submittals to communicate design and operation to customers, consultants, Johnson Controls field installation team and subcontractors. How will you do it - Sales Support and End User Support · Possible job walks with the Sales Team on the initial design phase · Designs and configures are technically complex building control systems as defined by the contract documents. · Creates flow diagrams, sequence of operations, bill of material, network layouts and electrical schematics as required. · Develop and tests software programs necessary to operate the system per the project requirements' intent. · Coordinates the creation of necessary drawings and equipment schedules for submittals and installation. · Assists in the loading and commissioning of all system and network-level controllers as required. · Assists in validation of complete system functionality and troubleshoots problems with subcontractors and other trades to ensure proper operation. · Provides field change information to the project team for the creation of as-built drawings and software. · Keeps management and JCI contractor or customer informed of job progress and issues. · Assists in performing site-specific training for owner/operator on the total building control system. · Participates in release meeting with the project field team. · Performs value engineering to provide cost effective results while maintaining customer satisfaction. · Adheres to safety standards. · High degree of employee and subcontractor safety. What we look for Required Qualifications · Minimum of seven years of experience, or an associate degree in a related technical field with seven years of relevant work experience required. · Demonstrated knowledge of the construction, mechanical, electrical, or HVAC service industry. · Demonstrated knowledge of mechanical drawings, electrical wiring diagrams, control theory, automatic temperature controls, building automation systems and other building subsystems. · Demonstrated experience in the integration of low voltage building sub-systems using various industry protocols (i.e. LON, BACnet, etc.). · Ability to relate technical knowledge to a non-technical audience. · Demonstrated advanced computer skills required, particularly computer-related drafting tools, such as Visio. Preferred Qualifications · Bachelor's degree in engineering with a minimum of five years of experience, or an associate degree in a related technical field with seven years of relevant work experience required. · Understanding of IP networking for building automation systems. · Understanding of Tridium/Niagara Framework HIRING SALARY RANGE: $100K to $125K (Salary to be determined by the education, experience, knowledge, skills, and abilities of the applicant, internal equity, location and alignment with market data.) This role offers a competitive Bonus plan that will take into account individual, group, and corporate performance. This position includes a competitive benefits package. For details, please visit the About Us tab on the Johnson Controls Careers site at ***************************************** Johnson Controls International plc. is an equal employment opportunity and affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, protected veteran status, genetic information, sexual orientation, gender identity, status as a qualified individual with a disability or any other characteristic protected by law. To view more information about your equal opportunity and non-discrimination rights as a candidate, visit EEO is the Law. If you are an individual with a disability and you require an accommodation during the application process, please visit here.

**MANTECH** seeks a motivated, career and customer-oriented **Information Systems Security Officer** with strengths in Information Systems Security to join our team at Marine Corps Base **Camp Pendleton California.** This position will assist Marine Corps Warfighting Laboratory (MCWL) prepare for and maintain the IT infrastructure, IT capabilities and Audio-Visual capabilities to support emerging ICD 705 Sensitive Compartmentalized Information Facilities (SCIFs) and Special Access Control Facilities (SAPFs) through planning, activation and operations. **Responsibilities include but are not limited to:** + Experience in network design, network monitoring, systems development, and knowledge of Information Assurance (IA) policies, directives, and best practices across DoD and Marine Corps. + Knowledge and experience with organizations within the Marine Corps responsible for facilitating network approvals and connections. + Work with various Marine Corps, Navy, Joint, and other services to coordinate installs supporting Initial Operating Capability (IOC) and Final Operating Capability (FOC). + Ability to communicate and provide effective staff coordination across government, Marine Corps, and contractor organizations. + Support the facility Site Security Manager (SSM)/Special Security Representative (SSR) and Information Systems Security Manager (ISSM) to oversee the secure installations and operations of systems across multiple security domains and in accordance with policies, directives, and best practices. + Establishes and satisfies complex system-wide information security requirements based upon the analysis of user, policy, regulatory, and resource demands. Supports Marine Corps and other customers at the highest levels in the development and implementation of doctrine and policies. **Minimum Qualifications:** + Bachelor's degree and at least 10 years' experience planning and/or operating IT infrastructure within ICD 705 facilities. + Experience with network security aspects of installations and operations. **Preferred Qualifications:** + Experience with MS Word, MS Power Point **Clearance Requirements** **_:_** + Candidate must have a current/active Top Secret clearance with the ability to obtain and maintain a TS/SCI clearance prior to starting this position. **Physical Requirements:** + Ability to maintain construction security oversight in outdoor environment; walk (with personal protective equipment) to inspect and document delivery of components and assembly/construction of structure. MANTECH International Corporation considers all qualified applicants for employment without regard to disability or veteran status or any other status protected under any federal, state, or local law or regulation. If you need a reasonable accommodation to apply for a position with MANTECH, please email us at ******************* and provide your name and contact information.

Full-time Description For nearly 50 years, CSA has delivered integrated technology and operational support services to meet the defense and federal sector's most complex enterprise needs. Working from operations centers and shipyards to training sites and program offices, CSA deploys experienced teams, innovative tools, and proven processes to advance federal missions. Client Solution Architects (CSA) is currently seeking an Information Systems Security Officer to support a program at Grafenwoehr, Germany. Works with System Administrators (SA), Command Information System Security Manager (ISSM), other Information System Security Officers (ISSOs), multiple Branch Heads, multiple Program Managers (PMs) and a project strategist in support of the completion of a mixture of Certification and Accreditation (C&A) boundaries consolidated into overarching master boundaries in support of information assurance policy and regulations. In addition to C&A package development, the individual will be responsible for the day-to-day operations as an ISSO. How Role will make an impact: Develop and maintain an organizational or system-level cybersecurity program that includes cybersecurity architecture, requirements, objectives and policies, cybersecurity personnel, and cybersecurity processes and procedures. Provide support to the System Owner and the ISSM for maintaining the appropriate operational IA posture for a system, program, or enclave. Provide support to the customer on all matters involving the security of their information systems. Assist with the management of all security aspects of the information system and as assigned performs day-to-day security operations of the system. Assist in the development of the system security policy and ensures compliance with that policy on a routine basis. Prepare, validate, and maintain security documentation including, but not limited to: system security plan (SSP), risk assessment (RA), contingency plan (CP), privacy impact assessment (PIA), eAuthentication assessment, FIPS categorization. Provide configuration management for security-relevant information system software, hardware, and firmware, controlling changes to the system and assessing the security impact of those changes. Identify and mitigate security business and system risks. Identify and manage POA&Ms through remediation as well as develop corrective action plans for each POA&M. Maintain a repository for all organizational or system-level cybersecurity-related documentation such as RMF processes within eMASS or other automated process. Maintain Defense Information Technology Portfolio Registry (DITPR) for client systems and software. Ensure implementation of Information System (IS) security measures and procedures, including reporting incidents to the Command Information System Security Manger (ISSM) and appropriate reporting chains as well as coordinating system-level responses to unauthorized disclosures in accordance with DoDM 5200.01 Vol 3 for classified information or DoDM 5200.01 Vol 4 for CUI, respectively. Implement and enforce all DoD IS and Platform Information Technology (PIT) system cybersecurity policies and procedures, as defined by cybersecurity-related documentation. Ensure that all users have the requisite security clearances and access authorization, and are aware of their cybersecurity responsibilities for DoD IS and PIT systems under their purview before being granted access to those systems. In coordination with the ISSM, initiate protective or corrective measures when a cybersecurity incident or vulnerability is discovered. Establish a process for authorized users to report all cybersecurity-related events and potential threats and vulnerabilities to the ISSO. Ensure that all DoD IS cybersecurity-related documentation is current and accessible to properly authorized individuals. Ensures proper Configuration Management procedures are followed. Prior to implementation and contingent upon necessary approval with the ISSM. Initiates requests for temporary and permanent exception, deviations, or waivers to IA requirements such as Plan of Action and Milestones (POA&Ms). Ensures IA and IA-enabled software, hardware and firmware comply with appropriate security configuration guides. Provide status updates of assigned duties to the appropriate agency heads as defined in their respective Service Level Agreement (SLA). Respond to all applicable data calls, CTO's, FRAGO's, IAVA's ,etc within the requested timeframe. Attend all Cybersecurity Workforce Meetings when requested. Perform as needed system administration on JLCCTC or other simulations or interface systems as needed. Perform as needed technical operations, setup and tear down of servers, systems and integration tools; maintaining RMF compliance; providing input to exercise design and technical planning products. Support as needed other set-up, transition, and break down for all training and training support activities pertaining to this task order. Participate in individual training, seminars, conferences, exercise/experiment planning events, site surveys, and exercise and training events and supports the planning and preparation processes and product development as needed. Requirements What you'll need to join our award-winning team: Clearance: Must possess and maintain an active U.S. Top Secret/SCI security clearance with the ability to pass a CI/Polygraph exam Education: A bachelor's degree plus 3 years of recent related experience OR an associate's degree plus 7 years of recent related experience OR a major certification plus 7 years of recent related experience OR 11 years of recent related experience. DoD Approved 8570 Baseline Certification for a minimum of IAM Level II. Five (5) years' experience within the past 10 years, in planning simulation exercise architectures, supervising implementation of communication systems, and integration of Army Mission Command Systems in support of distributed exercises. Five (5) years' experience in information technology management What Sets you apart: A working knowledge of RMF and the security authorization processes and procedures. Knowledge of NIST Special Publications and their counterparts, especially SP800- 37, SP800-53, ICD 503, and CNSS 1253. Ability to communicate clearly and present information to the customer in a format they can understand. Experience in several of the following areas: knowledge of current security tools, hardware and software security implementation; different communication protocols; and encryption techniques/tools. Familiarity with commercial security products, security authorization techniques, security incident management, and PKI and authorization services. Must be able to prioritize tasks, deliver solutions on time and be a team player with the ability to work independently and proactively while being flexible and prioritizing competing priorities, often under time constraints. Have strong analysis, oral and written communication, and change management skills with ability to plan, organize, prioritize, track, manage, and learn new skills. It is preferred that a candidate have at least one year of experience under the DoD Information Assurance Certification and Accreditation Process (DIACAP) and/or Risk Management Framework (RMF) accreditation process and has a familiarity with Enterprise Mission Assurance Support Service (eMASS). Technical familiarity with Windows 7 Enterprise/Windows 10 Professional, Windows Server 2012, and Red Hat Linux. Experience with providing IA or IT support to a US Army client desirable, but not required. Proficiency with using the Internet and with Microsoft Office products including e-mail, Word, Excel, Access and Project is required. Outstanding work ethic and personal integrity. Superior analytical and problem-solving skills. Ability to document and update processes. Ability to perform tasks under deadlines. Ability to work with senior Government and Industry leaders. Possess a very high degree of attention to detail. Capable of working at a computer terminal for extended periods. Ability to work 12-hour shifts, day or night, for consecutive days up to 4 weeks. • Outstanding interpersonal and written communication skills.

This position is responsible for ensuring that the Bank's Security operations and preventive controls are managed and maintained in accordance with established Information Security policies, standards and procedures, published regulations and industry best practices. Primarily responsible for the constant review of vendor security controls in comparison with policies and industry frameworks, risk assessments, determination of control gaps and their remediation. ESSENTIAL FUNCTIONS Performs vendor security risk assessments to determine inherent risk on proposed projects and assesses vendor security controls to determine residual risk. Evaluates the potential exposure to application security risks and threats based on industry security frameworks and recommends appropriate mitigation. Assesses security practices including Information Security governance, Identity and access control, Incident monitoring and response, Vulnerability assessment and Penetration tests, Network Security and Endpoint Security, among others. Acts as liaison with Third Party Risk Management, Information Technology and business department Relationship Managers related to vendor risk assessments. Reports information security risks and follows-up remediations. Remediates audit and regulatory findings and recommendations related to Information Security and Vendor Risk Management. QUALIFICATIONS Education: College degree in Information Technology or Information Security or equivalent; Security+, SSCP, CISSP, CISM or similar information security certifications preferred. Experience: Minimum two years of experience in Information Security Risk, Information Security Operations or Security Auditing. Proven experience on third-party risk management and vendor security assessments. Working knowledge of security practices such as Endpoint Security, Network Security, Security Operations and Security Governance required. Experience working with Vendor Risk Management (VRM) applications preferred. Skills/Ability: Proven ability to initiate and manage projects. Excellent communication and problem-solving skills. Strong inter-personal communication and collaboration skills. Self-starter, highly motivated, and able to work with general supervision. OTHER DETAILS $28.84 - $33.65 / hour Pay determined based on job-related knowledge, skills, experience, and location. This position may be eligible for a discretionary bonus.

CHAOS Industries is redefining modern defense with omniscient systems purpose-built for today's realities. Designed and built by top U.S. military veterans and Silicon Valley innovators, CHAOS Industries' products are powered by Coherent Distributed Networks (CDN™), empowering warfighters, commercial air operators, and border protection teams to act faster, adapt rapidly, and stay ahead of evolving threats. In a world where technological threats move at unprecedented speed, CHAOS Industries delivers advanced sensing and detection solutions that give the ultimate advantage: time. CHAOS Industries was founded in 2022 and has raised $1B in total funding from leading investors including 8VC, Accel, and NEA. The company is headquartered in Los Angeles, with offices in Washington, D.C., San Francisco, and London. For more information, please visit ***************** Role Overview: As a Cloud Cyber Security Engineer at our vibrant Los Angeles headquarters, you will serve as the primary point of contact for all cybersecurity needs. In this hands-on role, you'll ensure a challenging balance of Cybersecurity and Enablement across the enterprise. You will be one of the first Cloud-Security-focused hires and help build our internal security and infrastructure from the ground up. You'll work closely with the IT team and contribute to company-wide IT initiatives, infrastructure upgrades, and process improvements, providing security inputs and advising best practice, in a dynamic, fast-paced workplace. Responsibilities: Help build and manage our Cloud Security Posture, related platforms and processes. Co-own implementation of multiple enterprise Cybersecurity programs. Assist with security architecture reviews, roll outs, enhancements and initiatives. Research and implement security automations and partner with IT and other teams to implement into processes, procedures, and baselines. Design, document, and implement security solutions for cloud-based systems, including IAM, network security, data protection, DevSecOps, and compliance. Utilize cloud security best practices, including encryption, authentication, authorization, and audit capabilities. Maintain technical proficiency and certifications relevant to security solutions and architectures. Work full-time hybrid and on-site out of our office in Los Angeles (Hawthorne), California. Minimum Requirements: Bachelor's degree or equivalent experience in information technology, computer science, or information systems management. 5+ years of experience in technology-driven security solutions within defense or related industries. Experience in one or more of the following areas: EDR, Firewall, SIEM, or other common Cybersecurity solutions. Experience with automation related to Cloud Infrastructure and Cloud Security. Experience in IT security risk assessments and industry frameworks (NIST 800 series, CMMC, CIS Controls, etc). Strong knowledge in one or more of the following areas: Identity and Access Management (IAM), cryptography, key management, access controls, or security protocols (e.g., Multi-factor, SAML, OAuth, etc). Expertise in Azure/AWS Infrastructure services and cloud security best practices. Strong analytical, system design, and communication skills. Self-motivated, proactive problem solver with the ability to prioritize tasks in a fast-paced, high-pressure environment. Preferred Requirements: Experience either as a Cybersecurity Engineer, or SOC Engineer with a focus on Cloud infrastructure. Experience with scripting, automations and integration of multiple platforms and data sources. Eligible to obtain and maintain an active U.S. Secret/Top Secret security clearance. Strong Linux, Azure, AWS and common Cloud Security Stack experience. Why CHAOS? Health Benefits: Medical, dental, and vision benefits 100% paid for by the company Additional benefits: 401k (+ 50% company match up to 6% of pay), FSA, HSA, life insurance, and more Our Perks: Free daily lunch, ‘No meeting Fridays', unlimited PTO, casual dress code Compensation Components: Competitive base salaries, generous pre-IPO stock option grants, relocation assistance, and (coming soon!) annual bonuses Team Growth: 200 employees and counting across 5 global offices Salary Range: $130,000 - $170,000 The stated compensation range reflects only the targeted base compensation range and excludes additional earnings such as bonus, equity, and benefits. If your compensation requirements fall outside of the range, we still encourage you to apply. The salary range for this role is an estimate based on a range of compensation factors, inclusive of base salary only. Actual salary offer may vary based on (but not limited to) work experience, education and/or training, critical skills, and/or business considerations. #LI-onsite

Headquartered in the United States, TP-Link Systems Inc. is a leading global provider of networking devices and smart home products. Consistently ranked as the world's top provider of Wi-Fi devices, TP-Link is dedicated to delivering innovative solutions that improve people's lives by offering faster, more reliable connectivity. Serving customers in over 170 countries, we are committed to expanding our global footprint. At TP-Link Systems Inc., we believe that technology has the power to transform the world for the better. Our mission is to design reliable, high-performance products that connect users worldwide to the limitless possibilities of technology. We are driven by our core values of professionalism, innovation, excellence, and simplicity. Our goal is to help clients achieve outstanding global performance and to provide consumers with a seamless, effortless technology experience. TP-Link Systems Inc. is seeking a skilled and proactive Sr. Security Compliance Analyst who will be responsible for developing and overseeing TP-Link's enterprise security governance framework, ensuring compliance with regulatory requirements, industry standards, and internal policies. This individual will collaborate with cross-functional teams to embed security into business operations, manage risk, and enhance security resilience across TP-Link's enterprise ecosystem. Key Responsibilities: Security Governance & Policy Development * Develop, implement, and maintain security policies, standards, and guidelines aligned with industry best practices (e.g., NIST, ISO 27001, CIS). * Establish and lead a security governance framework to ensure consistent application of security controls across the enterprise. Risk Management & Compliance * Identify, assess, and mitigate security risks across TP-Link's global operations. * Ensure compliance with regulatory requirements such as GDPR, CCPA, NIST CSF, and other applicable cybersecurity frameworks. * Oversee security audits, risk assessments, and third-party security evaluations. * Partner with legal, IT, and business leaders to address security compliance gaps. Third-Party & Supply Chain Security * Develop and enforce security requirements for vendors, suppliers, and third-party partners. * Conduct security assessments of supply chain partners to identify and mitigate potential risks. Security Awareness & Training * Develop and lead security awareness programs to educate employees on cybersecurity risks and best practices. * Foster a security-first culture across all levels of the organization. * Provide guidance and training on security governance processes for internal stakeholders. Incident Response & Continuous Improvement * Support security incident response efforts by ensuring governance processes facilitate rapid detection and response. * Lead post-incident analysis to refine security policies and controls. * Monitor emerging threats, regulatory changes, and industry trends to evolve TP-Link's security governance strategies.

About GoodLeap:GoodLeap is a technology company delivering best-in-class financing and software products for sustainable solutions, from solar panels and batteries to energy-efficient HVAC, heat pumps, roofing, windows, and more. Over 1 million homeowners have benefited from our simple, fast, and frictionless technology that makes the adoption of these products more affordable, accessible, and easier to understand. Thousands of professionals deploying home efficiency and solar solutions rely on GoodLeap's proprietary, AI-powered applications and developer tools to drive more transparent customer communication, deeper business intelligence, and streamlined payment and operations. Our platform has led to more than $30 billion in financing for sustainable solutions since 2018. GoodLeap is also proud to support our award-winning nonprofit, GivePower, which is building and deploying life-saving water and clean electricity systems, changing the lives of more than 1.6 million people across Africa, Asia, and South America. Position Summary The GoodLeap security team is responsible for both business enablement and safeguarding the organization's information assets; it is involved in virtually all aspects of the business, from product safety and resilience, to building security paved roads, customer, partner, and regulatory trust, managing technology governance and compliance, and ensuring the privacy, and safety of GoodLeap's customers, partners, and employees information. The senior security engineer role provides a unique opportunity to shape the security and resilience of GoodLeap corporate systems, services, and operational processes. In this role, you will work closely with product, engineering, IT, and business teams within GoodLeap, acting as the key individual with both the authority and responsibility to ensure the safety and resilience of enterprise systems, products, and services. Your oversight will encompass: - Enterprise systems:Identifying potential misuse and abuse cases, proposing solutions to address these scenarios, and identifying product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. - Build-time controls: Managing applications/products security controls and activities during development. - Runtime controls: Overseeing security measures at runtime, from prevention to detection and response. Additionally, you will be involved with aspects of internally built products and represent all areas of security, spanning governance, risk, and compliance (GRC) to security monitoring, for a number of departments/teams. You will also have the authority and ability to involve other security team members as needed. While you will take on multiple responsibilities-from advisor to builder and beyond-your primary focus will be designing and building security patterns and practices for services and processes, and fostering strong relationships with product, business, and engineering. Essential Job Duties & Responsibilities Lead, participate in, and contribute to partnerships between security, IT, General & Administrative teams, engineering, product, and operations teams to build, orchestrate, and automate security controls and services in GoodLeap enterprise systems, products, services, and operational processes. Identify potential misuse and abuse cases in enterprise systems, propose solutions to address these scenarios, and identify product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. Support or develop components of the security analytics platform. Contribute to investigations, threat hunting, and incident response activities in a supporting role. Collaborate with the monitoring and response team to create playbooks for specific incident response scenarios related to the products and services you oversee. These investigations, incidents, and playbooks may address security, fraud, privacy, resilience, and related concerns. Support the security operations team with the vulnerability management lifecycle for products and services under your purview. Ensure technical alignment for the products and services you oversee with team initiatives, including GRC, security operations, and monitoring and response activities. Required Skills, Knowledge & Abilities Strong communicator with the ability to lead technical architecture discussions, drive technical decisions, and effectively communicate with non-technical audiences. Expertise in agile product lifecycles. Ideally, you have experience in a product manager or engineering manager role and understand how SaaS products (B2B, B2B2C, and B2C) are built, including roadmap planning and feature and defect prioritization. Experience with threat modeling methodologies, with the ability to create efficient and scalable approaches to conducting such assessments. Familiarity with AWS services, including KMS, SST, Container Registry, ELBs, Lambda, API Gateway, CloudTrail, and IAM (knowledge of GCP and/or Azure is a plus). Proven ability to establish credibility and build trust with business, engineers, and operational staff; confident yet humble. Hands-on experience with managing security for core enterprise systems, e.g., ERP, HCM, Salesforce, etc. Strong understanding of both human and non-human identity management and common enterprise and consumer authentication standards and use cases. Practical experience with CI/CD pipelines and DevOps tools, including Infrastructure-as-Code (IaC) tools like Terraform, Pulumi, or CDK; GitHub and GitHub Actions; artifact management; and secrets management tools like Doppler and HashiCorp Vault. Passionate about learning new technologies. While you're not expected to know everything, you should demonstrate a willingness and ability to learn as needed. Prior experience interfacing and supporting with G&A teams, internal product teams, and other cross-functional areas. Proficiency in writing automation scripts in multiple languages, with prior experience automating security processes in cloud or SaaS environments. Experience engaging with vendors in design partnerships. Experience overseeing vulnerability and threat management at the platform and application levels. Familiarity with penetration testing and red team exercises, including manual verification, exploitation, and lateral movement. Ability to balance a high-level view of security strategy with attention to detail, ensuring thorough and effective execution. In addition to the above salary, this role may be eligible for a bonus. Additional Information Regarding Job Duties and s: Job duties include additional responsibilities as assigned by one's supervisor or other managers related to the position/department. This job description is meant to describe the general nature and level of work being performed; it is not intended to be construed as an exhaustive list of all responsibilities, duties and other skills required for the position. The Company reserves the right at any time with or without notice to alter or change job responsibilities, reassign or transfer job position or assign additional job responsibilities, subject to applicable law. The Company shall provide reasonable accommodations of known disabilities to enable a qualified applicant or employee to apply for employment, perform the essential functions of the job, or enjoy the benefits and privileges of employment as required by the law. If you are an extraordinary professional who thrives in a collaborative work culture and values a rewarding career, then we want to work with you! Apply today! We are committed to protecting your privacy. To learn more about how we collect, use, and safeguard your personal information during the application process, please review our Employment Privacy Policy and Recruiting Policy on AI. We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

Country: United States of America Onsite U.S. Citizen, U.S. Person, or Immigration Status Requirements: Active and transferable U.S. government issued security clearance is required prior to start date. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance Security Clearance: Secret - Current At Raytheon, the foundation of everything we do is rooted in our values and a higher calling - to help our nation and allies defend freedoms and deter aggression. We bring the strength of more than 100 years of experience and renowned engineering expertise to meet the needs of today's mission and stay ahead of tomorrow's threat. Our team solves tough, meaningful problems that create a safer, more secure world. Raytheon is seeking a well-qualified Systems Security Engineer II (P2) to join our Systems Security Engineering (SSE) team in developing solutions to protect the Warfighter's technology advantage. Systems Security Engineering creates holistic security solutions leveraging Cyber Security, Software Assurance and Supply Chain Risk Management to support Program Protection Implementation on embedded weapons systems. Join our highly visible team and perform technically challenging assignments, which will directly contribute to protecting our nation and our Warfighters. This is an onsite position at Raytheon in Fullerton, CA. What You Will Do * Lead the patch team, ensuring on-time delivery of patches to our customer * Perform analysis on cybersecurity collected data and test results * Validate secure configuration of routers, switches, firewalls, servers, operating systems, applications, and other assets, using DoD approved scanning and assessment tools such as Nessus, STIG, Evaluate STIG, and/or RADIX * Create and maintain Linux Bash and Python scripts * Create patch artifacts such as patch media and information assurance posture reports Qualifications You Must Have * Typically requires a Bachelor's Degree in Science, Technology, Engineering or Mathematics (STEM) and 2 years of prior relevant experience * Active and transferable U.S. government issued DoD Secret security clearance is required prior to start date. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance * Experience in System Security Engineering, computer technology reverse engineering, cybersecurity or embedded security Qualifications We Prefer * Experience with scrum planning and scrum tools such as Jira * Experience in the SSE implementation throughout the entire life cycle * Experience contributing to a team environment for the purpose of developing creative solutions to technical problems * Cyber Certifications in accordance with DoDD 8570/DoDD 8140 such as CISSP, GSLC, CEH * Experience supporting the development of Risk Management Framework (RMF) documents and controls validation testing for Authority to Operate (ATO) accreditations * Candidate must exhibit an exceptional degree of ingenuity, creativity and resourcefulness * Excellent communication, technical writing, oral presentation and interpersonal skills What We Offer * Our values drive our actions, behaviors, and performance with a vision for a safer, more connected world. At RTX we value: Trust, Respect, Accountability, Collaboration, and Innovation * Relocation Eligible - Relocation assistance is available As part of our commitment to maintaining a secure hiring process, candidates may be asked to attend select steps of the interview process in-person at one of our office locations, regardless of whether the role is designated as on-site, hybrid or remote. The salary range for this role is 72,000 USD - 144,000 USD. The salary range provided is a good faith estimate representative of all experience levels. RTX considers several factors when extending an offer, including but not limited to, the role, function and associated responsibilities, a candidate's work experience, location, education/training, and key skills. Hired applicants may be eligible for benefits, including but not limited to, medical, dental, vision, life insurance, short-term disability, long-term disability, 401(k) match, flexible spending accounts, flexible work schedules, employee assistance program, Employee Scholar Program, parental leave, paid time off, and holidays. Specific benefits are dependent upon the specific business unit as well as whether or not the position is covered by a collective-bargaining agreement. Hired applicants may be eligible for annual short-term and/or long-term incentive compensation programs depending on the level of the position and whether or not it is covered by a collective-bargaining agreement. Payments under these annual programs are not guaranteed and are dependent upon a variety of factors including, but not limited to, individual performance, business unit performance, and/or the company's performance. This role is a U.S.-based role. If the successful candidate resides in a U.S. territory, the appropriate pay structure and benefits will apply. RTX anticipates the application window closing approximately 40 days from the date the notice was posted. However, factors such as candidate flow and business necessity may require RTX to shorten or extend the application window. RTX is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or veteran status, or any other applicable state or federal protected class. RTX provides affirmative action in employment for qualified Individuals with a Disability and Protected Veterans in compliance with Section 503 of the Rehabilitation Act and the Vietnam Era Veterans' Readjustment Assistance Act. Privacy Policy and Terms: Click on this link to read the Policy and Terms

Job Description Headquartered in the United States, TP-Link Systems Inc. is a leading global provider of networking devices and smart home products. Consistently ranked as the world's top provider of Wi-Fi devices, TP-Link is dedicated to delivering innovative solutions that improve people's lives by offering faster, more reliable connectivity. Serving customers in over 170 countries, we are committed to expanding our global footprint. At TP-Link Systems Inc., we believe that technology has the power to transform the world for the better. Our mission is to design reliable, high-performance products that connect users worldwide to the limitless possibilities of technology. We are driven by our core values of professionalism, innovation, excellence, and simplicity. Our goal is to help clients achieve outstanding global performance and to provide consumers with a seamless, effortless technology experience. TP-Link Systems Inc. is seeking a skilled and proactive Sr. Security Compliance Analyst who will be responsible for developing and overseeing TP-Link's enterprise security governance framework, ensuring compliance with regulatory requirements, industry standards, and internal policies. This individual will collaborate with cross-functional teams to embed security into business operations, manage risk, and enhance security resilience across TP-Link's enterprise ecosystem. Key Responsibilities: Security Governance & Policy Development Develop, implement, and maintain security policies, standards, and guidelines aligned with industry best practices (e.g., NIST, ISO 27001, CIS). Establish and lead a security governance framework to ensure consistent application of security controls across the enterprise. Risk Management & Compliance Identify, assess, and mitigate security risks across TP-Link's global operations. Ensure compliance with regulatory requirements such as GDPR, CCPA, NIST CSF, and other applicable cybersecurity frameworks. Oversee security audits, risk assessments, and third-party security evaluations. Partner with legal, IT, and business leaders to address security compliance gaps. Third-Party & Supply Chain Security Develop and enforce security requirements for vendors, suppliers, and third-party partners. Conduct security assessments of supply chain partners to identify and mitigate potential risks. Security Awareness & Training Develop and lead security awareness programs to educate employees on cybersecurity risks and best practices. Foster a security-first culture across all levels of the organization. Provide guidance and training on security governance processes for internal stakeholders. Incident Response & Continuous Improvement Support security incident response efforts by ensuring governance processes facilitate rapid detection and response. Lead post-incident analysis to refine security policies and controls. Monitor emerging threats, regulatory changes, and industry trends to evolve TP-Link's security governance strategies. Requirements Qualifications Education: Bachelor's degree in Computer Science, Cybersecurity, Information Security, or a related field. Experience: 5+ years of experience in security governance, risk management, or compliance in a global technology or networking company. Proven track record in developing and implementing security governance frameworks for enterprise security. Experience managing compliance with industry standards and regulations (ISO 27001, NIST CSF, SOC 2, GDPR, CCPA, etc.). Hands-on experience with supply chain security, third-party risk management, and vendor security assessments. Skills: Deep understanding of security frameworks (ISO 27001, NIST, CIS, SOC 2) and regulatory requirements. Strong expertise in risk management methodologies, security policy development, and compliance auditing. Proficient in conducting security assessments, third-party risk evaluations, and internal security reviews. Ability to communicate complex security concepts to business and technical stakeholders effectively. Strong leadership skills with experience in cross-functional collaboration and executive reporting. Benefits Salary range: $100,000-$150,000 Free snacks and drinks, and provided lunch on Fridays Fully paid medical, dental, and vision insurance (partial coverage for dependents) Contributions to 401k funds Bi-annual reviews, and annual pay increases Health and wellness benefits, including free gym membership Quarterly team-building events At TP-Link Systems Inc., we are continually searching for ambitious individuals who are passionate about their work. We believe that diversity fuels innovation, collaboration, and drives our entrepreneurial spirit. As a global company, we highly value diverse perspectives and are committed to cultivating an environment where all voices are heard, respected, and valued. We are dedicated to providing equal employment opportunities to all employees and applicants, and we prohibit discrimination and harassment of any kind based on race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws. Beyond compliance, we strive to create a supportive and growth-oriented workplace for everyone. If you share our passion and connection to this mission, we welcome you to apply and join us in building a vibrant and inclusive team at TP-Link Systems Inc. Please, no third-party agency inquiries, and we are unable to offer visa sponsorships at this time.