Cyber security analyst jobs in Lancaster, CA - 78 jobs

Job Description Forhyre is seeking a talented individual that will be able to provide security architecture support and interface across the program as needed. This support includes, but is not limited to, cybersecurity solutions, providing technical strategy for solutions, guidance, policy, and implementations. The successful candidate for this position is a highly motivated individual, with a strong IT security background who excels integrating, operating, and deploying security technology and solutions and interacts well with both internal teams and clients. Note: U.S. citizens and those authorized to work in the U.S. are encouraged to apply. We are unable to sponsor at this time. Responsibilities: Engineer, implement and monitor security measures for the protection of computer systems, networks and information Develop and implement security policies and controls to support the Cyber Security framework Manage the existing cyber security training program across global, multilingual business Assists in ensuring global Information security program meets all industry regulations, standards, and compliance requirements Drive adoption of infrastructure security best practices and work with Information Technology teams to ensure security standards are maintained Implement technology to proactively scan Information Technology environment for security breaches and suspicious activity Continuous improvement in the areas of Information Security technologies, techniques and processes Develops and maintains an effective system for the distribution of regular key performance indicator reports and dashboard Ability to interpret penetration test results and describe issues and fixes to non-security expert Responsible for leading an accurate & comprehensive status reporting to the executive steering committee Create and implement SOP/ process improvement initiatives to achieve outcomes that align or exceed the expectations of strategic roadmap Skills & Experience Bachelor's degree and 12+ years of experience; additional years of directly applicable experience may be accepted in lieu of a degree. Certified Information Systems Security Professional (CISSP) 8+ years hands-on experience designing or implementing security solutions, including all related documentation and artifacts Analytical ability, problem-solving skills, and ability to break down complex problems into actionable steps Extensive experience in design and development of enterprise security architectures. Experience must include a wide range of work in creating diagrams and documentation with all components that comprise IT systems including network topology. Strong knowledge and experience in secure enterprise architecture design, especially with regard to IAM, NDR, EDR, SIEM, AI/ML, and other cybersecurity tools and resultant applications Experience selecting effective methods, techniques, and evaluation criteria to achieve desired outcomes Previous experience developing architectures, strategies, strategic plans, roadmaps, and technical standards for the federal IT enterprise environment. Vulnerability Assessment testing and/or Penetration Testing (preferred) Robotic Process Automation/Intelligent Automation (preferred) Business case development supporting security technology solutions (preferred) Additional certifications demonstrating cybersecurity/technical mastery (preferred)

H i , This is Sujith from KRG Technologies ; We are looking Cyber Security at Rose Mead, CA for the below mentioned . Kindly forward me your resume, rate and contact details for further process. I also request you to forward this opportunity to your friends or colleagues; so that we can help someone who may be in search of a job or looking for a change. Job Title: Cyber Security Location: Rose Mead, CA Duration: CONTRACT(6-12months) Job Description: Must have 5-7 yrs of Cyber security experience. Have some experience around Vulnerability assessment & Pen test remediation. Able to explain vulnerabilities and remediation. Have some exposure to OWASP Top 10. Have some exposure to SDLC, development. Any experience in NERC-CIP would be great. Experience around Code review would be added advantage. Thanks & Regards Qualifications Cyber security experience with vulnerability and risk assessment Additional Information All your information will be kept confidential according to EEO guidelines.

Darktrace is a global leader in AI for cybersecurity that keeps organizations ahead of the changing threat landscape every day. Founded in 2013, Darktrace provides the essential cybersecurity platform protecting nearly 10,000 organizations from unknown threats using its proprietary AI. The Darktrace Active AI Security Platform™ delivers a proactive approach to cyber resilience to secure the business across the entire digital estate - from network to cloud to email. Breakthrough innovations from our R&D teams have resulted in over 200 patent applications filed. Darktrace's platform and services are supported by over 2,400 employees around the world. To learn more, visit ************************* Job Description: Launch Your Cybersecurity Career with Darktrace! Are you detail-oriented, curious, and ready to make an impact? Darktrace is hiring entry-level Cyber Security Analysts to join our team of experts protecting businesses from cyber threats. You'll receive full training, work with cutting-edge AI technology, and gain hands-on experience in a fast-paced environment. About the Role As a Cyber Security Analyst at Darktrace, you will play a critical role in safeguarding our customers' digital environments. You'll analyze technical data, identify potential threats, and provide actionable insights to ensure peace of mind for our clients. This role combines investigative work, report writing, customer interaction, consultancy, threat intelligence and technical problem-solving in a fast-paced Security Operations focused environment. Please Note: This role is Hybrid. 3 days in office. Key Responsibilities Investigate alerts and network traffic using the Darktrace platform and supporting tools. Draft clear, technical reports for customers on identified threats and recommended actions. Assist in assessing risks and implementing basic security measures. Identify emerging threat trends and analyze campaigns across customer environments. Respond to customer inquiries via email or chat with concise, accurate information. Collaborate with team members to share strategies and best practices. Contribute to internal and external knowledge sharing, including technical blog posts. Stay current on cybersecurity trends and developments. Support customers in adopting and optimizing the Darktrace platform through consultancy efforts. Maintain strict standards for data security and confidentiality. Qualifications & Skills Strong attention to detail and analytical thinking. Ability to work independently and as part of a team. Excellent written and verbal communication skills. Organizational skills to manage multiple tasks and meet deadlines. Basic understanding of cybersecurity principles and incident response. Problem-solving mindset with the ability to break down complex issues. Preferred Experience Familiarity with network protocols and security concepts. Technical writing or reporting experience. Bachelor's degree in Cybersecurity, Computer Science, or related field (or equivalent experience). Fluent in Spanish and/or Portuguese, capable of technical writing and delivery of consultancy service in language a plus What We Offer Comprehensive training and ongoing professional development. Opportunities for career growth in a rapidly expanding industry. Collaborative, inclusive work environment. Base $75k-$85k. Final offer will be determined based on years of experience and location. Benefits: 100% medical, dental and vision insurance, plus dependents Paid parental leave Pet insurance Discount Life insurance Commuter benefits 401(k) Employee Assistance Program

RELOCATION ASSISTANCE: No relocation assistance available CLEARANCE TYPE: SecretTRAVEL: Yes, 25% of the TimeDescriptionAt Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work - and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they're making history. Put your skills to the test by pushing the boundaries of what's possible. From global defense to sustainment and modernization to mission readiness, your experience and ability will make it a reality. Our programs are built on equal parts of curiosity and collaboration. Our combined effort means our customers can connect and defend millions of people around the world. With Northrop Grumman, you'll have the opportunity to be an essential part of projects that will define your career, now and in the future. Northrop Grumman Defense Systems is seeking an Principal or Sr. Principal Industrial Security Analyst (3/4) for our Northridge, CA location. Roles and Responsibilities: Develops and administers physical security programs and procedures for classified or proprietary materials, documents, and equipment. Studies and implements federal security regulations that apply to company operations Obtains rulings, interpretations, and acceptable deviations for compliance with regulations from government agencies Prepares manuals outlining regulations, and establishes procedures for handling, storing, and keeping records, and for granting personnel and visitors access to restricted records and materials Conducts security education classes and security audits Ensures security compliance as a CSSO in accordance with DoDM 5205.07 Responsible for offsite and subcontractor security standups and posture ISA duties will include: CSSO for offsite and subcontractor sites associated with the program Support a fast-paced, high-profile program; creating, maintaining, and leveraging working relationships with internal and external customers Study and implement company and federal security policies, regulations, and procedures that apply to company operations Obtain rulings, interpretations, and acceptable deviations for compliance with regulations from government agencies Manage program security compliance and operations across multiple functions, including security SCIF and/or SAPF administration, PHYSEC, COMSEC, PERSEC, OPSEC, Contract Security, Security Education, Investigations, Visitor Control, and Document Control Management Develop and implement a security education and awareness program Conduct internal security audits. Investigate security violations and prepare reports specifying preventive action to be taken Ensure adherence to contractual guidance for classified programs and cleared facilities in accordance with the Security Statements of Work, DD Form 254, DoD Contract Security Classification Specifications guidance Assist program managers and professional staff in interpreting, applying, and complying with program Security Classification Guides (SCG) Provide personnel security (PERSEC) support to include but not limited to reviewing and processing required documentation in support of SCI and SAP nomination processes; maintain PERSEC databases; prepare and administer program indoctrination and debriefings; access, review, and submit clearance and access information using the appropriate government database and other information systems Provide facility security administration, documentation, and support: implement Standard Operating Procedures (SOP); conduct SCI and SAP security program self-inspections Provide security support for Sensitive Compartmented Information Facility (SCIF) and Special Access Program Facility (SAPF) build construction projects to include obtaining customer accreditation in accordance with SCI and SAP DoD Manuals, ICD, ICS Tech Spec, and other government requirements Manage and maintain UL-2050 Compliant Intrusion Detection Systems (IDS) and automated Access Control Systems (ACS) Other duties as assigned Basic Qualifications: Principal Industrial Security Analyst (level 3) Must have a high school diploma or GED with at least 9 years of related experience; OR 5 year of experience with a bachelor's degree Experience with any of the following: Government manuals (32 CFR Part 117, NISPOM, DODM 5205.07, etc.) Strong working knowledge of basic office automation tool suites such as MS Office (Word, Excel, PowerPoint) Excellent customer service and communication skills Must have an active Secret clearance Ability to maintain flexibility to deal with changing priorities and deadlines. Ability to work extended hours, in a fast paced, deadline driven environment, excellent communication skills speaking, writing skills and organized skills enabling effective communications CSSO Experience Ability to travel Basic Qualifications: Sr. Principal Industrial Security Analyst (level 4) Must have a high school diploma or GED with at least 12 years of related experience; OR 8 year of experience with a bachelor's degree Experience with any of the following: Government manuals (32 CFR Part 117, NISPOM, DODM 5205.07, etc.) Strong working knowledge of basic office automation tool suites such as MS Office (Word, Excel, PowerPoint) Excellent customer service and communication skills Must have an active Secret clearance Ability to maintain flexibility to deal with changing priorities and deadlines. Ability to work extended hours, in a fast paced, deadline driven environment, excellent communication skills speaking, writing skills and organized skills enabling effective communications CSSO Experience Ability to travel Preferred Qualifications: Experience Leading Security Teams from Subcontractors and Offsite Ability to work independently and follow projects through to completion. Current Top-Secret clearance Self-starter with minimal supervision Security experience in a manufacturing environment Supply Chain Security Experience Primary Level Salary Range: $94,200.00 - $141,200.00Secondary Level Salary Range: $117,500.00 - $176,300.00The above salary range represents a general guideline; however, Northrop Grumman considers a number of factors when determining base salary offers such as the scope and responsibilities of the position and the candidate's experience, education, skills and current market conditions.Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay. Annual bonuses are designed to reward individual contributions as well as allow employees to share in company results. Employees in Vice President or Director positions may be eligible for Long Term Incentives. In addition, Northrop Grumman provides a variety of benefits including health insurance coverage, life and disability insurance, savings plan, Company paid holidays and paid time off (PTO) for vacation and/or personal business.The application period for the job is estimated to be 20 days from the job posting date. However, this timeline may be shortened or extended depending on business needs and the availability of qualified candidates.Northrop Grumman is an Equal Opportunity Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO and pay transparency statement, please visit *********************************** U.S. Citizenship is required for all positions with a government clearance and certain other restricted positions.

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we're counting on your unique voice and perspective to help EY become even better. Join us and build an exceptional experience for yourself, and a better working world for all. The exceptional EY experience. It's yours to build. EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. Today's world is fuelled by vast amounts of information. Data is more valuable than ever before. Protecting data and information systems is central to doing business, and everyone in EY Information Security has a critical role to play. Join a global team of almost 950 people who collaborate to support the business of EY by protecting EY and client information assets! Our Information Security professionals enable EY to work securely and deliver secure products and services, as well as detect and quickly respond to security events as they happen. Together, the efforts of our dedicated team helps protect the EY brand and build client trust. Within Information Security we blend risk strategy, digital identity, cyber defense, application security and technology solutions as we consider the entire security lifecycle. You will join a team of hardworking, security-focused individuals dedicated to supporting, protecting and enabling the business through innovative, secure solutions that provide speed to market and business value. The opportunity Cyber Triage and Forensics (CTF) Incident Analyst will work as a senior member of the technical team responsible for security incident response for EY. The candidate will work as an escalation point for suspect or confirmed security incidents. Responsibilities include performing digital forensic analysis, following security incident response standard methodologies, malware analysis, identify indicators of compromise, support remediation or coordinate remediation efforts of a security incident, and develop documentation to support the security incident response process. Your key responsibilities Investigate, coordinate, bring to resolution, and report on security incidents as they are brought up or identified Forensically analyze end user systems and servers found to have possible indicators of compromise Analysis of artifacts collected during a security incident/forensic analysis Identify security incidents through ‘Hunting' operations within a SIEM and other relevant tools Interface and connect with server owners, system custodians, and IT contacts to pursue security incident response activities, including: obtaining access to systems, digital artifact collection, and containment and/or remediation actions Provide consultation and assessment on perceived security threats Maintain, manage, improve and update security incident process and protocol documentation Regularly provide reporting and metrics on case work Resolution of security incidents by identifying root cause and solutions Analyze findings in investigative matters, and develop fact based reports Be on-call to deliver global incident response Skills and attributes for success Resolution of security incidents by identifying root cause and solutions Analyze findings in investigative matters, and develop fact-based reports Proven integrity and judgment within a professional environment Ability to appropriately balance work/personal priorities To qualify for the role you must have Bachelors or Masters Degree in Computer Science, Information Systems, Engineering or a related field 5+ years experience in incident response, computer forensics analysis and/or malware reverse engineering; Understanding of security threats, vulnerabilities, and incident response; Understanding of electronic investigation, forensic tools, and methodologies, including: log correlation and analysis, forensically handling electronic data, knowledge of the computer security investigative processes, malware identification and analysis; Be familiar with legalities surrounding electronic discovery and analysis; Experience with SIEM technologies (i.e. Splunk); Deep understanding of both Windows and Unix/Linux based operating systems; Ideally, you'll also have Hold or be willing to pursue related professional certifications such as GCFE, GCFA or GCIH Background in security incident response in Cloud-based environments, such as Azure Programming skills in PowerShell, Python and/or C/C++ Understanding of the best security practices for network architecture and server configuration What we look for Demonstrated integrity in a professional environment Ability to work independently Have a global mind-set for working with different cultures and backgrounds Knowledgeable in business industry standard security incident response process, procedures, and life cycle Excellent teaming skills Excellent social, communication, and writing skills What we offer you The compensation ranges below are provided in order to comply with United States pay transparency laws. Other geographies will follow their local salary guidelines, which may not be a direct conversion of published US salary range/s. At EY, we'll develop you with future-focused skills and equip you with world-class experiences. We'll empower you in a flexible environment, and fuel you and your extraordinary talents in a diverse and inclusive culture of globally connected teams. Learn more. We offer a comprehensive compensation and benefits package where you'll be rewarded based on your performance and recognized for the value you bring to the business. The base salary range for this job in all geographic locations in the US is $87,700 to $164,000. The salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is $105,200 to $186,400. Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options. Join us in our team-led and leader-enabled hybrid model. Our expectation is for most people in external, client serving roles to work together in person 40-60% of the time over the course of an engagement, project or year. Under our flexible vacation policy, you'll decide how much vacation time you need based on your own personal circumstances. You'll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being. Are you ready to shape your future with confidence? Apply today. EY accepts applications for this position on an on-going basis. For those living in California, please click here for additional information. EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. EY | Building a better working world EY is building a better working world by creating new value for clients, people, society, and the planet, while building trust in capital markets. Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow. EY teams work across a full spectrum of services in assurance, consulting, tax, strategy, and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories. EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status, or any other legally protected basis, including arrest and conviction records, in accordance with applicable law. EY is committed to providing reasonable accommodation to qualified individuals with disabilities including veterans with disabilities. If you have a disability and either need assistance applying online or need to request an accommodation during any part of the application process, please call 1-800-EY-HELP3, select Option 2 for candidate related inquiries, then select Option 1 for candidate queries and finally select Option 2 for candidates with an inquiry which will route you to EY's Talent Shared Services Team (TSS) or email the TSS at **************************.

Project Description: This project entails providing cybersecurity staff augmentation services to Metro's Information Security Department for two years. The assigned resource will support various core functions within the department, focusing on enhancing security strategy, governance, risk assessments, and security operations. Flexibility in work schedules and locations is required. The project aims to bolster Metro's cybersecurity posture and adherence to industry best practices in the transportation sector. Key qualifications: Proficiency in Windows and Linux operating systems and their security aspects. Expertise in a wide range of security products, including modern solutions like cloud security, Zero Trust architectures, advanced threat protection, and AI-Driven security analytics. Deep understanding of Incident Response, Disaster Recovery, Business Continuity, and Breach Management. Knowledge of information systems engineering, secure software development, networks security, and security operations. Familiarity with security standards and framework suck as PCI DSS, ISO Standards, ITIL, NIST Cybersecurity Framework, CCPA, CPRA, and GDPR. Ability to review and create security procedures and requirements. In-depth knowledge of industry frameworks like ISO 27000, NIST 800-53, ITIL Foundation, and NIST Cybersecurity. Strong grasp of regulatory compliance requirements, including PCI DSS, HIPAA, GDPR, etc. Comprehensive knowledge of security risk and countermeasures for Windows and Linux platforms. Project Management skills and coordination capabilities. Experience in Public Transportation or Transit Industries preferred. Skills & Qualifications: Required CISSP Preferred Certifications: Microsoft Certification Azure Solutions Architect Expert, SANS GIAC, CEH-CCNA. Minimum ten (10) years of experience in cybersecurity, primarily focused on technical and Security Operations Center (SOC) functions. Expertise in User Behavior Analytics, Cybersecurity AI tools, SIEM, Endpoint Security, NextGen Firewalls, etc. Advanced knowledge of security applications, infrastructure, technologies, and methodologies. Up-to-Date understanding of the latest security advisories, alerts, and vulnerabilities relevant to Metro. Initiative and independent judgement within established guidelines. Ability to prioritize work processes and project effectively. Timely response to cybersecurity issues and incidents. Hybrid position: 30% home & 70% On Site Salary Range: $156,000 to $238,000 /Year

At Arete, we are on the forefront of utilizing innovative solutions, with great minds from all backgrounds, to help solve the nation's most complex security challenges. We strive for an inclusive, collaborative team environment that approaches differences as opportunities for innovation and excellence. As an employee-owned company, we foster an atmosphere that propels diverse career opportunities and professional growth. Discover your future with us. Arete is seeking an experienced Principal Industrial Security Analyst/CPSO. This is a multidisciplinary security position requiring an experienced and knowledgeable security professional to support Special Programs. The Contractor Program Security Officer (CPSO) is responsible for the execution and sustainment of comprehensive security programs for assigned efforts with contractually mandated security requirements that exceed standard NISPOM (32 CFR Part 117) compliance. The CPSO serves as a liaison to government security representatives, ensuring full alignment with DoD policy and directives while maintaining a proactive and audit-ready security posture across all assigned programs. This position is based at our Northridge, CA office and is an exempt, non-supervisory, full-time position. Key Responsibilities: Serve as the Contractor Program Security Officer (CPSO) ensuring full compliance with DoD security requirements as outlined in DoDM 5205.07 Volumes. Interpret and apply policy guidance and security classification guides (SCGs) to ensure continued DoD compliance-driven security practices across all program elements. As a member of the Security team, you will support all aspects of program security administration, including Personnel Security (PERSEC), Security Education, Training, and Awareness (SETA), Operations Security (OPSEC), document control/inventories, visitor control, supporting hosted program meetings, etc. in coordination with internal and external stakeholders. Ensure timely submission and management of program access requests (PARs), nomination packages, and eligibility actions within DISS and other applicable systems as directed by Program Management. Conduct indoctrinations, debriefings, and security training for program personnel in accordance with government directives. Accomplish and retain Lead Trainer status. In coordination with the Contractor Program Security Manager (CPSM) and other security team members review program-specific documentation as required, (e.g., Standard Operating Procedures (SOP), Fixed Facility Checklists (FFC), Emergency Action Plan (EAP), Concept of Operations (ConOps), Media Control Plan, etc. Prepare for and support government security reviews, inspections, audits, and self-inspections. Implement corrective actions and maintain a state of readiness. Support secure facility operations in accordance with ICD 705 requirements, including alarm monitoring, guard testing, UL2050 inspections, TEMPEST compliance, etc. Track and report security incidents, conduct preliminary inquiries, and support investigations in conjunction with the Security Manager and government sponsors. Assist with the review and approval of technical documents, ensuring proper classification markings and adherence to security classification guidance. Demonstrate proficiency with/utilize specific databases to determine personnel eligibility to access classified information - DISS, JADE, Enterprise Security Systems (SIMS), and other databases and record-keeping repositories. Interface with government customers, contractors, employees, and all levels of management. Responsible for the daily handling of Personally Identifiable Information (PII), Controlled Unclassified Information (CUI), and clearance-related data in compliance with the Privacy Act and DoD policies; must demonstrate discretion and sound judgment in the protection and management of sensitive information. Maintain proficiency and currency in security policy and operational practices through continuous training and engagement with the security community. Additional Responsibilities: Support after-hours and emergency response activities related to alarms or ICD705 construction. Assist with enforcement of prohibited electronic device (PED) policies and perform entry/exit inspections as required. Support additional security tasks or projects as assigned by the CPSM. We have an impressive range of benefits, programs, and perks that we offer: Health & Wellness: Medical, Dental & Vision Insurance Life and Long-Term Disability (LTD) Vision Reimbursement Fitness Reimbursement Financial: 401(k) Retirement Plan Contributions Employee Stock Ownership Plan (ESOP) Continuing Education Assistance Work-Life Balance: Flexible Scheduling Paid Time Off (PTO) Paid Parental and Bereavement Leave What We Value: Creativity and innovation in solving challenges Integrity and responsibility in all actions Collaboration across teams and specialties Responsiveness in fast-paced environments Passion for national security and excellence Experiences and Background We Look For: U.S. Citizenship and active Top-Secret clearance required; must be eligible to obtain and maintain a TS/SCI with polygraph. Minimum of 10 years of progressively responsible experience in Program Security, Physical Security, and direct support as a CPSO/CSSO, including extensive experience managing Special Access Programs (SAPs) in compliance with DoD, NISPOM, and ICD requirements. Individual must be reliable, dependable and trustworthy. Excellent verbal and written communication skills are critical. Must be able to prioritize assignments, manage multiple tasks simultaneously, and work well under deadlines with minimal supervision, often in fast-paced environments requiring quick turnaround. Proficient in Windows 10 and Microsoft Office Suite, to include: Microsoft Word, PowerPoint, Excel and Outlook. Strong interpersonal and communication skills, with a collaborative mindset is essential. Must be able to walk, stand, and sit for extended periods as part of routine facility inspections and escort duties. Comfortable working at elevated heights or in construction areas with PPE (e.g., hard hats, gloves, safety glasses). 6-month probationary period may apply. Must be willing and able to travel (10-15%) as needed for assessments or inspections at other Arete sites. Nice to have: FSO training certificate COMSEC Custodian certificate or experience required. Complete IAEC-2112 COMSEC Training Course six months after being appointed as Alternate COMSEC Account Manager Courier preparation procedures Experience developing and implementing OPSEC plans Knowledge of Access Control and Intrusion Detection Systems Experience conducting Security incident inquiries Resourceful in solving problems and capitalizing on opportunities Professional Certifications/Affiliations The salary range for this role is $90,000/yr to $140,000/yr; however, Arete considers several factors when extending an offer of employment, including but not limited to: the position and associated responsibilities, a candidate's work experience, education/training, and key skills. Other Considerations Areté is committed to the principles of equal employment opportunity and nondiscrimination, and we believe every person has the right to be treated with fairness, dignity, and equal consideration. Areté is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender identity, marital status, national origin, age, veteran status, disability, or any other characteristic protected by applicable federal, state, or local law. U.S. citizenship is required to meet position eligibility. Successful passage of a criminal background screen is required to meet position eligibility. Selected applicants will be subject to a government security investigation and must meet eligibility requirements for access to classified information. Areté will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of the Los Angeles Fair Chance Initiative for Hiring. Successful passage of a Department of Transportation (DOT) drug test is required to meet position eligibility. If you are a qualified individual with a disability or a disabled veteran, you have the right to request an accommodation if you are unable or limited in your ability to use or access our website because of your disability. To request an accommodation, please contact Areté Human Resources at ************ for assistance.

at The Azoff Music Company LLC Information Security Analyst About the RoleWe are looking for an Information Security Ånalyst to operate and maintain our information security systems. As a mid-size entertainment company with global reach, we manage sensitive intellectual property and digital assets that demand the highest level of security. This role will be responsible for helping to design, implement, and maintain a robust information security program that aligns with business objectives and compliance requirements. Key Responsibilities Governance, Risk Management, and Compliance Establish and maintain security policies, standards, and procedures that comply with applicable regulations (e.g., GDPR, CCPA, SOC 2, ISO 27001, PCI-DSS). Oversee risk assessments and audits, ensuring remediation plans are executed effectively. Manage vendor security evaluations and third-party risk management programs. Operational Security Oversee incident detection, response, and recovery processes to ensure rapid containment and resolution of security events. Implement and monitor security controls across endpoints, networks, and cloud infrastructure. This may include selecting, implementing, and monitoring security software, reviewing network settings like firewall rules and access policies, inspecting hardware and software for vulnerabilities. Lead vulnerability management, penetration testing, and threat intelligence initiatives. Awareness and Culture Develop and deliver ongoing security training and awareness programs for all employees. Champion a culture of security across departments, ensuring staff understand their role in protecting company assets. Mentor junior technical staff on information security best practices, operations, and technology. Technology and Innovation Partner with IT and digital teams to integrate security into technology architecture and workflows. Evaluate and implement advanced security tools, automation, and analytics for proactive threat management. Stay current with emerging threats, trends, and technologies in cybersecurity and the entertainment industry. Qualifications Bachelor's degree in Computer Science, Information Security, or a related field. 5+ years of progressive experience in information security. Proven experience supporting enterprise security programs, preferably in media, entertainment, or technology environments. Strong knowledge of cloud security, identity and access management, and data loss prevention. Strong knowledge of Conditional Access Policies and Device Compliance in Microsoft Entra ID. Experience implementing and managing SSO and SCIM configurations. Familiarity managing PAM solutions like Microsoft Privileged Identity Management. Strong programming (Python) and/or scripting skills (PowerShell/Bash) Familiarity with common device management tools like Intune, Jamf, Mosyle, Addigy, etc. Professional certifications such as Security +, Network +, CISSP, CCSP or CASP, or similar highly desired. Excellent communication and stakeholder management skills - able to translate complex technical risks into clear business implications. The base salary range for this role is $120,000 - $150,000 depending upon experience.Our offices are located in Westwood Village, Los Angeles, CA. Employees work in the office Monday through Thursday and from home on Fridays. We offer a very competitive benefits package, annual bonus, and a creative and dynamic working environment. We are a fully vaccinated workforce. Successful candidates will be required to show proof of being vaccinated against COVID-19. You are up to date when you have received a two-dose series and a booster, or a single dose series and a booster. Reasonable accommodations will be considered on a case-by-case basis for exemptions to this requirement in accordance with applicable law. Disclaimer: This job description only provides an overview of job responsibilities that are subject to change. We are an Equal Opportunity Employer

Exciting Threat Intelligence Analyst / Security Analyst Tier II, 6 months, contract opportunity in Los Angeles, CA. Requirements 2 plus years of experience in tactical intelligence or intelligence analysis, or a related area. 3 plus years of experience in cyber security or related discipline. Understands the following concepts: confidence intervals, MITRE, kill chain, C2, passive DNS, traffic light protocol, and collections bias. Cyber Threat Intelligence Analyst will focus on technical analysis of threats in order to drive the collection, creation, and dissemination of indicators of compromise and indicators of attack. Ability to conduct open-source intelligence collection and analysis. Ability to produce intelligence products at the tactical, operational, and strategic levels. Familiarity with multiple threat intelligence types, sources, and methods of gathering/ obtaining information and data. Basic knowledge of open-source tools, such as Shodan, Maltego, PassiveTotal, and Virus Total. Good understanding of the intelligence lifecycle and associated analytic methodologies (Cyber Kill Chain, Diamond Model, ATT&CK, etc.). Triaging tactical reporting to focus on serious threats and/or those likely to be perceived as such Nice to have: GCTI: Cyber Threat Intelligence, CCTA: Certified Cyber Threat Analyst, CCIP: Certified Cyber Intelligence Professional

Job Description Exciting Threat Intelligence Analyst / Security Analyst Tier II, 6 months, contract opportunity in Los Angeles, CA. Requirements 2 plus years of experience in tactical intelligence or intelligence analysis, or a related area. 3 plus years of experience in cyber security or related discipline. Understands the following concepts: confidence intervals, MITRE, kill chain, C2, passive DNS, traffic light protocol, and collections bias. Cyber Threat Intelligence Analyst will focus on technical analysis of threats in order to drive the collection, creation, and dissemination of indicators of compromise and indicators of attack. Ability to conduct open-source intelligence collection and analysis. Ability to produce intelligence products at the tactical, operational, and strategic levels. Familiarity with multiple threat intelligence types, sources, and methods of gathering/ obtaining information and data. Basic knowledge of open-source tools, such as Shodan, Maltego, PassiveTotal, and Virus Total. Good understanding of the intelligence lifecycle and associated analytic methodologies (Cyber Kill Chain, Diamond Model, ATT&CK, etc.). Triaging tactical reporting to focus on serious threats and/or those likely to be perceived as such Nice to have: GCTI: Cyber Threat Intelligence, CCTA: Certified Cyber Threat Analyst, CCIP: Certified Cyber Intelligence Professional

ISSOEmployment Type: Full-Time, Experienced Department: Information Technology CGS is seeking an Information Systems Security Officer (ISSO) with DIACAP and/or RMF experience who has deep expertise in security assessment documentation to support Dept. of Commerce systems and efforts to achieve their Authorization to Operate (ATO). This position is located at the client site in the Herbert Hoover building in Washington, DC. The scope of this position includes full life-cycle Assessment and Authorization (A&A) management through all 6 Steps of the RMF process in support of the Government ISSM.In this role, you'll conduct security assessment, and information system security oversight activities in accordance with NIST 800.53 that support systems from the perspective RMF requirements. CGS brings motivated, highly skilled, and creative people together to solve the government's most dynamic problems with cutting-edge technology. To carry out our mission, we are seeking candidates who are excited to contribute to government innovation, appreciate collaboration, and can anticipate the needs of others. Here at CGS, we offer an environment in which our employees feel supported, and we encourage professional growth through various learning opportunities. Skills and attributes for success:- Review systems to identify potential security weaknesses and recommend improvements to amend vulnerabilities, implement changes, and document upgrades. - Maintain responsibility for managing cybersecurity risk from an organizational perspective. - Identify organizational risks, prioritize those risks, and maintain a risk registry for escalating and presenting those risks to senior leadership.- Provide security guidance and IS validation using the National Institute of Standards and Technology (NIST) RMF, DoC, and local security policies.- Providing configuration management (CM) recommendations for information system security software, hardware, and firmware and coordinating changes and modifications with the ISSM, Security Control Assessor (SCA), and Authorizing Official (AO).- Maintain vulnerability scanning tool compliance, such as HBSS or ACAS, and patch management, such as IAVM to ensure IT staff pushes patches to all systems in an effort to maintain compliance with all applicable directives, manage system changes, and assess the security impact of those changes.- Support security authorization activities, including transitioning from the legacy Information Assurance Certification and Accreditation Process (DIACAP) to compliance with the DoC RMF.- Provide subject matter expertise for cyber security and trusted system technology. - Apply advanced technical knowledge and analysis of specialized functional areas in task requirements to develop solutions to complex problems.- Research, write, review, disposition feedback, and finalize recommendations regarding cyber security policy, assessment and authorization assessments (A&As), security test and evaluation reports, and security engineering practices and processes. - Conduct research and write risk assessment reports to include risk thresholds, evaluation, and scoring.- Support analysis of the findings and provide expert technical guidance for mitigation strategies, including implementation advice on the cyber security risk findings, and other complex problems. Qualifications:- Bachelor's Degree.- A minimum of five (5) years experience as an Information Assurance (IA) Analyst, ISSE, ISSO, or similar role in ATO package development, including generating security documentation for requirements, security control assessment, STIG and IAVA compliance, Standard Operating Procedures, test results, etc.- eMASS experience.- Professional security certification such as: CCNA Security, CySA+, GICSP, GSEC, CompTIA Security+ CE, SSCP, or higher.- Strong desktop publishing skills using Microsoft Word and Excel.- Experience with industry writing styles such as grammar, sentence form, and structure.- Ability to multi-task in a deadline-oriented environment. Ideally, you will also have:- CISSP, CASP, or a similar certificate is preferred.- Master's Degree in Cybersecurity or related field.- Strong initiative, detail orientation, organizational skills, and aptitude for analytical thinking.- Demonstrated ability to work well independently and as a part of a team.- Excellent work ethic and a high commitment to quality. Our Commitment:Contact Government Services (CGS) strives to simplify and enhance government bureaucracy through the optimization of human, technical, and financial resources. We combine cutting-edge technology with world-class personnel to deliver customized solutions that fit our client's specific needs. We are committed to solving the most challenging and dynamic problems. For the past seven years, we've been growing our government contracting portfolio, and along the way, we've created valuable partnerships by demonstrating a commitment to honesty, professionalism, and quality work. Here at CGS we value honesty through hard work and self-awareness, professionalism in all we do, and to deliver the best quality to our consumers mending those relations for years to come. We care about our employees. Therefore, we offer a comprehensive benefits package.Health, Dental, and VisionLife Insurance 401k Flexible Spending Account (Health, Dependent Care, and Commuter) Paid Time Off and Observance of State/Federal Holidays Contact Government Services, LLC is an Equal Opportunity Employer. Applicants will be considered without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Join our team and become part of government innovation!Explore additional job opportunities with CGS on our Job Board:**************************************** more information about CGS please visit: ************************** or contact:Email: ******************* #CJ

Duties and Responsibilities Assist in implementing Security Information and Event Management (SIEM), which includes but is not limited to; identifying deployment solutions, maintaining logs, assisting in developing company best practices for security alert correlations, perform root case analysis after incidents Assist with Endpoint Detection and Response (EDR) vendor analysis and deployment, which includes, but is not limited to; partnering with IT to develop a decision matrix for EDR vendor selection, assist with deployment, develop patterns for automatic response to identified threats Conduct structured and unstructured data scans, testing, and debugging of applications by using a variety of technical privacy tools to increase compliance and documentation of procedures and information assets Write and deploy SQL to archive and or purge data from databases and to locate, review, explain and document data for privacy requirements Perform regular privacy assessments and impact analysis on databases and operational processes by developing effective tools, training, and guidance to help identify and mitigate risk. This includes data anonymization, pseudonymization and encryption Perform detection, analysis, and containment of an incident Identify key performance metrics for security IR and implement instrumentation for those metrics Maintain, manage and prioritize hardware, software, systems and/or product backlog, while actively identifying risks, constraints, and dependencies that would impact roadmap Demonstrate, integrate, and collaborate on enhancing existing security solutions and services to address any gaps or deficiencies Perform security incident response drill scenarios and lead table top exercises Ensure proper training for stakeholders regarding their incident response roles and responsibilities in the event of a breach Collaborate with internal teams to ensure the data retention or system requirements, user-facing privacy controls, new or existing software, and big data solutions enable the business to be data driven while protecting the data assets Work with the legal department to produce data both internally and externally and ensure any legal request or litigation hold requirements are met Assist with projects and enhancements, including gathering requirements, conducting research, task management and updating key partners and stakeholders with the goal of developing solutions to help mitigate privacy vulnerabilities and future privacy risks Studies and interprets past privacy events and current privacy threats to improve privacy compliance using advanced technologies and design principles to develop and implement new tools and processes Assist both internal and external teams on data governance strategy, updates to legal regulations, and direction on future roadmaps Collaborate with vendors on data and privacy standards Qualifications & Requirements Bachelor's Degree in computer science, IT, systems engineering, or related qualification 2+ years of experience in the security industry working in any combination of the following areas: Risk management, cloud operations and engineering, network security monitoring, log analysis, static and dynamic malware analysis, NIST Kill Chain, MITRE ATT&CK framework, threat hunting, SIEM, EDR Experience responding to security events Writing and reviewing code (Java, Python, Node or similar) Excellent written and verbal communication, facilitation, and presentation skills to collaborate effectively with software engineering teams Implementing security detection capabilities Proven ability to make decisions and perform complex problem-solving activities under pressure Some knowledge of AWS cloud infrastructure and their threat landscape

Founded by fans, Crunchyroll delivers the art and culture of anime to a passionate community. We super-serve over 100 million anime and manga fans across 200+ countries and territories, and help them connect with the stories and characters they crave. Whether that experience is online or in-person, streaming video, theatrical, games, merchandise, events and more, it's powered by the anime content we all love. Join our team, and help us shape the future of anime! About the role Crunchyroll is growing and changing, presenting unique challenges and opportunities to support millions of anime fans around the world. The Fan Experiences Services & Tools team provides seamless help to our partners and internal stakeholders, ensuring an exceptional experience for all Crunchyroll fans. Our charter is focused on helping our internal and external teams around the world integrate, test, and deploy the Crunchyroll applications quickly and with the highest levels of quality. We do this with tools and infrastructure that optimize the developer experience. We tie it all together with sophisticated automated testing and productivity solutions designed to support our culture of experimentation, autonomy and ownership. Our goal is to focus on delivering the best possible anime fan experience. You will: Security Strategy & Leadership: Lead, mentor, and grow the Application Security team. Define the long-term roadmap for Mobile, Desktop, and Game security to proactively mitigate reverse engineering, piracy, and cheating. Binary Defense Architecture: Oversee the design and implementation of binary protection strategies. Direct the evaluation and integration of anti-tamper, obfuscation, and RASP solutions (e.g., Promon, Guardsquare) ensuring minimal impact on game FPS, app performance and user experience. Game Integrity & Anti-Cheat: Collaborate with game studios to design "server-authoritative" economies and implement client-side detections for memory manipulation, touch macros, and modded APKs. Trust & Identity Management: Architect robust chains of trust for the ecosystem. Manage code signing certificates, secure boot processes, and the integration of hardware-backed storage (TEE) for sensitive keys. Vulnerability Research & Validation: Lead internal or external "red team" initiatives using reverse engineering tools (IDA Pro, Frida) to simulate attacks against our apps and games. Validate the effectiveness of binary defenses and attestation checks before release. Content Protection Engineering: Collaborate with media engineering to harden DRM implementations (Widevine, FairPlay). Ensure secure handling of media keys and enforce output protection (HDCP). In the role of Staff Product Security Engineer, you will report to the Senior Director of Fan Experience Engineering Service & Tools. We are considering applicants for the location of Dallas, Los Angeles, or San Francisco. About You We get excited about candidates, like you, because you have... Binary Application Construction: Solid understanding of how applications are constructed, including compilers, linkers, dynamic loaders, ABI interaction, and executable formats (ELF, Mach-O, PE). Game Engine & Anti-Cheat Security: Solid understanding of Unity (IL2CPP) and Unreal Engine security architectures. Experience designing defenses against game-specific attacks: memory editors (GameGuardian), speed hacks, wallhacks, and protecting asset integrity (AssetBundles). Cryptography & Chain of Trust: Comprehensive experience with cryptographic primitives (hashing, digests) and Public Key Infrastructure (PKI), including managing digital certificates and establishing chains of trust for code signing and secure boot. Anti-Tamper & Ecosystem: Proven track record evaluating and implementing commercial shielding (Promon, Guardsquare, Verimatrix) and platform attestation (Google Play Integrity, Apple App Attest) for both apps and games. Content Protection & DRM: Experience with Google Widevine, Apple FairPlay, and Microsoft PlayReady, including HDCP enforcement and screen recording prevention. Reverse Engineering & Analysis: Hands-on experience with tools (IDA Pro, Ghidra, Frida, Il2CppDumper) to simulate attacks, analyze game logic, and validate the resilience of binary protections. TBD: Mobile Security Standards: Relevant certifications OWASP MASVS and the OWASP Mobile Top 10, with the ability to map these standards to engineering roadmaps. Web & Network Security: Experience securing web standards within application contexts, including HTTPS/TLS, cookie security (Secure, HttpOnly, SameSite), local storage, and Content Security Policy (CSP). Hybrid App & WebView Security: Expert handling of WebView bridges (WKWebView), ensuring secure data exchange between native and web contexts. Hardware-Backed Security: Experience utilizing TEEs (Secure Enclave, TrustZone, TPM) for secure key storage, cryptographic operations, and offline license management. DevSecOps & Supply Chain: Experience automating security (SAST/DAST) within CI/CD pipelines and managing third-party SDK risks (supply chain attacks). About the Team The Fan Experiences Engineering team at Crunchyroll plays a pivotal role in enhancing and expanding our users' experiences. We collaborate extensively with a diverse network of device, payment, and gaming partners to broaden the reach of Crunchyroll's offerings. Our primary objective is to drive growth, open up new acquisition channels, and optimize both the scope and quality of our services. Situated at the crossroads of technology and business, we are dedicated to continually enabling experiences that delights our fans. Why you will love working at Crunchyroll In addition to getting to work with fun, passionate and inspired colleagues, you will also enjoy the following benefits and perks: Receive a great compensation package including salary plus performance bonus earning potential, paid annually. Flexible time off policies allowing you to take the time you need to be your whole self. Generous medical, dental, vision, STD, LTD, and life insurance Health Saving Account HSA program Health care and dependent care FSA 401(k) plan, with employer match Employer paid commuter benefit Support program for new parents Pet insurance and some of our offices are pet friendly! #LifeAtCrunchyroll #LI-Hybrid The Pay Range for this position is listed. Actual pay will vary based on factors including, but not limited to location, experience, and performance. The range listed is just one component of Crunchyroll's Total Rewards offerings for employees. Other rewards may include performance bonuses, employer matched retirement savings, time-off programs, and progressive health benefits and perks.Pay Transparency - Los Angeles, CA$200,000-$249,000 USDAbout our Values We want to be everything for someone rather than something for everyone and we do this by living and modeling our values in all that we do. We value Courage. We believe that when we overcome fear, we enable our best selves. Curiosity. We are curious, which is the gateway to empathy, inclusion, and understanding. Kaizen. We have a growth mindset committed to constant forward progress. Service. We serve our community with humility, enabling joy and belonging for others. Our commitment to diversity and inclusion Our mission of helping people belong reflects our commitment to diversity & inclusion. It's just the way we do business. We are an equal opportunity employer and value diversity at Crunchyroll. Pursuant to applicable law, we do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. Crunchyroll, LLC is an independently operated joint venture between US-based Sony Pictures Entertainment, and Japan's Aniplex, a subsidiary of Sony Music Entertainment (Japan) Inc., both subsidiaries of Tokyo-based Sony Group Corporation. Questions about Crunchyroll's hiring process? Please check out our Hiring FAQs: https://help.crunchyroll.com/hc/en-us/articles/3**********2-Crunchyroll-Hiring-FAQs Please refer to our Candidate Privacy Policy for more information about how we process your personal information, and your data protection rights: ********************************************************************************************************** Please beware of recent scams to online job seekers. Those applying to our job openings will only be contacted directly ********************* email account.

RELOCATION ASSISTANCE: No relocation assistance available CLEARANCE TYPE: SecretTRAVEL: Yes, 10% of the TimeDescriptionAt Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work - and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they're making history. Put your skills to the test by pushing the boundaries of what's possible. From global defense to sustainment and modernization to mission readiness, your experience and ability will make it a reality. Our programs are built on equal parts of curiosity and collaboration. Our combined effort means our customers can connect and defend millions of people around the world. With Northrop Grumman, you'll have the opportunity to be an essential part of projects that will define your career, now and in the future. Northrop Grumman Defense Systems is seeking an Associate Industrial Security Analyst / Industrial Security Analyst in Northridge, CA. This is a multi-faceted security position, for the support of a program as it relates to all applicable classified federal, contractual, customer and company requirements. The responsibilities include but are not limited to the following: Supporting a fast-paced, high profile program; create, maintain and leverage working relationships with internal and external customers Develops, and administers security programs and procedures for classified or proprietary materials, documents, and equipment Experience in program security, with knowledge of implementing a multi-disciplined security program (access control, personnel security, physical security, OPSEC etc.) Studies and implements federal security regulations that apply to company operations Obtains rulings, interpretations, and acceptable deviations for compliance with regulations from government agencies Prepares manuals outlining regulations, and establishes procedures for handling, storing, and keeping records, and for granting personnel and visitor's access to restricted records and materials Conducts security education classes and related briefings. Investigates security violations and prepares reports specifying preventive action to be taken Basic Qualifications: Must have a high school diploma or GED with at least 4 years of related experience; OR 1 year of experience with a bachelor's degree Experience with any of the following: Government manuals (32 CFR Part 117, NISPOM, DODM 5205.07, etc.) Strong working knowledge of basic office automation tool suites such as MS Office (Word, Excel, PowerPoint) Excellent customer service and communication skills Must have an active Secret clearance Preferred Qualifications: Experience with SIMS Ability to work independently and follow projects through to completion. Current Top-Secret clearance Ability to maintain flexibility to deal with changing priorities and deadlines. PerSec experience Self-starter with minimal supervision Willing to work extended hours, in a fast paced, deadline driven environment, excellent communication skills speaking, writing skills and organized skills enabling effective communications Primary Level Salary Range: $61,200.00 - $91,800.00The above salary range represents a general guideline; however, Northrop Grumman considers a number of factors when determining base salary offers such as the scope and responsibilities of the position and the candidate's experience, education, skills and current market conditions.Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay. Annual bonuses are designed to reward individual contributions as well as allow employees to share in company results. Employees in Vice President or Director positions may be eligible for Long Term Incentives. In addition, Northrop Grumman provides a variety of benefits including health insurance coverage, life and disability insurance, savings plan, Company paid holidays and paid time off (PTO) for vacation and/or personal business.The application period for the job is estimated to be 20 days from the job posting date. However, this timeline may be shortened or extended depending on business needs and the availability of qualified candidates.Northrop Grumman is an Equal Opportunity Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO and pay transparency statement, please visit *********************************** U.S. Citizenship is required for all positions with a government clearance and certain other restricted positions.

At EY, we're all in to shape your future with confidence. We'll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world. The opportunity As application senior security specialist for the Security Certification Team, candidate will be resposible to conduct application vulnerability assessment and penetration testing of EY applications before they move into production and support the team to meet overall security certification goals and client requirements. Your key responsibilities Capable of conducting application & network penetration testing and vulnerability assessments Preparing detailed security review reports and remediation guidances Researching new application security vulnerabilities and attack vectors Leading strategic initiatives and mentoring new team members Support the team in updating their skill and knowledge Skills and attributes for success Hands on experience of Web, thick client, Mobile, VOIP, Wireless application security testing. Proficient in automated and manual application testing methodologies. Expert in using manual testing tools such as Burp Professional, Nmap, Wireshark, Nessus, echomirage. Expert in using automated application scan tool Webinspect / Qualys WAS, CheckMarx, WhiteSource etc.. Basic Knowledge of programming language like C/C++, C#, JAVA, ASP.NET and familiar with PERL/Python Scripting. Familiar with OWASP and Secure SDLC standards Knowledge of common security requirements within ASP.NET & Java application Good Knowledge of TCP/IP, Network Security. Knowledge / experience on code review Good Technical aptitude, problem solving and ability to quickly learn and master new topics and domains. Excellent communication skills; written and verbal. Supervision Responsibilities:None Other Requirements:Flexible work environment Education: Bachelor's degree in a technical discipline such as Engineering or Computer Science or equivalent work experience in IT and Information Security. Experience: 4 - 6 yrs. experience in application security assessment Hands on experience of Web, thick client, Mobile Application security reviews. Exposure and good understanding of the various manual testing methodologies. Certification Requirements: Desirable: IT security Certifications (CEH. ECSA, OSCP etc..). What we offer you At EY, we'll develop you with future-focused skills and equip you with world-class experiences. We'll empower you in a flexible environment, and fuel you and your extraordinary talents in a diverse and inclusive culture of globally connected teams. Learn more. We offer a comprehensive compensation and benefits package where you'll be rewarded based on your performance and recognized for the value you bring to the business. The base salary range for this job in all geographic locations in the US is $76,400 to $138,600. The base salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is $91,700 to $157,500. Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options. Join us in our team-led and leader-enabled hybrid model. Our expectation is for most people in external, client serving roles to work together in person 40-60% of the time over the course of an engagement, project or year. Under our flexible vacation policy, you'll decide how much vacation time you need based on your own personal circumstances. You'll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being. Are you ready to shape your future with confidence? Apply today. EY accepts applications for this position on an on-going basis. For those living in California, please click here for additional information. EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. EY | Building a better working world EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets. Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow. EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories. EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status, or any other legally protected basis, including arrest and conviction records, in accordance with applicable law. EY is committed to providing reasonable accommodation to qualified individuals with disabilities including veterans with disabilities. If you have a disability and either need assistance applying online or need to request an accommodation during any part of the application process, please call 1-800-EY-HELP3, select Option 2 for candidate related inquiries, then select Option 1 for candidate queries and finally select Option 2 for candidates with an inquiry which will route you to EY's Talent Shared Services Team (TSS) or email the TSS at **************************.

At Arete, we are on the forefront of utilizing innovative solutions, with great minds from all backgrounds, to help solve the nation's most complex security challenges. We strive for an inclusive, collaborative team environment that approaches differences as opportunities for innovation and excellence. As an employee-owned company, we foster an atmosphere that propels diverse career opportunities and professional growth. Discover your future with us. Arete is seeking an experienced Principal Industrial Security Analyst/CPSO. This is a multidisciplinary security position requiring an experienced and knowledgeable security professional to support Special Programs. The Contractor Program Security Officer (CPSO) is responsible for the execution and sustainment of comprehensive security programs for assigned efforts with contractually mandated security requirements that exceed standard NISPOM (32 CFR Part 117) compliance. The CPSO serves as a liaison to government security representatives, ensuring full alignment with DoD policy and directives while maintaining a proactive and audit-ready security posture across all assigned programs. This position is based at our Northridge, CA office and is an exempt, non-supervisory, full-time position. Key Responsibilities: * Serve as the Contractor Program Security Officer (CPSO) ensuring full compliance with DoD security requirements as outlined in DoDM 5205.07 Volumes. * Interpret and apply policy guidance and security classification guides (SCGs) to ensure continued DoD compliance-driven security practices across all program elements. * As a member of the Security team, you will support all aspects of program security administration, including Personnel Security (PERSEC), Security Education, Training, and Awareness (SETA), Operations Security (OPSEC), document control/inventories, visitor control, supporting hosted program meetings, etc. in coordination with internal and external stakeholders. * Ensure timely submission and management of program access requests (PARs), nomination packages, and eligibility actions within DISS and other applicable systems as directed by Program Management. * Conduct indoctrinations, debriefings, and security training for program personnel in accordance with government directives. Accomplish and retain Lead Trainer status. * In coordination with the Contractor Program Security Manager (CPSM) and other security team members review program-specific documentation as required, (e.g., Standard Operating Procedures (SOP), Fixed Facility Checklists (FFC), Emergency Action Plan (EAP), Concept of Operations (ConOps), Media Control Plan, etc. * Prepare for and support government security reviews, inspections, audits, and self-inspections. Implement corrective actions and maintain a state of readiness. * Support secure facility operations in accordance with ICD 705 requirements, including alarm monitoring, guard testing, UL2050 inspections, TEMPEST compliance, etc. * Track and report security incidents, conduct preliminary inquiries, and support investigations in conjunction with the Security Manager and government sponsors. * Assist with the review and approval of technical documents, ensuring proper classification markings and adherence to security classification guidance. * Demonstrate proficiency with/utilize specific databases to determine personnel eligibility to access classified information - DISS, JADE, Enterprise Security Systems (SIMS), and other databases and record-keeping repositories. * Interface with government customers, contractors, employees, and all levels of management. * Responsible for the daily handling of Personally Identifiable Information (PII), Controlled Unclassified Information (CUI), and clearance-related data in compliance with the Privacy Act and DoD policies; must demonstrate discretion and sound judgment in the protection and management of sensitive information. * Maintain proficiency and currency in security policy and operational practices through continuous training and engagement with the security community. Additional Responsibilities: * Support after-hours and emergency response activities related to alarms or ICD705 construction. * Assist with enforcement of prohibited electronic device (PED) policies and perform entry/exit inspections as required. * Support additional security tasks or projects as assigned by the CPSM. We have an impressive range of benefits, programs, and perks that we offer: Health & Wellness: * Medical, Dental & Vision Insurance * Life and Long-Term Disability (LTD) * Vision Reimbursement * Fitness Reimbursement Financial: * 401(k) Retirement Plan Contributions * Employee Stock Ownership Plan (ESOP) * Continuing Education Assistance Work-Life Balance: * Flexible Scheduling * Paid Time Off (PTO) * Paid Parental and Bereavement Leave What We Value: * Creativity and innovation in solving challenges * Integrity and responsibility in all actions * Collaboration across teams and specialties * Responsiveness in fast-paced environments * Passion for national security and excellence Experiences and Background We Look For: * U.S. Citizenship and active Top-Secret clearance required; must be eligible to obtain and maintain a TS/SCI with polygraph. * Minimum of 10 years of progressively responsible experience in Program Security, Physical Security, and direct support as a CPSO/CSSO, including extensive experience managing Special Access Programs (SAPs) in compliance with DoD, NISPOM, and ICD requirements. * Individual must be reliable, dependable and trustworthy. * Excellent verbal and written communication skills are critical. * Must be able to prioritize assignments, manage multiple tasks simultaneously, and work well under deadlines with minimal supervision, often in fast-paced environments requiring quick turnaround. * Proficient in Windows 10 and Microsoft Office Suite, to include: Microsoft Word, PowerPoint, Excel and Outlook. * Strong interpersonal and communication skills, with a collaborative mindset is essential. * Must be able to walk, stand, and sit for extended periods as part of routine facility inspections and escort duties. * Comfortable working at elevated heights or in construction areas with PPE (e.g., hard hats, gloves, safety glasses). * 6-month probationary period may apply. * Must be willing and able to travel (10-15%) as needed for assessments or inspections at other Arete sites. Nice to have: * FSO training certificate * COMSEC Custodian certificate or experience required. Complete IAEC-2112 COMSEC Training Course six months after being appointed as Alternate COMSEC Account Manager * Courier preparation procedures * Experience developing and implementing OPSEC plans * Knowledge of Access Control and Intrusion Detection Systems * Experience conducting Security incident inquiries * Resourceful in solving problems and capitalizing on opportunities * Professional Certifications/Affiliations The salary range for this role is $90,000/yr to $140,000/yr; however, Arete considers several factors when extending an offer of employment, including but not limited to: the position and associated responsibilities, a candidate's work experience, education/training, and key skills. Other Considerations Areté is committed to the principles of equal employment opportunity and nondiscrimination, and we believe every person has the right to be treated with fairness, dignity, and equal consideration. Areté is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender identity, marital status, national origin, age, veteran status, disability, or any other characteristic protected by applicable federal, state, or local law. U.S. citizenship is required to meet position eligibility. Successful passage of a criminal background screen is required to meet position eligibility. Selected applicants will be subject to a government security investigation and must meet eligibility requirements for access to classified information. Areté will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of the Los Angeles Fair Chance Initiative for Hiring. Successful passage of a Department of Transportation (DOT) drug test is required to meet position eligibility. If you are a qualified individual with a disability or a disabled veteran, you have the right to request an accommodation if you are unable or limited in your ability to use or access our website because of your disability. To request an accommodation, please contact Areté Human Resources at ************ for assistance.

Job DescriptionISSOEmployment Type: Full-Time, Experienced Department: Information Technology CGS is seeking an Information Systems Security Officer (ISSO) with DIACAP and/or RMF experience who has deep expertise in security assessment documentation to support Dept. of Commerce systems and efforts to achieve their Authorization to Operate (ATO). This position is located at the client site in the Herbert Hoover building in Washington, DC. The scope of this position includes full life-cycle Assessment and Authorization (A&A) management through all 6 Steps of the RMF process in support of the Government ISSM.In this role, you'll conduct security assessment, and information system security oversight activities in accordance with NIST 800.53 that support systems from the perspective RMF requirements. CGS brings motivated, highly skilled, and creative people together to solve the government's most dynamic problems with cutting-edge technology. To carry out our mission, we are seeking candidates who are excited to contribute to government innovation, appreciate collaboration, and can anticipate the needs of others. Here at CGS, we offer an environment in which our employees feel supported, and we encourage professional growth through various learning opportunities. Skills and attributes for success:- Review systems to identify potential security weaknesses and recommend improvements to amend vulnerabilities, implement changes, and document upgrades. - Maintain responsibility for managing cybersecurity risk from an organizational perspective. - Identify organizational risks, prioritize those risks, and maintain a risk registry for escalating and presenting those risks to senior leadership.- Provide security guidance and IS validation using the National Institute of Standards and Technology (NIST) RMF, DoC, and local security policies.- Providing configuration management (CM) recommendations for information system security software, hardware, and firmware and coordinating changes and modifications with the ISSM, Security Control Assessor (SCA), and Authorizing Official (AO).- Maintain vulnerability scanning tool compliance, such as HBSS or ACAS, and patch management, such as IAVM to ensure IT staff pushes patches to all systems in an effort to maintain compliance with all applicable directives, manage system changes, and assess the security impact of those changes.- Support security authorization activities, including transitioning from the legacy Information Assurance Certification and Accreditation Process (DIACAP) to compliance with the DoC RMF.- Provide subject matter expertise for cyber security and trusted system technology. - Apply advanced technical knowledge and analysis of specialized functional areas in task requirements to develop solutions to complex problems.- Research, write, review, disposition feedback, and finalize recommendations regarding cyber security policy, assessment and authorization assessments (A&As), security test and evaluation reports, and security engineering practices and processes. - Conduct research and write risk assessment reports to include risk thresholds, evaluation, and scoring.- Support analysis of the findings and provide expert technical guidance for mitigation strategies, including implementation advice on the cyber security risk findings, and other complex problems. Qualifications:- Bachelor's Degree.- A minimum of five (5) years experience as an Information Assurance (IA) Analyst, ISSE, ISSO, or similar role in ATO package development, including generating security documentation for requirements, security control assessment, STIG and IAVA compliance, Standard Operating Procedures, test results, etc.- eMASS experience.- Professional security certification such as: CCNA Security, CySA+, GICSP, GSEC, CompTIA Security+ CE, SSCP, or higher.- Strong desktop publishing skills using Microsoft Word and Excel.- Experience with industry writing styles such as grammar, sentence form, and structure.- Ability to multi-task in a deadline-oriented environment. Ideally, you will also have:- CISSP, CASP, or a similar certificate is preferred.- Master's Degree in Cybersecurity or related field.- Strong initiative, detail orientation, organizational skills, and aptitude for analytical thinking.- Demonstrated ability to work well independently and as a part of a team.- Excellent work ethic and a high commitment to quality. Our Commitment:Contact Government Services (CGS) strives to simplify and enhance government bureaucracy through the optimization of human, technical, and financial resources. We combine cutting-edge technology with world-class personnel to deliver customized solutions that fit our client's specific needs. We are committed to solving the most challenging and dynamic problems. For the past seven years, we've been growing our government contracting portfolio, and along the way, we've created valuable partnerships by demonstrating a commitment to honesty, professionalism, and quality work. Here at CGS we value honesty through hard work and self-awareness, professionalism in all we do, and to deliver the best quality to our consumers mending those relations for years to come. We care about our employees. Therefore, we offer a comprehensive benefits package.Health, Dental, and VisionLife Insurance 401k Flexible Spending Account (Health, Dependent Care, and Commuter) Paid Time Off and Observance of State/Federal Holidays Contact Government Services, LLC is an Equal Opportunity Employer. Applicants will be considered without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Join our team and become part of government innovation!Explore additional job opportunities with CGS on our Job Board:**************************************** more information about CGS please visit: ************************** or contact:Email: ******************* #CJ We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

About the role Crunchyroll is growing and changing, presenting unique challenges and opportunities to support millions of anime fans around the world. The Fan Experiences Services & Tools team provides seamless help to our partners and internal stakeholders, ensuring an exceptional experience for all Crunchyroll fans. Our charter is focused on helping our internal and external teams around the world integrate, test, and deploy the Crunchyroll applications quickly and with the highest levels of quality. We do this with tools and infrastructure that optimize the developer experience. We tie it all together with sophisticated automated testing and productivity solutions designed to support our culture of experimentation, autonomy and ownership. Our goal is to focus on delivering the best possible anime fan experience. You will: * Security Strategy & Leadership: Lead, mentor, and grow the Application Security team. Define the long-term roadmap for Mobile, Desktop, and Game security to proactively mitigate reverse engineering, piracy, and cheating. * Binary Defense Architecture: Oversee the design and implementation of binary protection strategies. Direct the evaluation and integration of anti-tamper, obfuscation, and RASP solutions (e.g., Promon, Guardsquare) ensuring minimal impact on game FPS, app performance and user experience. * Game Integrity & Anti-Cheat: Collaborate with game studios to design "server-authoritative" economies and implement client-side detections for memory manipulation, touch macros, and modded APKs. * Trust & Identity Management: Architect robust chains of trust for the ecosystem. Manage code signing certificates, secure boot processes, and the integration of hardware-backed storage (TEE) for sensitive keys. * Vulnerability Research & Validation: Lead internal or external "red team" initiatives using reverse engineering tools (IDA Pro, Frida) to simulate attacks against our apps and games. Validate the effectiveness of binary defenses and attestation checks before release. * Content Protection Engineering: Collaborate with media engineering to harden DRM implementations (Widevine, FairPlay). Ensure secure handling of media keys and enforce output protection (HDCP). In the role of Staff Product Security Engineer, you will report to the Senior Director of Fan Experience Engineering Service & Tools. We are considering applicants for the location of Dallas, Los Angeles, or San Francisco. About You We get excited about candidates, like you, because you have... * Binary Application Construction: Solid understanding of how applications are constructed, including compilers, linkers, dynamic loaders, ABI interaction, and executable formats (ELF, Mach-O, PE). * Game Engine & Anti-Cheat Security: Solid understanding of Unity (IL2CPP) and Unreal Engine security architectures. Experience designing defenses against game-specific attacks: memory editors (GameGuardian), speed hacks, wallhacks, and protecting asset integrity (AssetBundles). * Cryptography & Chain of Trust: Comprehensive experience with cryptographic primitives (hashing, digests) and Public Key Infrastructure (PKI), including managing digital certificates and establishing chains of trust for code signing and secure boot. * Anti-Tamper & Ecosystem: Proven track record evaluating and implementing commercial shielding (Promon, Guardsquare, Verimatrix) and platform attestation (Google Play Integrity, Apple App Attest) for both apps and games. * Content Protection & DRM: Experience with Google Widevine, Apple FairPlay, and Microsoft PlayReady, including HDCP enforcement and screen recording prevention. * Reverse Engineering & Analysis: Hands-on experience with tools (IDA Pro, Ghidra, Frida, Il2CppDumper) to simulate attacks, analyze game logic, and validate the resilience of binary protections. * TBD: Mobile Security Standards: Relevant certifications OWASP MASVS and the OWASP Mobile Top 10, with the ability to map these standards to engineering roadmaps. * Web & Network Security: Experience securing web standards within application contexts, including HTTPS/TLS, cookie security (Secure, HttpOnly, SameSite), local storage, and Content Security Policy (CSP). * Hybrid App & WebView Security: Expert handling of WebView bridges (WKWebView), ensuring secure data exchange between native and web contexts. * Hardware-Backed Security: Experience utilizing TEEs (Secure Enclave, TrustZone, TPM) for secure key storage, cryptographic operations, and offline license management. * DevSecOps & Supply Chain: Experience automating security (SAST/DAST) within CI/CD pipelines and managing third-party SDK risks (supply chain attacks). About the Team The Fan Experiences Engineering team at Crunchyroll plays a pivotal role in enhancing and expanding our users' experiences. We collaborate extensively with a diverse network of device, payment, and gaming partners to broaden the reach of Crunchyroll's offerings. Our primary objective is to drive growth, open up new acquisition channels, and optimize both the scope and quality of our services. Situated at the crossroads of technology and business, we are dedicated to continually enabling experiences that delights our fans. Why you will love working at Crunchyroll In addition to getting to work with fun, passionate and inspired colleagues, you will also enjoy the following benefits and perks: * Receive a great compensation package including salary plus performance bonus earning potential, paid annually. * Flexible time off policies allowing you to take the time you need to be your whole self. * Generous medical, dental, vision, STD, LTD, and life insurance * Health Saving Account HSA program * Health care and dependent care FSA * 401(k) plan, with employer match * Employer paid commuter benefit * Support program for new parents * Pet insurance and some of our offices are pet friendly! #LifeAtCrunchyroll #LI-Hybrid

General information Requisition # R64697 Posting Date 12/15/2025 Security Clearance Required TS/SCI Remote Type Onsite Time Type Full time Description & Requirements Shape the future of defense with MANTECH! Join a team dedicated to safeguarding our nation through advanced tech and innovative solutions. Since 1968, we've been a trusted partner to the Department of Defense, delivering cutting-edge projects that make a real impact. Dive into exciting opportunities in Cybersecurity, IT, Data Analytics and more. Propel your career forward and be part of something extraordinary. Your journey starts now-protect and innovate with MANTECH! MANTECH seeks a motivated, career and customer-oriented Acquisition Security Analyst II to join our team in El Segundo, CA. The Acquisition Security Analyst II will assist the Government Program Manager with the development and implementation of comprehensive program protection methodologies to protect advanced technology programs throughout the system's lifecycle. Responsibilities include but are not limited to: * In-depth lifecycle program analysis to identify critical program information (CPI), Critical System Resources (CSR), and their associated vulnerabilities. Assist with the identification and implementation of countermeasures. Develop and implement a risk management-based program protection plan and strategy. * Provide security recommendations to the PM, GSSO, and cognizant security authorities as to the Air Force acquisition and sustainment process. * Maintain a working relationship with the PM, Contracting Officer and contractor security officers to ensure a standardized and correct format/process is utilized for all DD Form 254 efforts throughout the acquisition and sustainment lifecycle, in coordination with Program Security Officers. * Conduct analysis of foreign intelligence threats against programs involving customer's critical research, sensitive technologies or CPI. * Prepare and produce analytical products from numerous resources, to include various databases, to ensure a real-time, tailored product is provided. * Write, review, and/or edit Security Classification Guides (SCG), Exposure Contingency Plans (ECP), Managed Access Plans (MAP), Security Operating Procedures (SOPs), System Test Plans (STP) * Provide technical analysis and OPSEC support to SMC or AFSPC Special programs and other associated operations, missions, and organizational elements involved in developing system requirements to associated systems RDT&E. Minimum Qualifications: * Bachelor's degree in a related area; an additional 4 years of related experience might be considered for a degree. * 10+ years of related experience with acquisition programs * 6+ years of experience with SCI programs. * Must be familiar with security policy/manuals and the appropriate ICDs/JAFANs/DOD Manuals and other guiding policy documents. * Must have extensive knowledge of the DD Form 254 and how it is incorporated in the Air Force acquisition process. * Willingness to travel within the scope of the Program's Area of Responsibility (AOR) (note- could be extensive, and will include both air and ground transportation) Preferred Qualifications: * 4+ years of experience with SAR program acquisitions desired. * Working knowledge of Microsoft Office (Word, PowerPoint, and Excel) * Possess a high degree of originality, creativity, initiative requiring minimal supervision. * Have the ability to work in a dynamic environment and effectively interact with numerous DOD, military/civilian personnel and industry partners. Security Clearance: * Current Top Secret Clearance with SCI Eligibility * Eligibility for access to Special Access Program Information * Willingness to submit to a polygraph. Physical Requirements: * Must be able to remain in a stationary position 50%. * Needs to occasionally move about inside the office to access file cabinets, office machinery, etc. * Constantly operates a computer and other office productivity machinery, such as a calculator, copy machine and computer printer. * Frequently communicates with co-workers, management and customers, which may involve delivering presentations. Must be able to exchange accurate information in these situations. The projected compensation range for this position is $117,500.00-$195,700.00. There are differentiating factors that can impact a final salary/hourly rate, including, but not limited to, Contract Wage Determination, relevant work experience, skills and competencies that align to the specified role, geographic location (For Remote Opportunities), education and certifications as well as Federal Government Contract Labor categories. In addition, MANTECH invests in its employees beyond just compensation. MANTECH's benefits offerings include, dependent upon position, Health Insurance, Life Insurance, Paid Time Off, Holiday Pay, short-term and long-term Disability, Retirement and Savings, Learning and Development opportunities, wellness programs as well as other optional benefit elections. MANTECH International Corporation considers all qualified applicants for employment without regard to disability or veteran status or any other status protected under any federal, state, or local law or regulation. If you need a reasonable accommodation to apply for a position with MANTECH, please email us at ******************* and provide your name and contact information.