Cyber security analyst jobs in Moorpark, CA - 116 jobs

A leading entertainment and media enterprise is seeking a Senior Software Engineer to enhance cybersecurity efforts. The role involves designing internal tools, managing security frameworks, and collaborating with compliance teams. Candidates should possess at least 5 years of software development experience, knowledge in DevSecOps, and familiarity with cloud technologies. This position is integral to securing information systems across various Disney platforms, supporting innovative consumer experiences and operational excellence. #J-18808-Ljbffr

WHO WE ARE: Headquartered in Southern California, Skechers-the Comfort Technology Company -has spent over 30 years helping men, women, and kids everywhere look and feel good. Comfort innovation is at the core of everything we do, driving the development of stylish, high-quality products at a great value. From our diverse footwear collections to our expanding range of apparel and accessories, Skechers is a complete lifestyle brand. ABOUT THE ROLE: Skechers is seeking a passionate Application Security Engineer to join our team and serve as a security champion who bridges the gap between development and security operations. This role is critical to strengthening our security posture by embedding security practices throughout the software development lifecycle and fostering a security-first culture across our development teams. The ideal candidate will be a hands-on security professional who thrives on collaboration, enjoys mentoring developers, and has the technical expertise to identify vulnerabilities while providing practical remediation guidance. You will play a pivotal role in scaling our application security program and ensuring our applications are secure by design. WHAT YOU'LL DO: Successfully integrate security practices into development workflows, resulting in measurable reduction of security vulnerabilities in production applications Conduct thorough security-focused code reviews that identify critical vulnerabilities while providing actionable feedback to development teams Establish and implement efficient processes for triaging, prioritizing, and tracking remediation of security findings with clear SLAs and accountability measures Enhance developer engagement through proactive security awareness initiatives, building trusted relationships that enable developers to implement secure coding practices throughout the development process. Assist with management and optimization of SAST, DAST, OSS, WAF, and other application security tools to maximize coverage and minimize false positives Provide analysis and support as needed during security incidents to contribute to faster resolution times WHAT YOU'LL BRING: Proficiency with application security tools including SAST, DAST, dependency scanning, and WAF technologies Strong understanding of common web application vulnerabilities (OWASP Top 10) and secure coding practices Experience with at least one programming language (Java, Python, JavaScript, C#, or similar) Knowledge of API security, authentication mechanisms, and authorization frameworks Familiarity with DevSecOps practices and CI/CD pipeline integration REQUIREMENTS: 3-5 years of hands-on application security experience with demonstrated expertise in secure code review Retail or e-commerce experience a plus The pay range for this position is $110,000-$155,000/yr USD.

A health tech firm in California is seeking an Applied AI Security Engineer to enhance security for health and wellness professionals. The ideal candidate will have extensive experience in AI/ML security solutions and a strong background in information security. Responsibilities include designing secure AI solutions, collaborating with product teams, and leading incident response efforts. The position offers a competitive salary ranging from $115,000 to $145,000 annually, along with a comprehensive benefits package. #J-18808-Ljbffr

Job Description Forhyre is seeking a talented individual that will be able to provide security architecture support and interface across the program as needed. This support includes, but is not limited to, cybersecurity solutions, providing technical strategy for solutions, guidance, policy, and implementations. The successful candidate for this position is a highly motivated individual, with a strong IT security background who excels integrating, operating, and deploying security technology and solutions and interacts well with both internal teams and clients. Note: U.S. citizens and those authorized to work in the U.S. are encouraged to apply. We are unable to sponsor at this time. Responsibilities: Engineer, implement and monitor security measures for the protection of computer systems, networks and information Develop and implement security policies and controls to support the Cyber Security framework Manage the existing cyber security training program across global, multilingual business Assists in ensuring global Information security program meets all industry regulations, standards, and compliance requirements Drive adoption of infrastructure security best practices and work with Information Technology teams to ensure security standards are maintained Implement technology to proactively scan Information Technology environment for security breaches and suspicious activity Continuous improvement in the areas of Information Security technologies, techniques and processes Develops and maintains an effective system for the distribution of regular key performance indicator reports and dashboard Ability to interpret penetration test results and describe issues and fixes to non-security expert Responsible for leading an accurate & comprehensive status reporting to the executive steering committee Create and implement SOP/ process improvement initiatives to achieve outcomes that align or exceed the expectations of strategic roadmap Skills & Experience Bachelor's degree and 12+ years of experience; additional years of directly applicable experience may be accepted in lieu of a degree. Certified Information Systems Security Professional (CISSP) 8+ years hands-on experience designing or implementing security solutions, including all related documentation and artifacts Analytical ability, problem-solving skills, and ability to break down complex problems into actionable steps Extensive experience in design and development of enterprise security architectures. Experience must include a wide range of work in creating diagrams and documentation with all components that comprise IT systems including network topology. Strong knowledge and experience in secure enterprise architecture design, especially with regard to IAM, NDR, EDR, SIEM, AI/ML, and other cybersecurity tools and resultant applications Experience selecting effective methods, techniques, and evaluation criteria to achieve desired outcomes Previous experience developing architectures, strategies, strategic plans, roadmaps, and technical standards for the federal IT enterprise environment. Vulnerability Assessment testing and/or Penetration Testing (preferred) Robotic Process Automation/Intelligent Automation (preferred) Business case development supporting security technology solutions (preferred) Additional certifications demonstrating cybersecurity/technical mastery (preferred)

RELOCATION ASSISTANCE: No relocation assistance available CLEARANCE TYPE: SecretTRAVEL: Yes, 25% of the TimeDescriptionAt Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work - and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they're making history. Put your skills to the test by pushing the boundaries of what's possible. From global defense to sustainment and modernization to mission readiness, your experience and ability will make it a reality. Our programs are built on equal parts of curiosity and collaboration. Our combined effort means our customers can connect and defend millions of people around the world. With Northrop Grumman, you'll have the opportunity to be an essential part of projects that will define your career, now and in the future. Northrop Grumman Defense Systems is seeking an Principal or Sr. Principal Industrial Security Analyst (3/4) for our Northridge, CA location. Roles and Responsibilities: Develops and administers physical security programs and procedures for classified or proprietary materials, documents, and equipment. Studies and implements federal security regulations that apply to company operations Obtains rulings, interpretations, and acceptable deviations for compliance with regulations from government agencies Prepares manuals outlining regulations, and establishes procedures for handling, storing, and keeping records, and for granting personnel and visitors access to restricted records and materials Conducts security education classes and security audits Ensures security compliance as a CSSO in accordance with DoDM 5205.07 Responsible for offsite and subcontractor security standups and posture ISA duties will include: CSSO for offsite and subcontractor sites associated with the program Support a fast-paced, high-profile program; creating, maintaining, and leveraging working relationships with internal and external customers Study and implement company and federal security policies, regulations, and procedures that apply to company operations Obtain rulings, interpretations, and acceptable deviations for compliance with regulations from government agencies Manage program security compliance and operations across multiple functions, including security SCIF and/or SAPF administration, PHYSEC, COMSEC, PERSEC, OPSEC, Contract Security, Security Education, Investigations, Visitor Control, and Document Control Management Develop and implement a security education and awareness program Conduct internal security audits. Investigate security violations and prepare reports specifying preventive action to be taken Ensure adherence to contractual guidance for classified programs and cleared facilities in accordance with the Security Statements of Work, DD Form 254, DoD Contract Security Classification Specifications guidance Assist program managers and professional staff in interpreting, applying, and complying with program Security Classification Guides (SCG) Provide personnel security (PERSEC) support to include but not limited to reviewing and processing required documentation in support of SCI and SAP nomination processes; maintain PERSEC databases; prepare and administer program indoctrination and debriefings; access, review, and submit clearance and access information using the appropriate government database and other information systems Provide facility security administration, documentation, and support: implement Standard Operating Procedures (SOP); conduct SCI and SAP security program self-inspections Provide security support for Sensitive Compartmented Information Facility (SCIF) and Special Access Program Facility (SAPF) build construction projects to include obtaining customer accreditation in accordance with SCI and SAP DoD Manuals, ICD, ICS Tech Spec, and other government requirements Manage and maintain UL-2050 Compliant Intrusion Detection Systems (IDS) and automated Access Control Systems (ACS) Other duties as assigned Basic Qualifications: Principal Industrial Security Analyst (level 3) Must have a high school diploma or GED with at least 9 years of related experience; OR 5 year of experience with a bachelor's degree Experience with any of the following: Government manuals (32 CFR Part 117, NISPOM, DODM 5205.07, etc.) Strong working knowledge of basic office automation tool suites such as MS Office (Word, Excel, PowerPoint) Excellent customer service and communication skills Must have an active Secret clearance Ability to maintain flexibility to deal with changing priorities and deadlines. Ability to work extended hours, in a fast paced, deadline driven environment, excellent communication skills speaking, writing skills and organized skills enabling effective communications CSSO Experience Ability to travel Basic Qualifications: Sr. Principal Industrial Security Analyst (level 4) Must have a high school diploma or GED with at least 12 years of related experience; OR 8 year of experience with a bachelor's degree Experience with any of the following: Government manuals (32 CFR Part 117, NISPOM, DODM 5205.07, etc.) Strong working knowledge of basic office automation tool suites such as MS Office (Word, Excel, PowerPoint) Excellent customer service and communication skills Must have an active Secret clearance Ability to maintain flexibility to deal with changing priorities and deadlines. Ability to work extended hours, in a fast paced, deadline driven environment, excellent communication skills speaking, writing skills and organized skills enabling effective communications CSSO Experience Ability to travel Preferred Qualifications: Experience Leading Security Teams from Subcontractors and Offsite Ability to work independently and follow projects through to completion. Current Top-Secret clearance Self-starter with minimal supervision Security experience in a manufacturing environment Supply Chain Security Experience Primary Level Salary Range: $94,200.00 - $141,200.00Secondary Level Salary Range: $117,500.00 - $176,300.00The above salary range represents a general guideline; however, Northrop Grumman considers a number of factors when determining base salary offers such as the scope and responsibilities of the position and the candidate's experience, education, skills and current market conditions.Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay. Annual bonuses are designed to reward individual contributions as well as allow employees to share in company results. Employees in Vice President or Director positions may be eligible for Long Term Incentives. In addition, Northrop Grumman provides a variety of benefits including health insurance coverage, life and disability insurance, savings plan, Company paid holidays and paid time off (PTO) for vacation and/or personal business.The application period for the job is estimated to be 20 days from the job posting date. However, this timeline may be shortened or extended depending on business needs and the availability of qualified candidates.Northrop Grumman is an Equal Opportunity Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO and pay transparency statement, please visit *********************************** U.S. Citizenship is required for all positions with a government clearance and certain other restricted positions.

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we're counting on your unique voice and perspective to help EY become even better. Join us and build an exceptional experience for yourself, and a better working world for all. The exceptional EY experience. It's yours to build. EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. Today's world is fuelled by vast amounts of information. Data is more valuable than ever before. Protecting data and information systems is central to doing business, and everyone in EY Information Security has a critical role to play. Join a global team of almost 950 people who collaborate to support the business of EY by protecting EY and client information assets! Our Information Security professionals enable EY to work securely and deliver secure products and services, as well as detect and quickly respond to security events as they happen. Together, the efforts of our dedicated team helps protect the EY brand and build client trust. Within Information Security we blend risk strategy, digital identity, cyber defense, application security and technology solutions as we consider the entire security lifecycle. You will join a team of hardworking, security-focused individuals dedicated to supporting, protecting and enabling the business through innovative, secure solutions that provide speed to market and business value. The opportunity Cyber Triage and Forensics (CTF) Incident Analyst will work as a senior member of the technical team responsible for security incident response for EY. The candidate will work as an escalation point for suspect or confirmed security incidents. Responsibilities include performing digital forensic analysis, following security incident response standard methodologies, malware analysis, identify indicators of compromise, support remediation or coordinate remediation efforts of a security incident, and develop documentation to support the security incident response process. Your key responsibilities Investigate, coordinate, bring to resolution, and report on security incidents as they are brought up or identified Forensically analyze end user systems and servers found to have possible indicators of compromise Analysis of artifacts collected during a security incident/forensic analysis Identify security incidents through ‘Hunting' operations within a SIEM and other relevant tools Interface and connect with server owners, system custodians, and IT contacts to pursue security incident response activities, including: obtaining access to systems, digital artifact collection, and containment and/or remediation actions Provide consultation and assessment on perceived security threats Maintain, manage, improve and update security incident process and protocol documentation Regularly provide reporting and metrics on case work Resolution of security incidents by identifying root cause and solutions Analyze findings in investigative matters, and develop fact based reports Be on-call to deliver global incident response Skills and attributes for success Resolution of security incidents by identifying root cause and solutions Analyze findings in investigative matters, and develop fact-based reports Proven integrity and judgment within a professional environment Ability to appropriately balance work/personal priorities To qualify for the role you must have Bachelors or Masters Degree in Computer Science, Information Systems, Engineering or a related field 5+ years experience in incident response, computer forensics analysis and/or malware reverse engineering; Understanding of security threats, vulnerabilities, and incident response; Understanding of electronic investigation, forensic tools, and methodologies, including: log correlation and analysis, forensically handling electronic data, knowledge of the computer security investigative processes, malware identification and analysis; Be familiar with legalities surrounding electronic discovery and analysis; Experience with SIEM technologies (i.e. Splunk); Deep understanding of both Windows and Unix/Linux based operating systems; Ideally, you'll also have Hold or be willing to pursue related professional certifications such as GCFE, GCFA or GCIH Background in security incident response in Cloud-based environments, such as Azure Programming skills in PowerShell, Python and/or C/C++ Understanding of the best security practices for network architecture and server configuration What we look for Demonstrated integrity in a professional environment Ability to work independently Have a global mind-set for working with different cultures and backgrounds Knowledgeable in business industry standard security incident response process, procedures, and life cycle Excellent teaming skills Excellent social, communication, and writing skills What we offer you The compensation ranges below are provided in order to comply with United States pay transparency laws. Other geographies will follow their local salary guidelines, which may not be a direct conversion of published US salary range/s. At EY, we'll develop you with future-focused skills and equip you with world-class experiences. We'll empower you in a flexible environment, and fuel you and your extraordinary talents in a diverse and inclusive culture of globally connected teams. Learn more. We offer a comprehensive compensation and benefits package where you'll be rewarded based on your performance and recognized for the value you bring to the business. The base salary range for this job in all geographic locations in the US is $87,700 to $164,000. The salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is $105,200 to $186,400. Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options. Join us in our team-led and leader-enabled hybrid model. Our expectation is for most people in external, client serving roles to work together in person 40-60% of the time over the course of an engagement, project or year. Under our flexible vacation policy, you'll decide how much vacation time you need based on your own personal circumstances. You'll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being. Are you ready to shape your future with confidence? Apply today. EY accepts applications for this position on an on-going basis. For those living in California, please click here for additional information. EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. EY | Building a better working world EY is building a better working world by creating new value for clients, people, society, and the planet, while building trust in capital markets. Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow. EY teams work across a full spectrum of services in assurance, consulting, tax, strategy, and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories. EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status, or any other legally protected basis, including arrest and conviction records, in accordance with applicable law. EY is committed to providing reasonable accommodation to qualified individuals with disabilities including veterans with disabilities. If you have a disability and either need assistance applying online or need to request an accommodation during any part of the application process, please call 1-800-EY-HELP3, select Option 2 for candidate related inquiries, then select Option 1 for candidate queries and finally select Option 2 for candidates with an inquiry which will route you to EY's Talent Shared Services Team (TSS) or email the TSS at **************************.

Wilshire Law Firm is a distinguished, award-winning legal practice with over 18 years of experience, specializing in Personal Injury, Employee Rights, and Consumer Class Action lawsuits. We are dedicated to upholding the highest standards of Excellence and Justice and are united in our commitment to achieve the best outcome for our clients. You will work side by side on a team of dynamic, collaborative, and client-focused professionals who are committed to delivering on our founding core values: Excellence, Teamwork, and Integrity. The Opportunity The Cybersecurity Engineer is responsible for designing, implementing, operating, and continuously improving the firm's security controls to protect sensitive client data, legal work product, and enterprise systems. This role operates at the intersection of security architecture, engineering, and operations, with a strong emphasis on risk reduction, regulatory compliance, incident readiness, and secure-by-design infrastructure. Accountable for Design and maintain security controls across network, endpoint, cloud, identity, and applications. Implement and manage tools such as SIEM, EDR/XDR, firewalls, MFA, PAM, DLP, and email security. Monitor and respond to security alerts and incidents, including post-incident analysis. Partner with IT and application teams to embed security into systems and deployments. Conduct vulnerability scanning, risk assessments, and remediation tracking. Enforce least-privilege access and support identity lifecycle management. Support compliance efforts and provide audit and client security documentation. Automate security operations and improve monitoring, reporting, and controls. Qualifications 3-7+ years of hands-on cybersecurity or security engineering experience. Experience with enterprise security tools (SIEM, EDR/XDR, firewalls, IAM). Strong understanding of networking and system security (Windows/Linux). Experience securing cloud environments (Azure, AWS, or GCP). Ability to lead or support real-world incident response efforts. Familiarity with scripting or automation (PowerShell, Python, or Bash). Experience in regulated or high-confidentiality environments. Relevant certifications such as CISSP, CISM, or cloud security certs (preferred). Compensation $130,000-$170,000 per year depending on experience Benefits Paid time off and paid holidays Opportunities for growth and advancement Team outings and sponsored events Employee referral bonus programs Firm-paid Medical HMO with affordable upgrades Firm-paid Life and AD&D insurance Low-cost Dental and Vision plans 401k FSA (Flexible Spending Account) EAP (Employee Assistance Program) Pet Insurance Strive for Excellence. Fight for Justice. Foster Unity. Wilshire Law Firm celebrates being an equal employment opportunity provider to all people in accordance with all applicable laws. We are committed to providing reasonable accommodations to assist individuals with disabilities during the application process and to facilitate their performance of essential job functions throughout their employment. Join Wilshire Law Firm Los Angeles, Irvine, San Diego, Oakland, Sacramento, Riverside, Torrance

CHAOS Industries is redefining modern defense with omniscient systems purpose-built for today's realities. Designed and built by top U.S. military veterans and Silicon Valley innovators, CHAOS Industries' products are powered by Coherent Distributed Networks (CDN™), empowering warfighters, commercial air operators, and border protection teams to act faster, adapt rapidly, and stay ahead of evolving threats. In a world where technological threats move at unprecedented speed, CHAOS Industries delivers advanced sensing and detection solutions that give the ultimate advantage: time. CHAOS Industries was founded in 2022 and has raised $1B in total funding from leading investors including 8VC, Accel, and NEA. The company is headquartered in Los Angeles, with offices in Washington, D.C., San Francisco, and London. For more information, please visit ***************** Role Overview: As a Cybersecurity Engineer at our vibrant Los Angeles headquarters, you will serve as the primary point of contact for all Cybersecurity needs. In this hands-on role, you'll ensure a challenging balance of Cybersecurity and Enablement across the enterprise. You will be one of the first SOC/IR-focused hires and help build our internal SOC and capabilities from the ground up. You'll work closely with the IT team and contribute to company-wide IT initiatives, infrastructure upgrades, and process improvements, providing security inputs and advising best practice, in a dynamic, fast-paced workplace. Responsibilities: Help build and manage the SOC/IR Team and their platforms and processes. Co-own implementation of multiple enterprise Cybersecurity programs. Assist with security architecture reviews, roll outs, enhancements and initiatives. Research and implement security automations and partner with IT and other teams to implement into processes, procedures and baselines. Design, document and implement security solutions for cloud-based systems, including IAM, network security, data protection, DevSecOps, and compliance. Utilize cloud security best practices, including encryption, authentication, authorization, and audit capabilities. Maintain technical proficiency and certifications relevant to security solutions and architectures. Work full-time onsite out of our office in Los Angeles (Hawthorne), California. Minimum Requirements: Bachelor's degree or equivalent experience in business, computer science, or management information systems. 5+ years of experience in technology-driven security solutions within defense or related industries. Deep Experience with EDR, Firewall, SIEM, and other common Cybersecurity solutions. Experience in IT security risk assessments and industry frameworks (NIST 800 series, CMMC, CIS Controls, etc). Strong knowledge of Identity and Access Management (IAM), cryptography, key management, access controls, and security protocols (e.g., Multi-factor, SAML, OAuth, etc). Expertise in Azure/AWS Infrastructure services and cloud security best practices. Strong analytical, system design, and communication skills. Self-motivated, proactive problem solver with the ability to prioritize tasks in a fast-paced, high-pressure environment. Preferred Requirements: Experience either as a SOC Analyst or SOC Engineer Experience with scripting, automations and integration of multiple platforms and data sources. Eligible to obtain and maintain an active U.S. Secret/Top Secret security clearance. Why CHAOS? Health Benefits: Medical, dental, and vision benefits 100% paid for by the company Additional benefits: 401k (+ 50% company match up to 6% of pay), FSA, HSA, life insurance, and more Our Perks: Free daily lunch, ‘No meeting Fridays', unlimited PTO, casual dress code Compensation Components: Competitive base salaries, generous pre-IPO stock option grants, relocation assistance, and (coming soon!) annual bonuses Team Growth: 200 employees and counting across 5 global offices Salary Range: $130,000 - $170,000 The stated compensation range reflects only the targeted base compensation range and excludes additional earnings such as bonus, equity, and benefits. If your compensation requirements fall outside of the range, we still encourage you to apply. The salary range for this role is an estimate based on a range of compensation factors, inclusive of base salary only. Actual salary offer may vary based on (but not limited to) work experience, education and/or training, critical skills, and/or business considerations. #LI-onsite

Job Description Mount Indie is seeking a highly skilled and experienced Cyber Accreditation Specialist with 5+ years of experience for Department of Defense (DoD) programs at the Naval Base Point Mugu located near Camarillo, CA. The Cyber Accreditation Specialist will be responsible for the development, coordination, and maintenance of cyber accreditation packages, primarily focusing on Risk Management Framework (RMF) artifacts, inheritance mapping, and Plan of Action & Milestones (POA&M) management supporting the Navy's Authority To Operate initiatives. This role ensures compliance with relevant DoD and federal cybersecurity guidelines and contributes to our organization's mission support objectives by securing critical Navy information systems. Responsibilities Cyber Accreditation Package Development: Develop and maintain RMF artifacts, including System Security Plans (SSP), generate & control implementation evidence, inheritance maps, and POA&Ms Coordination and Compliance: Coordinate with Authorizing Officials (AO) and Information System Security Managers (ISSM) to define an Authority to Operate (ATO) plan, develop an interim risk acceptance strategy, and manage control inheritance from enterprise services and range systems Reference Compliance: Ensure that all activities and documentation are compliant with the latest DoD and federal cybersecurity standards, such as: DoDI 8510.01 Risk Management Framework (RMF) NIST SP 800-53 Rev. 5 NIST SP 800-171 (CUI) DoD Zero Trust Reference Architecture DoD Cloud Security Requirements Guide (SRG) / FedRAMP baselines (aligned to IL5 unless otherwise directed) Qualifications 5+ years of experience in cybersecurity, specifically in the development and coordination of cyber accreditation packages BS or BA degree in Cybersecurity, Information Technology, or a related field. An additional 6 years of relevant work experience may be substituted for a bachelor's degree, or 4 additional years of work experience with a relevant associate degree. Active Secret Clearance Demonstrated experience with RMF, SSP development, and POA&M management Familiarity with DoD and federal cybersecurity guidelines, including DoDI 8510.01, NIST SP 800-53 Rev. 5, NIST SP 800-171, DoD Zero Trust Reference Architecture, and DoD Cloud SRG/FedRAMP baselines Strong analytical and problem-solving skills Ability to effectively coordinate and communicate with various stakeholders, including AO, ISSM, and other cybersecurity professionals Current Security+ Certificate IAM Level 2 as per DoD Directive 8570.01; and experience working with the DIACAP/Risk Management Framework processes Excellent communication and interpersonal skills-verbal, non-verbal, written, and listening-for staff, customer and organizational level communications, both formal and informal Ability to work independently, self-starter Working knowledge and use of Microsoft Office suite programs, MS Word, Excel, Access, and PowerPoint Preferred Qualifications: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or equivalent certification Experience with cloud security and FedRAMP compliance

At Arete, we are on the forefront of utilizing innovative solutions, with great minds from all backgrounds, to help solve the nation's most complex security challenges. We strive for an inclusive, collaborative team environment that approaches differences as opportunities for innovation and excellence. As an employee-owned company, we foster an atmosphere that propels diverse career opportunities and professional growth. Discover your future with us. Arete is seeking an experienced Principal Industrial Security Analyst/CPSO. This is a multidisciplinary security position requiring an experienced and knowledgeable security professional to support Special Programs. The Contractor Program Security Officer (CPSO) is responsible for the execution and sustainment of comprehensive security programs for assigned efforts with contractually mandated security requirements that exceed standard NISPOM (32 CFR Part 117) compliance. The CPSO serves as a liaison to government security representatives, ensuring full alignment with DoD policy and directives while maintaining a proactive and audit-ready security posture across all assigned programs. This position is based at our Northridge, CA office and is an exempt, non-supervisory, full-time position. Key Responsibilities: Serve as the Contractor Program Security Officer (CPSO) ensuring full compliance with DoD security requirements as outlined in DoDM 5205.07 Volumes. Interpret and apply policy guidance and security classification guides (SCGs) to ensure continued DoD compliance-driven security practices across all program elements. As a member of the Security team, you will support all aspects of program security administration, including Personnel Security (PERSEC), Security Education, Training, and Awareness (SETA), Operations Security (OPSEC), document control/inventories, visitor control, supporting hosted program meetings, etc. in coordination with internal and external stakeholders. Ensure timely submission and management of program access requests (PARs), nomination packages, and eligibility actions within DISS and other applicable systems as directed by Program Management. Conduct indoctrinations, debriefings, and security training for program personnel in accordance with government directives. Accomplish and retain Lead Trainer status. In coordination with the Contractor Program Security Manager (CPSM) and other security team members review program-specific documentation as required, (e.g., Standard Operating Procedures (SOP), Fixed Facility Checklists (FFC), Emergency Action Plan (EAP), Concept of Operations (ConOps), Media Control Plan, etc. Prepare for and support government security reviews, inspections, audits, and self-inspections. Implement corrective actions and maintain a state of readiness. Support secure facility operations in accordance with ICD 705 requirements, including alarm monitoring, guard testing, UL2050 inspections, TEMPEST compliance, etc. Track and report security incidents, conduct preliminary inquiries, and support investigations in conjunction with the Security Manager and government sponsors. Assist with the review and approval of technical documents, ensuring proper classification markings and adherence to security classification guidance. Demonstrate proficiency with/utilize specific databases to determine personnel eligibility to access classified information - DISS, JADE, Enterprise Security Systems (SIMS), and other databases and record-keeping repositories. Interface with government customers, contractors, employees, and all levels of management. Responsible for the daily handling of Personally Identifiable Information (PII), Controlled Unclassified Information (CUI), and clearance-related data in compliance with the Privacy Act and DoD policies; must demonstrate discretion and sound judgment in the protection and management of sensitive information. Maintain proficiency and currency in security policy and operational practices through continuous training and engagement with the security community. Additional Responsibilities: Support after-hours and emergency response activities related to alarms or ICD705 construction. Assist with enforcement of prohibited electronic device (PED) policies and perform entry/exit inspections as required. Support additional security tasks or projects as assigned by the CPSM. We have an impressive range of benefits, programs, and perks that we offer: Health & Wellness: Medical, Dental & Vision Insurance Life and Long-Term Disability (LTD) Vision Reimbursement Fitness Reimbursement Financial: 401(k) Retirement Plan Contributions Employee Stock Ownership Plan (ESOP) Continuing Education Assistance Work-Life Balance: Flexible Scheduling Paid Time Off (PTO) Paid Parental and Bereavement Leave What We Value: Creativity and innovation in solving challenges Integrity and responsibility in all actions Collaboration across teams and specialties Responsiveness in fast-paced environments Passion for national security and excellence Experiences and Background We Look For: U.S. Citizenship and active Top-Secret clearance required; must be eligible to obtain and maintain a TS/SCI with polygraph. Minimum of 10 years of progressively responsible experience in Program Security, Physical Security, and direct support as a CPSO/CSSO, including extensive experience managing Special Access Programs (SAPs) in compliance with DoD, NISPOM, and ICD requirements. Individual must be reliable, dependable and trustworthy. Excellent verbal and written communication skills are critical. Must be able to prioritize assignments, manage multiple tasks simultaneously, and work well under deadlines with minimal supervision, often in fast-paced environments requiring quick turnaround. Proficient in Windows 10 and Microsoft Office Suite, to include: Microsoft Word, PowerPoint, Excel and Outlook. Strong interpersonal and communication skills, with a collaborative mindset is essential. Must be able to walk, stand, and sit for extended periods as part of routine facility inspections and escort duties. Comfortable working at elevated heights or in construction areas with PPE (e.g., hard hats, gloves, safety glasses). 6-month probationary period may apply. Must be willing and able to travel (10-15%) as needed for assessments or inspections at other Arete sites. Nice to have: FSO training certificate COMSEC Custodian certificate or experience required. Complete IAEC-2112 COMSEC Training Course six months after being appointed as Alternate COMSEC Account Manager Courier preparation procedures Experience developing and implementing OPSEC plans Knowledge of Access Control and Intrusion Detection Systems Experience conducting Security incident inquiries Resourceful in solving problems and capitalizing on opportunities Professional Certifications/Affiliations The salary range for this role is $90,000/yr to $140,000/yr; however, Arete considers several factors when extending an offer of employment, including but not limited to: the position and associated responsibilities, a candidate's work experience, education/training, and key skills. Other Considerations Areté is committed to the principles of equal employment opportunity and nondiscrimination, and we believe every person has the right to be treated with fairness, dignity, and equal consideration. Areté is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender identity, marital status, national origin, age, veteran status, disability, or any other characteristic protected by applicable federal, state, or local law. U.S. citizenship is required to meet position eligibility. Successful passage of a criminal background screen is required to meet position eligibility. Selected applicants will be subject to a government security investigation and must meet eligibility requirements for access to classified information. Areté will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of the Los Angeles Fair Chance Initiative for Hiring. Successful passage of a Department of Transportation (DOT) drug test is required to meet position eligibility. If you are a qualified individual with a disability or a disabled veteran, you have the right to request an accommodation if you are unable or limited in your ability to use or access our website because of your disability. To request an accommodation, please contact Areté Human Resources at ************ for assistance.

About the Role:

at The Azoff Music Company LLC Information Security Analyst About the RoleWe are looking for an Information Security Ånalyst to operate and maintain our information security systems. As a mid-size entertainment company with global reach, we manage sensitive intellectual property and digital assets that demand the highest level of security. This role will be responsible for helping to design, implement, and maintain a robust information security program that aligns with business objectives and compliance requirements. Key Responsibilities Governance, Risk Management, and Compliance Establish and maintain security policies, standards, and procedures that comply with applicable regulations (e.g., GDPR, CCPA, SOC 2, ISO 27001, PCI-DSS). Oversee risk assessments and audits, ensuring remediation plans are executed effectively. Manage vendor security evaluations and third-party risk management programs. Operational Security Oversee incident detection, response, and recovery processes to ensure rapid containment and resolution of security events. Implement and monitor security controls across endpoints, networks, and cloud infrastructure. This may include selecting, implementing, and monitoring security software, reviewing network settings like firewall rules and access policies, inspecting hardware and software for vulnerabilities. Lead vulnerability management, penetration testing, and threat intelligence initiatives. Awareness and Culture Develop and deliver ongoing security training and awareness programs for all employees. Champion a culture of security across departments, ensuring staff understand their role in protecting company assets. Mentor junior technical staff on information security best practices, operations, and technology. Technology and Innovation Partner with IT and digital teams to integrate security into technology architecture and workflows. Evaluate and implement advanced security tools, automation, and analytics for proactive threat management. Stay current with emerging threats, trends, and technologies in cybersecurity and the entertainment industry. Qualifications Bachelor's degree in Computer Science, Information Security, or a related field. 5+ years of progressive experience in information security. Proven experience supporting enterprise security programs, preferably in media, entertainment, or technology environments. Strong knowledge of cloud security, identity and access management, and data loss prevention. Strong knowledge of Conditional Access Policies and Device Compliance in Microsoft Entra ID. Experience implementing and managing SSO and SCIM configurations. Familiarity managing PAM solutions like Microsoft Privileged Identity Management. Strong programming (Python) and/or scripting skills (PowerShell/Bash) Familiarity with common device management tools like Intune, Jamf, Mosyle, Addigy, etc. Professional certifications such as Security +, Network +, CISSP, CCSP or CASP, or similar highly desired. Excellent communication and stakeholder management skills - able to translate complex technical risks into clear business implications. The base salary range for this role is $120,000 - $150,000 depending upon experience.Our offices are located in Westwood Village, Los Angeles, CA. Employees work in the office Monday through Thursday and from home on Fridays. We offer a very competitive benefits package, annual bonus, and a creative and dynamic working environment. We are a fully vaccinated workforce. Successful candidates will be required to show proof of being vaccinated against COVID-19. You are up to date when you have received a two-dose series and a booster, or a single dose series and a booster. Reasonable accommodations will be considered on a case-by-case basis for exemptions to this requirement in accordance with applicable law. Disclaimer: This job description only provides an overview of job responsibilities that are subject to change. We are an Equal Opportunity Employer

ISSO Employment Type: Full-Time, Experienced Department: Information Technology CGS is seeking an Information Systems Security Officer (ISSO) with DIACAP and/or RMF experience who has deep expertise in security assessment documentation to support Dept. of Commerce systems and efforts to achieve their Authorization to Operate (ATO). This position is located at the client site in the Herbert Hoover building in Washington, DC. The scope of this position includes full life-cycle Assessment and Authorization (A&A) management through all 6 Steps of the RMF process in support of the Government ISSM.In this role, you'll conduct security assessment, and information system security oversight activities in accordance with NIST 800.53 that support systems from the perspective RMF requirements. CGS brings motivated, highly skilled, and creative people together to solve the government's most dynamic problems with cutting-edge technology. To carry out our mission, we are seeking candidates who are excited to contribute to government innovation, appreciate collaboration, and can anticipate the needs of others. Here at CGS, we offer an environment in which our employees feel supported, and we encourage professional growth through various learning opportunities. Skills and attributes for success: * Review systems to identify potential security weaknesses and recommend improvements to amend vulnerabilities, implement changes, and document upgrades. * Maintain responsibility for managing cybersecurity risk from an organizational perspective. * Identify organizational risks, prioritize those risks, and maintain a risk registry for escalating and presenting those risks to senior leadership. * Provide security guidance and IS validation using the National Institute of Standards and Technology (NIST) RMF, DoC, and local security policies. * Providing configuration management (CM) recommendations for information system security software, hardware, and firmware and coordinating changes and modifications with the ISSM, Security Control Assessor (SCA), and Authorizing Official (AO). * Maintain vulnerability scanning tool compliance, such as HBSS or ACAS, and patch management, such as IAVM to ensure IT staff pushes patches to all systems in an effort to maintain compliance with all applicable directives, manage system changes, and assess the security impact of those changes. * Support security authorization activities, including transitioning from the legacy Information Assurance Certification and Accreditation Process (DIACAP) to compliance with the DoC RMF. * Provide subject matter expertise for cyber security and trusted system technology. * Apply advanced technical knowledge and analysis of specialized functional areas in task requirements to develop solutions to complex problems. * Research, write, review, disposition feedback, and finalize recommendations regarding cyber security policy, assessment and authorization assessments (A&As), security test and evaluation reports, and security engineering practices and processes. * Conduct research and write risk assessment reports to include risk thresholds, evaluation, and scoring. * Support analysis of the findings and provide expert technical guidance for mitigation strategies, including implementation advice on the cyber security risk findings, and other complex problems. Qualifications: * Bachelor's Degree. * A minimum of five (5) years experience as an Information Assurance (IA) Analyst, ISSE, ISSO, or similar role in ATO package development, including generating security documentation for requirements, security control assessment, STIG and IAVA compliance, Standard Operating Procedures, test results, etc. * eMASS experience. * Professional security certification such as: CCNA Security, CySA+, GICSP, GSEC, CompTIA Security+ CE, SSCP, or higher. * Strong desktop publishing skills using Microsoft Word and Excel. * Experience with industry writing styles such as grammar, sentence form, and structure. * Ability to multi-task in a deadline-oriented environment. Ideally, you will also have: * CISSP, CASP, or a similar certificate is preferred. * Master's Degree in Cybersecurity or related field. * Strong initiative, detail orientation, organizational skills, and aptitude for analytical thinking. * Demonstrated ability to work well independently and as a part of a team. * Excellent work ethic and a high commitment to quality. Our Commitment: Contact Government Services (CGS) strives to simplify and enhance government bureaucracy through the optimization of human, technical, and financial resources. We combine cutting-edge technology with world-class personnel to deliver customized solutions that fit our client's specific needs. We are committed to solving the most challenging and dynamic problems. For the past seven years, we've been growing our government contracting portfolio, and along the way, we've created valuable partnerships by demonstrating a commitment to honesty, professionalism, and quality work. Here at CGS we value honesty through hard work and self-awareness, professionalism in all we do, and to deliver the best quality to our consumers mending those relations for years to come. We care about our employees. Therefore, we offer a comprehensive benefits package. Health, Dental, and Vision Life Insurance 401k Flexible Spending Account (Health, Dependent Care, and Commuter) Paid Time Off and Observance of State/Federal Holidays Contact Government Services, LLC is an Equal Opportunity Employer. Applicants will be considered without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Join our team and become part of government innovation! Explore additional job opportunities with CGS on our Job Board: ************************************* For more information about CGS please visit: ************************** or contact: Email: [email protected] #CJ $92,213.33 - $125,146.66 a year We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

Millennium Space Systems, A Boeing Company delivers affordable, high-performance space systems for exacting customers. At Millennium, you will be part of a close-knit team working on exciting technological problems. We work in an open environment where ideas are shared across all disciplines, and there are ample opportunities for advancement based on excellence. Superstars are welcome. At Millennium, we innovate and collaborate to make the world a better place. From the seabed to outer space, you can contribute to work that matters with a company committed to fostering an environment for every teammate that's welcoming, respectful and innovative, with great opportunities for professional growth. Find your future with us. Job Summary As an Information Systems Security Officer (ISSO) at Millennium Space Systems, you ensure that the classified and controlled systems Millennium is responsible for comply with all customer-defined security requirements and applicable federal regulations. This position's internal job code is Info Sec & Governance Spec. Our team is currently hiring for level 2. Responsibilities Perform daily and weekly information assurance activities, such as auditing, and working with the IT team to patch classified systems with the goal of maintaining all systems in compliance with corporate and government directives, regulations, and policies Create new and manage existing assessment and authorization packages and perform all tasks necessary to obtain and maintain authorization to operate (ATO). This includes items such as the implementation of security controls, writing procedures for, and conducting certification testing, facilitating third party certification and penetration testing, addressing plan of action and milestones (POA&M) items, and continuous monitoring activities Ensure system authorization packages take into consideration the requirements of government agencies and the owner/users of the systems such as program managers, system engineers, and developers Design and implement technical security controls for new and existing systems Participate in or lead planning and executing risk management activities such as disaster recovery, continuity of operations, and incident response Participate in or lead computer forensic activities such as using tools and techniques for attack reconstruction, root cause analysis, and providing solutions/recommendations Minimum Qualifications 2 years of experience within the IT and/or InfoSec industry Certification(s) and experience commensurate with Information Assurance Manager Level I (IAM Level I) as specified by DoDD 8140 Experience in classified environments (e.g.: Collateral, SCI, SAP) Working knowledge of the Risk Management Framework as provided by NIST Special Publication (SP) 800-37, controls provided in NIST SP 800-53, and assessments provided by NIST SP 800-53A and derived policies, such as the Intelligence Community Directive Number 503 (ICD-503) or the Joint Special Access Program (SAP) Implementation Guide (JSIG) Working knowledge and experience with completing and submitting accreditation or assessment and authorization packages Ability to audit and verify security controls as part of industry standard system hardening or in accordance with customer or government requirements Ability to communicate complex concepts with senior management, technical personnel, and external entities including senior representatives of the US Government and teammates Ability to audit, scan for vulnerabilities, and continuously monitor mixed computer system environments using vulnerability scanners, SIEMs, and various scripting languages This position requires an active U.S. Security Clearance (U.S. Citizenship Required). (A U.S. Security Clearance that has been active in the past 24 months is considered active) Preferred Qualifications Ability to participate in or manage Computer Incident Response Team (CIRT) activities, including computer forensic analysis Ability to analyze network traffic using common security devices such as wireshark, tcpdump, firewalls, and intrusion detection systems Summary Pay-Range Please note that the salary information shown below is a general guideline only of what is reasonably expected to be paid for the position. Salaries are based upon candidate experience and qualifications, as well as market and business considerations. Level 2: $38.41 - $56.49 Before applying, please note: Millennium is DDTC-registered, ITAR-compliant Company. This position is located at a facility that requires special access. Applicants MUST be U.S. citizens and eligible for a security clearance. Additionally, applicants must be willing to apply for and maintain a security clearance. We encourage all interested candidates to apply for any open position for which they feel they are qualified. Applicant Privacy Policy Mandatory Security Clearance and Access Process Disqualifying Criteria

**Be visionary** Teledyne Technologies Incorporated provides enabling technologies for industrial growth markets that require advanced technology and high reliability. These markets include aerospace and defense, factory automation, air and water quality environmental monitoring, electronics design and development, oceanographic research, deepwater oil and gas exploration and production, medical imaging and pharmaceutical research. We are looking for individuals who thrive on making an impact and want the excitement of being on a team that wins. **Job Description** Teledyne Controls is a global leader in delivering innovative avionics systems and data management solutions for both civil and military aircraft operators. Our cutting-edge technologies enable real-time access, analysis, and utilization of critical flight data, enhancing safety, efficiency, and operational performance across the aviation industry. Become part of a team that thrives on innovation and excellence in a dynamic, mission-driven environment. **Join Our Team as a Systems Security Engineer!** As an Entry-Level Avionics Security Engineer, you will play a key role in safeguarding next-generation avionics systems. This position combines hands-on testing, vulnerability analysis, and collaborative design support to ensure robust security across connected products. You'll work closely with engineering teams and customers to implement secure architectures, monitor emerging threats, and contribute to innovative solutions that meet stringent aerospace security standards. If you're ready to take on the challenge of securing cutting-edge avionics products and thrive in a dynamic environment, we want to hear from you! **Essential Duties and Responsibilities** include the following. Other duties may be assigned. + Collaborate with engineering teams, program management, and customers to define and communicate security requirements and updates. + Perform testing and validation of security features and controls to ensure compliance and effectiveness. + Contribute to security assessments, including risk analysis, threat modeling, and penetration testing activities. + Monitor and evaluate Common Vulnerabilities and Exposures (CVEs) for relevance to Teledyne products. + Execute test scenarios to assess product security resilience under various conditions. + Participate in trade studies and evaluations of security processes, tools, and technologies. + Support design teams in strengthening security architecture and implementing secure solutions for new and existing products. + Assist in customer-facing technical reviews, including preliminary and critical design presentations. + Stay informed on emerging security threats and trends to proactively enhance product security. + Contribute to the development and integration of security features for connected avionics systems. + Promote security awareness through education, communication, and best-practice initiatives. **Qualifications** + Bachelor degree in engineering or other technical field and 0-2 years of experience (can include coursework, projects and internships). + Basic understanding of Security Architecture principles, including cryptography, authentication, network security, and public key infrastructure mechanisms to secure product, network, and system boundaries, as well as inter-system communications. + Familiarity with networking concepts, including design and troubleshooting. + Basic knowledge of system design concepts and application development. + Awareness of security implementations in cloud environments, such as AWS. + Understanding of the design, auditing, analysis, support, and troubleshooting of security systems. + Basic knowledge of embedded system security and Linux. + Experience with scripting using Python, Bash, or PowerShell is a plus. + Must be a U.S. Person (includes U.S. citizens, lawful permanent residents, refugees, and asylees) **Salary Range:** $58,100.00-$77,400.000 **Pay Transparency** The anticipated salary range listed for this role is only an estimate. Actual compensation for successful candidates is carefully determined based on several factors including, but not limited to, location, education/training, work experience, key skills, and type of position. Teledyne conducts background checks on qualified applicants who receive a conditional offer of employment in accordance with applicable laws, regulations and ordinances. Background checks may include, but are not limited to, education verification, employment history and verification, criminal convictions, Motor Vehicle Report (MVR & driving history), reference check, credit checks/credit history and drug testing. All qualified applicants with arrest or conviction records will be considered for employment in accordance with the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act. Teledyne and all of our employees are committed to conducting business with the highest ethical standards. We require all employees to comply with all applicable laws, regulations, rules and regulatory orders. Our reputation for honesty, integrity and high ethics is as important to us as our reputation for making innovative sensing solutions. Teledyne is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age, or any other characteristic or non-merit based factor made unlawful by federal, state, or local laws. You may not realize it, but Teledyne enables many of the products and services you use every day **.** Teledyne provides enabling technologies to sense, transmit and analyze information for industrial growth markets, including aerospace and defense, factory automation, air and water quality environmental monitoring, electronics design and development, oceanographic research, energy, medical imaging and pharmaceutical research.

A leading entertainment and media enterprise is seeking a Senior Software Engineer to enhance cybersecurity efforts. The role involves designing internal tools, managing security frameworks, and collaborating with compliance teams. Candidates should possess at least 5 years of software development experience, knowledge in DevSecOps, and familiarity with cloud technologies. This position is integral to securing information systems across various Disney platforms, supporting innovative consumer experiences and operational excellence. #J-18808-Ljbffr

At SimplePractice, we are improving access to quality care by equipping health and wellness clinicians with all the tools they need to thrive in private practice. More than 250,000 providers trust SimplePractice to build their business through our industry‑leading software with powerful tools that simplify every part of practice management. From admin work to clinical care, our suite of innovative solutions work together to reduce administrative burden-empowering solo and small group practitioners to thrive alongside their clients. Recognized by MedTech Breakthrough as the Best Practice Management Solution Provider in 2024 and the Digital Health Awards in 2023, SimplePractice is proud to pave the future of health tech. The Role SimplePractice is a leading practice management platform for health & wellness professionals. We are dedicated to empowering practitioners to run their businesses more efficiently and securely. We are seeking an Applied AI Security Engineer who will play a pivotal role in safeguarding our platform. In this role, you will be a hands‑on builder and implementer, working closely with our innovative product and engineering teams to develop and deploy AI‑driven security solutions to protect our client data. You will actively contribute to enabling enhanced security capabilities, mitigating risks, ensuring compliance with healthcare regulations, and advancing our mission of securely empowering health & wellness professionals through reliable AI solutions. You've been a hands‑on, early adopter of AI technologies and understand the promise and the pitfalls. You've applied your knowledge to traditional security functions like cloud security, application security, security operations and are eager to take an AI‑first approach. You bring full stack skills that can develop and productionalize AI agents to help us scale our security capabilities. Responsibilities Applied AI Security Engineering Design, build, and implement secure AI solutions to automate our security function, serving as a hands‑on expert in secure AI implementation patterns. Enable our security team to move from AI as assistant to AI as automated enabler Collaborate with product teams to evaluate security implications of new AI features Actively develop and contribute code to AI security testing tools, including red team AI agents, to proactively identify and address vulnerabilities in new features and models. Lead incident response for AI‑related security events Integrate AI capabilities directly into security operations workflows to automate threat detection, incident response, and vulnerability management. AI Security Architecture & Strategy Design and implement security architecture for AI systems, including LLMs and ML platforms Develop security standards and patterns for AI development and deployment Threat modeling for AI features Establish security controls for model training and monitoring Translate AI security strategies into actionable development plans and prototypes. Evaluate AI vendors and SaaS providers for security, compliance and data protection Assess emerging AI security tools and technologies Review cloud‑based AI services for healthcare compliance Partner with legal and compliance teams ensure AI initiatives meet regulatory and contractual requirements Implement controls for data privacy, model integrity, and access management Develop metrics and reporting for AI security posture Liaison with customers and auditors on SimplePractice's approach to AI security and compliance Leverage AI and automation to operationalize security and compliance workflows, continuously monitoring and improving our security posture Desired Skills & Experience 5+ years of experience in information security, with recent focus on AI/ML systems Proven hands‑on experience in designing, developing, and deploying AI/ML security solutions, including expertise in model security, data poisoning prevention, prompt injection guardrails, and privacy‑preserving techniques. Strong background in security architecture and threat modeling Strong bias towards automating with AI as a partner Demonstrated experience in implementing AI security controls within a regulated environment, with a strong emphasis on practical application and automation. Degree in Computer Science, Cybersecurity, or a related field Experience implementing Nvidia NeMo guardrails, ModelArmor or similar LLM protect frameworks Demonstrated experience with serverless cloud technologies like Lambda, Cloud Run Knowledgeable in Amazon Bedrock, OpenAI APIs, Langchain, ADK or similar AI model platforms Strong software development background with proficiency in python, rust or similar languages, including experience with MLOps and DevSecOps practices and tools such as terraform. Understanding of healthcare compliance (HIPAA, HITECH) Excellent analytical, problem‑solving, and communication skills Ability to work independently to learn new technologies, processes, frameworks, and systems. Bonus Points A ‘hands‑on' security certification (SANS, CEH, etc) Experience in healthcare or medical device security Familiarity with AI ethics and responsible AI development practices Experience with containerization and orchestration technologies (e.g., Docker, Kubernetes) Experience contributing to open‑source AI security projects or developing internal AI security tools/frameworks. Familiarity with security automation and orchestration platforms (e.g., SOAR) and how AI can augment or replace these tools. Base Compensation Range $115,000 - $145,000 annually Base salary is one component of total compensation. Employees may also be eligible for an annual bonus or commission. Some roles may also be eligible for overtime pay. The above represents the expected base compensation range for this job requisition. Ultimately, in determining your pay, we'll consider many factors including, but not limited to, skills, experience, qualifications, geographic location, and other job‑related factors. We offer a competitive benefits program including: Medical, dental, vision, life & disability insurance 401(k) plan with company match Flexible Time Off (FTO), wellbeing days, paid holidays, and summer Fridays Mental health resources Paid parental leave & Backup Care Employee Resource Groups (ERGs) California Job Applicant Privacy Notice Thank you for your interest in opportunities at SimplePractice LLC (“SimplePractice” or “us” or “we” or “our”). Please note that when you submit your resume or application materials to us for employment purposes, you are subject to the SimplePractice California Job Applicant Privacy Notice. Equal Opportunity Employer Statement The legal stuff: All individuals that are seeking employment are considered without regards to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, pregnancy, veteran status, gender identity, gender expression, or sexual orientation. #J-18808-Ljbffr

At Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work - and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they're making history. Put your skills to the test by pushing the boundaries of what's possible. From global defense to sustainment and modernization to mission readiness, your experience and ability will make it a reality. Our programs are built on equal parts of curiosity and collaboration. Our combined effort means our customers can connect and defend millions of people around the world. With Northrop Grumman, you'll have the opportunity to be an essential part of projects that will define your career, now and in the future. Northrop Grumman Defense Systems is seeking an Principal or Sr. Principal Industrial Security Analyst (3/4) for our Northridge, CA location. **Roles and Responsibilities:** + Develops and administers physical security programs and procedures for classified or proprietary materials, documents, and equipment. Studies and implements federal security regulations that apply to company operations + Obtains rulings, interpretations, and acceptable deviations for compliance with regulations from government agencies + Prepares manuals outlining regulations, and establishes procedures for handling, storing, and keeping records, and for granting personnel and visitors access to restricted records and materials + Conducts security education classes and security audits + Ensures security compliance as a CSSO in accordance with DoDM 5205.07 + Responsible for offsite and subcontractor security standups and posture **ISA duties will include:** + CSSO for offsite and subcontractor sites associated with the program + Support a fast-paced, high-profile program; creating, maintaining, and leveraging working relationships with internal and external customers + Study and implement company and federal security policies, regulations, and procedures that apply to company operations + Obtain rulings, interpretations, and acceptable deviations for compliance with regulations from government agencies + Manage program security compliance and operations across multiple functions, including security SCIF and/or SAPF administration, PHYSEC, COMSEC, PERSEC, OPSEC, Contract Security, Security Education, Investigations, Visitor Control, and Document Control Management + Develop and implement a security education and awareness program + Conduct internal security audits. Investigate security violations and prepare reports specifying preventive action to be taken + Ensure adherence to contractual guidance for classified programs and cleared facilities in accordance with the Security Statements of Work, DD Form 254, DoD Contract Security Classification Specifications guidance + Assist program managers and professional staff in interpreting, applying, and complying with program Security Classification Guides (SCG) + Provide personnel security (PERSEC) support to include but not limited to reviewing and processing required documentation in support of SCI and SAP nomination processes; maintain PERSEC databases; prepare and administer program indoctrination and debriefings; access, review, and submit clearance and access information using the appropriate government database and other information systems + Provide facility security administration, documentation, and support: implement Standard Operating Procedures (SOP); conduct SCI and SAP security program self-inspections + Provide security support for Sensitive Compartmented Information Facility (SCIF) and Special Access Program Facility (SAPF) build construction projects to include obtaining customer accreditation in accordance with SCI and SAP DoD Manuals, ICD, ICS Tech Spec, and other government requirements + Manage and maintain UL-2050 Compliant Intrusion Detection Systems (IDS) and automated Access Control Systems (ACS) + Other duties as assigned **Basic Qualifications:** **Principal Industrial Security Analyst (level 3)** + Must have a high school diploma or GED with at least 9 years of related experience; OR 5 year of experience with a bachelor's degree + Experience with any of the following: Government manuals (32 CFR Part 117, NISPOM, DODM 5205.07, etc.) + Strong working knowledge of basic office automation tool suites such as MS Office (Word, Excel, PowerPoint) + Excellent customer service and communication skills + Must have an active Secret clearance + Ability to maintain flexibility to deal with changing priorities and deadlines. + Ability to work extended hours, in a fast paced, deadline driven environment, excellent communication skills speaking, writing skills and organized skills enabling effective communications + CSSO Experience + Ability to travel **Basic Qualifications:** **Sr. Principal Industrial Security Analyst (level 4)** + Must have a high school diploma or GED with at least 12 years of related experience; OR 8 year of experience with a bachelor's degree + Experience with any of the following: Government manuals (32 CFR Part 117, NISPOM, DODM 5205.07, etc.) + Strong working knowledge of basic office automation tool suites such as MS Office (Word, Excel, PowerPoint) + Excellent customer service and communication skills + Must have an active Secret clearance + Ability to maintain flexibility to deal with changing priorities and deadlines. + Ability to work extended hours, in a fast paced, deadline driven environment, excellent communication skills speaking, writing skills and organized skills enabling effective communications + CSSO Experience + Ability to travel **Preferred Qualifications:** + Experience Leading Security Teams from Subcontractors and Offsite + Ability to work independently and follow projects through to completion. + Current Top-Secret clearance + Self-starter with minimal supervision + Security experience in a manufacturing environment + Supply Chain Security Experience Primary Level Salary Range: $94,200.00 - $141,200.00 Secondary Level Salary Range: $117,500.00 - $176,300.00 The above salary range represents a general guideline; however, Northrop Grumman considers a number of factors when determining base salary offers such as the scope and responsibilities of the position and the candidate's experience, education, skills and current market conditions. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay. Annual bonuses are designed to reward individual contributions as well as allow employees to share in company results. Employees in Vice President or Director positions may be eligible for Long Term Incentives. In addition, Northrop Grumman provides a variety of benefits including health insurance coverage, life and disability insurance, savings plan, Company paid holidays and paid time off (PTO) for vacation and/or personal business. The application period for the job is estimated to be 20 days from the job posting date. However, this timeline may be shortened or extended depending on business needs and the availability of qualified candidates. Northrop Grumman is an Equal Opportunity Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO and pay transparency statement, please visit *********************************** U.S. Citizenship is required for all positions with a government clearance and certain other restricted positions.

About the Role: The Information Security Risk Specialist plays a critical role in safeguarding an organization's information assets by identifying, assessing, and mitigating security risks. This position involves developing and implementing risk management strategies that align with business objectives and regulatory requirements. The specialist will collaborate with cross-functional teams to ensure security controls are effective and that risk exposure is minimized.The ideal candidate must have an understanding of current and emerging technological trends and be able to implement appropriate security controls. Also requires an awareness of IT standards, regulations, and laws affecting financial institutions. They are responsible for examining applications from new customers, requesting supportive and missing data and information, and working with other departments to classify data. Understanding the way the Bank operates and the various internal and external factors that may affect its performance and information security is vital to this role. Strong communication skills are also necessary to communicate technological concepts and techniques in daily work. Analytical thinking skills are also crucial, as they must apply a high level of technical knowledge and skill while working in a fast-paced environment. This role also requires strong problem-solving skills and the ability to work independently to successfully perform the assigned tasks. Must learn effective methods to manage risk and have the ability to analyze complex data, interpret laws, and represent management views. Good understanding of all risk-related issues and procedures relating to bank products and services. Minimum Qualifications: * Bachelor's degree in Information Security, Computer Science, or a related field. * At least 3 years of experience in information security risk management or a similar role. * Strong understanding of risk assessment methodologies and information security frameworks such as NIST, ISO 27001, or CIS Controls. * Familiarity with regulatory requirements such as GDPR, HIPAA, or SOX. * Excellent analytical, communication, and problem-solving skills. Preferred Qualifications: * Professional certifications such as CISSP, CISM, CRISC, or equivalent. * Experience with security governance, risk, and compliance (GRC) tools. * Knowledge of cloud security risk management and emerging technologies. * Experience working in a large enterprise or highly regulated industry. * Advanced degree in cybersecurity, risk management, or business administration. Responsibilities: * Conduct comprehensive risk assessments to identify potential threats to information systems and data. * Develop, implement, and maintain risk management frameworks and policies in accordance with industry standards and regulations. * Collaborate with IT, compliance, and business teams to design and enforce security controls that mitigate identified risks. * Monitor and report on risk metrics, security incidents, and compliance status to senior management and stakeholders. * Stay current with evolving cybersecurity threats, vulnerabilities, and regulatory changes to update risk strategies accordingly. Skills: The Information Security Risk Specialist uses analytical skills daily to evaluate complex security risks and develop effective mitigation strategies. Communication skills are essential for collaborating with diverse teams and conveying risk findings to both technical and non-technical stakeholders. Proficiency with risk management frameworks and tools enables the specialist to implement structured and repeatable processes for assessing and managing risks. Knowledge of regulatory environments ensures that risk strategies comply with legal and industry standards. Additionally, staying informed about emerging threats and technologies allows the specialist to adapt risk management approaches proactively, maintaining a strong security posture.