Cyber security analyst jobs in Palm Desert, CA

WHO WE ARE: Headquartered in Southern California, Skechers-the Comfort Technology Company -has spent over 30 years helping men, women, and kids everywhere look and feel good. Comfort innovation is at the core of everything we do, driving the development of stylish, high-quality products at a great value. From our diverse footwear collections to our expanding range of apparel and accessories, Skechers is a complete lifestyle brand. ABOUT THE ROLE: Skechers is seeking a passionate Application Security Engineer to join our team and serve as a security champion who bridges the gap between development and security operations. This role is critical to strengthening our security posture by embedding security practices throughout the software development lifecycle and fostering a security-first culture across our development teams. The ideal candidate will be a hands-on security professional who thrives on collaboration, enjoys mentoring developers, and has the technical expertise to identify vulnerabilities while providing practical remediation guidance. You will play a pivotal role in scaling our application security program and ensuring our applications are secure by design. WHAT YOU'LL DO: Successfully integrate security practices into development workflows, resulting in measurable reduction of security vulnerabilities in production applications Conduct thorough security-focused code reviews that identify critical vulnerabilities while providing actionable feedback to development teams Establish and implement efficient processes for triaging, prioritizing, and tracking remediation of security findings with clear SLAs and accountability measures Enhance developer engagement through proactive security awareness initiatives, building trusted relationships that enable developers to implement secure coding practices throughout the development process. Assist with management and optimization of SAST, DAST, OSS, WAF, and other application security tools to maximize coverage and minimize false positives Provide analysis and support as needed during security incidents to contribute to faster resolution times WHAT YOU'LL BRING: Proficiency with application security tools including SAST, DAST, dependency scanning, and WAF technologies Strong understanding of common web application vulnerabilities (OWASP Top 10) and secure coding practices Experience with at least one programming language (Java, Python, JavaScript, C#, or similar) Knowledge of API security, authentication mechanisms, and authorization frameworks Familiarity with DevSecOps practices and CI/CD pipeline integration REQUIREMENTS: 3-5 years of hands-on application security experience with demonstrated expertise in secure code review Retail or e-commerce experience a plus The pay range for this position is $110,000-$155,000/yr USD.

At Balance Staffing, we're obsessed with your success! The Workstation Security Engineer I is an individual contributor who will participate in and manage all aspects of information and network security, including intrusion detection, incident response, vulnerability assessment, application security, and compliance with the corporate information security policy for all Client Device endpoints. This person Will primarily be responsible for designing, implementing, administrating, operating, and improving security technologies, including but not limited to Client device endpoints, Azure Microsoft Defender, Al Security tools, Network Access Control, End Point Protection, Two Factor Authentication, and their procedures and processes. ESSENTIAL FUNCTIONS Workstations Security Engineering - Design, build, test and deploy new security technologies, which include the development of the operational manual and run books Provides technical security operations engineering services to support and update existing security systems and works to automate processes related to security implementations, monitoring, and enforcement Investigates, recommends, evaluates, deploys and integrates operational security tools and techniques to improve our ability to protect corporate assets and infrastructure Participate in technical risk assessments and security exposure analyses of systems, networks and business applications Analyzes network security elements and overall network security architectural designs to ensure secure and optimal system and network performance and cost effectiveness Responsible for conducting vulnerability assessments and penetration testing, analyzing vulnerability data and prioritizing remediation efforts, and developing vulnerability policies and procedures with the collaboration of GRC. Oversees the installation, configuration, and supportive processes of security technologies Participate in or lead the Incident Response activities Interacts With internal and external clients on security operations requirements, identifies security process and develops strategies/solutions to security issues Keeps fully abreast of trends and changing technologies as they relate to IT and Network Engineering and Information Security fields Lead or assist in periodic or ad-hoc security reports that provide relevant situational awareness to our senior stakeholders Security Operations / Administration - Monitor and manage our networks and infrastructure environment for attacks, malicious software, and possible intrusions, which includes the follow-up of complete remediation of infected systems Implement changes to our security technologies/infrastructure in accordance with standard and change control policies/procedures Evaluate, implement, tune, and operate security solutions such as IPS, Vulnerability scanning tools, encryption capabilities, etc Monitor and recommend improvements of security technologies and their various reports Risk Management / Security Audit/Assessment Support / Ad-hoc support - Support security audit/assessment related activities and compliance reviews Performs other tasks, duties and projects as assigned Provide Ad-hoc support as required REQUIREMENTS Bachelor's Degree in Computer Science, Information Systems or related field, or equivalent experience Minimum 3 years of IT relevant experience or equivalent combination of experience plus at least 1 year of experience performing Security Engineering / Planning / Operations Experience in medium to complex computing environments, with advanced knowledge in security technologies and services Hands-on experience with at least two or more of the following Enterprise Security Technologies: Network Intrusion Prevention / Detection Virtual private Networks; SSL, IPSec and Site-to-Site Enterprise Class Stateful Inspection Firewalls Network Access Controls in context to Identity management Windows server OS & Desktop OS Network Packet Inspection Directory Services including LDAP, AD and Secure Authentication Technologies Experience in implementing Information Security technologies and/or processes required. Experience in defining Information Security strategies and frameworks Experience integrating security technologies into corporate operations frameworks. Ability to communicate effectively with client staff at all levels, from technical to executive Multi-task oriented in a team environment Demonstrated ability to pay close attention to detail Knowledge of Information security risk assessment methodologies and standards Experience developing technical documentation, including reports, proposals, statements of work, and whitepapers Ability to work independently, undertaking and completing project tasks on schedule with minimal supervision Balance Staffing is proud to be an equal-opportunity workplace. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, Veteran status, or any other characteristic protected by federal or state law.

Job Description Forhyre is seeking a talented individual that will be able to provide security architecture support and interface across the program as needed. This support includes, but is not limited to, cybersecurity solutions, providing technical strategy for solutions, guidance, policy, and implementations. The successful candidate for this position is a highly motivated individual, with a strong IT security background who excels integrating, operating, and deploying security technology and solutions and interacts well with both internal teams and clients. Note: U.S. citizens and those authorized to work in the U.S. are encouraged to apply. We are unable to sponsor at this time. Responsibilities: Engineer, implement and monitor security measures for the protection of computer systems, networks and information Develop and implement security policies and controls to support the Cyber Security framework Manage the existing cyber security training program across global, multilingual business Assists in ensuring global Information security program meets all industry regulations, standards, and compliance requirements Drive adoption of infrastructure security best practices and work with Information Technology teams to ensure security standards are maintained Implement technology to proactively scan Information Technology environment for security breaches and suspicious activity Continuous improvement in the areas of Information Security technologies, techniques and processes Develops and maintains an effective system for the distribution of regular key performance indicator reports and dashboard Ability to interpret penetration test results and describe issues and fixes to non-security expert Responsible for leading an accurate & comprehensive status reporting to the executive steering committee Create and implement SOP/ process improvement initiatives to achieve outcomes that align or exceed the expectations of strategic roadmap Skills & Experience Bachelor's degree and 12+ years of experience; additional years of directly applicable experience may be accepted in lieu of a degree. Certified Information Systems Security Professional (CISSP) 8+ years hands-on experience designing or implementing security solutions, including all related documentation and artifacts Analytical ability, problem-solving skills, and ability to break down complex problems into actionable steps Extensive experience in design and development of enterprise security architectures. Experience must include a wide range of work in creating diagrams and documentation with all components that comprise IT systems including network topology. Strong knowledge and experience in secure enterprise architecture design, especially with regard to IAM, NDR, EDR, SIEM, AI/ML, and other cybersecurity tools and resultant applications Experience selecting effective methods, techniques, and evaluation criteria to achieve desired outcomes Previous experience developing architectures, strategies, strategic plans, roadmaps, and technical standards for the federal IT enterprise environment. Vulnerability Assessment testing and/or Penetration Testing (preferred) Robotic Process Automation/Intelligent Automation (preferred) Business case development supporting security technology solutions (preferred) Additional certifications demonstrating cybersecurity/technical mastery (preferred)

Hello Heart is on a mission to change the way people care for their hearts. The company provides the first app and connected heart monitor to help people track and manage their heart health. With Hello Heart, users take steps to control their risk of heart attacks and stroke - the leading cause of death in the United States. Peer-reviewed studies have shown that high-risk users of Hello Heart have seen meaningful drops in blood pressure, cholesterol and even weight. Recognized as the digital leader in preventive heart health, Hello Heart is trusted by more than 130 leading Fortune 500 and government employers, national health plans, and labor organizations. Founded in 2013, Hello Heart has raised more than $138 million from top venture firms and is a best-in-class solution on the American Heart Association's Innovators' Network and CVS Health Point Solutions Management platform. Visit ****************** for more information. About the Role We are seeking a Cyber Security Analyst to strengthen our security operations and compliance posture. Reporting into our Information Security Officer, you will play a key role in protecting sensitive data, ensuring regulatory compliance, and supporting the secure adoption of new technologies such as AI. You will work cross-functionally with IT, Engineering, Compliance, and HR to build and maintain secure, resilient processes across the organization. Responsibilities Support secure access lifecycle processes, including provisioning, deprovisioning, role-based access, and MFA/SSO management Conduct periodic access reviews and ensure identity data quality Perform vulnerability scans across systems and applications, track remediation progress, and partner with teams to prioritize risk-based fixes Assist with security assessments of cloud systems and applications, aligning with HIPAA, HITECH, NIST, and HITRUST frameworks Support internal and external audit preparation and execution Enforce encryption, access controls, and data loss prevention strategies for sensitive data Conduct third-party vendor risk assessments and oversee remediation efforts Support secure adoption of AI tools by monitoring for risks such as data leakage and prompt injection, establishing governance guardrails, and delivering awareness training Participate in endpoint security monitoring, disaster recovery exercises, tabletop simulations, and awareness training initiatives Contribute to ongoing security operations, risk management efforts, and special security projects Qualifications 3+ years of experience in IAM, IAM operations, or security analyst roles (healthcare technology or other regulated environments preferred) Hands-on experience with identity platforms such as Okta, Azure AD, or Google IdP, plus SCIM, SAML/OIDC/OAuth, directory services, group policy, and conditional access Experience with vulnerability management platforms (Tenable, Qualys, Rapid7, AWS Inspect, Kandji) and patch orchestration workflows Working knowledge of HIPAA, HITECH, NIST CSF/800-66, and CIS Controls (familiarity with HITRUST CSF is a plus) Knowledge of cloud security basics (AWS, Azure, GCP), least-privilege IAM, and networking fundamentals (TCP/IP, DNS, HTTP, VPN, segmentation) Familiarity with endpoint security solutions (CrowdStrike Falcon, Cynet, SentinelOne) and DLP tools Familiarity with GenAI, keeping up to date with innovative security programs and artificial intelligence systems Proactive communication and documentation skills, with the ability to collaborate across technical and non-technical teams globally The US base salary range for this full-time position is $130,000.00 to $145,000.00. Salary ranges are determined by role and level. Compensation is determined by additional factors, including job-related skills, experience, and relevant education or training. Please note that the compensation details listed in US role postings reflect the salary only, and do not include equity or benefits. #LI-DNP Hello Heart has a positive, diverse, and supportive culture - we look for people who are collaborative, creative, and courageous. Oh, and if you want to see some recent evidence of the fun things we do at Hello Heart, check out our Instagram page.

Our client seeking a Cyber Security Operations Analyst to support an operations team that supports a large government customer. The candidate will be relied upon to assist teammates and perform troubleshooting as needed. The candidate should excel in a fast-paced work environment and be willing to face new challenges. Qualifications • Proficiency with vulnerability scanning, remediation and reporting • Knowledge in web application scanning using various tools • Demonstrated proficiency with Windows, UNIX, & LINUX operating systems • Experience working in a customer service information technology environment • Network security and system security experience • Ability to discuss real world troubleshooting; problems and solutions encountered • Knowledge of IT security best practices, US federal government standards, regulations and policy (FedRamp, TIC, NIST 800-37rev1 & 800-53rev3) • Must be motivated and able to work independently • Proven project leadership (PowerPoint presenting, MS Project Planning) • Experience working with change implementation in a controlled environment • Excellent verbal, written communication and technical writing skills Bachelors Degree in Computer Science or a related technical discipline, or the equivalent combination of education, professional training or work experience. 2-5 years of related experience in data security administration. Experience using some of the following tools: o Nessus o Tenable Security Center o Netsparker o WebInspect o BurpSite Additional Information Work with blue Stone recruiting to find your next Cyber Security role. You can find us at ******************************* We look forward to speaking with you.

Cyber Security Analyst I - Onsite in Norco, CA The Cyber Security Analyst I is an entry-level position that provides technical and analytical support to protect Navy systems, networks, and data against cyber threats. This role supports the monitoring, detection, and initial response to cybersecurity incidents, while ensuring compliance with Navy and Department of Defense (DoD) security standards. The position involves assisting with system vulnerability assessments, applying Security Technical Implementation Guides (STIGs), supporting Risk Management Framework (RMF) activities, and providing frontline defense against cyber risks. The ideal candidate will be motivated, detail-oriented, and eager to learn within a mission-focused environment. As with any position, additional expectations exist. Some of these are, but are not limited to, adhering to normal working hours, meeting deadlines, following company policies as outlined by the Employee Handbook, communicating regularly with assigned supervisor(s), and staying focused on the assigned tasks. Responsibilities Monitor Navy networks and systems for suspicious activity, unauthorized access, or security violations Assist in applying DoD STIGs, security patches, and configuration changes to maintain compliance Support Risk Management Framework (RMF) documentation, assessments, and reporting requirements Conduct vulnerability scans, review security logs, and analyze alerts from tools such as ACAS, HBSS, and Splunk Document incidents and escalate issues to senior cyber analysts or supervisors as required Assist in preparing security reports and compliance audits Provide support during cybersecurity exercises, inspections, and readiness reviews Work with system administrators and engineers to ensure secure configurations across Navy IT systems Stay current on evolving cyber threats and assist in updating security procedures and best practices Basic Qualifications Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field 1-2 years of experience in cybersecurity, IT systems, or related technical roles (internships acceptable) Foundational knowledge of cybersecurity principles, risk management, and network defense Familiarity with security tools such as ACAS, Splunk, HBSS, or other monitoring platforms Strong analytical, organizational, and problem-solving skills Excellent written and verbal communication skills Must be a U.S. Citizen Ability to obtain and maintain a DoD security clearance If applicable: If you are or have been recently employed by the U.S. government, a post-employment ethics letter will be required if employment with VSolvit is offered Preferred Qualifications Active DoD Secret Clearance CompTIA Security+ CE or equivalent baseline DoD 8570 certification Familiarity with Navy or DoD IT systems, RMF processes, or cybersecurity compliance frameworks (e.g., NIST 800-53, NIST 800-171) Hands-on experience with vulnerability scanning, incident response, or STIG application Exposure to cloud security (AWS, Azure, or DoD cloud environments) Prior experience supporting Navy, DoD, or defense-related cybersecurity operations Company Summary Join the VSolvit Team! Founded in 2006, VSolvit (pronounced 'We Solve It') is a technology services provider that specializes in cybersecurity, cloud computing, geographic information systems (GIS), business intelligence (BI) systems, data warehousing, engineering services, and custom database and application development. VSolvit is an award winning WOSB, CA CDB, MBE, WBE, and CMMI Level 3 certified company. We offer a customizable health benefits program that best meets the needs of its employees. Offering may include: medical, dental, and vision insurance, life insurance, long and short-term disability and other insurance products, Health Savings Account, Flexible Spending Account, 401K Retirement Plan options, Tuition Reimbursement, and assorted voluntary benefits. Our goal is to grow together and enjoy the work that we do as a team. VSolvit LLC is an Equal Opportunity/Affirmative Action employer and will consider all qualified applicants for employment without regard to race, color, religion, sex, national origin, protected veteran status, or disability status.

The Orange County Department of Education (OCDE) serves some of Orange County's most vulnerable student populations and provides support and mandated fiscal oversight to 28 school districts serving more than 600 schools and approximately 475,000 students. In addition to providing direct instruction to students through its own alternative and special education programs, OCDE administers an array of programs and services that are critical to the operations of local school districts and community colleges, facilitating professional development, legal guidance, payroll, career and technical education support, high-speed internet access, Local Control and Accountability Plan assistance and approval, resources for families, and student enrichment. OCDE's vision is that "Orange County students will lead the nation in college and career readiness and success." Department staff are working to achieve this goal in collaboration with educators at all levels of student development, from early childhood through higher education, and in partnership with families, businesses and community organizations. See attachment on original job posting Education and Experience: Any combination of education and experience that would likely provide the required knowledge and abilities is qualifying. A typical way to obtain the knowledge and abilities would be: • Bachelor's degree or equivalent from an accredited college or university with major course work in information security, or a related field. • One to two years of experience in information security technology, specifically with penetration testing, intrusion detection, incident response, or digital forensics; or an equivalent combination of training and experience. There are supplemental questions in the application. Please note that the EdJoin system will time-out after a 20-minute period of perceived inactivity. To assist you in the preparation of your application, the supplemental questions are listed here. Your responses should be thoughtful and thorough, and within the limit of 5,000 characters or less. We recommend that you prepare your responses in advance of beginning the application. 1. Explain a cybersecurity framework or methodology you know and how you have applied it in a previous role or project. 2. Describe your approach to investigating and assessing cybersecurity events and incidents. How do you prioritize incidents, and what criteria do you use to determine severity and impact? 3. Why are you passionate about pursuing a career in cybersecurity, and how do you stay current with the latest trends and developments in the field? Notice to Applicants: If you require accommodations in the application process, please inform us. Education and Experience: Any combination of education and experience that would likely provide the required knowledge and abilities is qualifying. A typical way to obtain the knowledge and abilities would be: • Bachelor's degree or equivalent from an accredited college or university with major course work in information security, or a related field. • One to two years of experience in information security technology, specifically with penetration testing, intrusion detection, incident response, or digital forensics; or an equivalent combination of training and experience. There are supplemental questions in the application. Please note that the EdJoin system will time-out after a 20-minute period of perceived inactivity. To assist you in the preparation of your application, the supplemental questions are listed here. Your responses should be thoughtful and thorough, and within the limit of 5,000 characters or less. We recommend that you prepare your responses in advance of beginning the application. 1. Explain a cybersecurity framework or methodology you know and how you have applied it in a previous role or project. 2. Describe your approach to investigating and assessing cybersecurity events and incidents. How do you prioritize incidents, and what criteria do you use to determine severity and impact? 3. Why are you passionate about pursuing a career in cybersecurity, and how do you stay current with the latest trends and developments in the field? Notice to Applicants: If you require accommodations in the application process, please inform us. Comments and Other Information Resumes will not be accepted in lieu of the completed online application. Before receiving authorization to work in this position, the individual selected will be required to provide a current negative TB authorization, within the last 60 days, and submit fingerprints for the purpose of conducting a confidential background investigation and record check. The tests are arranged and paid for by OCDE. The Immigration Reform and Control Act of 1986 requires employers to verify the employability of all new employees. Before the Department will finalize an offer of employment, the candidate selected will be required to show original documents which establish both the individual's identity and employment authorization. The candidate must also sign a statement under penalty of perjury regarding his/her employability. We reserve the right to reopen, readvertise, or delay filling this position. AA/EOE/ADA

Duties and Responsibilities Maintain and operate cybersecurity technology and and provide expertise in area of focus (e.g. Risk Assessments, Controls Engineering or Incident Response). Collaborates with the business to understand their needs in order to tailor security offerings unique to their environment. Uses working knowledge of IT system functionality, architecture and capabilities to effectively diagnose and troubleshoot issues with some assistance. Conducts competitive analyses on (in-use and alternative) cyber technologies and documents recommendations for our environment. Provides awareness and guidance within Sempra Infrastructure community on secure business processes, architecture design, and technical controls. Maintains awareness of evolving cybersecurity threats and best practices for mitigation. Develops procedures and guidelines for implementing information security systems and practices. Develops and aggregates metrics to measure, monitor and report on the effectiveness of information security controls and compliance with information security policies. Performs other duties as assigned (no more than 5% of duties). Education Bachelor's degree in Computer Science or other science or technology major or equivalent experience required. Experience Minimum of 2-5 years of direct experience within the information security field required. In-depth experience in at least one cybersecurity discipline required. Experience with projects of moderately sized security related initiatives to successful completion required. Demonstrated experience in vendor selection, testing, implementation, and operations of a broad array of security technologies required. Knowledge, Skills and Abilities Familiarization with Endpoint protection software such as Trellix and Microsoft Defender. Familiarization in deploying vulnerability management agents. Experience deploying logging agents and configurations. Knowledge of firewalls and security zone. Experience working in an Operation Technology (OT), ICS / SCADA environment. Experience with SCADA network protocols. Experience with OT network monitoring tools (such as but not limited to: Dragos, Cybervision, CyberX). Ability to take initiative and work independently when needed. Ability to maintain, upgrade and recommend operational cybersecurity tools. Ability to work with Cybersecurity OT Engineering to make recommendations for new tools and capabilities. Ability to work effectively on multiple projects within a team structure and excellent written and oral communication skills. Licenses and Certifications Certified Information Systems Security Professional (CISSP) certification, Global Information Security Professional (GISP) certification, Global Information Assurance Certification (GIAC), Certified Information Systems Auditor (CISA), or Certified Internal Auditor (CIA) certificate preferred. Targeted professional cybersecurity certifications (i.e. forensics and incident response) preferred. Other Qualifications Bilingual in English/Spanish preferred.

Hey there, Rockstar! 🚀 We are looking for you! At Agile IT, we help organizations thrive by making technology simple, secure, and strategic. As a trusted Microsoft partner and CMMC Registered Practitioner Organization (RPO), we specialize in guiding businesses through the complexities of cloud adoption, cybersecurity, and compliance, so they can focus on achieving their mission without being slowed down by IT challenges. We combine deep technical expertise with a people-first approach to deliver solutions that actually work in the real world. From CMMC compliance and security to cloud migration, collaboration, and ongoing managed services, Agile IT empowers organizations to modernize with confidence and agility. Why Work at Agile IT? Impactful Work: Everything you touch helps to keep our nation's secrets secure while also helping our client organizations thrive, making technology a true enabler instead of a roadblock. Culture of Growth: We're a team of curious learners and problem-solvers, and we invest in developing your expertise through training, certifications, and hands-on experience. Flexibility & Balance: With a remote-friendly environment and a people-first approach, you get the freedom to do your best work while living your best life. Collaborative Team: At Agile IT, you're surrounded by passionate professionals who support one another and celebrate success together. Forward-Thinking Mindset: We stay ahead of industry shifts so our team and our clients are always future-ready. Joining Agile IT means being part of a company that isn't just adapting to the future of IT-it's shaping it. Job Description At Agile IT, supporting CMMC-compliant environments means we don't just fix problems-we prevent them. As a Security Analyst at Agile IT, you'll play a critical role in safeguarding our clients. You'll monitor and analyze security events, investigate incidents, and collaborate with senior engineers and architects to deliver world-class managed security services. This is an excellent platform to sharpen your analytical and technical skills while protecting clients in today's ever-changing threat landscape. This position is designed to nurture your career growth, providing a pathway into the dynamic and evolving field of cybersecurity operations and defense. What you do: (major responsibilities) Monitor and analyze security events across client environments. Investigate alerts, perform triage, and escalate incidents when needed. Conduct threat analysis and provide actionable recommendations to reduce risk. Assist in incident response activities, including root cause analysis and reporting. Tune and improve detection rules and security use cases to enhance visibility. Communicate findings clearly to both technical and non-technical stakeholders. Stay up to date on emerging threats, vulnerabilities, and trends. Qualifications What sets you apart: (qualifications-knowledge, skills, and abilities) 2+ years of experience in a SOC/NOC or MSSP in cybersecurity; OR 5+ years of experience in cybersecurity operations role. Familiarity with SIEM tools (Sentinel, Splunk, QRadar, etc.). Strong understanding of networking, firewalls, IDS/IPS, and endpoint protection. Knowledge of security frameworks such as MITRE ATT&CK, NIST, or CIS Controls. Excellent problem-solving and communication skills. A collaborative mindset with the ability to work across teams and with customers. Nice to have skills: (preferred skills or skills that will be expected to learn) Certifications such as SC-200, Network+, Security+, CySA+, CEH, CISSP, or equivalent. Experience with Microsoft Security tools (Defender, Sentinel, Purview, Entra). Exposure to cloud platforms (Microsoft Azure, AWS, Google Cloud). Familiarity with compliance frameworks (CMMC, NIST 800-171, HIPAA, ISO 27001). Additional Information A writing sample will be requested from candidates who are chosen to move forward in the interview process. THE FINE PRINT: Compensation and Benefits *Pay range is $62,400 to $83,200 per year. Starting pay is generally lower to mid-range; based on experience. This is a remote, full-time, non-exempt position. Medical/Dental/Vision/STD/LTD Remote mental and physical health networks $200,000 basic life insurance Voluntary life 401(k) with 3% employer contribution - no vesting period Combined 18 days PTO increasing with tenure 9 paid holidays And so much more *Factors in determining the appropriate compensation for a role include experience, skills, knowledge, abilities, education, licensure and certifications, and other business and organizational needs. The Hiring Pay Scale referenced in the job posting is the budgeted salary or hourly range that Agile IT reasonably expects to pay for this position. Background checks, pre-employment aptitude, and skills testing are a mandatory part of the recruitment process. All Agile IT employees are provided with laptops and home office equipment. Due to the contractual requirements of our work with government entities, all hires must be US Citizens. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. All your information will be kept confidential according to EEO guidelines.

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we're counting on your unique voice and perspective to help EY become even better. Join us and build an exceptional experience for yourself, and a better working world for all. The exceptional EY experience. It's yours to build. EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. Today's world is fuelled by vast amounts of information. Data is more valuable than ever before. Protecting data and information systems is central to doing business, and everyone in EY Information Security has a critical role to play. Join a global team of almost 950 people who collaborate to support the business of EY by protecting EY and client information assets! Our Information Security professionals enable EY to work securely and deliver secure products and services, as well as detect and quickly respond to security events as they happen. Together, the efforts of our dedicated team helps protect the EY brand and build client trust. Within Information Security we blend risk strategy, digital identity, cyber defense, application security and technology solutions as we consider the entire security lifecycle. You will join a team of hardworking, security-focused individuals dedicated to supporting, protecting and enabling the business through innovative, secure solutions that provide speed to market and business value. The opportunity Cyber Triage and Forensics (CTF) Incident Analyst will work as a senior member of the technical team responsible for security incident response for EY. The candidate will work as an escalation point for suspect or confirmed security incidents. Responsibilities include performing digital forensic analysis, following security incident response standard methodologies, malware analysis, identify indicators of compromise, support remediation or coordinate remediation efforts of a security incident, and develop documentation to support the security incident response process. Your key responsibilities Investigate, coordinate, bring to resolution, and report on security incidents as they are brought up or identified Forensically analyze end user systems and servers found to have possible indicators of compromise Analysis of artifacts collected during a security incident/forensic analysis Identify security incidents through ‘Hunting' operations within a SIEM and other relevant tools Interface and connect with server owners, system custodians, and IT contacts to pursue security incident response activities, including: obtaining access to systems, digital artifact collection, and containment and/or remediation actions Provide consultation and assessment on perceived security threats Maintain, manage, improve and update security incident process and protocol documentation Regularly provide reporting and metrics on case work Resolution of security incidents by identifying root cause and solutions Analyze findings in investigative matters, and develop fact based reports Be on-call to deliver global incident response Skills and attributes for success Resolution of security incidents by identifying root cause and solutions Analyze findings in investigative matters, and develop fact-based reports Proven integrity and judgment within a professional environment Ability to appropriately balance work/personal priorities To qualify for the role you must have Bachelors or Masters Degree in Computer Science, Information Systems, Engineering or a related field 5+ years experience in incident response, computer forensics analysis and/or malware reverse engineering; Understanding of security threats, vulnerabilities, and incident response; Understanding of electronic investigation, forensic tools, and methodologies, including: log correlation and analysis, forensically handling electronic data, knowledge of the computer security investigative processes, malware identification and analysis; Be familiar with legalities surrounding electronic discovery and analysis; Experience with SIEM technologies (i.e. Splunk); Deep understanding of both Windows and Unix/Linux based operating systems; Ideally, you'll also have Hold or be willing to pursue related professional certifications such as GCFE, GCFA or GCIH Background in security incident response in Cloud-based environments, such as Azure Programming skills in PowerShell, Python and/or C/C++ Understanding of the best security practices for network architecture and server configuration What we look for Demonstrated integrity in a professional environment Ability to work independently Have a global mind-set for working with different cultures and backgrounds Knowledgeable in business industry standard security incident response process, procedures, and life cycle Excellent teaming skills Excellent social, communication, and writing skills What we offer you The compensation ranges below are provided in order to comply with United States pay transparency laws. Other geographies will follow their local salary guidelines, which may not be a direct conversion of published US salary range/s. At EY, we'll develop you with future-focused skills and equip you with world-class experiences. We'll empower you in a flexible environment, and fuel you and your extraordinary talents in a diverse and inclusive culture of globally connected teams. Learn more. We offer a comprehensive compensation and benefits package where you'll be rewarded based on your performance and recognized for the value you bring to the business. The base salary range for this job in all geographic locations in the US is $87,700 to $164,000. The salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is $105,200 to $186,400. Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options. Join us in our team-led and leader-enabled hybrid model. Our expectation is for most people in external, client serving roles to work together in person 40-60% of the time over the course of an engagement, project or year. Under our flexible vacation policy, you'll decide how much vacation time you need based on your own personal circumstances. You'll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being. Are you ready to shape your future with confidence? Apply today. EY accepts applications for this position on an on-going basis. For those living in California, please click here for additional information. EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. EY | Building a better working world EY is building a better working world by creating new value for clients, people, society, and the planet, while building trust in capital markets. Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow. EY teams work across a full spectrum of services in assurance, consulting, tax, strategy, and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories. EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status, or any other legally protected basis, including arrest and conviction records, in accordance with applicable law. EY is committed to providing reasonable accommodation to qualified individuals with disabilities including veterans with disabilities. If you have a disability and either need assistance applying online or need to request an accommodation during any part of the application process, please call 1-800-EY-HELP3, select Option 2 for candidate related inquiries, then select Option 1 for candidate queries and finally select Option 2 for candidates with an inquiry which will route you to EY's Talent Shared Services Team (TSS) or email the TSS at **************************.

The Cyber Defense Analyst is responsible for using data collected from various cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events within their environments for the Defense Language Institute Foreign Language Center (DLIFLC) Academic Network Labor Contract to administer, maintain, secure, and accredit the DLIFLC Academic Network which provides the IT environment for 100% of the DLIFLC teaching and instructing for all students, staff, faculty, and guests in a learning environment at the unclassified level. Responsibilities · The primary goal is to mitigate threats and enhance the organization's security posture. Data Analysis: Utilize data from cyber defense tools to analyze and interpret security events. · Threat Mitigation: Identify and respond to potential threats to mitigate risks. · Incident Response: Participate in incident response activities to address security breaches. · Continuous Monitoring: Maintain ongoing surveillance of network traffic and security alerts. · Collaboration: Work with all teams to implement effective defense strategies and improve overall security measures. Qualifications Required: · AA/AS from an accredited college or university or substitute with 3+ years experience with any one of the following IAT Level II (CySA+, Security+, CND, or SSCP) Certification and CE/OS Certification. · Relevant Skills: Microsoft Defender for Endpoint, ACAS, Palo Alto Networks, GitLab, BurpSuite, MacOS, iPadOS, Windows, and RedHat Enterprise Linux. · Secret Clearance Salary Range: $115,000 - $122,000 The above salary range represents a general guideline. Integral Federal considers a number of factors when determining base salary offers such as the scope and responsibilities of the position and the candidate's experience, education, skills and current market conditions. Depending on the position, employees may be eligible for overtime, shift differential, and/or discretionary bonuses in addition to base pay. Company Overview Integral partners with federal defense, intelligence, and civilian leaders to tackle their most important challenges and deliver positive outcomes. Since our founding in 1998, we have helped clients leverage existing and emerging technologies to transform their enterprises, empower growth, drive innovation, and build sustainable success. The forward-leaning solutions we deliver are tailored to each mission with a focus on keeping our nation safe and secure. Integral is headquartered in McLean, VA and serves clients throughout the country. We offer a comprehensive total rewards package including paid parental leave and immediate vesting in our 401(k). Give us a try and become part of a curated group of professionals at Integral Federal! Our package also includes: · Medical, Dental & Vision Insurance · Flexible Spending Accounts · Short-Term and Long-Term Disability Insurance · Life Insurance · Paid Time Off & Holidays · Earned Bonuses & Awards · Professional Training Reimbursement · Paid Parking · Employee Assistance Program Equal Opportunity Employer/Protected Veteran/Disability

The Cyber Defense Analyst is responsible for using data collected from various cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events within their environments for the Defense Language Institute Foreign Language Center (DLIFLC) Academic Network Labor Contract to administer, maintain, secure, and accredit the DLIFLC Academic Network which provides the IT environment for 100% of the DLIFLC teaching and instructing for all students, staff, faculty, and guests in a learning environment at the unclassified level. Responsibilities · The primary goal is to mitigate threats and enhance the organization's security posture. Data Analysis: Utilize data from cyber defense tools to analyze and interpret security events. · Threat Mitigation: Identify and respond to potential threats to mitigate risks. · Incident Response: Participate in incident response activities to address security breaches. · Continuous Monitoring: Maintain ongoing surveillance of network traffic and security alerts. · Collaboration: Work with all teams to implement effective defense strategies and improve overall security measures. Qualifications Required: · AA/AS from an accredited college or university or substitute with 3+ years experience with any one of the following IAT Level II (CySA+, Security+, CND, or SSCP) Certification and CE/OS Certification. · Relevant Skills: Microsoft Defender for Endpoint, ACAS, Palo Alto Networks, GitLab, BurpSuite, MacOS, iPadOS, Windows, and RedHat Enterprise Linux. · Secret Clearance Salary Range: $115,000 - $122,000 The above salary range represents a general guideline. Integral Federal considers a number of factors when determining base salary offers such as the scope and responsibilities of the position and the candidate's experience, education, skills and current market conditions. Depending on the position, employees may be eligible for overtime, shift differential, and/or discretionary bonuses in addition to base pay. Company Overview Integral partners with federal defense, intelligence, and civilian leaders to tackle their most important challenges and deliver positive outcomes. Since our founding in 1998, we have helped clients leverage existing and emerging technologies to transform their enterprises, empower growth, drive innovation, and build sustainable success. The forward-leaning solutions we deliver are tailored to each mission with a focus on keeping our nation safe and secure. Integral is headquartered in McLean, VA and serves clients throughout the country. We offer a comprehensive total rewards package including paid parental leave and immediate vesting in our 401(k). Give us a try and become part of a curated group of professionals at Integral Federal! Our package also includes: · Medical, Dental & Vision Insurance · Flexible Spending Accounts · Short-Term and Long-Term Disability Insurance · Life Insurance · Paid Time Off & Holidays · Earned Bonuses & Awards · Professional Training Reimbursement · Paid Parking · Employee Assistance Program Equal Opportunity Employer/Protected Veteran/Disability

Select Cyber, an Information Security recruitment specialty firm, seeks to fill the following role for our client: Network Security Analyst I Be part of a cutting-edge Computer Incident Response Team, (CIRT) for a fortune 500 company. We are looking for individuals that want to learn a new field and grow with the company. Training provided. The selected candidate will be a part of the Security Operations Center (SOC) and its mission to improve the information security of our customers using a Security Information and Event Management (SIEM) tool to detect and analyze IT security incidents. Responsibilities: Perform the following functions as individual assignments or as part of a team: · Monitoring client networks for signs of adversarial activity. · Respond to alerts from various monitoring systems and platforms providing indicators for enterprise defensive measures. · Analyze reports to understand threat campaign(s) techniques, lateral movements and extract indicators of compromise (IOCs). · Triage potentially malicious events to determine severity and criticality of the event. · Follow procedures to analyze and escalate security incidents which vary from customer to customer. Experience · 1+ years technical experience in the Information Technology field. · Experience with Intrusion Detection & Prevention Systems (IDS/IPS) or Firewalls & Log Analysis a plus. · Technical degree, Associate or Bachelor's degree from an accredited institution in Computer Science or information technology field preferred. · CompTIA Network+/Security+ certifications is a plus

Dynamic Solutions Technology, LLC, a premier strategic services firm that meets IT and Service needs for commercial and government clients. We are is seeking a full-time Information Security Analyst to support DoD customer. This position is to provide support in the China Lake, CA area. Responsibilities: Serves as a team member providing network monitoring and scanning functions. Provides network vulnerability scanning to ensure IAVA compliance and remediation. Provides antivirus management using antivirus tools. Provides wireless scanning using network detection software. Implements system security policies, and scans Provides Cybersecurity reporting requirements to appropriate authorities. Provides assistance for personnel / users needing information/assistance with Information Assurance (IA) related issues. Directly supports Information Assurance (IA) requirements, within the immediate area of responsibility (AOR), managing and tracking system administrator elevated level of access to network resources. Works with team members to identify IA trends and suggests long-term strategies to help mitigate IA issues. Assesses procedures and identifies opportunities to improve customer service. Champions customer service and sets and monitors parameters for customer service excellence. Qualifications Requirements: Active SECRET clearance Bachelor's Degree in Engineering, Computer Science, or Information Assurance 6 years' additional work experience may be substituted for a Bachelor's Degree Min 3 to 10 years of relevant focused experience Must meet specific certification and training requirements in accordance with DoD 8570.1-M, DoDD 8570.1 Experience and Skills: Excellent oral and written skills. Excellent critical thinking skills. Proficient in Microsoft applications such as Word, Excel, PowerPoint, and Outlook. Ability to work independently and as a team member

Details: Stefanini Group is hiring! Stefanini is looking for an Information Security Analyst for San Francisco, CA/Salt Lake City, UT/Los Angeles, CA (Onsite Role). For quick Apply, please reach out to Rahul Kumar: ************/ ************************* W2 candidates only! Responsibilities: Knowledge of SPL and use of Splunk; experience with KQL(Kusto Query Language) Coding experience or knowledge, preferably in Python and/or R Knowledge of SQL and database experience Proficiency in Microsoft Office applications, especially Excel and PowerPoint Knowledge of Level 1 & 2 SOC operations Public speaking skills #LI-RK1#LI-HYBRID Details: Qualifications: Peraton high BG check or secret clearance Bachelor's degree in Cyber Security, Information Security, Computer Science, or 3+ years of experience in Information Security or Cyber Security Preference is local to SF, open to remote Splunk experience, SQL Microsoft Office Cyber kill chain/incident response SOC experience programming experience-python Listed salary ranges may vary based on experience, qualifications, and local market. Also, some positions may include bonuses or other incentives. Stefanini takes pride in hiring top talent and developing relationships with our future employees. Our talent acquisition teams will never make an offer of employment without having a phone conversation with you. Those face-to-face conversations will involve a description of the job for which you have applied. We also speak with you about the process including interviews and job offers. About Stefanini Group: The Stefanini Group is a global provider of offshore, onshore and near shore outsourcing, IT digital consulting, systems integration, application, and strategic staffing services to Fortune 1000 enterprises around the world. Our presence is in countries like the Americas, Europe, Africa, and Asia, and more than four hundred clients across a broad spectrum of markets, including financial services, manufacturing, telecommunications, chemical services, technology, public sector, and utilities. Stefanini is a CMM level 5, IT consulting company with a global presence. We are CMM Level 5 company.

Type of Requisition: Regular Clearance Level Must Currently Possess: Top Secret/SCI Clearance Level Must Be Able to Obtain: Top Secret/SCI Public Trust/Other Required: None Job Family: Cyber and IT Risk Management Job Qualifications: Skills: Cyber Defense, Cybersecurity, Network Defense Certifications: None Experience: 3 + years of related experience US Citizenship Required: Yes Job Description: Cyber Security Analyst Join our technology leading team of men and women that solve some of the world's most complex technical challenges. GDIT is seeking an enthusiastic Cyber Network Defense Analyst who is seeking to expand his/her experience in the IT field by joining our team in support of the Intelligence, Surveillance, and Reconnaissance (ISR) mission of the Airforce. Our Cyber Network Defense team supports the Air Forces' Distributed Common Ground System (DCGS) Processing, Exploitation, Dissemination (PED) Operations Center (DOC). Specifically, you will be providing Cyber Monitoring and Defense across a global enterprise. The Computer Network Defense Analyst will be responsible to: Provide near-real-time monitoring and analysis of insider and external threats utilizing network security tools and custom developed scripts IAW Intelligence Community Directive (ICD) 502 Perform near-real-time network security alerting and problem resolution Prioritize remediation efforts using reliable threat intelligence Monitor and protect the security of the DCGS from internal and external threats Implement the Enterprise Audit Conceptual Framework as defined by Intelligence Community Standard (ICS) 500-27 Perform all functions of the CND Framework Generate a complete list of auditable events for all user activity and then process, format, filter, and share the data Provide risk determination recommendations to the Authorizing Official (AO) regarding acceptance or rejection of an Authority to Operate (ATO) or Authority to Test (ATT) Assess and report cyber readiness; perform an analysis of trends and concerns, and report key findings (i.e. provide recommendations and knowledge transfer based upon key findings) Provide weekly update to Government program leads on current status of cyber readiness Provide a robust set of checks and balances to protect against unauthorized network modifications, penetrations, and other threats that might affect mission operations Manage antivirus definition files on DCGS Enterprise information systems Provide guidance and assistance to other units and agencies responding to security events Track and ensure enterprise compliance of Information Assurance Vulnerability Alerts (IAVA), DISA assist bulletins, and Air Force Computer Response Team (AFCERT) notifications and compliance with other governing directives Perform and oversee network vulnerability scanning functions IAW governing directive Minimum Requirements: Clearance: TS/SCI Shift Work (4 on/3 off) Minimum of three (3) years' of network and system security experience Strong knowledge of ESS/HBSS Demonstrated knowledge of the CND Framework 4.10.2.3 Possess IAT Level II Security + (CE) certification Possess Cyber Security Analysis (CySA) certification IAW DoD 8570 Location: On Customer Site US Citizenship Required GDIT IS YOUR PLACE: 401K with company match Comprehensive health and wellness packages Internal mobility team dedicated to helping you own your career Professional growth opportunities including paid education and certifications Cutting-edge technology you can learn from Rest and recharge with paid vacation and holidays #GDITPriority The likely salary range for this position is $63,750 - $86,250. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range. Scheduled Weekly Hours: 40 Travel Required: Less than 10% Telecommuting Options: Onsite Work Location: USA CA Beale AFB Additional Work Locations: Total Rewards at GDIT: Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 50 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.Join our Talent Community to stay up to date on our career opportunities and events at gdit.com/tc. Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans

At AMEWAS, we don't just support defense- we shape it. For over 40 years, we've been a trusted partner of the Department of Defense (DoD) by providing cutting-edge engineering, testing, and evaluation for U.S. Navy weapons systems. Our people are the heart of our mission. Across our headquarters in California, Maryland, and offices in Orlando, FL, and San Diego, CA, you'll find a diverse and driven team committed to making a real impact for our Nation's Warfighters. If you're ready to grow your skills, be challenged by meaningful work, and contribute to something bigger…this is where you belong. Come do work that matters. Join AMEWAS. The Position: AMEWAS is seeking a highly motivated and talented Information Security Analyst-Journeyman to support Digital and Electro Magnetic Spectrum. The salary range of this position is $120,000.00 - $153,000.00 and is commensurate with experience. This position is not eligible for remote work; on-site support is required. About the location: Point Mugu, CA: To learn more about the Point Mugu surrounding area, please click here: ******************* A typical day as an Information Security Analyst-Journeyman may include: Plans, implements, upgrades/monitors security measures for the protection of computer networks and information Assesses system vulnerabilities for security risks and proposes/implements risk mitigation strategies Ensures appropriate security controls are in place that will safeguard digital files and vital electronic infrastructure Responds to computer security breaches and viruses Works with ISSO and Cybersecurity Lead to respond to computer security breaches and viruses Integrates security into a continuous integration, continuous delivery and continuous deployment pipeline to minimize vulnerabilities in software code Ensures the entire DevOps team, to include developers and operations teams, share responsibility for following security best practices Enables automated security checks at each stage of software delivery by integrating security controls, tools and processes into the DevOps workflow Assists in the continuous integration, continuous delivery/deployment (CI/CD), continuous feedback and continuous operations cycle Must-haves: BS/BA Degree in a Computer or Information Science field: A relevant technical discipline may qualify OR BS Degree may be substituted with 6 years of additional relevant work experience (9 years total) OR BS Degree may be substituted with relevant AS Degree with 4 years of additional work experience (7 years total) 3 years of relevant work experience CompTIA Security+ Certification IAM Level 2 qualifications as per DoD Directive 8570.01 Experience working with Risk Management Framework (RMF) processes Strong DEVSECOPS and Linux background Excellent communication and interpersonal skills (verbal, non-verbal, written, listening) The ability to communicate with staff, customers and organizations at formal and informal levels The ability to work independently Experience with Microsoft Office suite programs (MS Word, Excel, Access and PowerPoint) The ability to write and maintain a POA&M and SSP The ability to maintain a DoD Top Secret Security Clearance-Top Secret Clearance required to start Desired Skills: Chief Information Security Officer (CCISO) Certification Cloud Security Professional (CCSP) Certification Governance, Risk and Compliance (CGRC) Certification CompTIA Cloud+ CompTIA Security+ CompTIA SecurityX (formerly CASP+) Systems Security Certified Practitioner (SSCP) Skills Crucial to Success at AMEWAS: Candidates must demonstrate a customer-focused mindset, professionalism, and discretion, while working collaboratively with management and teams to meet objectives. Candidates should be hard-working individuals with strong attention to detail and the ability to foster a positive, team-oriented culture. Physical Environment and Working Conditions: The physical environment for this position requires the employee to work in an office, sitting in a cubicle or at a desk, looking at a computer for most of the workday. Work is physically comfortable. The employee has discretion about sitting, walking, standing, etc. The employee may be required to travel short distances to offices/conference rooms and buildings on site or near the work site. On rare occasions, overnight travel may be required. Refer a friend: We're always on the lookout for top talent. If you know someone who would be a great fit for this role, please share our post with them! Here's an added perk: If you're a current AMEWAS employee and your referral is hired, you could earn a referral bonus! Our Excellent Benefits and Perks: Staying connected to our core values sets us apart from our competition! AMEWAS recognizes and rewards performance, dedication, and creativity. We are committed to investing in our employees and their future by providing them with competitive compensation, creative work teams, and the opportunity to grow in their career. We also provide a robust benefits package, including: Medical, dental, vision, 401(k), Life/AD&D/STD/LTD insurance Paid vacation, holiday and sick leave Generous tuition and training assistance program Relocation assistance Sign-on bonuses Employee longevity recognition Community involvement and outreach Team building events Recognition program Wellness program Employee Assistance Program (EAP) Mobile service discount Fitness reimbursement program AMEWAS is committed to equal employment opportunity. We recruit, employ, train, compensate, and promote without regard to race, religion, color, national origin, age, sex, disability, protected veteran status, or any other basis protected by applicable federal, state, or local law. If you are interested in applying for employment and need special assistance or an accommodation to apply for a posted position, contact our Recruiting department via phone at ************ or email at *********************. AMEWAS participates in E-Verify to confirm eligibility to work in the United States. Please note: AMEWAS does not accept unsolicited resumes from third-party staffing agencies, recruiters, or headhunters. #LI-Onsite

PENNYMAC Pennymac (NYSE: PFSI) is a specialty financial services firm with a comprehensive mortgage platform and integrated business focused on the production and servicing of U. S. mortgage loans and the management of investments related to the U. S. mortgage market. At Pennymac, our people are the foundation of our success and at the heart of our dynamic work culture. Together, we work towards a unified goal of helping millions of Americans achieve aspirations of homeownership through the complete mortgage journey. A Typical Day We are seeking a highly motivated and experienced Technology Risk Analyst to join our IT Risk and Compliance team. In this critical role, you will be responsible for overseeing technology risk within our Cybersecurity domain area. As a key member of the 1st Line of Defense, you will play a pivotal role in developing and maintaining robust policies and procedures, ensuring the effectiveness of our control environment through quality assurance, and supporting our compliance initiatives spanning internal and regulatory audits and SOC2 examinations. This position requires a strong understanding of risk management principles, a keen eye for detail, and the ability to collaborate effectively across various teams. The Technology Risk Analyst will: Design and execute comprehensive QA controls testing against established policies and procedures, across the technology environment to validate the effectiveness of security controls and identify control deficiencies. Act as a proactive member of the 1st Line of Defense, identifying, assessing, and monitoring technology risks associated with cybersecurity processes. Lead and coordinate all regulatory examinations, investor questionnaires, and internal/external audits (including SOX/SOC compliance) for the Cybersecurity domain, acting as the primary liaison and ensuring comprehensive evidence submission Perform technology vendor risk assessments and due diligence reviews to evaluate third-party security posture and adherence to organizational policies and regulatory standards. Support and maintain the Cybersecurity Policy and Procedure framework, ensuring alignment with industry best practices, regulatory requirements (e. g. , SOC 2, ISO 27001, NIST CSF), and organizational risk tolerance. Manage the policy exception process, reviewing, analyzing, and documenting all requests for exceptions to security policies, ensuring appropriate compensating controls and risk acceptance are in place. Develop and oversee Cyber Risk Assessments based on Pennymac's ERM framework. Stay current with emerging technology risks, regulatory changes, and industry trends related to cybersecurity. What You'll Bring Required: Deep understanding of cybersecurity risk management frameworks and standards (e. g. , NIST CSF, ISO 27001, COBIT, CIS Controls). Expertise in designing and performing IT/Cybersecurity controls testing and assurance activities, including control gap analysis and remediation planning. Strong knowledge of relevant regulations and reporting standards (e. g. , NYDFS, GLBA, NIST CSF, CRI Profile, GDPR, CCPA, SOC 2, various financial/sector-specific regulations). Proven ability to manage regulatory/client audit processes, including evidence gathering, response coordination, and interaction with external parties. Excellent analytical and critical thinking skills for evaluating complex technical controls, assessing vendor security, and determining appropriate risk mitigation strategies. Exceptional written and verbal communication skills for drafting clear policies and procedures, communicating risk to non-technical stakeholders, and articulating complex risk concepts to both technical and non-technical audiences. Experience supporting internal audits and SOX/SOC compliance initiatives. Must be highly proficient in GSuite or Microsoft Excel, Word, and PowerPoint. Excellent analytical, problem-solving, and decision-making skills. Must be a team player with strong attention to detail and able to work independently. Ability to manage multiple priorities, and meet deadlines in a fast-paced environment. Highly Desired: Experience with Governance, Risk, and Compliance (GRC) programs and methodologies. Experience using risk, issue and compliance management tools such as Jira, Confluence, AuditBoard, and ServiceNow. Financial Services and, if possible, mortgage industry experience preferred. Relevant professional certifications such as CRISC, CISM, CISSP, or CISA are highly desirable. Education & Experience: Bachelor's Degree from an accredited college or equivalent work experience. 3+ years of relevant work experience in IT Risk and Compliance and/or Audit. Why You Should Join As one of the top mortgage lenders in the country, Pennymac has helped over 4 million lifetime homeowners achieve and sustain their aspirations of home. Our vision is to be the most trusted partner for home. Together, 4,000 Pennymac team members across the country are guided by our core values: to be Accountable, Reliable and Ethical in all that we do. Pennymac is committed to conducting a business that makes positive contributions and promotes long-term sustainable growth and to fostering an equitable and inclusive environment, where all employees and customers feel valued, respected and supported. Benefits That Bring It Home: Whether you're looking for flexible benefits for today, setting up short-term goals for tomorrow, or planning for long-term success and retirement, Pennymac's benefits have you covered. Some key benefits include: Comprehensive Medical, Dental, and Vision Paid Time Off Programs including vacation, holidays, illness, and parental leave Wellness Programs, Employee Recognition Programs, and onsite gyms and cafe style dining (select locations) Retirement benefits, life insurance, 401k match, and tuition reimbursement Philanthropy Programs including matching gifts, volunteer grants, charitable grants and corporate sponsorships To learn more about our benefits visit: ********************* page. link/benefits For residents with state required benefit information, additional information can be found at: ************ pennymac. com/additional-benefits-information Compensation: Individual salary may vary based on multiple factors including specific role, geographic location / market data, and skills and experience as defined below: Lower in range - Building skills and experience in the role Mid-range - Experience and skills align with proficiency in the role Higher in range - Experience and skills add value above typical requirements of the role Some roles may be eligible for performance-based compensation and/or stock-based incentives awarded to employees based on company and individual performance. #TPO Salary $95,000 - $155,000 Work Model REMOTE

Why PlayStation? PlayStation isn't just the Best Place to Play - it's also the Best Place to Work. Today, we're recognized as a global leader in entertainment producing The PlayStation family of products and services including PlayStation 5, PlayStation 4, PlayStation VR, PlayStation Plus, acclaimed PlayStation software titles from PlayStation Studios, and more. PlayStation also strives to create an inclusive environment that empowers employees and embraces diversity. We welcome and encourage everyone who has a passion and curiosity for innovation, technology, and play to explore our open positions and join our growing global team. The PlayStation brand falls under Sony Interactive Entertainment, a wholly-owned subsidiary of Sony Group Corporation. PlayStation is looking for an Information Security Analyst to join our team and operate the day-to-day Information Security, Risk and Compliance management processes. This is a mixture of processing requests from the business and driving internal security projects such as security audit and assessment. This role requires a sound understanding of technical and engineering terminology, outstanding ability to articulate risk across any security domains (technical and governance) with the demonstrable ability to work independently and process high volumes of security requests on a weekly basis. This role also provides ample opportunity to work across technical and game-related projects with studio and PlayStation engineering teams and therefore requires risk advisory and influencing experience. Based in San Diego, the candidate will be the key business relationship partner on behalf of Information Security and work on Information Security processes as well as strategic projects across PlayStation and the Studios group. This role will collaborate closely directly with business, technical and third party collaborators, as well as work multi-functionally with our other Information Security specialist teams across the globe to protect PlayStation's intellectual property, data and infrastructure whilst delivering new and evolving games, services and hardware to the market. This is an opportunity to provide security directly to the global PlayStation business, our PlayStation Network and global Studios and their game development. What you will be doing: Serve as a primary partner to PlayStation Studios, supporting security risk management across global game development and studio environments. Triage and manage technical and strategic security risks across studios, ensuring alignment to security strategy and policy compliance. Engage directly with technical teams and studio leadership to strengthen risk posture, manage vulnerabilities, and drive mitigation strategies. Act as a trusted advisor to studio teams, driving a culture of embedding “security by design” principles. Support the creation of risk insights, reporting, and executive briefings that inform leadership on studio security health and emerging trends. Maintain broad knowledge of emerging security trends, risks, adn technologies that are applicable to the studio business and Sony at large. Advance the Information Security program through collaborative and cross-team partnerships. Required Experience: 3+ years of experience in information security, with demonstrated expertise in risk identification and mitigation. 2+ years conducting risk assessments and providing actionable recommendations to technical and business stakeholders. 2+ years working in vulnerability management, including detection, analysis, reporting, or remediation tracking. 2+ years of hands-on experience managing or evaluating cloud environments, networks, and security infrastructure. 2+ years of experience communicating risk and security insights to leadership and cross-functional partners. Preferred Experience & Attributes: Background in the gaming or entertainment industry. Experience leading projects or programs in a security or risk management capacity. Technical and Security focused certifications a strong preference Confident communicator able to translate complex security risk concepts for both technical and non-technical audiences. Comfortable working in a dynamic, fast-paced environment balancing innovation and security priorities. Proven success working independently to establish relationships, deliver requirements, and communicate effectively. #LI-GM1 Please refer to our Candidate Privacy Notice for more information about how we process your personal information, and your data protection rights. At SIE, we consider several factors when setting each role's base pay range, including the competitive benchmarking data for the market and geographic location. Please note that the base pay range may vary in line with our hybrid working policy and individual base pay will be determined based on job-related factors which may include knowledge, skills, experience, and location. In addition, this role is eligible for SIE's top-tier benefits package that includes medical, dental, vision, matching 401(k), paid time off, wellness program and coveted employee discounts for Sony products. This role also may be eligible for a bonus package. Click here to learn more. The estimated base pay range for this role is listed below.$140,000-$210,000 USD Equal Opportunity Statement: Sony is an Equal Opportunity Employer. All persons will receive consideration for employment without regard to gender (including gender identity, gender expression and gender reassignment), race (including colour, nationality, ethnic or national origin), religion or belief, marital or civil partnership status, disability, age, sexual orientation, pregnancy, maternity or parental status, trade union membership or membership in any other legally protected category. We strive to create an inclusive environment, empower employees and embrace diversity. We encourage everyone to respond. PlayStation is a Fair Chance employer and qualified applicants with arrest and conviction records will be considered for employment.