Cyber security analyst jobs in Pinole, CA - 324 jobs

Our client seeking a Cyber Security Operations Analyst to support an operations team that supports a large government customer. The candidate will be relied upon to assist teammates and perform troubleshooting as needed. The candidate should excel in a fast-paced work environment and be willing to face new challenges. Qualifications • Proficiency with vulnerability scanning, remediation and reporting • Knowledge in web application scanning using various tools • Demonstrated proficiency with Windows, UNIX, & LINUX operating systems • Experience working in a customer service information technology environment • Network security and system security experience • Ability to discuss real world troubleshooting; problems and solutions encountered • Knowledge of IT security best practices, US federal government standards, regulations and policy (FedRamp, TIC, NIST 800-37rev1 & 800-53rev3) • Must be motivated and able to work independently • Proven project leadership (PowerPoint presenting, MS Project Planning) • Experience working with change implementation in a controlled environment • Excellent verbal, written communication and technical writing skills Bachelors Degree in Computer Science or a related technical discipline, or the equivalent combination of education, professional training or work experience. 2-5 years of related experience in data security administration. Experience using some of the following tools: o Nessus o Tenable Security Center o Netsparker o WebInspect o BurpSite Additional Information Work with blue Stone recruiting to find your next Cyber Security role. You can find us at ******************************* We look forward to speaking with you.

Mindlance is a national recruiting company which partners with many of the leading employers across the country. Feel free to check us out at ************************* Hope you are doing fine, Please have a look at the job description and if you are comfortable with the role and responsibilities please revert with your updated resume. Job title:- Threat Intelligence Analyst/Security Analyst Location:- San Francisco CA Duration:- 6- 12 Months Contract Responsibilities: • Differentiate, collect, and evaluate technical and open source data to produce threat intelligence products; • Identify credible, new intelligence and subject matter resources relative to current/emerging threats; • Analyze reports to understand threat campaign techniques and lateral movements and extract indicators of compromise (IOCs). • Manage and maintain threat intelligence platforms and feeds • Conduct research on emerging products, services, protocols, and standards relative to the information security arena Required Qualifications: • 3-5 year's experience performing threat i management operational activities, including threat intelligence gathering and analysis, and threat metrics development and reporting • Experience working with large/multi-national organizations • Demonstrated use of analytic tools and platforms • In-depth knowledge of information security threats Windows and Unix/Linux platforms • The demonstrated ability to work effectively in a collaborative team environment as an individual contributor. • The ability to provide support after normal business hours, as needed. Preferred Qualifications: • Direct experience with Threat intelligence Platform tools • Experience with developing threat intelligence briefings Additional Information Thanks & Regards, Vikrant Thakur ************

reports to the Cyber Security Manager and is responsible for reviewing and analyzing threat feeds in order to assist in optimizing currently deployed tools/procedures/processes throughout the organization. Analyst must analyze escalated security incidents from linear departments to validate, understand, and create lessons learned to help strengthen the posture of the organization. Analyst must also be able to advise on IT initiatives, IT business projects, and IT engineering in regards to security industry best practice. The analyst must also have a firm understanding of penetration testing and vulnerability assessments. A strong networking background and security certifications are preferred. Qualifications Demonstrate a comprehensive understanding of security processes for installation, management, monitoring and response of enterprise networks In depth experience with Information System Security (ISS), PKI, firewalls, intrusion detection/protection and related vulnerability assessment tools for network periphery and internal network/service discovery and topology mapping Experience working with a Security Operation Center Experience in full life cycle information technology solution implementation from conceptualization, requirements, design and specification through development (coding), integration testing and commissioning Demonstrate the ability to communicate clearly, to both technical and non-technical audiences, risks, threats, and vulnerabilities identified during assessments Demonstrated understanding of TCP/IP networking Must have strong incident handling experience including knowledge of common probing and attack methods, network/service discovery, system auditing, viruses, and worms Security testing of Enterprise networks through ethical hacking Experience responding to incidents in a 24/7 environment Experience working in a fast paced industry dealing with sensitive data Demonstrate strong understanding of Windows, networking, telephony and wireless security skills

The TV u0026 Sports Engineering team delivers the Apple TV+ streaming service, bringing customers Apple Original shows and movies, and live sports from MLS and MLB on Apple, Windows, Android, and third-party TV platforms. The team works on the Apple Sports app, the ultra-fast and easy-to-navigate app with real-time scores and stats for sports fans. This team is also responsible for ensuring the security of our Apple devices, users' identity, and content with FairPlay technologies. Our team is seeking a Software System Engineer to work on our software security technologies to develop and launch new products. You'll work on projects that touch all aspects of Apple products, and will demonstrate your strong software and interpersonal skills as you integrate new technology on multiple platforms and architectures. We are looking for someone who has a track record of software developement. You have a familiarity with various architectures (x86/ARM, mac OS/iOS, Android and others), and the ability to work with dynamic teams to produce reliable, robust code. Familiarity with security technologies (DRM, TrustZone, cryptography) is a huge plus. This is an outstanding opportunity to be involved in something new from the beginning. Show us your talent. It's meaningful, fun, and exciting. It's what makes us Apple. 5+ years of Experience with or passion for Systems security 5+ years of Experience with containerized server applications and their deployment Strong Software Engineering programming skills (C, C++) Experience with Embedded Systems Development Experience with or passion for Systems Security Experience with Android development Able to clearly communicate ideas and concerns Able to work effectively with different teams

The pay range for this position at commencement of employment is expected to be between $104,400 and $171,000/year. However, base pay offered may vary depending on multiple individualized factors, including market location, job-related knowledge, skills, and experience. If hired, employee will be in an "at-will position" and the Company reserves the right to modify base salary (as well as any other discretionary payment or compensation program) at any time, including for reasons related to individual performance, Company or individual department/team performance, and market factors. We are Alibaba Cloud's Network and Application Security R&D Team, specializing in the research, development, operations, and management of foundational network security and application security. Our core mandate revolves around advancing the capabilities of DDoS Protection, Web Application Firewall (WAF), and Cloud Firewall solutions. As a young, dynamic team with deep technical expertise and R&D excellence, we deliver robust network traffic security and application security services to users, committed to safeguarding their network infrastructure and application-layer security. Core Responsibilities: System Construction and Maintenance ●Deploy, monitor, and maintain cloud security product systems (including foundational services, operation platforms, consoles, and security components such as cloud firewalls, DDoS protection, and WAF), ensuring high availability and security. ● Participate in disaster recovery and circuit breaker drills for high-availability systems to enhance stability and risk resilience. Product Release and Management ● Lead the release of cloud security foundational services and core network security products, conduct independent operational testing, and ensure post-launch stability and performance. Operational Observability Management ●Configure and manage hardware/software monitoring systems (e.g., Prometheus) for 24/7 real-time monitoring and rapid response, ensuring timely issue detection and resolution. Automated Operations Development ● Design and develop automated operation and maintenance tools/platforms to improve efficiency, reduce manual intervention, and optimize system performance. Service Support and Troubleshooting ● Monitor system logs, independently troubleshoot application issues, propose solutions, and collaborate with R&D teams for fixes and validation. Capacity Planning and Budget Management ● Develop annual capacity plans and budgets based on product usage and scaling needs, ensuring rational resource allocation and utilization.

Our Company Changing the world through digital experiences is what Adobe's all about. We give everyone-from emerging artists to global brands-everything they need to design and deliver exceptional digital experiences! We're passionate about empowering people to create beautiful and powerful images, videos, and apps, and transform how companies interact with customers across every screen. We're on a mission to hire the very best and are committed to creating exceptional employee experiences where everyone is respected and has access to equal opportunity. We realize that new ideas can come from everywhere in the organization, and we know the next big idea could be yours! The Opportunity The Adobe Security organization seeks a proactive force multiplier with experience skillfully leading multiple technical programs, running a healthy portfolio, working directly with leadership, and delighting stakeholders. Our ideal candidate has superb communication and relationship-building skills and a solid track record of driving business outcomes through managing large programs. In addition, familiarity with fundamentals in key security operations and related security compliance frameworks could help this candidate have an immediate impact. If you excel at navigating complexity with multiple internal customers, are a master planner who helps teams foresee challenges and risks and guides them through them, and are equipped with a diverse technical program management toolbox, we can't wait for you to join our Security PMO team! What you'll Do * Partner directly with security leadership to build a portfolio of key programs. Lead and monitor the health and execution of several key initiatives with insights into status, risks, dependencies, roadblocks, and budget across the organization's program portfolio. * Ensure a healthy program portfolio in Adobe's Technology GRC (Governance, Risk, and Compliance) organization with a clearly defined roadmap. * Bring together cross-functional teams to deliver business outcomes for high-priority programs through clear planning, execution, partnership, and communication. * Make things easier for all collaborators of your program portfolio by driving simplicity, clarity, and efficiency in all aspects of your work. * Reduce program risk by proactively identifying, communicating, and removing roadblocks. * Build trust through visibility. Provide accurate and timely data-driven status reports for a broad audience and lead executive governance meetings. * Effectively handle program financials, including driving accurate budget forecasts. What you need to succeed * Exceptional communication skills for effective engagement with both engineers and executives in meetings, presentations, and writing. Excel at building strong and trusted partner relationships. * 7+ years as a program manager in the security domain with portfolio-level oversight experience. Demonstrate strong knowledge in the compliance field and have worked closely with the compliance teams on projects. * Experience leading programs involving AI systems and workflows (e.g., MCP servers, RAG capabilities, LLM integrations, or related AI infrastructure). * Established history of effectively managing programs from inception, prioritizing, and strategizing to implementation, reporting, and successful delivery of intricate projects with many significant internal customers. * Demonstrated Agile practice experience in software projects and familiarity with Jira (including query and dashboarding), O365 Suite, MS Teams, SharePoint, MS Project, Excel, and Miro or equivalent experience * Familiarity with compliance frameworks such as ISO 42001, SOC2, HIPAA, PCI DSS, ISO27001, ISO27017/18, ISO22301, and Geo-compliance programs. * Preferred Certifications: CISSP, CISM, PMP, or equivalent credentials demonstrating expertise in cybersecurity and program leadership. Our compensation reflects the cost of labor across several U.S. geographic markets, and we pay differently based on those defined markets. The U.S. pay range for this position is $124,300 -- $234,600 annually. Pay within this range varies by work location and may also depend on job-related knowledge, skills, and experience. Your recruiter can share more about the specific salary range for the job location during the hiring process. In California, the pay range for this position is $162,000 - $234,600 In New York, the pay range for this position is $162,000 - $234,600 At Adobe, for sales roles starting salaries are expressed as total target compensation (TTC = base + commission), and short-term incentives are in the form of sales commission plans. Non-sales roles starting salaries are expressed as base salary and short-term incentives are in the form of the Annual Incentive Plan (AIP). In addition, certain roles may be eligible for long-term incentives in the form of a new hire equity award. State-Specific Notices: California: Fair Chance Ordinances Adobe will consider qualified applicants with arrest or conviction records for employment in accordance with state and local laws and "fair chance" ordinances. Colorado: Application Window Notice If this role is open to hiring in Colorado (as listed on the job posting), the application window will remain open until at least the date and time stated above in Pacific Time, in compliance with Colorado pay transparency regulations. If this role does not have Colorado listed as a hiring location, no specific application window applies, and the posting may close at any time based on hiring needs. Massachusetts: Massachusetts Legal Notice It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability. Adobe is proud to be an Equal Employment Opportunity employer. We do not discriminate based on gender, race or color, ethnicity or national origin, age, disability, religion, sexual orientation, gender identity or expression, veteran status, or any other applicable characteristics protected by law. Learn more. Adobe aims to make Adobe.com accessible to any and all users. If you have a disability or special need that requires accommodation to navigate our website or complete the application process, email accommodations@adobe.com or call **************.

Lambda, The Superintelligence Cloud, is a leader in AI cloud infrastructure serving tens of thousands of customers. Our customers range from AI researchers to enterprises and hyperscalers. Lambda's mission is to make compute as ubiquitous as electricity and give everyone the power of superintelligence. One person, one GPU. If you'd like to build the world's best AI cloud, join us. *Note: This position requires presence in our San Francisco or San Jose office location 4 days per week; Lambda's designated work from home day is currently Tuesday. What You'll Do Validate and verify the organization's security controls and practices meet the requirements of ISO 27001, 27701, PCI, SOC 2 and other relevant regulatory requirements to ensure alignment to business objectives Manage IT Risk Register including risk identification, tracking, and prioritization. Assist with and drive remediation of control deficiencies and gaps Provide guidance to Control Owners in the planning, design, implementation, operation, maintenance & remediation of control activities and other supporting requirements (e.g. policies, standards, processes, system configurations, etc.) Communicate with technical and non-technical stakeholders and leaders on cybersecurity risk and controls management topics and program-specific reporting Assist with the Customer Trust program which may include managing customer assessments, and security questionnaires Assist control owners with root cause analysis and track risk management action plan progress. Create risk metrics for management regarding information security control maturity, compliance status, risks, performance and findings Assist with the third-party risk management assessment process, ensuring consistent enforcement of information security requirements You Have a minimum of 8 years of experience supporting cybersecurity risk or controls management programs with in-depth knowledge and experience of cybersecurity frameworks including ISO 27001 and 27701, PCI-DSS, SOC, NIST CSF and other regulatory requirements Have experience managing and running audits, certification programs and control assessments. This includes but is not limited to scope planning, defining control procedures based on requirements, policies and standards, control testing, and mapping issues to risks Have experience collaborating closely with engineers, business teams, and security partners, including incident response, red teams, and architects to seamlessly incorporate cybersecurity controls and risk management processes into their day-to-day operations Possess a strong ability to define, drive and execute a program vision, strategy, approach and milestones in alignment with organization priorities and initiatives Nice to Have Experience in the machine learning or computer hardware industry Experience with Security by Design and/or Privacy by Design principles Experience with standard cyber controls frameworks, including CIS Top18, NIST Cyber Security Framework (CSF), NIST 800.53, NIST 800.171, CMMC, Cybersecurity Maturity Model Certification (CMMC), ISO 27001 and 27701, and SOX ITGC control frameworks. Broad knowledge of IT infrastructure and architecture of computer systems as well as exposure to a variety of platforms such as operating systems, networks, databases, and ERP systems Familiarity with using third-party tools such as Audit Board, Whistic, RSA Archer, ServiceNow for third-party risk management Certified Information Systems Auditor (CISA) Certified Information Security Manager (CISM) Certified Information Systems Security Professional (CISSP) Certified in Risk and Information Systems Control (CRISC) Experience in the AI infrastructure, machine learning and/or computer hardware industry Salary Range Information The annual salary range for this position has been set based on market data and other factors. However, a salary higher or lower than this range may be appropriate for a candidate whose qualifications differ meaningfully from those listed in the job description. About Lambda Founded in 2012, with 500+ employees, and growing fast Our investors notably include TWG Global, US Innovative Technology Fund (USIT), Andra Capital, SGW, Andrej Karpathy, ARK Invest, Fincadia Advisors, G Squared, In-Q-Tel (IQT), KHK & Partners, NVIDIA, Pegatron, Supermicro, Wistron, Wiwynn, Gradient Ventures, Mercato Partners, SVB, 1517, and Crescent Cove We have research papers accepted at top machine learning and graphics conferences, including NeurIPS, ICCV, SIGGRAPH, and TOG Our values are publicly available: ************************* We offer generous cash & equity compensation Health, dental, and vision coverage for you and your dependents Wellness and commuter stipends for select roles 401k Plan with 2% company match (USA employees) Flexible paid time off plan that we all actually use A Final Note: You do not need to match all of the listed expectations to apply for this position. We are committed to building a team with a variety of backgrounds, experiences, and skills. Equal Opportunity Employer Lambda is an Equal Opportunity employer. Applicants are considered without regard to race, color, religion, creed, national origin, age, sex, gender, marital status, sexual orientation and identity, genetic information, veteran status, citizenship, or any other factors prohibited by local, state, or federal law.

xAI's mission is to create AI systems that can accurately understand the universe and aid humanity in its pursuit of knowledge. Our team is small, highly motivated, and focused on engineering excellence. This organization is for individuals who appreciate challenging themselves and thrive on curiosity. We operate with a flat organizational structure. All employees are expected to be hands-on and to contribute directly to the company's mission. Leadership is given to those who show initiative and consistently deliver excellence. Work ethic and strong prioritization skills are important. All engineers are expected to have strong communication skills. They should be able to concisely and accurately share knowledge with their teammates. About the Role You will be responsible for leading day-to-day security threat management. You will help identify and manage potential incidents and work with partner teams on known or suspected security threats. You will support threat intelligence, threat hunting, intrusion detection, and incident response efforts that adhere to, and push forward, best practices. Responsibilities Drive continual improvement in processes, procedures and automations to improve the quality and effectiveness of the team. Participate in a 24/7 on-call rotation performing security incident response Commandeering security incidents and updating stakeholders. Identify and develop new detection use cases and optimize existing detections. Collaborate on technical directions and solutions with other teams. Research and analyze patterns in security events across X's global infrastructure. Identify, design, and lead threat hunting missions to quantify and reduce threats. Manage and support the log collection, security scanning, intrusion detection, and other security-related systems. Design and assist in the development of automation to reduce false positives and handle events automatically. Analyze the security posture of systems via testing and vulnerability impact analysis. Required Qualifications 2+ years of relevant information security experience Self starter, can receive a task and execute with minimal supervision Strong Python scripting skills for implementing security automation Knowledge of networking and mac OS, Windows or Linux operating systems. Knowledge of cloud security fundamentals and practices (vendor agnostic). Experience managing and/or deploying security technology. Experience with building queries and dashboards for security monitoring. Knowledge of current threats and techniques and a desire to research and learn more. Experience with malware analysis, forensics or penetration testing. Problem solving skills or experience with troubleshooting. Preferred Qualifications Elastic / OpenSearch or similar platforms Open Source security automation tooling Annual Salary Range $140,000 - $180,000 USD Benefits Base salary is just one part of our total rewards package at xAI, which also includes equity, comprehensive medical, vision, and dental coverage, access to a 401(k) retirement plan, short & long-term disability insurance, life insurance, and various other discounts and perks. xAI is an equal opportunity employer. For details on data processing, view our Recruitment Privacy Notice.

Atomic Machines is ushering in a new era of micromanufacturing with its Matter Compiler™ technology platform. This platform enables new classes of micromachines to be designed and built by providing manufacturing processes and a materials library that are inaccessible to semiconductor manufacturing methods. It unlocks MEMS manufacturing not only for device classes that could never be produced by semiconductor methods, but also for entirely new categories. Furthermore, this digital platform is fully programmable in the way 3D printing is digital-but whereas 3D printing produces parts of a single material using a single process, the Matter Compiler™ technology platform is a multi-process, multi-material system: bits and raw materials go in, and complete, functional micromachines come out. The Atomic Machines team has also created an exciting first device-made possible only through the Matter Compiler™ technology platform-that we will be unveiling to the world soon. Our offices are in Emeryville and Santa Clara, California. About The Role: This is a broad-responsibility, high-judgment technical leadership role managing the cyber security function and implementing the security and IT infrastructure of a rapidly growing startup company with engineering offices in Emeryville and Santa Clara. As a Cyber Security Engineer, you will lead and oversee the design, implementation, and maintenance of robust security solutions within platform, data, engineering, and office environments. The ideal candidate will possess strong leadership skills, deep technical expertise, and a strategic mindset to safeguard the organization's digital assets. This is a full-time, onsite position in either our Emeryville or Santa Clara office, with a need to work from the other office occasionally. What You'll Do: Build and manage cyber security at Atomic Machines. Develop and implement a strategic vision for securing Atomic Machines' assets, including IP, financial records, personal data, and physical infrastructure, while designing scalable security architectures for both cloud-native and on-prem systems. Conduct security risk assessments, threat modeling, and incident response, identifying vulnerabilities, implementing mitigations, and managing escalations as needed. Lead IT risk and compliance initiatives, implementing cybersecurity best practices (e.g., ISO 27001, NIST), conducting internal audits, assessing vendor security certifications, and reviewing contractual security requirements. Integrate security into CI/CD pipelines and Git-driven Infrastructure-as-Code (IaC) workflows to support secure software releases. Manage security across networking and infrastructure across engineering teams, including physical access control, on-prem servers, cloud services, CI/CD pipelines, and embedded systems, ensuring scalability and reliability. Develop and deliver formal and informal security training sessions to educate the engineering organization on best practices, risk mitigation strategies, and secure development principles. Partner with and manage external agencies and vendors when additional security coverage and support are needed. What You'll Need: 8+ years of experience in Information Security, including at least 3 years in a management role. Experience managing all aspects of Information Security for a company, including Cyber Security, risk assessment, and incident response (startup experience preferred). Previous industry experience as a System Administrator, with hands-on knowledge of infrastructure management, user access controls, and system security best practices. Expertise in cloud security for modern AWS architectures, including IAM, security monitoring, logging, security configuration, and Infrastructure-as-Code (IaC). Proficiency in Infrastructure-as-Code (IaC) workflows (e.g., Terraform, Ansible, Git). Ability to enable secure cloud environments for production software releases using AWS services (e.g., EC2, Redshift, S3) and hybrid security solutions (e.g., Tailscale, WireGuard). Strong networking expertise across physical and virtual environments, including VLANs, firewalls, DNS, and secure access solutions. Experience balancing infrastructure automation, security, scalability, and developer productivity. Extensive hands-on experience with security tools and technologies, including SIEM, MDR, IDS/IPS, WAF, DLP, and vulnerability scanners. High-level proficiency in SAML/SSO solutions and using hardware MFA keys. Experience developing and presenting cybersecurity training programs for employees. Knowledge of IT processes, risk, and control frameworks, including CoBIT, ISO 27001, NIST, ITIL, and PCI. Familiarity with security regulatory requirements and standards (e.g., SOC 1/2/3, SANS Top 20, NIST 800-53). Security certifications preferred (e.g., CISSP, CCSP, CISM, CSSP). Ability to explain complex security issues to both technical and non-technical audiences. Proven ability to work in fast-paced environments with minimal guidance. Flexibility to work daily in the Emeryville office and commute to Santa Clara as needed. BS in Computer Science, Cybersecurity, Information Security, or a related field preferred. The compensation for this position also includes equity and benefits. Salary Range $175,000 - $235,000 USD

Palo Alto, CA (on-site) About 1X We build humanoid robots that work alongside people to solve labor shortages and create abundance. The Role We are seeking a Product Security Engineer with expertise in operating system security to strengthen the foundation of our robotics platform. In this role, you will design and implement security features such as secure boot, trusted execution environments, and system service hardening. Your work will ensure that sensitive operations and data remain protected while enabling developers to follow security best practices. This position is critical to increasing the resilience and trustworthiness of our systems. You Will Develop and maintain secure critical services for Linux systems Implement secure boot chains using fused hardware keys with rollback protection Integrate OP-TEE to safeguard sensitive assets including mTLS certificates and disk encryption keys Harden system services using least-privilege operations, systemd features, namespacing, and syscall filtering Build hardening templates and automation tools to streamline security enforcement for developers Automate security validation processes within CI/CD pipelines Design and enforce device access controls for Linux systems Contribute and ship C/C++ code (or similar) to production environments Job requirements Must Have Strong experience with Linux operating system internals and security mechanisms Hands-on expertise with secure boot and verified boot implementations Familiarity with Trusted Execution Environments such as OP-TEE Proven track record of applying least-privilege principles and hardening root-level services Proficiency with systemd and sandboxing tools including namespacing, privilege restrictions, and syscall filtering Experience designing developer-focused security tools, automation, and templates Knowledge of device access control and Linux permissions management Solid understanding of CI/CD security validation integration Expertise in software development and code auditing Experience with NVIDIA Orin or similar SoC platforms (preferred) Benefits & Compensation Salary Range: $137,861 - $240,000 + Equity Health, dental, and vision insurance 401(k) with company match Paid time off and holidays Equal Opportunity Employer 1X is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, ancestry, citizenship, age, marital status, medical condition, genetic information, disability, military or veteran status, or any other characteristic protected under applicable federal, state, or local law. On-site Palo Alto, California, United States $137,861 - $240,000 per year Software EngineeringAll done! Your application has been successfully submitted! Other jobs

Analyzes information security practices to ensure alignment with industry standards and guidelines. Identifies, investigates, and resolves security breaches detected by security solutions. Contributes to the creation and maintenance of security policies, standards, guidelines, and procedures. Leads and delivers staff training on information security and breach prevention. What You Will Do: Staying current on information security trends, news and security standards, especially those related to the healthcare industry Participating in the development of security standards and best practices for the organization Participating in the evaluation, design and implementation of new information security solutions to protect the organization's computer networks from cyber attacks Assessing the efficacy of existing security measures and processes to ensure that these measures and processes meet Health Insurance Portability and Accountability Act (HIPAA) and Federal Information System Controls Audit Manual (FISCAM) security standards and making recommendations for improvement Recommending security enhancements to management and senior ITS staff Analyzing software and systems requirements and providing objective advice on the level of security risks and remediation options Monitoring computer networks for security issues in order to reduce the risk of security incidents Leading investigation of security breaches and other cyber security incidents in collaboration with the Information Security Manager and the infrastructure team Documenting security breaches and assessing the damage caused Collaborating with the infrastructure team to ensure security measures and software to protect systems and information infrastructure, including firewalls and data encryption programs, are up to date Conducting system vulnerability audits and assessments on a proactive basis and collaborating with the infrastructure team to perform tests and uncover network vulnerabilities Managing efforts with vendors on annual security audit, including pen testing Assisting with developing and documenting preventive measures to ensure system security Staying informed of best practices and new developments in the field, analyzing applicability, making related recommendations, and developing written documentation of adopted practices Documenting computer security procedures, and tests Assisting with the development of policies, procedures, standards, and guidelines related to information security Developing information, training materials and presentations to educate the organization about information security management, data security, and prevention of breaches Assisting staff with the installation and utilization of new security products and procedures Conferring with staff regarding issues such as computer data access needs, security violations, and programming changes Monitoring systems and providing frequent training to staff regarding how to detect and avoid phishing attempts Reviewing any violations of security procedures and providing remedial training to staff, as needed Performs other duties as assigned You Will Be Successful If: In-depth knowledge of HIPAA and FISCAM security guidelines. Strong understanding of firewalls, proxies, SIEM, antivirus, and IDPS concepts. Proficiency with operating systems, virtualization, and security systems. High proficiency in Windows-based PC systems and Microsoft Office Suite. Working knowledge of penetration testing, patch management, and security frameworks (NIST, ISO 27001, COBIT). Familiarity with project management principles and customer service practices. Awareness of emerging security technologies such as AI, IoT, and blockchain. Strong analytical, problem-solving, and decision-making skills. Clear and concise writing and communication skills, with ability to present technical content to non-technical audiences. Experience creating training materials and leading staff training. Ability to manage multiple priorities, meet deadlines, and adapt to shifting needs. Leadership ability to facilitate meetings, resolve issues, and guide staff. Strong collaboration skills and diplomacy across teams and levels of the organization. Willingness to respond to after-hours information security incidents. What You Will Bring: Bachelor's degree in Information Technology, Cybersecurity, Computer Science, or a related field. 8 years of professional level information technology experience 3 years of experience performing information security functions in a health care environment (a Master?s degree may substitute for two years of the required experience); or an equivalent combination of education and experience may be qualifying Experience working in the health care industry Certification as a Certified Information Systems Security Professional (CISSP) issued by the International Information System Security Certification Consortium (ISC2), Certified Information Security Manager (CISM) issued by the Information Systems Audit and Control Association (ISACA), and/or Certified Ethical Hacker (CEH) issued by the Council of E-commerce Consultants (EC-Council), or equivalent

Job DescriptionISSOEmployment Type: Full-Time, Experienced Department: Information Technology CGS is seeking an Information Systems Security Officer (ISSO) with DIACAP and/or RMF experience who has deep expertise in security assessment documentation to support Dept. of Commerce systems and efforts to achieve their Authorization to Operate (ATO). This position is located at the client site in the Herbert Hoover building in Washington, DC. The scope of this position includes full life-cycle Assessment and Authorization (A&A) management through all 6 Steps of the RMF process in support of the Government ISSM.In this role, you'll conduct security assessment, and information system security oversight activities in accordance with NIST 800.53 that support systems from the perspective RMF requirements. CGS brings motivated, highly skilled, and creative people together to solve the government's most dynamic problems with cutting-edge technology. To carry out our mission, we are seeking candidates who are excited to contribute to government innovation, appreciate collaboration, and can anticipate the needs of others. Here at CGS, we offer an environment in which our employees feel supported, and we encourage professional growth through various learning opportunities. Skills and attributes for success:- Review systems to identify potential security weaknesses and recommend improvements to amend vulnerabilities, implement changes, and document upgrades. - Maintain responsibility for managing cybersecurity risk from an organizational perspective. - Identify organizational risks, prioritize those risks, and maintain a risk registry for escalating and presenting those risks to senior leadership.- Provide security guidance and IS validation using the National Institute of Standards and Technology (NIST) RMF, DoC, and local security policies.- Providing configuration management (CM) recommendations for information system security software, hardware, and firmware and coordinating changes and modifications with the ISSM, Security Control Assessor (SCA), and Authorizing Official (AO).- Maintain vulnerability scanning tool compliance, such as HBSS or ACAS, and patch management, such as IAVM to ensure IT staff pushes patches to all systems in an effort to maintain compliance with all applicable directives, manage system changes, and assess the security impact of those changes.- Support security authorization activities, including transitioning from the legacy Information Assurance Certification and Accreditation Process (DIACAP) to compliance with the DoC RMF.- Provide subject matter expertise for cyber security and trusted system technology. - Apply advanced technical knowledge and analysis of specialized functional areas in task requirements to develop solutions to complex problems.- Research, write, review, disposition feedback, and finalize recommendations regarding cyber security policy, assessment and authorization assessments (A&As), security test and evaluation reports, and security engineering practices and processes. - Conduct research and write risk assessment reports to include risk thresholds, evaluation, and scoring.- Support analysis of the findings and provide expert technical guidance for mitigation strategies, including implementation advice on the cyber security risk findings, and other complex problems. Qualifications:- Bachelor's Degree.- A minimum of five (5) years experience as an Information Assurance (IA) Analyst, ISSE, ISSO, or similar role in ATO package development, including generating security documentation for requirements, security control assessment, STIG and IAVA compliance, Standard Operating Procedures, test results, etc.- eMASS experience.- Professional security certification such as: CCNA Security, CySA+, GICSP, GSEC, CompTIA Security+ CE, SSCP, or higher.- Strong desktop publishing skills using Microsoft Word and Excel.- Experience with industry writing styles such as grammar, sentence form, and structure.- Ability to multi-task in a deadline-oriented environment. Ideally, you will also have:- CISSP, CASP, or a similar certificate is preferred.- Master's Degree in Cybersecurity or related field.- Strong initiative, detail orientation, organizational skills, and aptitude for analytical thinking.- Demonstrated ability to work well independently and as a part of a team.- Excellent work ethic and a high commitment to quality. Our Commitment:Contact Government Services (CGS) strives to simplify and enhance government bureaucracy through the optimization of human, technical, and financial resources. We combine cutting-edge technology with world-class personnel to deliver customized solutions that fit our client's specific needs. We are committed to solving the most challenging and dynamic problems. For the past seven years, we've been growing our government contracting portfolio, and along the way, we've created valuable partnerships by demonstrating a commitment to honesty, professionalism, and quality work. Here at CGS we value honesty through hard work and self-awareness, professionalism in all we do, and to deliver the best quality to our consumers mending those relations for years to come. We care about our employees. Therefore, we offer a comprehensive benefits package.Health, Dental, and VisionLife Insurance 401k Flexible Spending Account (Health, Dependent Care, and Commuter) Paid Time Off and Observance of State/Federal Holidays Contact Government Services, LLC is an Equal Opportunity Employer. Applicants will be considered without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Join our team and become part of government innovation!Explore additional job opportunities with CGS on our Job Board:**************************************** more information about CGS please visit: ************************** or contact:Email: ******************* #CJ We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

Anthropic's mission is to create reliable, interpretable, and steerable AI systems. We want AI to be safe and beneficial for our users and for society as a whole. Our team is a quickly growing group of committed researchers, engineers, policy experts, and business leaders working together to build beneficial AI systems. About the Role We're looking for an Operating Systems Security Engineer to harden and secure the OS layer of our infrastructure. You'll be responsible for designing and implementing OS-level security controls, from kernel hardening to runtime protection, ensuring our systems can withstand sophisticated attacks while maintaining the performance required for AI model training. This is a hands-on role where you'll work with cutting-edge hardware and implement novel security solutions for environments that don't exist anywhere else in the world. You'll need to balance extreme security requirements with the operational needs of researchers training models at unprecedented scale. What You'll Do: Design and implement hardened OS configurations for AI workloads across diverse hardware platforms Minimize attack surfaces by removing as many unnecessary components as possible from kernelspace and userspace Develop kernel security policies using SELinux, AppArmor, and custom Linux Security Modules and runtime enforcement mechanisms Implement and maintain full-disk encryption solutions for diverse storage systems Build security infrastructure for AI systems, research environments, and production services Create OS-level attestation and integrity monitoring systems Apply security patches, develop patches for custom kernel modules, and kernel hardening configurations Design secure boot processes and trusted execution environments Work with container teams to ensure proper workload isolation at the kernel level Design privilege separation and mandatory access control policies Implement secure update mechanisms for OS components Build tooling for security configuration management and compliance verification Serve as a subject matter expert for OS security questions and designs Who You Are: 5+ years of experience in operating systems security or kernel development Deep knowledge of Linux internals, including kernel subsystems and security frameworks (SELinux, AppArmor, seccomp, etc.) Experience with kernel hardening techniques and exploit mitigation Strong programming skills in C and systems programming languages Experience with eBPF for security monitoring and enforcement Understanding of virtualization and containerization security Track record of identifying and fixing OS-level security vulnerabilities Experience with security-focused Linux distributions Strong candidates may also have: Kernel development experience or contributions to Linux kernel Experience with real-time or embedded operating systems Knowledge of hardware security features and their OS integration Experience with secure boot technologies Experience with confidential computing and memory encryption technologies (SEV, TDX, SGX) Background in vulnerability research, exploit development, or fuzzing Experience with formal methods for OS verification Knowledge of hardware security features and their OS integration (TPM, HSM, secure enclaves) Deadline to apply: None. Applications will be reviewed on a rolling basis. The expected base compensation for this position is below. Our total compensation package for full-time employees includes equity, benefits, and may include incentive compensation. Annual Salary:$300,000-$405,000 USDLogistics Education requirements: We require at least a Bachelor's degree in a related field or equivalent experience. Location-based hybrid policy: Currently, we expect all staff to be in one of our offices at least 25% of the time. However, some roles may require more time in our offices. Visa sponsorship: We do sponsor visas! However, we aren't able to successfully sponsor visas for every role and every candidate. But if we make you an offer, we will make every reasonable effort to get you a visa, and we retain an immigration lawyer to help with this. We encourage you to apply even if you do not believe you meet every single qualification. Not all strong candidates will meet every single qualification as listed. Research shows that people who identify as being from underrepresented groups are more prone to experiencing imposter syndrome and doubting the strength of their candidacy, so we urge you not to exclude yourself prematurely and to submit an application if you're interested in this work. We think AI systems like the ones we're building have enormous social and ethical implications. We think this makes representation even more important, and we strive to include a range of diverse perspectives on our team. How we're different We believe that the highest-impact AI research will be big science. At Anthropic we work as a single cohesive team on just a few large-scale research efforts. And we value impact - advancing our long-term goals of steerable, trustworthy AI - rather than work on smaller and more specific puzzles. We view AI research as an empirical science, which has as much in common with physics and biology as with traditional efforts in computer science. We're an extremely collaborative group, and we host frequent research discussions to ensure that we are pursuing the highest-impact work at any given time. As such, we greatly value communication skills. The easiest way to understand our research directions is to read our recent research. This research continues many of the directions our team worked on prior to Anthropic, including: GPT-3, Circuit-Based Interpretability, Multimodal Neurons, Scaling Laws, AI & Compute, Concrete Problems in AI Safety, and Learning from Human Preferences. Come work with us! Anthropic is a public benefit corporation headquartered in San Francisco. We offer competitive compensation and benefits, optional equity donation matching, generous vacation and parental leave, flexible working hours, and a lovely office space in which to collaborate with colleagues. Guidance on Candidates' AI Usage: Learn about our policy for using AI in our application process

Magic's mission is to build safe AGI that accelerates humanity's progress on the world's most important problems. We believe the most promising path to safe AGI lies in automating research and code generation to improve models and solve alignment more reliably than humans can alone. Our approach combines frontier-scale pre-training, domain-specific RL, ultra-long context, and inference-time compute to achieve this goal. About the role As a Software Engineer on the Supercomputing Platforms and Infrastructure team, you will build the next generation systems that power large scale AI research and deployment. You will focus on sandboxed execution environments, distributed systems orchestration, and performance optimized compute workflows. You will work closely with ML and Research teams and infrastructure teams to deliver both high throughput, scale, and strong isolation guarantees in a cluster environment. What you might work on Build highly scalable, highly performant, software that facilitates arbitrary code execution with strong isolation guarantees. Design and build systems that allow our AI models to interface with machines in various modes, interactive terminal, GUI applications, etc. Provision and operate high density compute and storage nodes (NVMe, high IOPS SSDs, high bandwidth networks), and build software that performs efficient load balancing, and resource utilization across them. Instrument and optimize end to end performance including storage IO, network bandwidth, CPU, memory, and endurance constraints. Develop APIs, self service platforms, and automation and tools so researchers and engineers can deploy and monitor workloads at scale. Troubleshoot complex infrastructure issues across OS, drivers, hardware, storage systems (local NVMe, block storage, NFS), networking, namespace isolation, and cloud or hybrid environments. Produce clean, documented code and developer workflows, and collaborate with SRE and security teams to ensure safe, reliable, and self serviceable compute offerings. What we are looking for Strong software engineering background (C, C++, Go, Rust, or similar systems languages). Experience designing or operating sandboxed or isolated execution environments (namespaces, cgroups, container runtime internals), or strong interest in this area. Experience building or operating distributed systems or parallel processing frameworks (scatter aggregate processing, worker pools, multi thread and multi process coordination, shared memory, atomics, merging strategies). Solid understanding of storage and IO subsystems (NVMe, SSD endurance, write amplification), network performance, CPU and memory resource constraints in high performance compute clusters. Comfortable working on low level systems (OS, threading, memory management, synchronization) as well as higher level orchestration or automation. Experience with cloud infrastructure (GCP, AWS, Azure, etc.) including IaC tools such as OpenTofu, Terraform, Pulumi, or CDK is a plus. Intellectual curiosity, strong ownership, and the ability to make tradeoffs in ambiguous environments such as latency versus throughput and isolation versus performance. Nice to haves Prior experience with GPU scheduling, RDMA networking, or bare metal HPC clusters Contributions to open source container runtimes or sandboxing frameworks Experience with kernel internals, device drivers, or SSD and NVMe endurance modeling Familiarity with Rust for systems programming or Go for infrastructure orchestration Why join us You will work at the cutting edge of AI infrastructure including large compute clusters, advanced metrics engines, and next generation sandboxing systems for untrusted workloads. The problems you solve will be foundational, for example how to securely and efficiently run arbitrary research code across thousands of GPUs or high end SSDs. You will join a collaborative and hands-on team where you are building rather than only modeling. Excellent compensation and equity, generous benefits, and high impact. Our culture: Integrity. Words and actions should be aligned Hands-on. At Magic, everyone is building Teamwork. We move as one team, not N individuals Focus. Safely deploy AGI. Everything else is noise Quality. Magic should feel like magic Compensation and benefits (US) Annual salary range: 200,000 USD to 550,000 USD depending on seniority Significant equity component 401(k) with matching, comprehensive health, dental, and vision insurance, unlimited paid time off, visa sponsorship and relocation support Fast paced, mission driven environment focused on safely advancing AGI for humanity

blue Stone Recruiting is a national search firm with a focus of placing top Cyber Security talent from the Analyst level to CISO with prestigious organizations nationwide Job Description Our client seeking a Cyber Security Operations Analyst to support an operations team that supports a large government customer. The candidate will be relied upon to assist teammates and perform troubleshooting as needed. The candidate should excel in a fast-paced work environment and be willing to face new challenges. Qualifications • Proficiency with vulnerability scanning, remediation and reporting • Knowledge in web application scanning using various tools • Demonstrated proficiency with Windows, UNIX, & LINUX operating systems • Experience working in a customer service information technology environment • Network security and system security experience • Ability to discuss real world troubleshooting; problems and solutions encountered • Knowledge of IT security best practices, US federal government standards, regulations and policy (FedRamp, TIC, NIST 800-37rev1 & 800-53rev3) • Must be motivated and able to work independently • Proven project leadership (PowerPoint presenting, MS Project Planning) • Experience working with change implementation in a controlled environment • Excellent verbal, written communication and technical writing skills Bachelors Degree in Computer Science or a related technical discipline, or the equivalent combination of education, professional training or work experience. 2-5 years of related experience in data security administration. Experience using some of the following tools: o Nessus o Tenable Security Center o Netsparker o WebInspect o BurpSite Additional InformationWork with blue Stone recruiting to find your next Cyber Security role. You can find us at ******************************* We look forward to speaking with you.

xAI's mission is to create AI systems that can accurately understand the universe and aid humanity in its pursuit of knowledge. Our team is small, highly motivated, and focused on engineering excellence. This organization is for individuals who appreciate challenging themselves and thrive on curiosity. We operate with a flat organizational structure. All employees are expected to be hands-on and to contribute directly to the company's mission. Leadership is given to those who show initiative and consistently deliver excellence. Work ethic and strong prioritization skills are important. All engineers are expected to have strong communication skills. They should be able to concisely and accurately share knowledge with their teammates. About the Role You will be responsible for leading day-to-day security threat management. You will help identify and manage potential incidents and work with partner teams on known or suspected security threats. You will support threat intelligence, threat hunting, intrusion detection, and incident response efforts that adhere to, and push forward, best practices. Responsibilities * Drive continual improvement in processes, procedures and automations to improve the quality and effectiveness of the team. * Participate in a 24/7 on-call rotation performing security incident response * Commandeering security incidents and updating stakeholders. * Identify and develop new detection use cases and optimize existing detections. * Collaborate on technical directions and solutions with other teams. * Research and analyze patterns in security events across X's global infrastructure. * Identify, design, and lead threat hunting missions to quantify and reduce threats. * Manage and support the log collection, security scanning, intrusion detection, and other security-related systems. * Design and assist in the development of automation to reduce false positives and handle events automatically. * Analyze the security posture of systems via testing and vulnerability impact analysis. Required Qualifications * 2+ years of relevant information security experience * Self starter, can receive a task and execute with minimal supervision * Strong Python scripting skills for implementing security automation * Knowledge of networking and mac OS, Windows or Linux operating systems. * Knowledge of cloud security fundamentals and practices (vendor agnostic). * Experience managing and/or deploying security technology. * Experience with building queries and dashboards for security monitoring. * Knowledge of current threats and techniques and a desire to research and learn more. * Experience with malware analysis, forensics or penetration testing. * Problem solving skills or experience with troubleshooting. Preferred Qualifications * Elastic / OpenSearch or similar platforms * Open Source security automation tooling Annual Salary Range $140,000 - $180,000 USD Benefits Base salary is just one part of our total rewards package at xAI, which also includes equity, comprehensive medical, vision, and dental coverage, access to a 401(k) retirement plan, short & long-term disability insurance, life insurance, and various other discounts and perks. xAI is an equal opportunity employer. For details on data processing, view our Recruitment Privacy Notice.

• Analyzes information security practices to ensure alignment with industry standards and guidelines. • Identifies, investigates, and resolves security breaches detected by security solutions. • Contributes to the creation and maintenance of security policies, standards, guidelines, and procedures. • Leads and delivers staff training on information security and breach prevention. What You Will Do: • Staying current on information security trends, news and security standards, especially those related to the healthcare industry • Participating in the development of security standards and best practices for the organization • Participating in the evaluation, design and implementation of new information security solutions to protect the organization's computer networks from cyber attacks • Assessing the efficacy of existing security measures and processes to ensure that these measures and processes meet Health Insurance Portability and Accountability Act (HIPAA) and Federal Information System Controls Audit Manual (FISCAM) security standards and making recommendations for improvement • Recommending security enhancements to management and senior ITS staff • Analyzing software and systems requirements and providing objective advice on the level of security risks and remediation options • Monitoring computer networks for security issues in order to reduce the risk of security incidents • Leading investigation of security breaches and other cyber security incidents in collaboration with the Information Security Manager and the infrastructure team • Documenting security breaches and assessing the damage caused • Collaborating with the infrastructure team to ensure security measures and software to protect systems and information infrastructure, including firewalls and data encryption programs, are up to date • Conducting system vulnerability audits and assessments on a proactive basis and collaborating with the infrastructure team to perform tests and uncover network vulnerabilities • Managing efforts with vendors on annual security audit, including pen testing • Assisting with developing and documenting preventive measures to ensure system security • Staying informed of best practices and new developments in the field, analyzing applicability, making related recommendations, and developing written documentation of adopted practices • Documenting computer security procedures, and tests • Assisting with the development of policies, procedures, standards, and guidelines related to information security • Developing information, training materials and presentations to educate the organization about information security management, data security, and prevention of breaches • Assisting staff with the installation and utilization of new security products and procedures • Conferring with staff regarding issues such as computer data access needs, security violations, and programming changes • Monitoring systems and providing frequent training to staff regarding how to detect and avoid phishing attempts • Reviewing any violations of security procedures and providing remedial training to staff, as needed • Performs other duties as assigned You Will Be Successful If: • In-depth knowledge of HIPAA and FISCAM security guidelines. • Strong understanding of firewalls, proxies, SIEM, antivirus, and IDPS concepts. • Proficiency with operating systems, virtualization, and security systems. • High proficiency in Windows-based PC systems and Microsoft Office Suite. • Working knowledge of penetration testing, patch management, and security frameworks (NIST, ISO 27001, COBIT). • Familiarity with project management principles and customer service practices. • Awareness of emerging security technologies such as AI, IoT, and blockchain. • Strong analytical, problem-solving, and decision-making skills. • Clear and concise writing and communication skills, with ability to present technical content to non-technical audiences. • Experience creating training materials and leading staff training. • Ability to manage multiple priorities, meet deadlines, and adapt to shifting needs. • Leadership ability to facilitate meetings, resolve issues, and guide staff. • Strong collaboration skills and diplomacy across teams and levels of the organization. • Willingness to respond to after-hours information security incidents. What You Will Bring: • Bachelor's degree in Information Technology, Cybersecurity, Computer Science, or a related field. • 8 years of professional level information technology experience • 3 years of experience performing information security functions in a health care environment (a Master?s degree may substitute for two years of the required experience); or an equivalent combination of education and experience may be qualifying • Experience working in the health care industry • Certification as a Certified Information Systems Security Professional (CISSP) issued by the International Information System Security Certification Consortium (ISC2), Certified Information Security Manager (CISM) issued by the Information Systems Audit and Control Association (ISACA), and/or Certified Ethical Hacker (CEH) issued by the Council of E-commerce Consultants (EC-Council), or equivalent

Seeking a candidate with the ability to demonstrate expertise in both the practical implementation and the administration of noted tools. The basis of the work will be to backfill daily operations management as well as assess the current state implementation for completeness and currency. The candidate will also be responsible for the identification and execution of implementation improvement efforts that will allow for the transition of such tools to a managed service provider including the documentation of run books, incident response and remediation support, and developing continuity plans. Has demonstrated expertise in one or more of the following tools: Qualys Vulnerability Scanner LogRhythm Tripwire Essential Functions: Manage and maintain key Information Security tools to help mature and improve the overall effectiveness of solutions across the organization to safeguard information systems, intellectual property assets and customer data. Design, implement and support integration of information security solutions including security architectures, firewall analysis, and developing and coordinating security implementation plans to improve monitoring and compliance functions and drive automation and efficiencies. Manage remediation of security issues with technology and business teams to ensure remediation is completed timely and effectively. Analyze existing processes to identify improvement opportunities, recommend solutions and lead implementation. Establish and implement a repeatable process for tracking, reporting and driving remediation of security issues. Assist with the PCI DSS security compliance program including scoping, testing, and remediation activities. Help train associates, contractors, alliance or other third parties on information security policies and -procedures. Provide skill-set knowledge transfer that ensures necessary cross-training of other IT Security team members. Monitors compliance with information security policies and procedures and monitors access control systems to assure appropriate access levels are maintained. Develop, support and manage Security metrics & reporting. Develop, maintain and enforce standardized, repeatable administrative and operational policies, processes and procedures. Serves as enterprise information security consultant, conduct information security risk assessments. Lead computer forensic analysis, cyber-crime investigation, incident emergency response and investigations. Perform other responsibilities and duties as assigned. Additional expertise in the following tools is a plus; Imperva DB Monitoring Ingrian HSM LogRhythm McAfee IDS/IPS McAfee Solid Core NETIQ PGP Desktop, WDE, Netshare PGP Universal Server & KMS Qwest Password Manager RedSeal RSA Authentication Manager RSA Envision Symantec DLP Varonis Data Privilege & DWebsense websense

Palo Alto, CA (on-site) About 1X We build humanoid robots that work alongside people to solve labor shortages and create abundance. The Role We are seeking a Product Security Engineer with expertise in operating system security to strengthen the foundation of our robotics platform. In this role, you will design and implement security features such as secure boot, trusted execution environments, and system service hardening. Your work will ensure that sensitive operations and data remain protected while enabling developers to follow security best practices. This position is critical to increasing the resilience and trustworthiness of our systems. You Will * Develop and maintain secure critical services for Linux systems * Implement secure boot chains using fused hardware keys with rollback protection * Integrate OP-TEE to safeguard sensitive assets including mTLS certificates and disk encryption keys * Harden system services using least-privilege operations, systemd features, namespacing, and syscall filtering * Build hardening templates and automation tools to streamline security enforcement for developers * Automate security validation processes within CI/CD pipelines * Design and enforce device access controls for Linux systems * Contribute and ship C/C++ code (or similar) to production environments