Cyber security analyst jobs in Poughkeepsie, NY

The Network and Cyber Security Analyst will be responsible for designing, implementing, and maintaining the network and security infrastructure of the IT organization. This role requires a combination of hands-on experience with firewalls and other security tools, strong network knowledge, and expertise in Microsoft Azure networking and security. The ideal candidate will also have experience in setting and documenting security policies as well as working with 3rd party security vendors. Key Responsibilities: - Design, deploy, and maintain secure and high-performance network solutions, including switches, routers, and wireless systems. - Act as 2nd in line patch and troubleshooting support - Monitor and troubleshoot network performance and connectivity issues to ensure minimal downtime. - Optimize network configurations to enhance scalability, efficiency, and security. - Implement and manage firewalls, intrusion prevention systems (IPS), and other security appliances. - Perform regular vulnerability assessments and lead the remediation of identified risks. - Develop and enforce security policies, procedures, and incident response protocols. - Design, deploy, and manage secure cloud networking solutions, with a primary focus on Microsoft Azure. - Configure virtual networks, firewalls, and security groups in Azure to ensure compliance with organizational standards. - Manage identity and access solutions in Azure, including multi-factor authentication (MFA) and conditional access policies. - Collaborate with cross-functional teams to align IT infrastructure with business goals. - Manage 3rd party security partners - Maintain up-to-date documentation of network architecture, configurations, and security policies. - Generate regular reports on network performance, security incidents, and compliance metrics. - Provide guidance and training to staff on security best practices and awareness. - Stay up-to-date with the latest security trends, threats, and technology solutions. Qualifications: - Bachelor's degree in Information Technology, Computer Science, or a related field (or equivalent experience). - Minimum of 8+ years of experience in network administration and cybersecurity roles. - Expertise in configuring and managing network devices such as Cisco, Juniper, or similar switches and routers. - Hands-on experience with firewall platforms such as Cisco, Palo Alto, Fortinet, or similar solutions. - Proficiency in Azure cloud networking, including virtual networks, VPNs, and security configurations. - Strong knowledge of network protocols (TCP/IP, DNS, DHCP, VLANs, etc.) and troubleshooting tools. - Experience in setting and documenting security policies and procedures. - Excellent problem-solving, communication, and leadership skills. Preferred Skills. - Experience with endpoint protection, SIEM solutions, and log management tools. - Knowledge of compliance standards like ISO 27001, NIST, or GDPR. - Certifications such as CCNA, CCNP, Azure Network Engineer Associate, or equivalent are highly desirable. Skills Cyber security, Information security, Firewall, Arcitc Wolf, siem, azure, cisco, Vulnerability assessment, Vulnerability management, palo alto, juniper, CCNA, CCNP, azure network engineer associate, log management tools Top Skills Details Cyber security,Information security,Firewall,Arcitc Wolf,siem,azure,cisco Additional Skills & Qualifications - Experience with endpoint protection, SIEM solutions, and log management tools. - Knowledge of compliance standards like ISO 27001, NIST, or GDPR. - Certifications such as CCNA, CCNP, Azure Network Engineer Associate, or equivalent are highly desirable. Contract to Hire role (approximate time contracting is 6 months) Experience Level Expert Level Job Type & Location This is a Contract to Hire position based out of Bethpage, NY. Pay and Benefits The pay range for this position is $65.00 - $72.00/hr. Eligibility requirements apply to some benefits and may depend on your job classification and length of employment. Benefits are subject to change and may be subject to specific elections, plan, or program terms. If eligible, the benefits available for this temporary role may include the following: - Medical, dental & vision - Critical Illness, Accident, and Hospital - 401(k) Retirement Plan - Pre-tax and Roth post-tax contributions available - Life Insurance (Voluntary Life & AD&D for the employee and dependents) - Short and long-term disability - Health Spending Account (HSA) - Transportation benefits - Employee Assistance Program - Time Off/Leave (PTO, Vacation or Sick Leave) Workplace Type This is a hybrid position in Bethpage,NY. Application Deadline This position is anticipated to close on Dec 19, 2025. h4>About TEKsystems: We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company. The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law. About TEKsystems and TEKsystems Global Services We're a leading provider of business and technology services. We accelerate business transformation for our customers. Our expertise in strategy, design, execution and operations unlocks business value through a range of solutions. We're a team of 80,000 strong, working with over 6,000 customers, including 80% of the Fortune 500 across North America, Europe and Asia, who partner with us for our scale, full-stack capabilities and speed. We're strategic thinkers, hands-on collaborators, helping customers capitalize on change and master the momentum of technology. We're building tomorrow by delivering business outcomes and making positive impacts in our global communities. TEKsystems and TEKsystems Global Services are Allegis Group companies. Learn more at TEKsystems.com. The company is an equal opportunity employer and will consider all applications without regard to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.

Client Name: City of New York Contract Length (in weeks): 52 Hybrid: 3 days in office/2 days remote. SCOPE OF SERVICES The forensics Analyst will investigate network intrusions and other cyber incidents to determine cause, extent and consequences of the breach. TASKS: Investigate network intrusions and other cybersecurity incidents to determine the cause and extent of the breach. Includes ability to perform host -based and network -based forensic analysis. Research and develop new techniques, and procedures to continually improve the digital forensics process. Produce high quality written work product presenting complex technical issues clearly and concisely. Managing and maintaining the analysis labs and forensics tools leveraged for investigations. Ensuring data is collected and preserved within industry standard best practices and in alignment evidence integrity requirements. Assisting the Cyber Emergency Response Team during critical incidents. RequirementsMANDATORY SKILLS/EXPERIENCE Note: Candidates who do not have the mandatory skills will not be considered Minimum 4 years of experience in Threat Management/Forensics Investigations/Incident Response environment Proficient in performing digital forensic investigations on a variety of platforms and operating systems with a deep understanding of digital forensics processes and tools. DESIRABLE SKILLS/EXPERIENCE: Experience with a wide range of forensic tools (TZWorks, X -Ways, SIFT, AXIOM, Volatility, etc.) Experience with memory analysis tools (i.e. Volatility) Experience with Linux and open source tools Experience investigating intrusions on Windows and Linux/Unix operating systems Knowledge of gathering, accessing, and assessing evidence from computer systems and electronic devices Knowledge of virtual environments Knowledge of forensic imaging techniques Knowledge of Microsoft Windows operating system and Windows artifacts Knowledge of Linux/UNIX operating systems and artifacts Knowledge of MAC OS operating system and forensics artifacts Knowledge of file systems Strong analytical skills

Job Description We is seeking a talented Cyber Security Analyst. As a Cyber Security Analyst, you will play a key role in ensuring the security and integrity of our organization's data and systems. Requirements Responsibilities: Monitor, detect, and respond to cyber threats and security incidents, Conduct vulnerability assessments and penetration testing to identify potential weaknesses in our systems, Develop and implement security measures and best practices to protect against cyber attacks, Stay up-to-date with the latest cyber security trends and technologies, Collaborate with cross-functional teams to identify security risks and implement appropriate solutions, Provide training and guidance to employees on cyber security awareness and best practices. Requirements: Bachelor's degree in Computer Science, Information Security, or a related field, Proven experience in cyber security or a related role, Strong knowledge of security protocols and tools, Ability to analyze and interpret complex data and make informed decisions, Excellent problem-solving and communication skills, Relevant certifications (e.g. CISSP, CISM) are preferred but not required. Benefits About Us Zone IT Solutions is an Australia-based Recruitment Company. We specialise in Digital, ERP and larger IT Services. We offer flexible, efficient and collaborative solutions to any organisation that requires IT, experts. Our agile, agnostic and flexible solutions will help you source the IT Expertise you need. If you are looking for new opportunities, your profile at *******************************. Also, follow our LinkedIn page for new job opportunities and more. Zone IT Solutions is an equal-opportunity employer, and our recruitment process focuses on essential skills and abilities.

Our client, a leading Management & Strategy Consulting firm, is seeking a Cybersecurity Analyst to support its client in the financial services domain. This role requires strong expertise in DevSecOps practices alongside solid knowledge of Identity and Access Management (IAM). The ideal candidate will have experience embedding security controls within cloud environments, CI/CD pipelines, and application development workflows, while also managing access governance, privileged access, and compliance requirements. Requirements and Qualifications: · 3+ years of experience in cybersecurity, with strong exposure to DevSecOps and IAM. · Familiarity with CI/CD pipelines and tools (e.g., Jenkins, GitLab CI/CD, Azure DevOps) and integrating security into build/deploy processes. · Solid experience with IAM tools such as SailPoint, CyberArk, and Active Directory. · Hands-on experience with infrastructure-as-code security (e.g., Terraform, CloudFormation, or Azure ARM templates). · Understanding of cloud security (AWS, Azure, or GCP), container security, and policy enforcement in cloud-native environments. · Excellent communication and collaboration skills to work with both technical and business teams. · Implement and enhance DevSecOps practices, integrating security tooling (e.g., SAST, DAST, container scanning) into CI/CD pipelines. · Collaborate with engineering and cloud teams to design and enforce secure-by-default architectures across application and infrastructure layers. · Support IAM initiatives including onboarding/offboarding, entitlement reviews, and role-based access governance. · Utilize and integrate tools such as SailPoint, CyberArk, and Active Directory within broader DevSecOps workflows. · Assist with implementation of SSO, MFA, RBAC, and identity federation, ensuring secure and compliant access controls. · Partner with cross-functional stakeholders to ensure security and compliance requirements are embedded early in the SDLC.

Join our global Cyber team as a Wordings Analyst supporting the Global Cyber Wordings Manager in the strategic development and governance of our Cyber and Tech policy suite, including Liberty Cyber Resolution and Liberty Tech Resolution. This role is a hands-on business enabler: you will help translate complex legal and regulatory requirements into clear, market-ready wordings, maintain our global clause library, support manuscript negotiations, and produce practical tools that empower underwriters and strengthen broker confidence. It's an excellent opportunity for an early-career insurance wordings or legal professional to build expertise in a fast-moving, global specialty line and make a visible impact on growth, innovation, and client experience. Key responsibilities: Wording library and drafting support Maintain and expand the global wording library centered on Liberty Cyber Resolution and Liberty Tech Resolution, including endorsements, exclusions, and guidance notes. Redline and prepare first drafts of standard clauses and endorsements; ensure consistency with definitions, coverage intent, and plain-language standards. Track version control, change logs, approvals, and archiving; Assist with localization for different jurisdictions, coordinating translations and filing documentation with Legal/Compliance. Commercial enablement Build practical tools (playbooks, FAQs, objection-handling guides, coverage summaries) to help regional teams position our products and close deals efficiently. Prepare broker/client comparison decks and battlecards; support pitches, RFP/RFI responses, and manuscript negotiations with clause comparisons and recommended alternatives. Triage wording queries from regions; track SLAs and referral approvals per the global governance framework. Partner closely with Underwriting, Product, Global Cyber Engagement, Claims, Legal/Compliance, and regional leaders to deliver accurate, timely support and uphold governance standards. Regulatory and legal stewardship Monitor and synthesize global regulatory and market developments (e.g., Lloyd's cyber war/systemic guidance, GDPR, DORA, NIS2, sanctions) into succinct briefs and recommended wording actions. Maintain audit-ready documentation; assist with regulatory filings or attestations where required. Claims partnership and feedback loop Collaborate with Claims to capture lessons from disputes and litigation trends; draft guidance notes and propose clarifications to improve coverage certainty. Support coverage position letters and documentation packs with research, citations, and clause histories. Innovation and product development support Help draft prototype wordings for new propositions Check alignment between underlying policy wordings and reinsurance treaty/facultative clauses. Administer wording management tools, ensuring robust version control, approval workflows, and usage analytics. Build dashboards and trackers for adoption of standard forms, deviation rates, SLA performance, disputes, and audit findings; provide monthly reporting to stakeholders. Qualifications Bachelor's degree in business, economics, or other quantitative field. Minimum 3 years, typically 4 years or more of relevant work experience. 2 - 5 years of experience in insurance wordings, legal/paralegal support, underwriting support, or product documentation; cyber specialty experience preferred. Strong drafting, redlining, and proofreading skills with a plain-language mindset and exceptional attention to detail. Working knowledge of insurance policy structures, endorsements, exclusions, and coverage interpretation; familiarity with cyber war/systemic language, sanctions, and privacy regulations is advantageous. Research and synthesis skills to translate complex regulatory/legal topics into practical guidance and actionable updates. Proficiency with MS Word (advanced track changes/redlining), Excel (trackers and dashboards), PowerPoint (training/pitch materials), and document/enablement tools. Collaborative, service-oriented approach; comfortable operating in a global matrix and meeting defined SLAs. Curiosity about cybersecurity risks and the incident response ecosystem; willingness to learn common threat scenarios to inform practical drafting. About Us Pay Philosophy: The typical starting salary range for this role is determined by a number of factors including skills, experience, education, certifications and location. The full salary range for this role reflects the competitive labor market value for all employees in these positions across the national market and provides an opportunity to progress as employees grow and develop within the role. Some roles at Liberty Mutual have a corresponding compensation plan which may include commission and/or bonus earnings at rates that vary based on multiple factors set forth in the compensation plan for the role. At Liberty Mutual, our goal is to create a workplace where everyone feels valued, supported, and can thrive. We build an environment that welcomes a wide range of perspectives and experiences, with inclusion embedded in every aspect of our culture and reflected in everyday interactions. This comes to life through comprehensive benefits, workplace flexibility, professional development opportunities, and a host of opportunities provided through our Employee Resource Groups. Each employee plays a role in creating our inclusive culture, which supports every individual to do their best work. Together, we cultivate a community where everyone can make a meaningful impact for our business, our customers, and the communities we serve. We value your hard work, integrity and commitment to make things better, and we put people first by offering you benefits that support your life and well-being. To learn more about our benefit offerings please visit: *********************** Liberty Mutual is an equal opportunity employer. We will not tolerate discrimination on the basis of race, color, national origin, sex, sexual orientation, gender identity, religion, age, disability, veteran's status, pregnancy, genetic information or on any basis prohibited by federal, state or local law. Fair Chance Notices California Los Angeles Incorporated Los Angeles Unincorporated Philadelphia San Francisco We can recommend jobs specifically for you! Click here to get started.

Founded over 35 years ago, First Quality is a family-owned company that has grown from a small business in McElhattan, Pennsylvania into a group of companies, employing over 5,000 team members, while maintaining our family values and entrepreneurial spirit. With corporate offices in New York and Pennsylvania and 8 manufacturing campuses across the U.S. and Canada, the companies within the First Quality group produce high-quality personal care and household products for large retailers and healthcare organizations. Our personal care and household product portfolio includes baby diapers, wipes, feminine pads, paper towels, bath tissue, adult incontinence products, laundry detergents, fabric finishers, and dishwash solutions. In addition, we manufacture certain raw materials and components used in the manufacturing of these products, including flexible print and packaging solutions. Guided by our values of humility, unity, and integrity, we leverage advanced technology and innovation to drive growth and create new opportunities. At First Quality, you'll find a collaborative environment focused on continuous learning, professional development, and our mission to Make Things Better . We are actively seeking an experienced Cyber Security Analyst to join our Security Operations Center in Great Neck, New York, or work in a hybrid capacity from CT, GA, NY, NJ, PA, or SC. In this role, you will be responsible for incident detection, investigation and response, rules development tuning and improvement, defining and developing automations, and incorporating Threat Intelligence and Threat Hunting activities to enhance detection and mitigation strategies. Primary responsibilities include: Incident Detection and Response - Monitor and analyze alerts generated by SIEM/SOAR platforms and user reports, investigate security incidents, and execute containment and eradication procedures to minimize impact and restore normal operations. Tuning & Optimization - Continuously refine detection rules and SOC processes to reduce false positives, enhance detection accuracy, and improve overall operational efficiency. Research & Development - Explore emerging threats and attack techniques to develop and implement new detection rules to expand visibility and strengthen the organization's security posture. Threat Hunting - Proactively hunt for hidden threats by analyzing logs and identifying gaps missed by existing security tools and improve security posture. Threat Intelligence - Review threat intelligence feeds, channels and articles to identify potential risks and proactively strengthen defenses. Automation Development - Design, implement, and maintain automation solutions to streamline SOC workflows, reduce manual effort, and accelerate incident response times. Reporting - Prepare and present comprehensive reports on key SOC activities, metrics, and security trends to stakeholders and management. Penetration Testing - Participate in Red and Purple Team exercises to assess and improve the effectiveness of security controls and incident response capabilities. The ideal candidate should possess the following: Bachelor's degree in Computer Security, Cybersecurity, Information Security, or a related field preferred. Additional relevant experience may be considered in lieu of a degree. Experience with advanced SIEM content development, including custom correlation rules, dashboards, and reporting. Minimum of 1 year of experience working in a Security Operations Center (SOC) environment, either in-house or with a Managed Security Service Provider (MSSP). Proficiency in scripting languages such as Python, PowerShell, or Bash for automating security tasks and processes. Direct involvement in end-to-end incident response, including root cause determination and post-incident reporting. Experience monitoring and securing cloud environments (e.g., Microsoft Azure, AWS, Google Cloud Platform). Hands-on experience working with SIEM (e.g. Splunk, Microsoft Sentinel, Qradar) Familiarity with EDR solutions like CrowdStrike, SentinelOne, Microsoft Defender for Endpoint or Cortex XDR. Understanding and familiarity with interpreting common log sources for monitoring and investigation (e.g. Firewall, Azure AD, Windows Security Log, Email, Proxy\URL Filtering etc.) Solid grasp of prevalent attack types, including phishing, brute-force attacks, malware, and data exfiltration techniques. Excellent verbal and written communication skills, with the ability to collaborate effectively with team members both within and outside the SOC. High level of situational awareness and problem sensitivity, with the ability to proactively identify issues and escalate concerns as appropriate. Demonstrated proactive mindset, strong sense of responsibility, and urgency in addressing security incidents and tasks. Ability to work independently, manage multiple priorities, and succeed in a fast-paced, dynamic environment. Strong motivation and willingness to continually learn and grow, adapting to new tools and evolving threat landscapes. What We Offer You We believe that by continuously improving the quality of our benefits, we can help to raise the quality of life for our team members and their families. At First Quality you will receive: • Competitive base salary and bonus opportunities • Paid time off (three-week minimum) • Medical, dental and vision starting day one • 401(k) with employer match • Paid parental leave • Child and family care assistance (dependent care FSA with employer match up to $2500) • Bundle of joy benefit (year's worth of free diapers to all team members with a new baby) • Tuition assistance • Wellness program with savings of up to $4,000 per year on insurance premiums • ...and more! The estimated annual base salary range for this position is $110,000 - $140,000. Base pay is only part of our total compensation package, which also includes an attractive annual discretionary bonus and robust suite of employee benefits for which you are eligible to participate in starting on your first day of employment. Base pay offered will be determined on an individualized basis and we will consider your location, experience, and other job-related factors. First Quality is committed to protecting information under the care of First Quality Enterprises commensurate with leading industry standards and applicable regulations. As such, First Quality provides at least annual training regarding data privacy and security to employees who, as a result of their role specifications, may come in to contact with sensitive data. First Quality is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, sexual orientation, gender identification, or protected Veteran status.

States: MA, NH, RI, ME, CT, VT, NJ, NY is home office based. Meet the Team You will provide guidance and assist Security Sellers and Account teams within the territory in a pre-sales technical role, showcasing Cisco security product solutions, setting up demonstrations, explaining features and benefits to customers, and designing and configuring products to address specific customer security needs. You will form relationships with our customer's key decision-makers, positioning Cisco security solutions aligned accurately to their requirements. You will be a part of an outstanding technical pre-sales team in our Global Security Sales Organization (GSSO), responsible for driving the success of Cisco's Security Portfolio and focusing on protecting Customer Application Environments no matter where they live (on-prem / any cloud). Our mission is simple: democratize security by making it easy and effective for everyone. We're transforming security from the ground up by solving the world's most pressing geopolitical challenge - safe, secure information access. We engineer our business to enable our customers to easily address their ever-evolving security challenges. We believe that impactful work is rewarding work and that our team is at its best when everyone feels empowered to bring their whole self to work. We learn together by hiring for cultural contribution, not cultural fit, and recognize that diversity in background and thought are essential to building high-impact teams. We invest in growth and learning opportunities and encourage our people to never stop learning. We foster collaboration and believe in being recognized (and rewarded!) for hard work. We champion a healthy work-life balance. We're kinder than necessary. Together we build for the future by designing simple solutions for complex problems. And that's why we're the most loved and trusted name in security. Your Impact As an advisor to the customer, you'll be working with technology experts to craft architectures and configure products to meet customer-specific needs, are prepared to lead all technical aspects of pre-sales activities, and position security solutions effectively against competing offerings. You are an aggressive starter, self-starter with the ability to build executive relationships, develop and execute sales strategies and tactics that improve Cisco's opportunity with a customer environment, position and promote the partner and customer value proposition for Cisco security architecture, articulate Cisco's product and business strategies, and create the demand that makes deals happen! You will: - Serve as the subject matter expert in Cisco security solutions - Provide guidance and assist account teams within the territory in building solutions to address specific customer security needs - Understand business requirements for a customer base and be able to translate them into technical requirements - Understand and articulate Cisco's architecture and services within security technologies - Create, present, and document technical solutions - Perform in-depth and high-level technical presentations for customers partners and prospects - Drive identified major account opportunities (i.e. technical consulting, upper-level management presentations, and Cisco technology solutions) while allowing local account teams to maintain long-term ownership Who You Are You are passionate about the customer experience and excited about new technology. You are a true teammate and love to learn. Being a self-starter, our SEs act as an industry domain authority, and strive to help Cisco make customers for life. Minimum Qualifications -Minimum of 4 years of pre-sales experience -Hands on experience with one or more of these Cisco Security Products (or their competitive equivalent): ******************************************************************** - Experience with whiteboard discussions that transform customer requirements into security solutions Preferred Qualifications - History of successful quota achievement. - Ability to demo / POV any of these Cisco Security products (the more the better): ******************************************************************** - Knowledge of public clouds AWS, Azure, GCP, and OCI. - Experience with incident response a plus - Experience with administering security for a company (e.g. purchased and deployed Cisco security products as a customer) is a plus. - Solid presentation and interpersonal skills. - Highly motivated self-starter who does not need day-to-day management - Experience with APIs and scripting languages **Why Cisco?** At Cisco, we're revolutionizing how data and infrastructure connect and protect organizations in the AI era - and beyond. We've been innovating fearlessly for 40 years to create solutions that power how humans and technology work together across the physical and digital worlds. These solutions provide customers with unparalleled security, visibility, and insights across the entire digital footprint. Fueled by the depth and breadth of our technology, we experiment and create meaningful solutions. Add to that our worldwide network of doers and experts, and you'll see that the opportunities to grow and build are limitless. We work as a team, collaborating with empathy to make really big things happen on a global scale. Because our solutions are everywhere, our impact is everywhere. We are Cisco, and our power starts with you. **Message to applicants applying to work in the U.S. and/or Canada:** The starting salary range posted for this position is $217,200.00 to $274,100.00 and reflects the projected salary range for new hires in this position in U.S. and/or Canada locations, not including incentive compensation*, equity, or benefits. Individual pay is determined by the candidate's hiring location, market conditions, job-related skillset, experience, qualifications, education, certifications, and/or training. The full salary range for certain locations is listed below. For locations not listed below, the recruiter can share more details about compensation for the role in your location during the hiring process. U.S. employees are offered benefits, subject to Cisco's plan eligibility rules, which include medical, dental and vision insurance, a 401(k) plan with a Cisco matching contribution, paid parental leave, short and long-term disability coverage, and basic life insurance. Please see the Cisco careers site to discover more benefits and perks. Employees may be eligible to receive grants of Cisco restricted stock units, which vest following continued employment with Cisco for defined periods of time. U.S. employees are eligible for paid time away as described below, subject to Cisco's policies: + 10 paid holidays per full calendar year, plus 1 floating holiday for non-exempt employees + 1 paid day off for employee's birthday, paid year-end holiday shutdown, and 4 paid days off for personal wellness determined by Cisco + Non-exempt employees** receive 16 days of paid vacation time per full calendar year, accrued at rate of 4.92 hours per pay period for full-time employees + Exempt employees participate in Cisco's flexible vacation time off program, which has no defined limit on how much vacation time eligible employees may use (subject to availability and some business limitations) + 80 hours of sick time off provided on hire date and each January 1st thereafter, and up to 80 hours of unused sick time carried forward from one calendar year to the next + Additional paid time away may be requested to deal with critical or emergency issues for family members + Optional 10 paid days per full calendar year to volunteer For non-sales roles, employees are also eligible to earn annual bonuses subject to Cisco's policies. Employees on sales plans earn performance-based incentive pay on top of their base salary, which is split between quota and non-quota components, subject to the applicable Cisco plan. For quota-based incentive pay, Cisco typically pays as follows: + .75% of incentive target for each 1% of revenue attainment up to 50% of quota; + 1.5% of incentive target for each 1% of attainment between 50% and 75%; + 1% of incentive target for each 1% of attainment between 75% and 100%; and + Once performance exceeds 100% attainment, incentive rates are at or above 1% for each 1% of attainment with no cap on incentive compensation. For non-quota-based sales performance elements such as strategic sales objectives, Cisco may pay 0% up to 125% of target. Cisco sales plans do not have a minimum threshold of performance for sales incentive compensation to be paid. The applicable full salary ranges for this position, by specific state, are listed below: New York City Metro Area: $223,000.00 - $330,300.00 Non-Metro New York state & Washington state: $217,200.00 - $315,300.00 * For quota-based sales roles on Cisco's sales plan, the ranges provided in this posting include base pay and sales target incentive compensation combined. ** Employees in Illinois, whether exempt or non-exempt, will participate in a unique time off program to meet local requirements. Cisco is an Affirmative Action and Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, national origin, genetic information, age, disability, veteran status, or any other legally protected basis. Cisco will consider for employment, on a case by case basis, qualified applicants with arrest and conviction records.

at Nuvance Health The Cyber Security Engineer will have responsibility for incident response along with a desire to relentlessly champion best practices. This role will perform all functions required to support day-to-day data security operations, supporting and maintaining a broad suite of cyber security operations infrastructure, serving as a tier 2 escalation point during incident response and investigations and monitoring compliance with IT security policy. Participate in the planning, design, installation, maintenance and tuning of security operations systems in support of security policies and best practice. Work with Information Technology staff and business units to assess risk and address security issues. Responsibilities: • Manage security responsibilities, including firewalls, proxy systems, SIEM, EDR and other security devices. 15% • Strong skills implementing and tuning security components. 15% • Server as an escalation point during incident response and investigations. 15% • Maintain cyber security operations tool to insure detection, response and remediation of latest security threats 15% • Create and review reports on event and incidents. 10% • Stay up to date with latest security threats and assist with developing defense strategy's to combat them. 10 % • Investigate and respond to security violations 10% • Ability to maintain in depth knowledge of security and networking infrastructure utilized by the company including the management and reporting of each. 10% Education Skills Experience • Bachelor's degree in computer science field required • 2 or more years Security Operations with a minimum of 4 years IT experience. • Demonstrated experience in Incident response investigations. • Working knowledge of EDR technologies. • Working knowledge of SIEM technologies. • Working knowledge of common vulnerability management tools. • Working knowledge of enterprise firewall technologies preferred. • Working knowledge of web filtering and proxies preferred. • Working knowledge of MDM solution preferred. • Experience with DLP and IPS/IDS systems preferred. • Working knowledge of email filtering product preferred. • Working knowledge of litigation hold processing and forensic investigations preferred. • Experience participating in Red/Blue/Purple team exercises. • Experience working with information security practices, networks, software, and hardware. Other Information: • CISSP, CEH, or other equivalent certification is a plus. • Disaster recovery and business continuity experience is a plus. • Working knowledge with HIPAA regulations as they pertain to the healthcare industry. Working Conditions: Manual: Some manual skills/motor coord & finger dexterity Occupational: Little or no potential for occupational risk Physical Effort: Sedentary/light effort. May exert up to 10 lbs. force Physical Environment: Generally pleasant working conditions Company: Nuvance Health Org Unit: 1795 Department: Information Security Exempt: Yes Salary Range: $40.43 - $75.10 Hourly

The Cloud Security Specialist is a senior technical and leadership position responsible for implementing, managing, and continuously improving cloud security across multi cloud environments including AWS, Azure, Google Cloud, and Oracle Cloud Infrastructure (OCI).This role combines hands on technical execution with team leadership. The successful candidate will lead a team of cloud security engineers, develop secure architectures, and manage enterprise grade cloud security solutions such as Cloud Security Posture Management (CSPM), Cloud Workload Protection (CWP), Container Security, API Security, and AI Security Posture Management (AISPM).The individual will partner with cloud service, DevOps, and application teams to design secure deployments, enforce policies, and integrate automation for vulnerability remediation, threat detection, and compliance. They will also implement secure private connectivity between cloud and on premise networks using technologies such as AWS PrivateLink and Azure ExpressRoute. Required Education/Experience Master's Degree and with 3 years of relevant experience IT or Information security or Bachelor's Degree and with 5 years of relevant experience IT or Information security or Associate's Degree and with 6 years of relevant experience IT or Information security or High School Diploma/GED and with 8 years of relevant experience IT or Information security. Preferred Education/Experience Master's Degree in Cybersecurity, Computer Engineering, Computer Science, Information Systems Security, Information Technology. and 3 years in Information security, Cloud Security or Cloud Architect in a senior technical role. With certifications such as CCSP, AWS Certified Security, Azure Security Engineer Associate, or GCP Cloud Security Engineer. Experience in cloud security or cloud architecture. Experience with CSPM, CWP, AISPM, and API security implementations. Handson work with identity management, hybrid connectivity (PrivateLink, ExpressRoute). Bachelor's Degree in Cybersecurity, Computer Engineering, Computer Science, Information Systems Security, Information Technology. and 5 years in Information security, Cloud Security or Cloud Architect in a senior technical role. With certifications such as CCSP, AWS Certified Security, Azure Security Engineer Associate, or GCP Cloud Security Engineer. Experience in cloud security or cloud architecture. Experience with CSPM, CWP, AISPM, and API security implementations. Handson work with identity management, hybrid connectivity (PrivateLink, ExpressRoute). Relevant Work Experience Handson experience with at least two major cloud providers (AWS, Azure, GCP, or OCI), required. Implementation and management experience with CSPM, CWP, AISPM, and API security platforms, required. Knowledge of IAM, rolebased access control, and policy enforcement, required. Experience integrating cloud telemetry and logs with SIEM tools, required. Understanding of hybrid connectivity and private link technologies (PrivateLink, ExpressRoute), required. Experience with scripting (Python, PowerShell, Bash) and automation, required. Experience with WAF and cloud API gateway configurations, required. Strong understanding of cloud network fundamentals and background in cloud network security, and secure architecture design, required. Experience collaborating with cloud service teams for planning and remediation, required. Experience implementing application security best practices and training engineering teams, required. Familiarity with CDN operations, certificates, and brand monitoring preferred, required. Experience with SIEM integration, telemetry collection, and event analysis, preferred. Demonstrated experience leading technical teams or project groups, preferred. Experience with Container Security, preferred. Experience securing API endpoints and implementing advanced cloud application protections, preferred. Knowledge of AI/ML data protection and secure model deployment practices, preferred. Experience integrating security automation into DevSecOps workflows using Terraform or Ansible, preferred. Experience developing and delivering cloud security training and awareness programs, preferred. Skills and Abilities Effective leadership skills Demonstrated problem solving skills Demonstrated problem solving skills Strong written and verbal communication skills Ability to drive multiple projects to successful completion Proactively approaches responsibilities Licenses and Certifications Driver's License Required Other: CISSP, CCNP Security, GSEC, GCIH, CEH, or equivalent certifications. Preferred Other: CCSP, AWS Certified Security, Azure Security Engineer Associate, GCP Professional Cloud Security Engineer, or OCI Security Professional. Preferred Physical Demands Ability to push, pull, and lift up to 25 pounds Sit or stand to use a keyboard, mouse, and computer for the duration of the workday Additional Physical Demands The selected candidate will be assigned a System Emergency Assignment (i.e., an emergency response role) and will be expected to work non-business hours during emergencies, which may include nights, weekends, and holidays. The selected candidate will be assigned a System Emergency Assignment (i.e., an emergency response role) and will be expected to work non-business hours during emergencies, which may include nights, weekends, and holidays. Core Responsibilities Lead and mentor a team of cloud security engineers, fostering technical excellence and professional growth. Architect and maintain secure multi-cloud environments across AWS, Azure, GCP, and OCI in partnership with Enterprise Architecture. Deploy and manage CSPM platforms to drive continuous visibility, compliance, and risk posture improvement. Implement CWP solutions to protect cloud workloads, prevent threats, and manage vulnerabilities effectively. Define and enforce IAM policies and least-privilege principles to strengthen identity security across all platforms. Design and secure private and hybrid connectivity using technologies such as AWS PrivateLink, Azure ExpressRoute, and Google Cloud Interconnect. Integrate cloud telemetry and security events with SIEM systems to enhance incident detection and response capabilities. Automate provisioning, configuration, and remediation workflows using IaC tools like Terraform and Ansible, supported by Python or PowerShell scripting. Implement and manage WAF policies and API gateways to safeguard cloud applications and services. Partner with DevOps and engineering teams to embed security within CI/CD pipelines and promote secure development practices. Collaborate with risk and architecture teams to assess emerging technologies and align them with enterprise security strategy. Stay informed on evolving threats, regulatory frameworks, and AI security trends to continuously improve cloud security posture.

Woods Hole Oceanographic Institution is searching for a highly skilled and cleared Information System Security Officer (ISSO) / Classified Systems Information Assurance Analyst to join our team, focusing exclusively on the security of classified information systems and networks. This critical role is responsible for ensuring the confidentiality, integrity, and availability of sensitive government information in accordance with stringent U.S. government (USG) security directives. The ISSO will be instrumental in the authorization and accreditation(A&A) process, continuous monitoring, incident response, and the implementation of robust security controls for classified environments. The ideal candidate will possess a deep understanding of relevant security frameworks, policies, and a proven track record of maintaining secure classified systems. This is a regular, full-time, exempt position, and is eligible for full benefits. ESSENTIAL FUNCTIONS Authorization & Accreditation (A&A) / Risk Management Framework (RMF): Lead or support the development, review, and submission of comprehensive security authorization packages (e.g., System Security Plans (SSPs), Risk Assessment Reports, Contingency Plans, Plan of Action and Milestones (POA&Ms)) for classified systems. Ensure all classified systems maintain an Authority to Operate (ATO), Interim Authority to Test (IATT), or Authority to Connect (ATC) in accordance with RMF or legacy A&A processes (e.g., DIACAP). Interpret and apply USG security policies, regulations, and guidelines, including but not limited to: NISPOM, DoD Instruction 8500.01, NIST SP 800-53, DCID 6/3, ICD 503, JSIG, and DISA STIGs. Security Control Implementation & Enforcement: Design, implement, and maintain security controls specific to classified systems, including secure configurations, access controls, auditing, media control, and classified spillage prevention/response. Configure and manage specialized security tools relevant to classified environments (e.g., Assured Compliance Assessment Solution (ACAS), Host Based Security System (HBSS), Data Loss Prevention (DLP) solutions). Perform rigorous hardening of operating systems (Windows, Linux), applications, and network devices based on DISA Security Technical Implementation Guides (STIGs) and Security Requirements Guides (SRGs). Vulnerability Management & Continuous Monitoring: Conduct vulnerability scans, analyze results, and work with system administrators to remediate security weaknesses on classified systems. Oversee and perform continuous monitoring activities, including reviewing audit logs, security events, and system alerts for anomalous behavior. Track and ensure compliance with Information Assurance Vulnerability Management (IAVM) directives. Incident Response & Classified Spillage: Act as a primary point of contact and lead for security incidents and classified spillage events on assigned systems. Execute incident response procedures, including containment, eradication, recovery, and detailed reporting to relevant government authorities. Participate in forensic investigations as required for classified incidents. Compliance & Audit Support: Maintain meticulous documentation of all security artifacts, configurations, policies, and procedures for classified systems. Support internal and external security inspections, audits, and assessments by government agencies (e.g., DCSA, DSS, NSA). Develop and implement standard operating procedures (SOPs) for the secure operation of classified systems. User Training & Guidance: Provide guidance and training to users on proper handling, marking, and safeguarding of classified information and operation of classified systems. Ensure all personnel accessing classified systems meet training requirements (e.g., security awareness, insider threat). Configuration Management: Manage and control changes to the hardware, software, and firmware of classified systems to maintain their security posture and accreditation. MINIMUM QUALIFICATIONS Security Clearance: Active U.S. Government Security Clearance required at the SECRET level or above. Education: Bachelor's degree in Computer Science, Information Security, Cybersecurity, or equivalent experience. Experience: 5 years of dedicated experience in Information Assurance/Cybersecurity within classified government or defense environments. Demonstrable expertise in the Risk Management Framework (RMF) or equivalent A&A processes (e.g., DIACAP). Hands-on experience with security tools and technologies used in classified environments (e.g., ACAS, HBSS, SIEM, dedicated firewalls). Proven experience with DISA STIGs and their application to various operating systems and applications. Technical Skills: Strong understanding of network protocols, operating systems (Windows, Linux/Unix), and virtualized environments in a classified context. Experience with encryption technologies and COMSEC devices. Knowledge of scripting languages (e.g., PowerShell, Python, Bash) for automation and auditing is a plus. Desired Certifications: CISSP (Certified Information Systems Security Professional) DoD 8570.01-M IAT Level II (e.g., CompTIA Security+, CySA+, CCNA Security, SSCP) or higher (IAM Level I, II, or III). GIAC Certifications relevant to incident handling, forensics, or security auditing (e.g., GCIH, GCFA, GCCC, GSNA) Additional Job Requirements Salary Range: $114,000 to $148,000 USD The salary range provided for this position reflects the expected minimum and maximum base pay for new hires. Actual compensation will be determined based on factors such as relevant skills, experience, and qualifications, as well as internal equity and market conditions. In addition to base salary, eligible employees also receive a comprehensive benefits package. WHOI accepts applications on a rolling basis - applications will be reviewed as they are received, and we encourage you to submit your application as soon as possible to ensure full consideration. While we will continue to review applications until the position is filled, and early applicants may have an advantage in the selection process. EEO Statement Woods Hole Oceanographic Institution (WHOI) provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.

INFORMATION Department Security Reports To Information Security Manager Type Full-Time Rate Type Salary Work as part of ESG's Global Information Security Team to maintain the confidentiality, integrity, and availability of enterprise assets. The Security Analyst plays a critical role in supporting the organization's cybersecurity posture by monitoring, analyzing, and responding to security incidents and threats. This position requires a strong technical foundation, analytical thinking, and understanding of cyber security threats. Essential Functions * Analyze security alerts to identify and respond to any security events or incidents. * Support investigations, reporting and remediation activities of security events and incidents * Manage, create, and update information security documentation. * Provide support to ensure information security compliance with industry regulations and data privacy laws. * Keep up to date with the latest security trends and technologies and recommend improvements to our security posture. * Research the latest information security threats and vulnerabilities and prepare reports and presentations. * Conducting vulnerability assessments on systems and applications, to identify and mitigate any security vulnerabilities. * Participate in both internal and external audits. * Ability to function in a fast-paced environment and effectively manage multiple tasks simultaneously. * All other related duties as assigned. Experience * Two years' experience as a Security Analyst, or 2 years' experience in a related technical field. * Knowledge of implementing, supporting, and auditing information security control frameworks such as, NIST, PCI DSS, ISO and SOC. * Knowledge of security Incident event management and monitoring * Supporting penetration testing and vulnerability management programs * Security threat monitoring * Strong communication skills with the ability to work collaboratively in a global team. * Detail oriented and ability to focus on granular level compliance and security issues. Education Bachelor of Science in Computer Science or related field Perks By becoming a team member here at ESG, you'll have access to competitive health, dental, and vision coverage, as well as life insurance, and short term and long-term disability insurance. We value work life balance, and you'll benefit from our open time off and excellent 401K package. We also offer a generous paid parental leave and education assistance program. Work Environment This job operates in a hybrid work environment with a preference for being in the office two to three days a week. Full time remote can be considered for the right candidate and fit with the ESG North American operation. Travel Requirements Up to 5% travel may be required based on location. ESG is an equal opportunity employer. Qualified candidates will receive consideration for employment without regard to race, color, religion, national origin, gender, sexual orientation, gender identity or expression, age, mental or physical disability, and genetic information, marital status, citizenship status, military status, protected veteran status or any other category protected by law.

Information Security Specialist Job Responsibilities: Safeguards information system assets by identifying and solving potential and actual security problems. Information Security Specialist Job Duties: Protects system by defining access privileges, control structures, and resources. Recognizes problems by identifying abnormalities; reporting violations. Implements security improvements by assessing current situation; evaluating trends; anticipating requirements. Determines security violations and inefficiencies by conducting periodic audits. Upgrades system by implementing and maintaining security controls. Keeps users informed by preparing performance reports; communicating system status. Maintains quality service by following organization standards. Maintains technical knowledge by attending educational workshops; reviewing publications. Contributes to team effort by accomplishing related results as needed. Information Security Specialist Skills and Qualifications: System Administration, Network Security, Problem Solving, Information Security Policies, Informing Others, Process Improvement, On\-Call, Network Troubleshooting, Firewall Administration, Network Protocols, Routers, Hubs, and Switches. "}}],"is Mobile":false,"iframe":"true","job Type":"Full time","apply Name":"Apply Now","zsoid":"641401441","FontFamily":"Verdana, Geneva, sans\-serif","job OtherDetails":[{"field Label":"Industry","uitype":2,"value":"Technology"},{"field Label":"City","uitype":1,"value":"Brooklyn"},{"field Label":"State\/Province","uitype":1,"value":"New York"}],"header Name":"Information Security Specialist","widget Id":"**********00072311","is JobBoard":"false","user Id":"**********00133003","attach Arr":[],"custom Template":"3","is CandidateLoginEnabled":true,"job Id":"**********00267067","FontSize":"12","location":"Brooklyn","embedsource":"CareerSite","indeed CallBackUrl":"https:\/\/recruit.zoho.com\/recruit\/JBApplyAuth.do","logo Id":"2qf78d018cc5be94b40bbbcb719566377b192"}

**Introduction** The CISO Cybersecurity Operations Platform (CSOP) team is looking to add an engineer to the Analytics and Data Exploitation team. The Platform provides the technology, services and expertise required by IBM's Cyber Threat Detection and Response teams. We support the Advanced Threat Detection (threat hunting, intelligence, incident response), Vulnerability Detection and Response, Innovation and Remediation, Security Operations Centers and Command Centers teams to deliver enterprise-wide security to one of the world's most established technology companies. We process tens of billions of events per day, meaning effective analysis and data exploitation practices are critical to our success. This is a technical position within the Analytics and Data Exploitation team who employ commercial, open source and in-house developed tools to deliver critical cybersecurity services such as event processing, automation, complex analytics and support to digital investigations. This role operates across our development, test, pre-production and production networks to create, maintain and improve our services -an important component of which is fault-finding and the ability to work within complex, dynamic environments. The right candidate thrives in high-pressure situations and has practical experience working with Big Data technologies -such as Spark, Hadoop and Elasticsearch. The role requires a proven, practical knowledge of container orchestration technologies -specifically Kubernetes and RedHat OpenShift. The work will include the design and optimization of container-deployed systems, as well as the day-to-day engineering and administration of the orchestration environment. This includes cluster management, Pod assignment / configuration, application virtual routing, security, container image registry management and optimization of the runtime engines. Wider knowledge of data ingestion, extraction, transformation and loading technologies is important - including Streamsets and Flink. The role is rounded-out by some software development tasks - all related to cyber security. These will involve Java, SQL, Python and automation scripting so experience with DevSecOps methods is highly advantageous. The Platform team employs hybrid cloud hosting and this includes provisioning, administration and management of services within environments spanning IBM Cloud, Amazon Web Services and Microsoft Azure. About the Team The CISO Cybersecurity Operations Platform (CSOP) team is looking to add an Email Security Engineer to the team. The CSOP provides the technology, services and expertise required by IBM's Cyber Threat Detection and Response teams. We support the Advanced Threat Detection (threat hunting, intelligence, incident response), Vulnerability Detection and Response, Remediation, Security Operations Center and Command Center teams to deliver enterprise-wide security to one of the world's most established technology companies. **Your role and responsibilities** Job Duties: · Contribute to the day-to-day work that supports our critical cybersecurity analysis and data processing workflows · Protect organization against phishing, spoofing, malware, and advanced threats while maintaining user experience and compliance · Familiarity with Exchange, ProofPoint Email Solutions, Powershell, Azure, and M365 suite · Design, implement and maintain secure email solutions within the Microsoft 365 tenant and related servces · Moniotr and respond to email-related security incidents, phishing attempts, and compromise events · Support the team leadership to improve overall exploitation of technologies that best serve our requirements · Partner with CIO and CISO teams to develop email security policies, rules, and playbooks - Work as part of a deeply technical, passionate team of engineers to tackle significant IT challenges **Required technical and professional expertise** · 3 or more years' experience in an email security engineer or similar role · Experience with Microsoft 365 Exchange or Proofpoint email solutions · Hands on experience with SPF, DKIM, and DMARC configuration and rollout at an enterprise level · Experience with (or a proven aptitude for) working within a fast-paced environment where the success criteria are defined by external factors. This includes having to change course quickly, based on the evolving needs of a complex and dynamic environment · Strong experience with incident response processes for phishing and email-based threats · Experience with IBM Cloud, AWS, Azure or similar cloud environments · Strong understanding of email protocols ISMPT, IMAP, POP3) and security controls · Familiarity with SIEM tools for monitoring and automation on email threats · Excellent problem-solving, communication, and documentation skills **Preferred technical and professional experience** · Experience with secure email gateways (Proofpoint, M365, etc) · Microsoft certification · Knowledge of zero trust frameworks and modern authentication methods (MFA, conditional access) · Familiarity with cloud-native security tools (Sentinel, Defender, XDR) · Understanding of email encryption solutions (TLS, S/MIME, PGP) · Experience in large enterprise environments with hybrid Microsoft Exchange deployments · Ansible experience is a strong advantage IBM is committed to creating a diverse environment and is proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, caste, genetics, pregnancy, disability, neurodivergence, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.

Come work with us: Metropolitan Commercial Bank (the “Bank”) is a full-service commercial bank based in New York City. The Bank provides a broad range of business, commercial, and personal banking products and services to individuals, small businesses, private and public middle-market and corporate enterprises and institutions, municipalities, and local government entities. Metropolitan Commercial Bank was named one of Newsweek's Best Regional Banks and Credit Unions 2024. The Bank was ranked by Independent Community Bankers of America among the top ten successful loan producers for 2023 by loan category and asset size for commercial banks with more than $1 billion in assets. Kroll affirmed a BBB+ (investment grade) deposit rating on January 25, 2024. For the fourth time, MCB has earned a place in the Piper Sandler Bank Sm-All Stars Class of 2024. Metropolitan Commercial Bank operates banking centers and private client offices in Manhattan, Boro Park, Brooklyn and Great Neck on Long Island in New York State. The Bank is a New York State chartered commercial bank, a member of the Federal Reserve System and the Federal Deposit Insurance Corporation, and an equal housing lender. The parent company of Metropolitan Commercial Bank is Metropolitan Bank Holding Corp. (NYSE: MCB). Position Summary: We are seeking a highly motivated and analytical Information Security Analyst to join our Line 2 Information Security team. This position plays a critical role in supporting the Bank's IT Risk & Cyber Resilience functions, including IT risk assessments, user access reviews, business continuity, and operational resilience practices. The role reports to the VP of IT Risk & Cyber Resilience, under the broader direction of the Chief Information Security Officer (CISO). This position is ideal for professionals with 1-4 years of relevant experience in cybersecurity, risk management, audit or IT governance, and who hold or are pursuing an advanced degree. We have a flexible work schedule where employees can work from home one day a week. Essential duties and responsibilities: IT Risk Assessments: Assists in the planning, execution, and documentation of IT risk assessments against minimum security standards, for the entire IT asset inventory. Review control environments, identify control gaps, and work with first-line partners to ensure risk mitigation plans are in place Internal IT Controls Testing and Validation Execute validation testing of IT internal controls to ensure design and operating effectiveness across infrastructure, applications, databases, and systems. Apply risk analysis principles to determine testing scope, focus, objectives, and rationale. Develop testing strategies, including the selection of samples, sample sizes, and testing methodologies. Analyze testing results, identify exceptions, and recommend actionable steps to address control deficiencies and strengthen internal processes. Prepare thorough working papers and document control testing findings to ensure accuracy and alignment with standards. User Access review Governance: Coordinate and oversee the user access review process across business applications and infrastructure. Ensure alignment with access control policies and identity governance best practices. Business Continuity Planning (BCP): Support the development, maintenance, and testing of business continuity and resilience plans. Work with business units to ensure plan completeness and alignment with enterprise resilience strategies. Operational Outage Investigations: Assist in root cause analysis and risk review of IT outages and incidents and determine if BCPs need to be updated. Track remediation efforts and document lessons learning for reporting to senior leadership. Governance Reporting: Develop and maintain risk metrics, dashboards, and material for the IT and IS Steering Committee and Operational Risk Management Committee. Draft risk summaries and escalation reports for senior management, auditors, and regulators, where appropriate. Policy Framework Support: Support the development and refinement of policies, standards, and procedures related to IT and Cyber Risk Management, Business Continuity, and security governance. Required knowledge, skills and experience: Graduate degree in Information Technology, Information Security, Risk Management, Finance, or Accounting. Candidates with IT audit or IT controls and/or audit experience preferred. Experience and or education in IT controls testing, risk management, or IT audit. Strong knowledge of IT internal controls, infrastructure, and applications. Familiarity with IT risk frameworks such as NIST, COBIT, or ISO 27001. Ability to analyze and document control deficiencies, root causes, and remediation efforts. Proficiency in Microsoft Office Suite (Excel, Word, PowerPoint). Strong analytical, verbal, and written communication skills with attention to detail. Ability to interact effectively with IT teams, risk management partners, and stakeholders. Exposure to Third-Party Risk Management (TPRM) or vendor IT controls assessment. Preferred knowledge, skills and experience: Certifications (e.g., CISA, CRISC) are a plus. Potential Salary: $80,000 - $100,000 annually This salary range only reflects base wages and does not include benefits, bonus, or incentive pay. Salary bands are purposefully wide ranging to encompass the different factors considered in determining where a candidate falls in the range, including but not limited to, seniority, performance, experience, education, and any other legitimate, non-discriminatory factor permitted by law. Metropolitan Commercial Bank provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws. This applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.

General Responsibilities: The Security Engineer III will be responsible for planning, designing, implementing and supporting various security technologies that are used to protect the network from external and internal threats. The Security Engineer III is a technical, hands-on expert that is responsible for protecting the confidentiality, integrity, and availability of networks, systems, and data based on the security policies, standards, compliance regulations, and industry best practices. Key Responsibilities: Work closely with various internal and external business units to communicate security concepts, define security requirements, controls, vulnerabilities, etc., and maintain a strong working relationship Assist with short-term and long-term security strategies that are aligned with business objectives while working with other team members on tactical projects. Evolve and maintain overall security architecture Participate and contribute to different industry-related security forums Specific Responsibilities: Administer/lead network and application security efforts for a large enterprise and service provider network Audit, optimize, and maintain network security infrastructure including firewalls, VPN, intrusion detection/prevention, Network, and Endpoint Detection and Response platforms (NDR/EDR), netflow based tools, URL filtering, NAC, etc. Assist in evaluating and developing solutions for complex network security and protection technologies for enterprise and service provider environment including but not limited to Advanced Breach Detection/Mitigation, DDoS attack detection/mitigation, etc. Manage and administer Security Incident and Event Management (SIEM) tools, network and system forensics tools Analyze network traffic flow between multiple hosts spanning firewalls in different geographical locations to protect appropriately Assist with periodic threat and vulnerability assessment, penetration testing, and web application assessments to identify security risks across the company Work with an internal and external audit to ensure compliance to appropriate regulations and data protection directives (PCI, CPNI, CCPA/CPRA and CALEA, etc.) Initiate and manage special projects related to information security that may be needed to appropriately respond to ad-hoc or unexpected information security events Assist in developing security policies, standards, guidelines, procedures Assist in developing a security awareness program Perform other duties as requested by supervisor Preferred Experience / Skills: Bachelor's degree in Computer Science, Telecommunications or Information Technology is required 5+ years technical hands-on security experience Extensive experience with firewall technologies, IPS/IDS, VPN, SIEM, netflow, NAC, vulnerability scanning tools, URL filtering, DLP, EDR, AppSec DAST/SAST platforms and other security tools Working knowledge and experience with Cybersecurity and Risk Management frameworks such as COBIT, NIST CSF, and ISO 27001 is a plus Strong analytical and problem-solving skills, with an ability to assimilate, analyze and correlate large amounts of forensic data from the various networks, operating systems, application, and security devices, logs, and alerts Experience in security incident handling, operations, and forensics Experience in security assessments, penetration testing, and web application assessments preferred Experience in handling security for a large enterprise network or service provider network preferred Strong interpersonal and communication skills Ability to work well under pressure, meeting multiple deadlines Ability to present and communicate clearly with technical and non-technical staff as well as senior management Ability and willingness to take on additional tasks as assigned Security certifications such as CISSP, CISA, CISM, CRISC, OSCP ,and SANS GIAC is a plus

Join Allied Universal Technology Services, a global leader in transforming the security industry. We integrate advanced technology - video surveillance, electronic access control, alarm monitoring and augmented solutions with physical security to help people feel safe. Whether you're an installation technician, service technician, engineer, or project manager, you'll discover rewarding opportunities to grow your career as part of a valued team. Apply today and be phenomenal-build a meaningful career while protecting what matters most through innovative security technology. Job Description Allied Universal is looking to hire a Solution Engineer. The Solution Engineer creates all post-sale security systems design, engineering, value engineering, and documentation. The position is part of the Solutions Engineering department, which is responsible for translating, expanding, finalizing, and documenting pre-sales proposals and technical designs produced by Sales and Solutions Architecture in pre-sale systems architecting and quoting. This position works closely with Sales, Solutions Architecture, Operations, and external customers as required. The primary work products for the Solution Engineer are security system and construction technical drawings, including custom installation drawings and instructions, network design diagrams, riser diagrams, typical installation diagrams, point-to-point system schedules, door hardware schedules, document redlining, functional narratives describing systems operations, and as-built documentation. RESPONSIBILITIES: Creates and updates comprehensive post-sale engineering packages illustrating device locations, IDF/MDF room layouts, SOC/GSOC layouts, console designs, installation diagrams, riser diagrams, network designs, etc. Creates and updates performance-based and product-based specifications Creates and updates pre-fabrication submittal packages as specified by architects and engineers for their approval prior to installation Develops and maintains as-built record documentation over the life cycle of various projects and follow-on MAC work Utilizes and contributes to a comprehensive library of standard post-sale engineering documents, templates, and standards, as well as project-specific and customer-specific submittals Ensures effective value engineering by assuring technical compliance while at the same time reducing Allied Universal Technology Services costs whenever possible Reviews AUTS proposals both pre-sale and post-sale to scrutinize selected products for applicability and specification compliance Collaborates with AUTS's product suppliers to ensure the desired functionality of selected products. Consistently applies AUTS's standards for installation Contributes to AUTS internal guidelines for Solutions Engineering engagement and post-sale systems engineering QUALIFICATIONS (MUST HAVES): A minimum of five (5) years of experience in electronic security systems design / engineering In-depth knowledge of security system design best practices and product applicability, including products like: Video surveillance and related technologies (Analog, IP, Codecs, VMS) Access control and related technologies (card access, biometrics, PIV, FIPS-201, HSPD-12, various processor panels, electric locking hardware, etc.) Physical intrusion detection (Bosch, DMP, etc.) Software House, Lenel, Amag, Brivo, Genetec, and Avigilon systems architectures Computer software skills to include: AutoCAD and associated rendering applications, MS Office, Acrobat Writer, and Visio Ability to read and understand complex architectural and engineering drawings Working knowledge of AC and DC circuitry, voltage drop calculations, and wire sizing Ability to collaborate with diverse teams of technical designers and engineers Ability to simultaneously work on multiple large, complex projects Good written and verbal communication skills Strong analytical decision-making capabilities Self-motivated with the ability to influence others PREFERRED QUALIFICATION (NICE TO HAVES): Manufacture certifications PMP/PSP certifications A bachelor's or associate's degree in electrical engineering or equivalent is considered a plus Ability to plan, size, and design enterprise-class IT network and storage solutions, including products like: Virtualization technologies such as VMware vSphere and View Data-center networking technologies such as Cisco Nexus Storage Area Network technologies such as NetApp or EMC Load balancing / firewalling technologies such as Cisco ACE or Cisco ASA Data-center protocols such as Fibre Channel, NFS, IP, iSCSI, DCE Physical Security Information Management (PSIM) BENEFITS: Salary: $80,000 - 115,000 / annually Medical, dental, vision, basic life, AD&D, and disability insurance Enrollment in our company's 401 (k) or Supplemental Income Plan, subject to eligibility requirements Eight paid holidays annually, five sick days, and four personal days Vacation time offered at an accrual rate of 3.08 hours biweekly. Unused vacation is only paid out where required by law. #LI-EL1 Closing Allied Universal is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race/ethnicity, age, color, religion, sex, sexual orientation, gender identity, national origin, genetic information, disability, protected veteran status or relationship/association with a protected veteran, or any other basis or characteristic protected by law. For more information: *********** If you have difficulty using the online system and require an alternate method to apply or require an accommodation, please contact our local Human Resources department. To find an office near you, please visit: ***********/offices. Requisition ID 2025-1495451

Overview Join Allied Universal Technology Services, a global leader in transforming the security industry. We integrate advanced technology - video surveillance, electronic access control, alarm monitoring and augmented solutions with physical security to help people feel safe. Whether you're an installation technician, service technician, engineer, or project manager, you'll discover rewarding opportunities to grow your career as part of a valued team. Apply today and be phenomenal-build a meaningful career while protecting what matters most through innovative security technology. Job Description Allied Universal is looking to hire a Solution Engineer. The Solution Engineer creates all post-sale security systems design, engineering, value engineering, and documentation. The position is part of the Solutions Engineering department, which is responsible for translating, expanding, finalizing, and documenting pre-sales proposals and technical designs produced by Sales and Solutions Architecture in pre-sale systems architecting and quoting. This position works closely with Sales, Solutions Architecture, Operations, and external customers as required. The primary work products for the Solution Engineer are security system and construction technical drawings, including custom installation drawings and instructions, network design diagrams, riser diagrams, typical installation diagrams, point-to-point system schedules, door hardware schedules, document redlining, functional narratives describing systems operations, and as-built documentation. RESPONSIBILITIES: Creates and updates comprehensive post-sale engineering packages illustrating device locations, IDF/MDF room layouts, SOC/GSOC layouts, console designs, installation diagrams, riser diagrams, network designs, etc. Creates and updates performance-based and product-based specifications Creates and updates pre-fabrication submittal packages as specified by architects and engineers for their approval prior to installation Develops and maintains as-built record documentation over the life cycle of various projects and follow-on MAC work Utilizes and contributes to a comprehensive library of standard post-sale engineering documents, templates, and standards, as well as project-specific and customer-specific submittals Ensures effective value engineering by assuring technical compliance while at the same time reducing Allied Universal Technology Services costs whenever possible Reviews AUTS proposals both pre-sale and post-sale to scrutinize selected products for applicability and specification compliance Collaborates with AUTS's product suppliers to ensure the desired functionality of selected products. Consistently applies AUTS's standards for installation Contributes to AUTS internal guidelines for Solutions Engineering engagement and post-sale systems engineering QUALIFICATIONS (MUST HAVES): A minimum of five (5) years of experience in electronic security systems design / engineering In-depth knowledge of security system design best practices and product applicability, including products like: Video surveillance and related technologies (Analog, IP, Codecs, VMS) Access control and related technologies (card access, biometrics, PIV, FIPS-201, HSPD-12, various processor panels, electric locking hardware, etc.) Physical intrusion detection (Bosch, DMP, etc.) Software House, Lenel, Amag, Brivo, Genetec, and Avigilon systems architectures Computer software skills to include: AutoCAD and associated rendering applications, MS Office, Acrobat Writer, and Visio Ability to read and understand complex architectural and engineering drawings Working knowledge of AC and DC circuitry, voltage drop calculations, and wire sizing Ability to collaborate with diverse teams of technical designers and engineers Ability to simultaneously work on multiple large, complex projects Good written and verbal communication skills Strong analytical decision-making capabilities Self-motivated with the ability to influence others PREFERRED QUALIFICATION (NICE TO HAVES): Manufacture certifications PMP/PSP certifications A bachelor's or associate's degree in electrical engineering or equivalent is considered a plus Ability to plan, size, and design enterprise-class IT network and storage solutions, including products like: Virtualization technologies such as VMware vSphere and View Data-center networking technologies such as Cisco Nexus Storage Area Network technologies such as NetApp or EMC Load balancing / firewalling technologies such as Cisco ACE or Cisco ASA Data-center protocols such as Fibre Channel, NFS, IP, iSCSI, DCE Physical Security Information Management (PSIM) BENEFITS: Salary: $80,000 - 115,000 / annually Medical, dental, vision, basic life, AD&D, and disability insurance Enrollment in our company's 401 (k) or Supplemental Income Plan, subject to eligibility requirements Eight paid holidays annually, five sick days, and four personal days Vacation time offered at an accrual rate of 3.08 hours biweekly. Unused vacation is only paid out where required by law. #LI-EL1 Closing Allied Universal is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race/ethnicity, age, color, religion, sex, sexual orientation, gender identity, national origin, genetic information, disability, protected veteran status or relationship/association with a protected veteran, or any other basis or characteristic protected by law. For more information: *********** If you have difficulty using the online system and require an alternate method to apply or require an accommodation, please contact our local Human Resources department. To find an office near you, please visit: ***********/offices. Requisition ID 2025-1495451

Anthropic's mission is to create reliable, interpretable, and steerable AI systems. We want AI to be safe and beneficial for our users and for society as a whole. Our team is a quickly growing group of committed researchers, engineers, policy experts, and business leaders working together to build beneficial AI systems. About the Role We're looking for an Operating Systems Security Engineer to harden and secure the OS layer of our infrastructure. You'll be responsible for designing and implementing OS-level security controls, from kernel hardening to runtime protection, ensuring our systems can withstand sophisticated attacks while maintaining the performance required for AI model training. This is a hands-on role where you'll work with cutting-edge hardware and implement novel security solutions for environments that don't exist anywhere else in the world. You'll need to balance extreme security requirements with the operational needs of researchers training models at unprecedented scale. What You'll Do: Design and implement hardened OS configurations for AI workloads across diverse hardware platforms Minimize attack surfaces by removing as many unnecessary components as possible from kernelspace and userspace Develop kernel security policies using SELinux, AppArmor, and custom Linux Security Modules and runtime enforcement mechanisms Implement and maintain full-disk encryption solutions for diverse storage systems Build security infrastructure for AI systems, research environments, and production services Create OS-level attestation and integrity monitoring systems Apply security patches, develop patches for custom kernel modules, and kernel hardening configurations Design secure boot processes and trusted execution environments Work with container teams to ensure proper workload isolation at the kernel level Design privilege separation and mandatory access control policies Implement secure update mechanisms for OS components Build tooling for security configuration management and compliance verification Serve as a subject matter expert for OS security questions and designs Who You Are: 5+ years of experience in operating systems security or kernel development Deep knowledge of Linux internals, including kernel subsystems and security frameworks (SELinux, AppArmor, seccomp, etc.) Experience with kernel hardening techniques and exploit mitigation Strong programming skills in C and systems programming languages Experience with eBPF for security monitoring and enforcement Understanding of virtualization and containerization security Track record of identifying and fixing OS-level security vulnerabilities Experience with security-focused Linux distributions Strong candidates may also have: Kernel development experience or contributions to Linux kernel Experience with real-time or embedded operating systems Knowledge of hardware security features and their OS integration Experience with secure boot technologies Experience with confidential computing and memory encryption technologies (SEV, TDX, SGX) Background in vulnerability research, exploit development, or fuzzing Experience with formal methods for OS verification Knowledge of hardware security features and their OS integration (TPM, HSM, secure enclaves) Deadline to apply: None. Applications will be reviewed on a rolling basis. The expected base compensation for this position is below. Our total compensation package for full-time employees includes equity, benefits, and may include incentive compensation. Annual Salary:$300,000-$405,000 USDLogistics Education requirements: We require at least a Bachelor's degree in a related field or equivalent experience. Location-based hybrid policy: Currently, we expect all staff to be in one of our offices at least 25% of the time. However, some roles may require more time in our offices. Visa sponsorship: We do sponsor visas! However, we aren't able to successfully sponsor visas for every role and every candidate. But if we make you an offer, we will make every reasonable effort to get you a visa, and we retain an immigration lawyer to help with this. We encourage you to apply even if you do not believe you meet every single qualification. Not all strong candidates will meet every single qualification as listed. Research shows that people who identify as being from underrepresented groups are more prone to experiencing imposter syndrome and doubting the strength of their candidacy, so we urge you not to exclude yourself prematurely and to submit an application if you're interested in this work. We think AI systems like the ones we're building have enormous social and ethical implications. We think this makes representation even more important, and we strive to include a range of diverse perspectives on our team. How we're different We believe that the highest-impact AI research will be big science. At Anthropic we work as a single cohesive team on just a few large-scale research efforts. And we value impact - advancing our long-term goals of steerable, trustworthy AI - rather than work on smaller and more specific puzzles. We view AI research as an empirical science, which has as much in common with physics and biology as with traditional efforts in computer science. We're an extremely collaborative group, and we host frequent research discussions to ensure that we are pursuing the highest-impact work at any given time. As such, we greatly value communication skills. The easiest way to understand our research directions is to read our recent research. This research continues many of the directions our team worked on prior to Anthropic, including: GPT-3, Circuit-Based Interpretability, Multimodal Neurons, Scaling Laws, AI & Compute, Concrete Problems in AI Safety, and Learning from Human Preferences. Come work with us! Anthropic is a public benefit corporation headquartered in San Francisco. We offer competitive compensation and benefits, optional equity donation matching, generous vacation and parental leave, flexible working hours, and a lovely office space in which to collaborate with colleagues. Guidance on Candidates' AI Usage: Learn about our policy for using AI in our application process

Job Description Here at SFCU we define our culture as one of GROWTH . Growing our member, growing our employee, and growing our organization. This is a great opportunity to join our innovative and growing SFCU team. Reporting: Hybrid - travel to Sidney, NY required Salary: $70,544 - $88,180 Position Summary The Information Security Analyst plays a critical role protecting the organization's digit assets, ensuring the confidentiality, integrity, and availability of information systems. This role involves monitoring security events, identifying vulnerabilities, and implementing safeguards to defense against cyber threats. Key Responsibilities Information Security Security monitoring and incident response: Investigate SIEM alerts, analyze logs, coordinate containment, and support post-incident reviews. Regulatory compliance support: Assist with GLBA, NCUA, NIST Cybersecurity Framework 2.0, and internal audit activities. Vulnerability management: Perform scans, validate findings, prioritize remediation, and track closure with IT teams. Access control administration: Support access review program and review identity protection logs. Risk assessments: Support periodic risk assessments, evaluate control effectiveness, and document mitigation plans. Vendor security reviews: Assess third-party risk, review SOC reports, ad ensure vendors meet security requirements. Security awareness initiatives: Deliver training, run phishing simulations, and promote a strong security culture. Audit and reporting: Prepare documentation for audits, board reports, and regulatory examinations. Knowledge, Skills and Abilities Required Qualifications 3-5 years of information security experience in a financial or regulated environment Bachelors degree in a relevant Information Technology field Knowledge of financial regulations such as GLBA, NCUA, and FFIEC Experience with SIEM, EDR, and vulnerability scanning tools Understanding of networking, operating systems, and security architecture Ability to analyze threats and recommend mitigations strategies Strong documentation and communication skills Attention to detail, analytical thinking, cross team collaboration and adaptability in a regulated environment Preferred Qualifications Security certifications such as Security+, CySA+, CEH, or CISSP associate Experience with core banking systems and financial applications Scripting or automation skills (Python, PowerShell) Equal Opportunity Employer/Veterans/Disabled. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability. Job Posted by ApplicantPro