Cyber security analyst jobs in Quartz Hill, CA - 89 jobs

A leading entertainment and media enterprise is seeking a Senior Software Engineer to enhance cybersecurity efforts. The role involves designing internal tools, managing security frameworks, and collaborating with compliance teams. Candidates should possess at least 5 years of software development experience, knowledge in DevSecOps, and familiarity with cloud technologies. This position is integral to securing information systems across various Disney platforms, supporting innovative consumer experiences and operational excellence. #J-18808-Ljbffr

"I can be myself at work." You are more than a job title. We want you to feel comfortable doing great work and bringing your best, authentic self to everything you do. We value your talents, traditions, and uniqueness-and we're committed to fostering a strong sense of belonging in a respectful workplace. We intentionally seek diverse perspectives, experiences, and backgrounds, investing in a culture designed to celebrate differences. We believe that belonging leads to better outcomes and a stronger community of associates united by our mission. At Capital, we live our core values every day: Integrity, Client Focus, Diverse Perspectives, Long-Term Thinking, and Community. "I can influence my income." You want to feel recognized at work. Your performance will be reviewed annually, and your compensation will be designed to motivate and reward the value that you provide. You'll receive a competitive salary, bonuses and benefits. Your company-funded retirement contribution will factor in salary and variable pay, including bonuses. "I can lead a full life." You bring unique goals and interests to your job and your life. Whether you're raising a family, you're passionate about where you volunteer, or you want to explore different career paths, we'll give you the resources that can set you up for success. Enjoy generous time-away and health benefits from day one, with the opportunity for flexible work options Receive 2-for-1 matching gifts for your charitable contributions and the opportunity to secure annual grants for the organizations you love Access on-demand professional development resources that allow you to hone existing skills and learn new ones "I can succeed as a Lead AI Security Engineer at Capital Group" As aLeadAISecurity Engineer, you willbe responsible forsecuring Capital Group's enterprise AI Platforms.You willhelp enable Capital Group's AIstrategy bybuilding and/orprocuringsolutions toprotecta diverse set of enterprise AI platforms being built and deployed at Capital Group.You'llcollaborate with platformengineering, security engineering, and risk teams toensure their solutions support scalable, secureadoption of AI. Additionally,you'llbe expected toprovidementoring,advising diverse teams across the organization, andpromoting AI Securityprinciples across Capital Group. AISecurityProcurementManagements:You willprocureand/or build technical solutionsto reducethe riskof misconfiguration, exploitation, andother security issues formultipleenterprise AI platforms. Embedding Security in the AIPlatform Ecosystem:Working closely withplatform teams tointegrate securityintoeverycomponentof the AI Platform. Implementing Security Controls & "Guardrails" for GenAI:Designing, deploying, andoperatingtechnical controls to prevent misuse of AI systems.Guardrails designincludescontent filtering systems, usage policies, and safety checks that mitigate issues like prompt injection attacks, unauthorized data extraction, model bias or hallucinations, and other misuse of generative AIplatforms. AI Runtime Security:Engineer continually tests and updatestothe guardrails, replacing weaker controls with more robust solutions as threats evolve. AI Governance:You will work cross functionally with architecture and platform teams tomonitoralignment of solutions to AI Governance processes Contribute to Standards and Policies:You will providethought leadership for Information Security policies and standards for AIin collaboration with technology risk AI/Agent SME:Youwill provide AI/Agent subject matterexpertisefor AI Incidentsand Security Reviews, and helpdevelop incident response playbooks for AI-related security incidents "I am the person Capital Group is looking for." You have 8+yearsof experience in information security, application security, platform security, or penetration testing,DevSecOps, networksecurityand other security disciplines. You have experience securing AI platforms, whetherinternal AIplatforms or offerings such as CoPilot Studio, Amazon Bedrock, and/or Azure AI Gateway Proficient in Programming & ML Tool.Strong Python skillsrequired, with experience in AI/ML frameworks.Abilityto review and write ML code to implement security measures (e.g., model validation, adversarial testing) isdesired. You have5+ years of relevant professional experience ordemonstrated anequivalent level ofexpertisein security engineering, such as cloud, API, or platform security. You have3+ years of experience embedded identity, network, and encryption controls into enterprise platforms Youcaneffectively partner and collaborate with stakeholder teams. You have effective communication skills andthe abilityto outline security riskstoleadership. You are familiar with cloud and API security vendors and managed services providers. Preferred Qualifications: You have knowledge and experience with technologies including Kubernetes, Containers, CI/CD, and Cloud Service Providers You are familiar withfunctionand purpose of key AI platform components such as AI gateways (Kong, Databricks Mosaic AI Gateway, custom API orchestration), Model Orchestration (ExamplesLangChain,LlamaIndex, etc.) You are familiar with key AI regulatory frameworks such as NIST AI RMF, MITRE ATLAS, GDPR, EU AI Act,etc You have information Security certifications (CISSP, SANS GIAC, CISA, etc.) "I can apply in less than 4 minutes." You've reviewed this job posting and you're ready to start the candidate journey with us. Apply now to move to the next step in our recruiting process. If this role isn't what you're looking for, check out our other opportunities and join our talent community. "I can learn more about Capital Group." At Capital Group, the success of the people who invest with us depends on the people in whom we invest. That's why we offer a culture, compensation and opportunities that empower our associates to build successful and prosperous careers. Through nine decades, our goal has been to improve people's lives through successful investing. We know that our history is a testament to the strength of the people we hire. More than 9,000 associates in 30+ offices around the world help our clients and each other grow and thrive every day. Find us on LinkedIn, Instagram, YouTube and Glassdoor. Southern California Base Salary Range: $179,273-$286,837San Antonio Base Salary Range: $147,378-$235,805New York Base Salary Range: $190,040-$304,064 In addition to a highly competitive base salary, per plan guidelines, restrictions and vesting requirements, you also will be eligible for an individual annual performance bonus, plus Capital's annual profitability bonus plus a retirement plan where Capital contributes 15% of your eligible earnings. You can learn more about our compensation and benefits here . * Temporary positions in the United States are excluded from the above mentioned compensation and benefit plans. We are an equal opportunity employer, which means we comply with all federal, state and local laws that prohibit discrimination when making all decisions about employment. As equal opportunity employers, our policies prohibit unlawful discrimination on the basis of race, religion, color, national origin, ancestry, sex (including gender and gender identity), pregnancy, childbirth and related medical conditions, age, physical or mental disability, medical condition, genetic information, marital status, sexual orientation, citizenship status, AIDS/HIV status, political activities or affiliations, military or veteran status, status as a victim of domestic violence, assault or stalking or any other characteristic protected by federal, state or local law.

Security Engineer II Assignment Length: 6 month W2 Assignment (possible extension) Pay Rate: $53- $59/ HR About the Organization This organization is a leading healthcare provider delivering patient-centered care through advanced clinical services, research, and education. The technology and security teams support critical healthcare systems that enable safe, compliant, and reliable patient care operations. Position Summary The Security Engineer II provides operational, administrative, and project support for the Information Security team. This role is responsible for protecting information systems and organizational data from unauthorized access, misuse, or destruction. The position supports network and system security, incident response, monitoring, reporting, policy development, and implementation of security solutions. The Security Engineer II serves as an escalation point for complex security issues and collaborates closely with senior engineers and cross-functional IT teams. Key Responsibilities Implement and monitor security measures to protect computer systems, networks, and organizational data Perform technical analysis, installation, maintenance, and modification of security systems and software Monitor, analyze, and report on system and security performance Participate in security solution implementations and system hardening initiatives Investigate, respond to, mitigate, and remediate security incidents using established incident response protocols Support the full incident lifecycle including detection, response, mitigation, reporting, recovery, remediation, and lessons learned Provide escalation support to senior engineers for complex security issues Assist in the development and maintenance of security policies, standards, procedures, and documentation Configure, manage, and troubleshoot security infrastructure devices Identify and define system security requirements Develop and recommend short- and long-term security strategies and enhancements Create and maintain standard operating procedures and security documentation Prepare reports documenting security incidents and impact assessments Collaborate with other IT and Information Security teams on incidents, remediation, and security initiatives Provide after-hours and weekend support as needed in a 24x7 incident response environment Perform other duties as assigned Required Education Associate's degree in Computer Science or a related field OR an equivalent combination of education and experience demonstrating the ability to perform the role successfully Required Experience Minimum of 5 years of experience in Information Security Healthcare industry experience Experience with PCI, HIPAA, and NIST frameworks Proven experience as a system security engineer or information security engineer Hands-on experience maintaining and supporting security systems Knowledge of security control concepts including physical, logical, and administrative controls Required Knowledge, Skills, and Abilities Strong technical knowledge of operating system security Hands-on experience with security tools and systems such as: Intrusion detection and prevention systems Anti-virus and endpoint protection solutions Authentication and access control systems Log management and monitoring tools Content filtering solutions Solid understanding of network security concepts and networking technologies Ability to analyze security events and respond effectively to incidents Please submit your resume in Word or PDF format to be considered.

Job Description Forhyre is seeking a talented individual that will be able to provide security architecture support and interface across the program as needed. This support includes, but is not limited to, cybersecurity solutions, providing technical strategy for solutions, guidance, policy, and implementations. The successful candidate for this position is a highly motivated individual, with a strong IT security background who excels integrating, operating, and deploying security technology and solutions and interacts well with both internal teams and clients. Note: U.S. citizens and those authorized to work in the U.S. are encouraged to apply. We are unable to sponsor at this time. Responsibilities: Engineer, implement and monitor security measures for the protection of computer systems, networks and information Develop and implement security policies and controls to support the Cyber Security framework Manage the existing cyber security training program across global, multilingual business Assists in ensuring global Information security program meets all industry regulations, standards, and compliance requirements Drive adoption of infrastructure security best practices and work with Information Technology teams to ensure security standards are maintained Implement technology to proactively scan Information Technology environment for security breaches and suspicious activity Continuous improvement in the areas of Information Security technologies, techniques and processes Develops and maintains an effective system for the distribution of regular key performance indicator reports and dashboard Ability to interpret penetration test results and describe issues and fixes to non-security expert Responsible for leading an accurate & comprehensive status reporting to the executive steering committee Create and implement SOP/ process improvement initiatives to achieve outcomes that align or exceed the expectations of strategic roadmap Skills & Experience Bachelor's degree and 12+ years of experience; additional years of directly applicable experience may be accepted in lieu of a degree. Certified Information Systems Security Professional (CISSP) 8+ years hands-on experience designing or implementing security solutions, including all related documentation and artifacts Analytical ability, problem-solving skills, and ability to break down complex problems into actionable steps Extensive experience in design and development of enterprise security architectures. Experience must include a wide range of work in creating diagrams and documentation with all components that comprise IT systems including network topology. Strong knowledge and experience in secure enterprise architecture design, especially with regard to IAM, NDR, EDR, SIEM, AI/ML, and other cybersecurity tools and resultant applications Experience selecting effective methods, techniques, and evaluation criteria to achieve desired outcomes Previous experience developing architectures, strategies, strategic plans, roadmaps, and technical standards for the federal IT enterprise environment. Vulnerability Assessment testing and/or Penetration Testing (preferred) Robotic Process Automation/Intelligent Automation (preferred) Business case development supporting security technology solutions (preferred) Additional certifications demonstrating cybersecurity/technical mastery (preferred)

Hi , This is Sujith from KRG Technologies; We are looking Cyber Security at Rose Mead, CA for the below mentioned . Kindly forward me your resume, rate and contact details for further process. I also request you to forward this opportunity to your friends or colleagues; so that we can help someone who may be in search of a job or looking for a change. Job Title: Cyber Security Location: Rose Mead, CA Duration: CONTRACT(6-12months) Job Description: Must have 5-7 yrs of Cyber security experience. Have some experience around Vulnerability assessment & Pen test remediation. Able to explain vulnerabilities and remediation. Have some exposure to OWASP Top 10. Have some exposure to SDLC, development. Any experience in NERC-CIP would be great. Experience around Code review would be added advantage. Thanks & Regards Qualifications Cyber security experience with vulnerability and risk assessment Additional Information All your information will be kept confidential according to EEO guidelines.

RELOCATION ASSISTANCE: No relocation assistance available CLEARANCE TYPE: SecretTRAVEL: Yes, 10% of the TimeDescriptionAt Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work - and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they're making history. Northrop Grumman Aeronautics Systems is seeking an Associate Industrial Security Analyst to perform day-to-day Program Security Operations tasks located in Palmdale, CA. Role and Responsibilities: Completes daily logs and monthly metric reports Assist the CSSO as the lead Physical Security Representative. Responsible for ensuring all NG SCIF, SAP, and DoD Closed areas are compliant with NISPOM and ICD 705 and various government regulations, corporate security policies, and guidelines Supports the installation and maintenance of all alarms, access control systems, CCTV coverage, and lighting within program spaces. Works directly with NG facilities team and CSSO to ensure all new/old construction projects are reviewed for security compliance Works with DoD security offices to provide physical security guidance on a variety of physical security issues Coordinate with DoD Security to complete bi-annual alarm response tests. Receive requests for access from Custodians, verify appropriate Clearance and access with DoD Security, forward to Access and ID for Processing Assist the CSSO in the completion of DoD Fixed Facility Checklist and accreditation Basic Qualifications: Bachelors Degree with 0 years of experience OR 4 years of related security, military experience will be considered in-lieu of a degree Current Active Secret clearance with ability to meet enhanced security requirements and obtain/maintain SAP eligibility and access US Citizenship required Must be proficient in MS Office suite (Word, SharePoint, PowerPoint, Excel, Outlook, TEAMs) Excellent customer service and communication skills Ability to work in a team environment, take guidance, and follow projects through to completion with oversight Ability to maintain flexibility to deal with changing priorities and deadlines Willing to work extended hours, in a fast paced, deadline driven environment, excellent communication skills speaking, writing skills and organized skills enabling effective communications Willing to work a mixed schedule, including nights and weekends, to achieve mission objectives and support program deliverable Able to solve problems by utilizing training, knowledge, tools, and analytical skills Conduct risk assessments and surveys as required Preferred Qualifications: In-scope investigation (T5, T5R, SSBI, SBPR, PPR) completed within last 6 years or current enrollment in Continuous Evaluation (CE) program Experience with government networks CV2, CORE, JADE, etc PERSEC experience Experience completing compliance self-inspections and supporting formal customer compliance inspections Knowledge of: DODM 5205.07, DISS, JADE, AP-CARS, and SIMS Primary Level Salary Range: $63,000.00 - $94,600.00The above salary range represents a general guideline; however, Northrop Grumman considers a number of factors when determining base salary offers such as the scope and responsibilities of the position and the candidate's experience, education, skills and current market conditions.Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay. Annual bonuses are designed to reward individual contributions as well as allow employees to share in company results. Employees in Vice President or Director positions may be eligible for Long Term Incentives. In addition, Northrop Grumman provides a variety of benefits including health insurance coverage, life and disability insurance, savings plan, Company paid holidays and paid time off (PTO) for vacation and/or personal business.The application period for the job is estimated to be 20 days from the job posting date. However, this timeline may be shortened or extended depending on business needs and the availability of qualified candidates.Northrop Grumman is an Equal Opportunity Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO and pay transparency statement, please visit *********************************** U.S. Citizenship is required for all positions with a government clearance and certain other restricted positions.

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we're counting on your unique voice and perspective to help EY become even better. Join us and build an exceptional experience for yourself, and a better working world for all. The exceptional EY experience. It's yours to build. EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. Today's world is fuelled by vast amounts of information. Data is more valuable than ever before. Protecting data and information systems is central to doing business, and everyone in EY Information Security has a critical role to play. Join a global team of almost 950 people who collaborate to support the business of EY by protecting EY and client information assets! Our Information Security professionals enable EY to work securely and deliver secure products and services, as well as detect and quickly respond to security events as they happen. Together, the efforts of our dedicated team helps protect the EY brand and build client trust. Within Information Security we blend risk strategy, digital identity, cyber defense, application security and technology solutions as we consider the entire security lifecycle. You will join a team of hardworking, security-focused individuals dedicated to supporting, protecting and enabling the business through innovative, secure solutions that provide speed to market and business value. The opportunity Cyber Triage and Forensics (CTF) Incident Analyst will work as a senior member of the technical team responsible for security incident response for EY. The candidate will work as an escalation point for suspect or confirmed security incidents. Responsibilities include performing digital forensic analysis, following security incident response standard methodologies, malware analysis, identify indicators of compromise, support remediation or coordinate remediation efforts of a security incident, and develop documentation to support the security incident response process. Your key responsibilities Investigate, coordinate, bring to resolution, and report on security incidents as they are brought up or identified Forensically analyze end user systems and servers found to have possible indicators of compromise Analysis of artifacts collected during a security incident/forensic analysis Identify security incidents through ‘Hunting' operations within a SIEM and other relevant tools Interface and connect with server owners, system custodians, and IT contacts to pursue security incident response activities, including: obtaining access to systems, digital artifact collection, and containment and/or remediation actions Provide consultation and assessment on perceived security threats Maintain, manage, improve and update security incident process and protocol documentation Regularly provide reporting and metrics on case work Resolution of security incidents by identifying root cause and solutions Analyze findings in investigative matters, and develop fact based reports Be on-call to deliver global incident response Skills and attributes for success Resolution of security incidents by identifying root cause and solutions Analyze findings in investigative matters, and develop fact-based reports Proven integrity and judgment within a professional environment Ability to appropriately balance work/personal priorities To qualify for the role you must have Bachelors or Masters Degree in Computer Science, Information Systems, Engineering or a related field 5+ years experience in incident response, computer forensics analysis and/or malware reverse engineering; Understanding of security threats, vulnerabilities, and incident response; Understanding of electronic investigation, forensic tools, and methodologies, including: log correlation and analysis, forensically handling electronic data, knowledge of the computer security investigative processes, malware identification and analysis; Be familiar with legalities surrounding electronic discovery and analysis; Experience with SIEM technologies (i.e. Splunk); Deep understanding of both Windows and Unix/Linux based operating systems; Ideally, you'll also have Hold or be willing to pursue related professional certifications such as GCFE, GCFA or GCIH Background in security incident response in Cloud-based environments, such as Azure Programming skills in PowerShell, Python and/or C/C++ Understanding of the best security practices for network architecture and server configuration What we look for Demonstrated integrity in a professional environment Ability to work independently Have a global mind-set for working with different cultures and backgrounds Knowledgeable in business industry standard security incident response process, procedures, and life cycle Excellent teaming skills Excellent social, communication, and writing skills What we offer you The compensation ranges below are provided in order to comply with United States pay transparency laws. Other geographies will follow their local salary guidelines, which may not be a direct conversion of published US salary range/s. At EY, we'll develop you with future-focused skills and equip you with world-class experiences. We'll empower you in a flexible environment, and fuel you and your extraordinary talents in a diverse and inclusive culture of globally connected teams. Learn more. We offer a comprehensive compensation and benefits package where you'll be rewarded based on your performance and recognized for the value you bring to the business. The base salary range for this job in all geographic locations in the US is $87,700 to $164,000. The salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is $105,200 to $186,400. Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options. Join us in our team-led and leader-enabled hybrid model. Our expectation is for most people in external, client serving roles to work together in person 40-60% of the time over the course of an engagement, project or year. Under our flexible vacation policy, you'll decide how much vacation time you need based on your own personal circumstances. You'll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being. Are you ready to shape your future with confidence? Apply today. EY accepts applications for this position on an on-going basis. For those living in California, please click here for additional information. EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. EY | Building a better working world EY is building a better working world by creating new value for clients, people, society, and the planet, while building trust in capital markets. Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow. EY teams work across a full spectrum of services in assurance, consulting, tax, strategy, and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories. EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status, or any other legally protected basis, including arrest and conviction records, in accordance with applicable law. EY is committed to providing reasonable accommodation to qualified individuals with disabilities including veterans with disabilities. If you have a disability and either need assistance applying online or need to request an accommodation during any part of the application process, please call 1-800-EY-HELP3, select Option 2 for candidate related inquiries, then select Option 1 for candidate queries and finally select Option 2 for candidates with an inquiry which will route you to EY's Talent Shared Services Team (TSS) or email the TSS at **************************.

Wilshire Law Firm is a distinguished, award-winning legal practice with over 18 years of experience, specializing in Personal Injury, Employee Rights, and Consumer Class Action lawsuits. We are dedicated to upholding the highest standards of Excellence and Justice and are united in our commitment to achieve the best outcome for our clients. You will work side by side on a team of dynamic, collaborative, and client-focused professionals who are committed to delivering on our founding core values: Excellence, Teamwork, and Integrity. The Opportunity The Cybersecurity Engineer is responsible for designing, implementing, operating, and continuously improving the firm's security controls to protect sensitive client data, legal work product, and enterprise systems. This role operates at the intersection of security architecture, engineering, and operations, with a strong emphasis on risk reduction, regulatory compliance, incident readiness, and secure-by-design infrastructure. Accountable for Design and maintain security controls across network, endpoint, cloud, identity, and applications. Implement and manage tools such as SIEM, EDR/XDR, firewalls, MFA, PAM, DLP, and email security. Monitor and respond to security alerts and incidents, including post-incident analysis. Partner with IT and application teams to embed security into systems and deployments. Conduct vulnerability scanning, risk assessments, and remediation tracking. Enforce least-privilege access and support identity lifecycle management. Support compliance efforts and provide audit and client security documentation. Automate security operations and improve monitoring, reporting, and controls. Qualifications 3-7+ years of hands-on cybersecurity or security engineering experience. Experience with enterprise security tools (SIEM, EDR/XDR, firewalls, IAM). Strong understanding of networking and system security (Windows/Linux). Experience securing cloud environments (Azure, AWS, or GCP). Ability to lead or support real-world incident response efforts. Familiarity with scripting or automation (PowerShell, Python, or Bash). Experience in regulated or high-confidentiality environments. Relevant certifications such as CISSP, CISM, or cloud security certs (preferred). Compensation $130,000-$170,000 per year depending on experience Benefits Paid time off and paid holidays Opportunities for growth and advancement Team outings and sponsored events Employee referral bonus programs Firm-paid Medical HMO with affordable upgrades Firm-paid Life and AD&D insurance Low-cost Dental and Vision plans 401k FSA (Flexible Spending Account) EAP (Employee Assistance Program) Pet Insurance Strive for Excellence. Fight for Justice. Foster Unity. Wilshire Law Firm celebrates being an equal employment opportunity provider to all people in accordance with all applicable laws. We are committed to providing reasonable accommodations to assist individuals with disabilities during the application process and to facilitate their performance of essential job functions throughout their employment. Join Wilshire Law Firm Los Angeles, Irvine, San Diego, Oakland, Sacramento, Riverside, Torrance

Project Description: This project entails providing cybersecurity staff augmentation services to Metro's Information Security Department for two years. The assigned resource will support various core functions within the department, focusing on enhancing security strategy, governance, risk assessments, and security operations. Flexibility in work schedules and locations is required. The project aims to bolster Metro's cybersecurity posture and adherence to industry best practices in the transportation sector. Key qualifications: Proficiency in Windows and Linux operating systems and their security aspects. Expertise in a wide range of security products, including modern solutions like cloud security, Zero Trust architectures, advanced threat protection, and AI-Driven security analytics. Deep understanding of Incident Response, Disaster Recovery, Business Continuity, and Breach Management. Knowledge of information systems engineering, secure software development, networks security, and security operations. Familiarity with security standards and framework suck as PCI DSS, ISO Standards, ITIL, NIST Cybersecurity Framework, CCPA, CPRA, and GDPR. Ability to review and create security procedures and requirements. In-depth knowledge of industry frameworks like ISO 27000, NIST 800-53, ITIL Foundation, and NIST Cybersecurity. Strong grasp of regulatory compliance requirements, including PCI DSS, HIPAA, GDPR, etc. Comprehensive knowledge of security risk and countermeasures for Windows and Linux platforms. Project Management skills and coordination capabilities. Experience in Public Transportation or Transit Industries preferred. Skills & Qualifications: Required CISSP Preferred Certifications: Microsoft Certification Azure Solutions Architect Expert, SANS GIAC, CEH-CCNA. Minimum ten (10) years of experience in cybersecurity, primarily focused on technical and Security Operations Center (SOC) functions. Expertise in User Behavior Analytics, Cybersecurity AI tools, SIEM, Endpoint Security, NextGen Firewalls, etc. Advanced knowledge of security applications, infrastructure, technologies, and methodologies. Up-to-Date understanding of the latest security advisories, alerts, and vulnerabilities relevant to Metro. Initiative and independent judgement within established guidelines. Ability to prioritize work processes and project effectively. Timely response to cybersecurity issues and incidents. Hybrid position: 30% home & 70% On Site Salary Range: $156,000 to $238,000 /Year

Responsibilities As a Cyber Security Engineer, you will have the opportunity to jump-start and lead the application security team as part of our engineering group. We are looking for highly skilled security experts who can handle the end to end ownership of our application security, which will include: Researching vulnerabilities in our software, network topology, production servers and resources Planning, implementing and monitoring our security measure to protect our data, systems, and networks Engineering solutions that address those weaknesses and educating our teams for security awareness Hardening our overall network and responding to all system and/or network breaches Has strong leadership skills to help drive our security agenda and lead a team IF THIS SOUNDS LIKE YOU, CONTINUE READING BELOW. Who you are: You have at least 3 years of Security experience. You have the ability to handle complex software system infrastructure tasks from requirements to production. You have experience leading or building a team End-to-end task ownership: This is a position that requires a leader someone who can confidently see a project through from beginning to end. Independently tackling challenges: You don't need anyone to keep you on track. You're organized and efficient. Please submit if you possess: Experience in cloud environments, and advanced technologies. AWS, puppet/ansible, containers, SQL and NoSQL DBs, Java, Python Experience in Manual Penetration Testing (SQL Injection, XSS, exploit creation) Automated penetration testing tools (e.g. Nessus, Kali Linux, Burp Suite, OWASP ZAP, Metasploit) Experience Web Services Security Penetration Testing Experience A great recommendation from your previous employer A desire to and skills for mentoring junior engineers so they become an awesome engineer like you! To see new and updated job postings and job postings similar to this, please follow us on LinkedIn: *****************************************

Description & Requirements Maximus is seeking a qualified Sr. Technical/Security Analyst for multiple projects, current and upcoming. The qualified candidate will be involved in technical/security planning and assessment projects with potentially multiple state agencies. The position requires the candidate to produce/review security relevant documentation, such as system security plans, POA&Ms, assessment plans, etc., produce technical/security analyses, develop estimates, review and contribute to requirements for large systems-planning efforts in the Child Support, Child Welfare and/or Integrated Eligibility public-sector domains. The individual will report directly to a Senior Manager. Maximus is a matrix-managed organization, which means the individual will have secondary reporting relationships to one or more Project Managers, depending on which projects they are assigned. *This role is remote but requires working standard business hours in the US time zone of the client.* Essential Duties and Responsibilities: - Collaborate with project managers on various initiatives and projects to track progress and provide support as necessary. - Support leadership in ensuring that the project is delivered to specifications, is on time, and within budget. - Work closely with management and work groups to create and maintain work plan documents. - Track the status and due dates of projects. - Manage relationships with project staff responsible for projects. - Produce regular weekly and monthly status reports that could include; work plan status, target dates, budget, resource capacity, and other reports as needed. - Facilitate regular meetings and reviews. - Adhere to contract requirements and comply with all corporate policies and procedures. Job Specific Duties and Responsibilities: -Perform duties independently under the direction of their direct manager and/or Project Managers on specific projects. -Review project documentation and client materials and provide analysis of technical and security related topics. -Participate in client meetings and offer observations and insight on technical and security related topics. -Identify risk areas and potential problems that require proactive attention. -Review and author artifacts and other project documents and identify potential gaps, inconsistencies, or other issues that may put the project at risk. Such artifacts and documents may include but are not limited to: *System Security Plan *Plan of Action and Milestones (POA&M) *Security Assessment Plan *Risk Assessment reports *CMS ARC-AMPE forms and documentation *Data Conversion and Migration Management Plan *Deployment and/or roll-out plans -Perform security assessments, lead security audit and assessment activities, and provide direct security oversight support to assigned clients and projects. -Identify and escalate to the Senior Manager / Project Manager risks, alternatives, and potential quality issues. -Attend interviews, focus groups, or other meetings necessary to gather information for project deliverables in accordance with the project scope of work. -Attend project meetings with the client, subcontractors, project stakeholders, or other Maximus Team members, as requested by the Senior Manager / Project Manager. -Complete project work in compliance with Maximus standards and procedures. -Support team to complete assigned responsibilities as outlined in the Project schedule. -Support all other tasks assigned by Senior Manager / Project Manager. Minimum Requirements - Bachelor's degree in related field. - 7-10 years of relevant professional experience required. - Equivalent combination of education and experience considered in lieu of degree. Job Specific Requirements: -Be available to work during standard client business hours. Projects may involve clients from any US time zone, so it is possible that work outside of the individual's local business hours will be required. -Bachelor's degree from an accredited college or university, or equivalent work experience. -7+ years of experience in information security, with at least 3 years of security-compliance work in a regulated industry. -5+ years of experience working with HIPAA, NIST 800-53 and/or CMS MARS-E or ARC-AMPE security frameworks. -Familiar with operating systems: Windows, Linux/UNIX, OS/X. -Familiar with AI tools, capabilities. -Strong command of cloud computing topics. -Strong command of agile software development practices as well as waterfall development practices. -Strong desktop software skills: proficient in MS Office, Excel, Word, Project. -Ability to explain and communicate technical subjects to non-technical audiences. -Ability to develop advanced concepts, techniques, and standards requiring a high level of interpersonal and technical skills. -Ability to work independently. -Good organizational skills and the ability to manage multiple tasks and deadlines simultaneously. -Strong interpersonal and team building skills, as well as an understanding of client relationship building are essential. -Excellent verbal and writing skills and be comfortable working with customers. -Ability to multi-task with supervision. -Self-motivated fast learner. Preferred Skills: -Prefer a candidate with experience in the Health & Human Services industry, which may include working with programs such as Child Support, Child Welfare, or Integrated Eligibility (SNAP, TANF, and Medicaid). -Preference for security related certifications, such as the CISSP (Certified Information Systems Security Professional). EEO Statement Maximus is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, age, national origin, disability, veteran status, genetic information and other legally protected characteristics. Pay Transparency Maximus compensation is based on various factors including but not limited to job location, a candidate's education, training, experience, expected quality and quantity of work, required travel (if any), external market and internal value analysis including seniority and merit systems, as well as internal pay alignment. Annual salary is just one component of Maximus's total compensation package. Other rewards may include short- and long-term incentives as well as program-specific awards. Additionally, Maximus provides a variety of benefits to employees, including health insurance coverage, life and disability insurance, a retirement savings plan, paid holidays and paid time off. Compensation ranges may differ based on contract value but will be commensurate with job duties and relevant work experience. An applicant's salary history will not be used in determining compensation. Maximus will comply with regulatory minimum wage rates and exempt salary thresholds in all instances. Accommodations Maximus provides reasonable accommodations to individuals requiring assistance during any phase of the employment process due to a disability, medical condition, or physical or mental impairment. If you require assistance at any stage of the employment process-including accessing job postings, completing assessments, or participating in interviews,-please contact People Operations at **************************. Minimum Salary $ 120,000.00 Maximum Salary $ 140,000.00

At Arete, we are on the forefront of utilizing innovative solutions, with great minds from all backgrounds, to help solve the nation's most complex security challenges. We strive for an inclusive, collaborative team environment that approaches differences as opportunities for innovation and excellence. As an employee-owned company, we foster an atmosphere that propels diverse career opportunities and professional growth. Discover your future with us. Arete is seeking an experienced Principal Industrial Security Analyst/CPSO. This is a multidisciplinary security position requiring an experienced and knowledgeable security professional to support Special Programs. The Contractor Program Security Officer (CPSO) is responsible for the execution and sustainment of comprehensive security programs for assigned efforts with contractually mandated security requirements that exceed standard NISPOM (32 CFR Part 117) compliance. The CPSO serves as a liaison to government security representatives, ensuring full alignment with DoD policy and directives while maintaining a proactive and audit-ready security posture across all assigned programs. This position is based at our Northridge, CA office and is an exempt, non-supervisory, full-time position. Key Responsibilities: * Serve as the Contractor Program Security Officer (CPSO) ensuring full compliance with DoD security requirements as outlined in DoDM 5205.07 Volumes. * Interpret and apply policy guidance and security classification guides (SCGs) to ensure continued DoD compliance-driven security practices across all program elements. * As a member of the Security team, you will support all aspects of program security administration, including Personnel Security (PERSEC), Security Education, Training, and Awareness (SETA), Operations Security (OPSEC), document control/inventories, visitor control, supporting hosted program meetings, etc. in coordination with internal and external stakeholders. * Ensure timely submission and management of program access requests (PARs), nomination packages, and eligibility actions within DISS and other applicable systems as directed by Program Management. * Conduct indoctrinations, debriefings, and security training for program personnel in accordance with government directives. Accomplish and retain Lead Trainer status. * In coordination with the Contractor Program Security Manager (CPSM) and other security team members review program-specific documentation as required, (e.g., Standard Operating Procedures (SOP), Fixed Facility Checklists (FFC), Emergency Action Plan (EAP), Concept of Operations (ConOps), Media Control Plan, etc. * Prepare for and support government security reviews, inspections, audits, and self-inspections. Implement corrective actions and maintain a state of readiness. * Support secure facility operations in accordance with ICD 705 requirements, including alarm monitoring, guard testing, UL2050 inspections, TEMPEST compliance, etc. * Track and report security incidents, conduct preliminary inquiries, and support investigations in conjunction with the Security Manager and government sponsors. * Assist with the review and approval of technical documents, ensuring proper classification markings and adherence to security classification guidance. * Demonstrate proficiency with/utilize specific databases to determine personnel eligibility to access classified information - DISS, JADE, Enterprise Security Systems (SIMS), and other databases and record-keeping repositories. * Interface with government customers, contractors, employees, and all levels of management. * Responsible for the daily handling of Personally Identifiable Information (PII), Controlled Unclassified Information (CUI), and clearance-related data in compliance with the Privacy Act and DoD policies; must demonstrate discretion and sound judgment in the protection and management of sensitive information. * Maintain proficiency and currency in security policy and operational practices through continuous training and engagement with the security community. Additional Responsibilities: * Support after-hours and emergency response activities related to alarms or ICD705 construction. * Assist with enforcement of prohibited electronic device (PED) policies and perform entry/exit inspections as required. * Support additional security tasks or projects as assigned by the CPSM. We have an impressive range of benefits, programs, and perks that we offer: Health & Wellness: * Medical, Dental & Vision Insurance * Life and Long-Term Disability (LTD) * Vision Reimbursement * Fitness Reimbursement Financial: * 401(k) Retirement Plan Contributions * Employee Stock Ownership Plan (ESOP) * Continuing Education Assistance Work-Life Balance: * Flexible Scheduling * Paid Time Off (PTO) * Paid Parental and Bereavement Leave What We Value: * Creativity and innovation in solving challenges * Integrity and responsibility in all actions * Collaboration across teams and specialties * Responsiveness in fast-paced environments * Passion for national security and excellence Experiences and Background We Look For: * U.S. Citizenship and active Top-Secret clearance required; must be eligible to obtain and maintain a TS/SCI with polygraph. * Minimum of 10 years of progressively responsible experience in Program Security, Physical Security, and direct support as a CPSO/CSSO, including extensive experience managing Special Access Programs (SAPs) in compliance with DoD, NISPOM, and ICD requirements. * Individual must be reliable, dependable and trustworthy. * Excellent verbal and written communication skills are critical. * Must be able to prioritize assignments, manage multiple tasks simultaneously, and work well under deadlines with minimal supervision, often in fast-paced environments requiring quick turnaround. * Proficient in Windows 10 and Microsoft Office Suite, to include: Microsoft Word, PowerPoint, Excel and Outlook. * Strong interpersonal and communication skills, with a collaborative mindset is essential. * Must be able to walk, stand, and sit for extended periods as part of routine facility inspections and escort duties. * Comfortable working at elevated heights or in construction areas with PPE (e.g., hard hats, gloves, safety glasses). * 6-month probationary period may apply. * Must be willing and able to travel (10-15%) as needed for assessments or inspections at other Arete sites. Nice to have: * FSO training certificate * COMSEC Custodian certificate or experience required. Complete IAEC-2112 COMSEC Training Course six months after being appointed as Alternate COMSEC Account Manager * Courier preparation procedures * Experience developing and implementing OPSEC plans * Knowledge of Access Control and Intrusion Detection Systems * Experience conducting Security incident inquiries * Resourceful in solving problems and capitalizing on opportunities * Professional Certifications/Affiliations The salary range for this role is $90,000/yr to $140,000/yr; however, Arete considers several factors when extending an offer of employment, including but not limited to: the position and associated responsibilities, a candidate's work experience, education/training, and key skills. Other Considerations Areté is committed to the principles of equal employment opportunity and nondiscrimination, and we believe every person has the right to be treated with fairness, dignity, and equal consideration. Areté is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender identity, marital status, national origin, age, veteran status, disability, or any other characteristic protected by applicable federal, state, or local law. U.S. citizenship is required to meet position eligibility. Successful passage of a criminal background screen is required to meet position eligibility. Selected applicants will be subject to a government security investigation and must meet eligibility requirements for access to classified information. Areté will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of the Los Angeles Fair Chance Initiative for Hiring. Successful passage of a Department of Transportation (DOT) drug test is required to meet position eligibility. If you are a qualified individual with a disability or a disabled veteran, you have the right to request an accommodation if you are unable or limited in your ability to use or access our website because of your disability. To request an accommodation, please contact Areté Human Resources at ************ for assistance.

at The Azoff Music Company LLC Information Security Analyst About the RoleWe are looking for an Information Security Ånalyst to operate and maintain our information security systems. As a mid-size entertainment company with global reach, we manage sensitive intellectual property and digital assets that demand the highest level of security. This role will be responsible for helping to design, implement, and maintain a robust information security program that aligns with business objectives and compliance requirements. Key Responsibilities Governance, Risk Management, and Compliance Establish and maintain security policies, standards, and procedures that comply with applicable regulations (e.g., GDPR, CCPA, SOC 2, ISO 27001, PCI-DSS). Oversee risk assessments and audits, ensuring remediation plans are executed effectively. Manage vendor security evaluations and third-party risk management programs. Operational Security Oversee incident detection, response, and recovery processes to ensure rapid containment and resolution of security events. Implement and monitor security controls across endpoints, networks, and cloud infrastructure. This may include selecting, implementing, and monitoring security software, reviewing network settings like firewall rules and access policies, inspecting hardware and software for vulnerabilities. Lead vulnerability management, penetration testing, and threat intelligence initiatives. Awareness and Culture Develop and deliver ongoing security training and awareness programs for all employees. Champion a culture of security across departments, ensuring staff understand their role in protecting company assets. Mentor junior technical staff on information security best practices, operations, and technology. Technology and Innovation Partner with IT and digital teams to integrate security into technology architecture and workflows. Evaluate and implement advanced security tools, automation, and analytics for proactive threat management. Stay current with emerging threats, trends, and technologies in cybersecurity and the entertainment industry. Qualifications Bachelor's degree in Computer Science, Information Security, or a related field. 5+ years of progressive experience in information security. Proven experience supporting enterprise security programs, preferably in media, entertainment, or technology environments. Strong knowledge of cloud security, identity and access management, and data loss prevention. Strong knowledge of Conditional Access Policies and Device Compliance in Microsoft Entra ID. Experience implementing and managing SSO and SCIM configurations. Familiarity managing PAM solutions like Microsoft Privileged Identity Management. Strong programming (Python) and/or scripting skills (PowerShell/Bash) Familiarity with common device management tools like Intune, Jamf, Mosyle, Addigy, etc. Professional certifications such as Security +, Network +, CISSP, CCSP or CASP, or similar highly desired. Excellent communication and stakeholder management skills - able to translate complex technical risks into clear business implications. We will not be able to support sponsorship or visas for this position at this time. The base salary range for this role is $120,000 - $150,000 depending upon experience.Our offices are located in Westwood Village, Los Angeles, CA. Employees work in the office Monday through Thursday and from home on Fridays. We offer a very competitive benefits package, annual bonus, and a creative and dynamic working environment. This position is based in California and is subject to California employment laws and workplace safety requirements, including the Company's Covid vaccination policy. Reasonable accommodations will be considered in accordance with applicable law. Successful candidates will be required to show proof of being vaccinated against COVID-19. This requires having a two-dose series and a booster, or a single dose series and a booster. Reasonable accommodations will be considered on a case-by-case basis for exemptions to this requirement in accordance with applicable law. Disclaimer: This job description only provides an overview of job responsibilities that are subject to change. We are an Equal Opportunity Employer

Exciting Threat Intelligence Analyst / Security Analyst Tier II, 6 months, contract opportunity in Los Angeles, CA. Requirements 2 plus years of experience in tactical intelligence or intelligence analysis, or a related area. 3 plus years of experience in cyber security or related discipline. Understands the following concepts: confidence intervals, MITRE, kill chain, C2, passive DNS, traffic light protocol, and collections bias. Cyber Threat Intelligence Analyst will focus on technical analysis of threats in order to drive the collection, creation, and dissemination of indicators of compromise and indicators of attack. Ability to conduct open-source intelligence collection and analysis. Ability to produce intelligence products at the tactical, operational, and strategic levels. Familiarity with multiple threat intelligence types, sources, and methods of gathering/ obtaining information and data. Basic knowledge of open-source tools, such as Shodan, Maltego, PassiveTotal, and Virus Total. Good understanding of the intelligence lifecycle and associated analytic methodologies (Cyber Kill Chain, Diamond Model, ATT&CK, etc.). Triaging tactical reporting to focus on serious threats and/or those likely to be perceived as such Nice to have: GCTI: Cyber Threat Intelligence, CCTA: Certified Cyber Threat Analyst, CCIP: Certified Cyber Intelligence Professional

Job Description Exciting Threat Intelligence Analyst / Security Analyst Tier II, 6 months, contract opportunity in Los Angeles, CA. Requirements 2 plus years of experience in tactical intelligence or intelligence analysis, or a related area. 3 plus years of experience in cyber security or related discipline. Understands the following concepts: confidence intervals, MITRE, kill chain, C2, passive DNS, traffic light protocol, and collections bias. Cyber Threat Intelligence Analyst will focus on technical analysis of threats in order to drive the collection, creation, and dissemination of indicators of compromise and indicators of attack. Ability to conduct open-source intelligence collection and analysis. Ability to produce intelligence products at the tactical, operational, and strategic levels. Familiarity with multiple threat intelligence types, sources, and methods of gathering/ obtaining information and data. Basic knowledge of open-source tools, such as Shodan, Maltego, PassiveTotal, and Virus Total. Good understanding of the intelligence lifecycle and associated analytic methodologies (Cyber Kill Chain, Diamond Model, ATT&CK, etc.). Triaging tactical reporting to focus on serious threats and/or those likely to be perceived as such Nice to have: GCTI: Cyber Threat Intelligence, CCTA: Certified Cyber Threat Analyst, CCIP: Certified Cyber Intelligence Professional

ISSOEmployment Type: Full-Time, Experienced Department: Information Technology CGS is seeking an Information Systems Security Officer (ISSO) with DIACAP and/or RMF experience who has deep expertise in security assessment documentation to support Dept. of Commerce systems and efforts to achieve their Authorization to Operate (ATO). This position is located at the client site in the Herbert Hoover building in Washington, DC. The scope of this position includes full life-cycle Assessment and Authorization (A&A) management through all 6 Steps of the RMF process in support of the Government ISSM.In this role, you'll conduct security assessment, and information system security oversight activities in accordance with NIST 800.53 that support systems from the perspective RMF requirements. CGS brings motivated, highly skilled, and creative people together to solve the government's most dynamic problems with cutting-edge technology. To carry out our mission, we are seeking candidates who are excited to contribute to government innovation, appreciate collaboration, and can anticipate the needs of others. Here at CGS, we offer an environment in which our employees feel supported, and we encourage professional growth through various learning opportunities. Skills and attributes for success:- Review systems to identify potential security weaknesses and recommend improvements to amend vulnerabilities, implement changes, and document upgrades. - Maintain responsibility for managing cybersecurity risk from an organizational perspective. - Identify organizational risks, prioritize those risks, and maintain a risk registry for escalating and presenting those risks to senior leadership.- Provide security guidance and IS validation using the National Institute of Standards and Technology (NIST) RMF, DoC, and local security policies.- Providing configuration management (CM) recommendations for information system security software, hardware, and firmware and coordinating changes and modifications with the ISSM, Security Control Assessor (SCA), and Authorizing Official (AO).- Maintain vulnerability scanning tool compliance, such as HBSS or ACAS, and patch management, such as IAVM to ensure IT staff pushes patches to all systems in an effort to maintain compliance with all applicable directives, manage system changes, and assess the security impact of those changes.- Support security authorization activities, including transitioning from the legacy Information Assurance Certification and Accreditation Process (DIACAP) to compliance with the DoC RMF.- Provide subject matter expertise for cyber security and trusted system technology. - Apply advanced technical knowledge and analysis of specialized functional areas in task requirements to develop solutions to complex problems.- Research, write, review, disposition feedback, and finalize recommendations regarding cyber security policy, assessment and authorization assessments (A&As), security test and evaluation reports, and security engineering practices and processes. - Conduct research and write risk assessment reports to include risk thresholds, evaluation, and scoring.- Support analysis of the findings and provide expert technical guidance for mitigation strategies, including implementation advice on the cyber security risk findings, and other complex problems. Qualifications:- Bachelor's Degree.- A minimum of five (5) years experience as an Information Assurance (IA) Analyst, ISSE, ISSO, or similar role in ATO package development, including generating security documentation for requirements, security control assessment, STIG and IAVA compliance, Standard Operating Procedures, test results, etc.- eMASS experience.- Professional security certification such as: CCNA Security, CySA+, GICSP, GSEC, CompTIA Security+ CE, SSCP, or higher.- Strong desktop publishing skills using Microsoft Word and Excel.- Experience with industry writing styles such as grammar, sentence form, and structure.- Ability to multi-task in a deadline-oriented environment. Ideally, you will also have:- CISSP, CASP, or a similar certificate is preferred.- Master's Degree in Cybersecurity or related field.- Strong initiative, detail orientation, organizational skills, and aptitude for analytical thinking.- Demonstrated ability to work well independently and as a part of a team.- Excellent work ethic and a high commitment to quality. Our Commitment:Contact Government Services (CGS) strives to simplify and enhance government bureaucracy through the optimization of human, technical, and financial resources. We combine cutting-edge technology with world-class personnel to deliver customized solutions that fit our client's specific needs. We are committed to solving the most challenging and dynamic problems. For the past seven years, we've been growing our government contracting portfolio, and along the way, we've created valuable partnerships by demonstrating a commitment to honesty, professionalism, and quality work. Here at CGS we value honesty through hard work and self-awareness, professionalism in all we do, and to deliver the best quality to our consumers mending those relations for years to come. We care about our employees. Therefore, we offer a comprehensive benefits package.Health, Dental, and VisionLife Insurance 401k Flexible Spending Account (Health, Dependent Care, and Commuter) Paid Time Off and Observance of State/Federal Holidays Contact Government Services, LLC is an Equal Opportunity Employer. Applicants will be considered without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Join our team and become part of government innovation!Explore additional job opportunities with CGS on our Job Board:**************************************** more information about CGS please visit: ************************** or contact:Email: ******************* #CJ

Duties and Responsibilities Assist in implementing Security Information and Event Management (SIEM), which includes but is not limited to; identifying deployment solutions, maintaining logs, assisting in developing company best practices for security alert correlations, perform root case analysis after incidents Assist with Endpoint Detection and Response (EDR) vendor analysis and deployment, which includes, but is not limited to; partnering with IT to develop a decision matrix for EDR vendor selection, assist with deployment, develop patterns for automatic response to identified threats Conduct structured and unstructured data scans, testing, and debugging of applications by using a variety of technical privacy tools to increase compliance and documentation of procedures and information assets Write and deploy SQL to archive and or purge data from databases and to locate, review, explain and document data for privacy requirements Perform regular privacy assessments and impact analysis on databases and operational processes by developing effective tools, training, and guidance to help identify and mitigate risk. This includes data anonymization, pseudonymization and encryption Perform detection, analysis, and containment of an incident Identify key performance metrics for security IR and implement instrumentation for those metrics Maintain, manage and prioritize hardware, software, systems and/or product backlog, while actively identifying risks, constraints, and dependencies that would impact roadmap Demonstrate, integrate, and collaborate on enhancing existing security solutions and services to address any gaps or deficiencies Perform security incident response drill scenarios and lead table top exercises Ensure proper training for stakeholders regarding their incident response roles and responsibilities in the event of a breach Collaborate with internal teams to ensure the data retention or system requirements, user-facing privacy controls, new or existing software, and big data solutions enable the business to be data driven while protecting the data assets Work with the legal department to produce data both internally and externally and ensure any legal request or litigation hold requirements are met Assist with projects and enhancements, including gathering requirements, conducting research, task management and updating key partners and stakeholders with the goal of developing solutions to help mitigate privacy vulnerabilities and future privacy risks Studies and interprets past privacy events and current privacy threats to improve privacy compliance using advanced technologies and design principles to develop and implement new tools and processes Assist both internal and external teams on data governance strategy, updates to legal regulations, and direction on future roadmaps Collaborate with vendors on data and privacy standards Qualifications & Requirements Bachelor's Degree in computer science, IT, systems engineering, or related qualification 2+ years of experience in the security industry working in any combination of the following areas: Risk management, cloud operations and engineering, network security monitoring, log analysis, static and dynamic malware analysis, NIST Kill Chain, MITRE ATT&CK framework, threat hunting, SIEM, EDR Experience responding to security events Writing and reviewing code (Java, Python, Node or similar) Excellent written and verbal communication, facilitation, and presentation skills to collaborate effectively with software engineering teams Implementing security detection capabilities Proven ability to make decisions and perform complex problem-solving activities under pressure Some knowledge of AWS cloud infrastructure and their threat landscape

Founded by fans, Crunchyroll delivers the art and culture of anime to a passionate community. We super-serve over 100 million anime and manga fans across 200+ countries and territories, and help them connect with the stories and characters they crave. Whether that experience is online or in-person, streaming video, theatrical, games, merchandise, events and more, it's powered by the anime content we all love. Join our team, and help us shape the future of anime! About the role Crunchyroll is growing and changing, presenting unique challenges and opportunities to support millions of anime fans around the world. The Fan Experiences Services & Tools team provides seamless help to our partners and internal stakeholders, ensuring an exceptional experience for all Crunchyroll fans. Our charter is focused on helping our internal and external teams around the world integrate, test, and deploy the Crunchyroll applications quickly and with the highest levels of quality. We do this with tools and infrastructure that optimize the developer experience. We tie it all together with sophisticated automated testing and productivity solutions designed to support our culture of experimentation, autonomy and ownership. Our goal is to focus on delivering the best possible anime fan experience. You will: Security Strategy & Leadership: Lead, mentor, and grow the Application Security team. Define the long-term roadmap for Mobile, Desktop, and Game security to proactively mitigate reverse engineering, piracy, and cheating. Binary Defense Architecture: Oversee the design and implementation of binary protection strategies. Direct the evaluation and integration of anti-tamper, obfuscation, and RASP solutions (e.g., Promon, Guardsquare) ensuring minimal impact on game FPS, app performance and user experience. Game Integrity & Anti-Cheat: Collaborate with game studios to design "server-authoritative" economies and implement client-side detections for memory manipulation, touch macros, and modded APKs. Trust & Identity Management: Architect robust chains of trust for the ecosystem. Manage code signing certificates, secure boot processes, and the integration of hardware-backed storage (TEE) for sensitive keys. Vulnerability Research & Validation: Lead internal or external "red team" initiatives using reverse engineering tools (IDA Pro, Frida) to simulate attacks against our apps and games. Validate the effectiveness of binary defenses and attestation checks before release. Content Protection Engineering: Collaborate with media engineering to harden DRM implementations (Widevine, FairPlay). Ensure secure handling of media keys and enforce output protection (HDCP). In the role of Staff Product Security Engineer, you will report to the Senior Director of Fan Experience Engineering Service & Tools. We are considering applicants for the location of Dallas, Los Angeles, or San Francisco. About You We get excited about candidates, like you, because you have... Binary Application Construction: Solid understanding of how applications are constructed, including compilers, linkers, dynamic loaders, ABI interaction, and executable formats (ELF, Mach-O, PE). Game Engine & Anti-Cheat Security: Solid understanding of Unity (IL2CPP) and Unreal Engine security architectures. Experience designing defenses against game-specific attacks: memory editors (GameGuardian), speed hacks, wallhacks, and protecting asset integrity (AssetBundles). Cryptography & Chain of Trust: Comprehensive experience with cryptographic primitives (hashing, digests) and Public Key Infrastructure (PKI), including managing digital certificates and establishing chains of trust for code signing and secure boot. Anti-Tamper & Ecosystem: Proven track record evaluating and implementing commercial shielding (Promon, Guardsquare, Verimatrix) and platform attestation (Google Play Integrity, Apple App Attest) for both apps and games. Content Protection & DRM: Experience with Google Widevine, Apple FairPlay, and Microsoft PlayReady, including HDCP enforcement and screen recording prevention. Reverse Engineering & Analysis: Hands-on experience with tools (IDA Pro, Ghidra, Frida, Il2CppDumper) to simulate attacks, analyze game logic, and validate the resilience of binary protections. TBD: Mobile Security Standards: Relevant certifications OWASP MASVS and the OWASP Mobile Top 10, with the ability to map these standards to engineering roadmaps. Web & Network Security: Experience securing web standards within application contexts, including HTTPS/TLS, cookie security (Secure, HttpOnly, SameSite), local storage, and Content Security Policy (CSP). Hybrid App & WebView Security: Expert handling of WebView bridges (WKWebView), ensuring secure data exchange between native and web contexts. Hardware-Backed Security: Experience utilizing TEEs (Secure Enclave, TrustZone, TPM) for secure key storage, cryptographic operations, and offline license management. DevSecOps & Supply Chain: Experience automating security (SAST/DAST) within CI/CD pipelines and managing third-party SDK risks (supply chain attacks). About the Team The Fan Experiences Engineering team at Crunchyroll plays a pivotal role in enhancing and expanding our users' experiences. We collaborate extensively with a diverse network of device, payment, and gaming partners to broaden the reach of Crunchyroll's offerings. Our primary objective is to drive growth, open up new acquisition channels, and optimize both the scope and quality of our services. Situated at the crossroads of technology and business, we are dedicated to continually enabling experiences that delights our fans. Why you will love working at Crunchyroll In addition to getting to work with fun, passionate and inspired colleagues, you will also enjoy the following benefits and perks: Receive a great compensation package including salary plus performance bonus earning potential, paid annually. Flexible time off policies allowing you to take the time you need to be your whole self. Generous medical, dental, vision, STD, LTD, and life insurance Health Saving Account HSA program Health care and dependent care FSA 401(k) plan, with employer match Employer paid commuter benefit Support program for new parents Pet insurance and some of our offices are pet friendly! #LifeAtCrunchyroll #LI-Hybrid The Pay Range for this position is listed. Actual pay will vary based on factors including, but not limited to location, experience, and performance. The range listed is just one component of Crunchyroll's Total Rewards offerings for employees. Other rewards may include performance bonuses, employer matched retirement savings, time-off programs, and progressive health benefits and perks.Pay Transparency - Los Angeles, CA$200,000-$249,000 USDAbout our Values We want to be everything for someone rather than something for everyone and we do this by living and modeling our values in all that we do. We value Courage. We believe that when we overcome fear, we enable our best selves. Curiosity. We are curious, which is the gateway to empathy, inclusion, and understanding. Kaizen. We have a growth mindset committed to constant forward progress. Service. We serve our community with humility, enabling joy and belonging for others. Our commitment to diversity and inclusion Our mission of helping people belong reflects our commitment to diversity & inclusion. It's just the way we do business. We are an equal opportunity employer and value diversity at Crunchyroll. Pursuant to applicable law, we do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. Crunchyroll, LLC is an independently operated joint venture between US-based Sony Pictures Entertainment, and Japan's Aniplex, a subsidiary of Sony Music Entertainment (Japan) Inc., both subsidiaries of Tokyo-based Sony Group Corporation. Questions about Crunchyroll's hiring process? Please check out our Hiring FAQs: https://help.crunchyroll.com/hc/en-us/articles/3**********2-Crunchyroll-Hiring-FAQs Please refer to our Candidate Privacy Policy for more information about how we process your personal information, and your data protection rights: ********************************************************************************************************** Please beware of recent scams to online job seekers. Those applying to our job openings will only be contacted directly ********************* email account.

A leading entertainment and media enterprise is seeking a Senior Software Engineer to enhance cybersecurity efforts. The role involves designing internal tools, managing security frameworks, and collaborating with compliance teams. Candidates should possess at least 5 years of software development experience, knowledge in DevSecOps, and familiarity with cloud technologies. This position is integral to securing information systems across various Disney platforms, supporting innovative consumer experiences and operational excellence. #J-18808-Ljbffr