Cyber security analyst jobs in Rialto, CA - 88 jobs

The Amazon Web Services (AWS) Center for Quantum Computing (CQC) in Pasadena, CA, is seeking a Security Engineer who will design and oversee the security operations of a growing research and development (R&D) effort. This role requires some on site activity, roughly 1 to 2 times per week. As a security expert, you will own the completion of a threat model and security plan for our research spaces and will lead an array of projects and security initiatives/activities designed to protect your fellow Amazonians, R&D facilities, and critical cloud infrastructure from all categories of threats. You will define, document, and educate policies/workflows for our labs, which span across academic, corporate, and industrial spaces. You obsess over internal and external customers and successfully deliver support and services in a fast-paced environment where priorities shift quickly. You are also independent and can manage program security projects under minimal supervision, continuously triage and prioritize accordingly, communicate clearly, think outside the box, and deliver exceptional results. By delivering a highly secure yet flexible R&D environment, successful candidates will enable a team of scientists and engineers to secure quantum technologies for our global AWS customer base. Additional responsibilities include: Work with internal stakeholders, academic and corporate partners to meet or exceed Amazon security bar Understand software lifecycle on scientific equipment and mitigate physical and logical risks Perform periodic reviews of software baselines and network activity Manage security reviews of internally used, external-facing, or third-party applications Create and maintain detailed inventories of sensitive hardware and software With the help of other security engineers at AWS, audit equipment and software before commissioning in a development or production environment About the team Export Control Requirement: Due to applicable export control laws and regulations, candidates must be either a U.S. citizen or national, U.S. permanent resident (i.e., current Green Card holder), or lawfully admitted into the U.S. as a refugee or granted asylum, or be able to obtain a U.S export license. If you are unsure if you meet these requirements, please apply and Amazon will review your application for eligibility. Why AWS? Amazon Web Services (AWS) is the world's most comprehensive and broadly adopted cloud platform. We pioneered cloud computing and never stopped innovating - that's why customers from the most successful startups to Global 500 companies trust our robust suite of products and services to power their businesses. AWS Utility Computing (UC) provides product innovations - from foundational services such as Amazon's Simple Storage Service (S3) and Amazon Elastic Compute Cloud (EC2), to consistently released new product innovations that continue to set AWS's services and features apart in the industry. As a member of the UC organization, you'll support the development and management of Compute, Database, Storage, Internet of Things (Iot), Platform, and Productivity Apps services in AWS. Within AWS UC, Amazon Dedicated Cloud (ADC) roles engage with AWS customers who require specialized security solutions for their cloud services. Inclusive Team Culture Here at AWS, it's in our nature to learn and be curious. Our employee-led affinity groups foster a culture of inclusion that empower us to be proud of our differences. Ongoing events and learning experiences, including our Conversations on Race and Ethnicity (CORE) and AmazeCon (gender diversity) conferences, inspire us to never stop embracing our uniqueness. Diverse Experiences AWS values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn't followed a traditional path, or includes alternative experiences, don't let it stop you from applying. Mentorship & Career Growth We're continuously raising our performance bar as we strive to become Earth's Best Employer. That's why you'll find endless knowledge-sharing, mentorship and other career-advancing resources here to help you develop into a better-rounded professional. Work/Life Balance We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home, there's nothing we can't achieve in the cloud. Export Control Requirement: Due to applicable export control laws and regulations, candidates must be either a U.S. citizen or national, U.S. permanent resident (i.e., current Green Card holder), or lawfully admitted into the U.S. as a refugee or granted asylum, or be able to obtain a US export license. If you are unsure if you meet these requirements, please apply and Amazon will review your application for eligibility. Basic Qualifications - 4+ years of non-internship background in troubleshooting systems issues, analyzing logs, or automating complex tasks using command line tools experience - 5+ years of work in identifying security issues and risks, and developing mitigation plans experience - 4+ years of (non-internship) scripting, programming, and security code review in common programming languages experience - Experience (non-internship) in scripting, programming, and security code reviewing in a common programming language - Experience (non-internship) in troubleshooting systems issues, analyzing logs, or automating complex tasks using command line tools - Experience working in identifying security issues and risks, and developing mitigation plans - Experience (non-internship) in industry-based security vulnerabilities identification, attack patterns, and remediation techniques - Experience as a mentor, tech lead or leading an engineering team - 5+ years relevant security engineering work experience, or a Bachelor's degree in one of the following degree programs: Cybersecurity, Computer Science/Engineering, Electrical Engineering, Informatics, or related academic degrees - 5+ years of professional work experience as a security expert in one or more of these areas: security engineering, scientific research, engineering research and development - Hands-on experience with security lifecycle activities including threat modeling, risk analysis, design review, and testing - Strong understanding of adversary TTPs and experience with threat detection, response, and recovery Preferred Qualifications - Experience applying threat modeling or other risk identification techniques or equivalent - Experience with security in service-oriented architectures/microservices and web services - Interest in learning Quantum Technologies - Effective teacher and instructor, with experience developing and delivering training to security, technical, and business professionals; Ability to develop and deliver security awareness training programs - Excellent written communication skills, with a focus on translating technically complex security issues into simple, easy to understand concepts for business and technical leadership; Experience writing and publishing security standards - Ability to manage tactical (daily) operations and participate in development of strategic program plans - Understanding of crisis operations, risk management, and crisis communication - Understanding of business continuity and incident command system - Strong working knowledge of access control systems and physical security systems/components - Experience in providing security oversight at data centers or research lab environments/equivalent Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status. Los Angeles County applicants: Job duties for this position include: work safely and cooperatively with other employees, supervisors, and staff; adhere to standards of excellence despite stressful conditions; communicate effectively and respectfully with employees, supervisors, and staff to ensure exceptional customer service; and follow all federal, state, and local laws and Company policies. Criminal history may have a direct, adverse, and negative relationship with some of the material job duties of this position. These include the duties and responsibilities listed above, as well as the abilities to adhere to company policies, exercise sound judgment, effectively manage stress and work safely and respectfully with others, exhibit trustworthiness and professionalism, and safeguard business operations and the Company's reputation. Pursuant to the Los Angeles County Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records. Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit ********************************************************* for more information. If the country/region you're applying in isn't listed, please contact your Recruiting Partner. Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $143,300/year in our lowest geographic market up to $247,600/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit ******************************************************* . This position will remain posted until filled. Applicants should apply via our internal or external career site.

As our Cyber Security Engineer, you will work with infrastructure, development, business, and architecture groups to provide security requirements for new applications and systems. In this capacity, you will contribute to the design, documentation, and deployment of new and existing security technologies while also assisting in the development of security policies, standards, and procedures. As a member of the team, you will also be responsible for mentoring other team members on security technologies and standards. You will be working on-site in Costa Mesa, CA, for the first 90 days, then in the office 3 out of 5 days per week. What You'll Do You'll start your day in an Agile meeting with our team of 7, reviewing the last 24 hours and making the plan for the day based on the work you are assigned for the current 2-week sprint. The tasks taken each sprint will be varied based on our internal business partner needs and initiative priority Define security architecture design patterns and evaluate and develop secure solutions based on approved security architecture and emerging risks. Serve as a security expert in varied security domains such as application development, database, network, cloud-based services, and/or platform (operating system) technologies, helping project teams comply with enterprise and IT security policies, industry regulations, and best practices. Research, design, and advocate new technologies, architectures, standards, and security products that will support security requirements for the enterprise, our customers, and business partners. Evaluate, guide, and lead vendor engagements as necessary. Work with security specialists to ensure security solutions are in place. Analyze business impact and exposure based on emerging security threats, vulnerabilities, and risks. Act as a resource and role model for less experienced staff. What You'll Need To thrive in this role, you must have extensive experience (7 or more years of combined IT and security work experience) with broad exposure to infrastructure/network and multi-platform environments in an enterprise with over 5000 employees. This experience should include implementing multiple (3+) security infrastructure and application projects based upon any number of the following frameworks: CSA CCM, OWASP, NIST CSF, PCI DSS. In addition, experience working with DevOps and agile product development methodologies is a plus. Comprehensive knowledge of cross-platform technical principles, security practices, and procedures for private/public cloud computing, mainframe computers, distributed systems, desktop computers, laptops, tablets, phones, and workstations are desired. Knowledge of one or more of the following cloud service provider platform frameworks (AWS, GCP, Azure) and security controls. You will have communicated with various audiences, including business leaders, engineers, clients, and team members. Therefore, it is important that they have great verbal and written communication skills to convey information to the relevant audience. You will have prepared executive reports demonstrating written communication skills. #LI-SS1 The starting pay range for this position is: $156,500.00 - $208,100.00 Additionally, for full time positions, you will be eligible to participate in our incentive program based upon the achievement of organization, team and personal performance. . Remarkable benefits: • Health coverage for medical, dental, vision • 401(K) saving plan with company match AND Pension • Tuition assistance • PTO for community volunteer programs • Wellness program • Employee discounts Auto Club Enterprises is the largest federation of AAA clubs in the nation. We have 14,000 employees in 21 states helping 17 million members. The strength of our organization is our employees. Bringing together and supporting different cultures, backgrounds, personalities, and strengths creates a team capable of delivering legendary, lifetime service to our members. When we embrace our diversity - we win. All of Us! With our national brand recognition, long-standing reputation since 1902, and constantly growing membership, we are seeking career-minded, service-driven professionals to join our team. “Through dedicated employees we proudly deliver legendary service and beneficial products that provide members peace of mind and value.” AAA is an Equal Opportunity Employer The Automobile Club of Southern California will consider for employment all qualified applicants, including those with criminal histories, in a manner consistent with the requirements of applicable federal, state, and local laws, including the City of Los Angeles' Fair Chance Initiative for Hiring Ordinance (FCIHO), the Unincorporated Los Angeles County (ULAC) regulation, and the California Fair Chance Act (CFCA).

Sr. Information Security Engineer External Description: Alignment Healthcare is a data and technology driven healthcare company focused on partnering with health systems, health plans and provider groups to provide care delivery that is preventative, convenient, coordinated, and that results in improved clinical outcomes for seniors. We are experiencing rapid growth (backed by top private equity firms), and our team is looking for the best and brightest individuals. We love our customers and understanding them better makes it possible to provide the best clinical outcomes and care experience. Are you an Information Security Engineer with experience in automation, cloud technologies, and endpoint security? Would you like to work in an environment where your skills can be utilized effectively, and you have opportunities to make significant impact? If you are passionate about security and can reduce risk in practical ways that scale, we want to hear from you! Major Responsibilities Contributes to the daily operational aspects of the Information Security Team, primarily from a technical implementation perspective. Assists with break/fix of tools and automation that are owned by the Information Security Team. Works with internal and external customers on a variety of issues, from a simple security review of a mundane and routine ask, to a complex deep dive into a new feature implementation in O365, Azure, or AWS. Balances operational work (approximately 70% of the day) to help meet team SLAs, and project work (approximately 30% of the day) to meet assigned team deliverables. Contributes to the design, implementation, and documentation of new security tools. Collaborates with other internal information technology teams (networking, cloud, traditional architecture, developers, and data scientists) to support internal and external systems. Utilizes scripting and DevOps to provide automation and orchestration between: information security tools, such as the SIEM (Logstash, FortiSIEM, IBM QRadar, etc.); endpoint protection (Symantec, McAfee, Cylance, CrowdStrike Falcon, etc.); vulnerability scanners (Rapid7, Nessus, etc.); patch management (SCCM, Altiris, PDQ, etc.); other applications; OS' (Windows, MacOS, Linux, iOS, Android); cloud platforms (AWS, Azure); and IAM platforms (Active Directory, Okta, Auth0, PingIdentity, SAML, OIDC). Clearly documents designed automation and system relationships. Contributes and participates in the Information Security Team daily stand-ups and other meetings as necessary. Participates in regular reporting, maintaining accountability and transparency within the Information Security Team. Remains current on industry trends in cyber risk with industry standards (ISO 27001/2, NIST, CIS) and regulatory requirements (HIPAA, HITECH, HITRUST, etc.) Technical knowledge of common information security tools and systems: DLP, MAM/MDM, Firewall/VPN, endpoint protection, PKI, RBAC, IAM, etc. Demonstrated practical experience with one or more programming or scripting languages. (PowerShell, Python, C#, VB, VBA, Ruby, NodeJS, SQL, etc.) We're not picky, but you must be able to deliver practical automation! Demonstrated practical experience with one or more of the major cloud providers (AWS, Azure, GCP). Excellent oral and written communication skills, and an ability to present and discuss technical information in a way that establishes rapport and trust. Detail orientated, with an ability and desire to build to 100%, but being ok with building to 90% as tasked. An ability to be productive as an individual contributor with little supervision to meet agreed upon deliverables. Preferred Prior experience in the healthcare or a related HIPAA regulated industry. A working knowledge of the NIST CSF and/or CIS Critical Security Controls (CSC). A working knowledge of Git and GitHub. Previous experience contributing to projects using agile tools (Jira, Azure DevOps, Pivotal) and processes (Scrum, Kanban). One or more cloud security certifications. Education Bachelor's degree in Computer Science, Computer Engineering, or related technical discipline, and/or equivalent work experience. 3+ years' experience working in a technical, hands-on, information security role. One or more current security related certifications (e.g., CISSP, SANS GIAC, etc.) City: Orange State: California Location City: Orange Schedule: Full Time Location State: California Community / Marketing Title: Sr. Information Security Engineer Company Profile: Alignment Healthcare was founded with a mission to revolutionize health care with a serving heart culture. Through its unique integrated care delivery models, deep physician partnerships and use of proprietary technologies, Alignment is committed to transforming health care one person at a time. By becoming a part of the Alignment Healthcare team, you will provide members with the quality of care they truly need and deserve. We believe that great work comes from people who are inspired to be their best. We have built a team of talented and experienced people who are passionate about transforming the lives of the seniors we serve. In this fast-growing company, you will find ample room for growth and innovation alongside the Alignment community. EEO Employer Verbiage: On August 17, 2021, Alignment implemented a policy requiring all new hires to receive the COVID-19 vaccine. Proof of vaccination will be required as a condition of employment subject to applicable laws concerning exemptions/accommodations. This policy is part of Alignment's ongoing efforts to ensure the safety and well-being of our staff and community, and to support public health efforts. Alignment Healthcare, LLC is proud to practice Equal Employment Opportunity and Affirmative Action. We are looking for diversity in qualified candidates for employment: Minority/Female/Disable/Protected Veteran. If you require any reasonable accommodation under the Americans with Disabilities Act (ADA) in completing the online application, interviewing, completing any pre-employment testing or otherwise participating in the employee selection process, please contact ******************.

“I can be myself at work.” You are more than a job title. We want you to feel comfortable doing great work and bringing your best, authentic self to everything you do. We value your talents, traditions, and uniqueness-and we're committed to fostering a strong sense of belonging in a respectful workplace. We intentionally seek diverse perspectives, experiences, and backgrounds, investing in a culture designed to celebrate differences. We believe that belonging leads to better outcomes and a stronger community of associates united by our mission. At Capital, we live our core values every day: Integrity, Client Focus, Diverse Perspectives, Long-Term Thinking, and Community. “I can influence my income.” You want to feel recognized at work. Your performance will be reviewed annually, and your compensation will be designed to motivate and reward the value that you provide. You'll receive a competitive salary, bonuses and benefits. Your company-funded retirement contribution will factor in salary and variable pay, including bonuses. “I can lead a full life.” You bring unique goals and interests to your job and your life. Whether you're raising a family, you're passionate about where you volunteer, or you want to explore different career paths, we'll give you the resources that can set you up for success. Enjoy generous time-away and health benefits from day one, with the opportunity for flexible work options Receive 2-for-1 matching gifts for your charitable contributions and the opportunity to secure annual grants for the organizations you love Access on-demand professional development resources that allow you to hone existing skills and learn new ones “I can succeed as a Lead AI Security Engineer at Capital Group” As a Lead AI Security Engineer, you will be responsible for securing Capital Group's enterprise AI Platforms. You will help enable Capital Group's AI strategy by building and/or procuring solutions to protect a diverse set of enterprise AI platforms being built and deployed at Capital Group. You'll collaborate with platform engineering, security engineering, and risk teams to ensure their solutions support scalable, secure adoption of AI. Additionally, you'll be expected to provide mentoring, advising diverse teams across the organization, and promoting AI Security principles across Capital Group. AI Security Procurement Managements: You will procure and/or build technical solutions to reduce the risk of misconfiguration, exploitation, and other security issues for multiple enterprise AI platforms. Embedding Security in the AI Platform Ecosystem: Working closely with platform teams to integrate security into every component of the AI Platform. Implementing Security Controls & “Guardrails” for GenAI: Designing, deploying, and operating technical controls to prevent misuse of AI systems. Guardrails design includes content filtering systems, usage policies, and safety checks that mitigate issues like prompt injection attacks, unauthorized data extraction, model bias or hallucinations, and other misuse of generative AI platforms. AI Runtime Security: Engineer continually tests and updates to the guardrails, replacing weaker controls with more robust solutions as threats evolve. AI Governance: You will work cross functionally with architecture and platform teams to monitor alignment of solutions to AI Governance processes Contribute to Standards and Policies: You will provide thought leadership for Information Security policies and standards for AI in collaboration with technology risk AI/Agent SME: You will provide AI/Agent subject matter expertise for AI Incidents and Security Reviews, and help develop incident response playbooks for AI-related security incidents “I am the person Capital Group is looking for.” You have 8+ years of experience in information security, application security, platform security, or penetration testing, DevSecOps, network security and other security disciplines. You have experience securing AI platforms, whether internal AI platforms or offerings such as CoPilot Studio, Amazon Bedrock, and/or Azure AI Gateway Proficient in Programming & ML Tool. Strong Python skills required, with experience in AI/ML frameworks. Ability to review and write ML code to implement security measures (e.g., model validation, adversarial testing) is desired. You have 5+ years of relevant professional experience or demonstrated an equivalent level of expertise in security engineering, such as cloud, API, or platform security. You have 3+ years of experience embedded identity, network, and encryption controls into enterprise platforms You can effectively partner and collaborate with stakeholder teams. You have effective communication skills and the ability to outline security risks to leadership. You are familiar with cloud and API security vendors and managed services providers. Preferred Qualifications: You have knowledge and experience with technologies including Kubernetes, Containers, CI/CD, and Cloud Service Providers You are familiar with function and purpose of key AI platform components such as AI gateways (Kong, Databricks Mosaic AI Gateway, custom API orchestration), Model Orchestration (Examples LangChain, LlamaIndex, etc.) You are familiar with key AI regulatory frameworks such as NIST AI RMF, MITRE ATLAS, GDPR, EU AI Act, etc You have information Security certifications (CISSP, SANS GIAC, CISA, etc.) “I can apply in less than 4 minutes.” You've reviewed this job posting and you're ready to start the candidate journey with us. Apply now to move to the next step in our recruiting process. If this role isn't what you're looking for, check out our other opportunities and join our talent community. “I can learn more about Capital Group.” At Capital Group, the success of the people who invest with us depends on the people in whom we invest. That's why we offer a culture, compensation and opportunities that empower our associates to build successful and prosperous careers. Through nine decades, our goal has been to improve people's lives through successful investing. We know that our history is a testament to the strength of the people we hire. More than 9,000 associates in 30+ offices around the world help our clients and each other grow and thrive every day. Find us on LinkedIn, Instagram, YouTube and Glassdoor. Southern California Base Salary Range: $179,273-$286,837San Antonio Base Salary Range: $147,378-$235,805New York Base Salary Range: $190,040-$304,064 In addition to a highly competitive base salary, per plan guidelines, restrictions and vesting requirements, you also will be eligible for an individual annual performance bonus, plus Capital's annual profitability bonus plus a retirement plan where Capital contributes 15% of your eligible earnings. You can learn more about our compensation and benefits here . * Temporary positions in the United States are excluded from the above mentioned compensation and benefit plans. We are an equal opportunity employer, which means we comply with all federal, state and local laws that prohibit discrimination when making all decisions about employment. As equal opportunity employers, our policies prohibit unlawful discrimination on the basis of race, religion, color, national origin, ancestry, sex (including gender and gender identity), pregnancy, childbirth and related medical conditions, age, physical or mental disability, medical condition, genetic information, marital status, sexual orientation, citizenship status, AIDS/HIV status, political activities or affiliations, military or veteran status, status as a victim of domestic violence, assault or stalking or any other characteristic protected by federal, state or local law.

Job Description About Us: Headquartered in the United States, TP-Link Systems Inc. is a global provider of reliable networking devices and smart home products, consistently ranked as the world's top provider of Wi-Fi devices. The company is committed to delivering innovative products that enhance people's lives through faster, more reliable connectivity. With a commitment to excellence, TP-Link Systems serves customers in over 170 countries and continues to grow its global footprint. We believe technology changes the world for the better! At TP-Link Systems Inc, we are committed to crafting dependable, high-performance products to connect users worldwide with the wonders of technology. Embracing professionalism, innovation, excellence, and simplicity, we aim to assist our clients in achieving remarkable global performance and enable consumers to enjoy a seamless, effortless lifestyle. Overview: We are seeking many highly skilled and experienced Software Security Analyst (aka Source Code Auditor) to join our cybersecurity team. In this role, you will be responsible for reviewing and analyzing source code to identify potential security vulnerabilities, ensure compliance with coding standards, and enhance the overall security posture of our applications. You will work closely with development teams, security professionals, and stakeholders to provide actionable insights and recommendations for improving code quality and security. Key Responsibilities Conduct thorough audits of source code to identify vulnerabilities, security weaknesses, and coding inefficiencies. Review and analyze code across a variety of programming languages and frameworks, including but not limited to Python, Java, C++, JavaScript, Swift and Kotlin. Develop and maintain code auditing standards, processes, and tools to ensure consistent and high-quality reviews. Collaborate with development teams to provide feedback and guidance on secure coding practices and remediation strategies. Prepare detailed audit reports that outline findings, risks, and recommendations for improving code security and quality. Stay up to date with the latest security threats, coding standards, and best practices to continuously improve audit processes. Mentor junior auditors and provide guidance on auditing techniques, tools, and best practices. Work with cross-functional teams to integrate security practices into the software development lifecycle (SDLC). Assist in developing and conducting security training and awareness programs for development teams. Requirements Qualifications: Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent experience. 5+ years of experience in source code auditing, software development, or application security. Strong understanding of secure coding principles, software vulnerabilities, and common attack vectors (e.g., SQL injection, cross-site scripting, buffer overflow). Proficiency in multiple programming languages and familiarity with a variety of development frameworks and environments. Experience with automated code review tools (e.g., SonarQube, Coverity, Checkmarx, Veracode) and manual code review techniques. Excellent analytical and problem-solving skills with a keen eye for detail. Strong communication skills, with the ability to explain complex technical concepts to non-technical stakeholders. Relevant certifications such as Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), or Certified Information Systems Security Professional (CISSP) are a plus. Benefits Salary range: $100,000-$140,000 Free snacks and drinks, and provided lunch on Fridays Fully paid medical, dental, and vision insurance (partial coverage for dependents) Contributions to 401k funds Bi-annual reviews, and annual pay increases Health and wellness benefits, including free gym membership Quarterly team-building events At TP-Link Systems Inc., we are continually searching for ambitious individuals who are passionate about their work. We believe that diversity fuels innovation, collaboration, and drives our entrepreneurial spirit. As a global company, we highly value diverse perspectives and are committed to cultivating an environment where all voices are heard, respected, and valued. We are dedicated to providing equal employment opportunities to all employees and applicants, and we prohibit discrimination and harassment of any kind based on race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws. Beyond compliance, we strive to create a supportive and growth-oriented workplace for everyone. If you share our passion and connection to this mission, we welcome you to apply and join us in building a vibrant and inclusive team at TP-Link Systems Inc. Please, no third-party agency inquiries, and we are unable to offer visa sponsorships at this time.

Anduril Industries is a defense technology company with a mission to transform U.S. and allied military capabilities with advanced technology. By bringing the expertise, technology, and business model of the 21st century's most innovative companies to the defense industry, Anduril is changing how military systems are designed, built and sold. Anduril's family of systems is powered by Lattice OS, an AI-powered operating system that turns thousands of data streams into a realtime, 3D command and control center. As the world enters an era of strategic competition, Anduril is committed to bringing cutting-edge autonomy, AI, computer vision, sensor fusion, and networking technology to the military in months, not years. ABOUT THE TEAM ISSOs help shape classified, closed, or air gapped environments in which to deploy Anduril products or software. Well versed in a combination of Information Technology, Security and government accreditation processes, ISSOs are able to utilize their sharp critical thinking skills to balance Business Line needs, product velocity, and customer requirements. ABOUT THE JOB WHAT YOU'LL DO Provide expertise in documenting security controls that apply to respective systems to meet cybersecurity framework requirements.. Perform required security functions on an iterative basis to meet requirements and deliver results. Apply technology standards from the commercial space in classified, air-gapped environments. Assist the ISSM, fellow ISSOs, and other members of the Classified Infrastructure team to understand key stakeholders' needs and provide complex technical solutions to meet contractual obligations. Tailor NIST 800-53 controls to determine applicability to the network environment and oversee the implementation of Continuous Monitoring for respective programs. Define, document, and conduct security scanning on Anduril's products and accredited information systems. Scope, shape, and orchestrate the development of features to ensure products meet compliance goals. REQUIRED QUALIFICATIONS Design, develop, and implement secure systems and networks per NIST RMF, JSIG, and other industry standards. Participate and assist in security risk assessments, vulnerability assessments, and audits to identify and mitigate threats. Speak to and recommend security solutions, such as IDS/IPS, encryption protocols, and secure communications technologies. Develop and enforce access controls, encryption strategies, and other technical measures to safeguard systems. Maintain and update System Security Plans (SSPs), POA&Ms, and other accreditation documentation. Manage the organization's security posture, ensuring compliance with internal policies and external regulatory frameworks. Participate in the Authorization and Accreditation (A&A) processes to obtain/maintain system Authority to Operate (ATO). Able to assist, even lead, incident response efforts, including investigation, root cause analysis, containment, and reporting. Conduct regular audits, continuous monitoring, and risk assessments to ensure ongoing compliance and system resilience. Collaborate with government security officials, stakeholders, and teams to address security gaps and improve controls. Currently possesses and is able to maintain an active U.S. Top Secret security clearance. PREFERRED QUALIFICATIONS Experience with industry standard tools such as Splunk, DISA STIGs, and SCC. The ability to understand programming/scripting languages, i.e. Python, Powershell, Bash An understanding of Linux Red Hat operating systems and SELinux policy. US Salary Range$113,000-$149,000 USD The salary range for this role is an estimate based on a wide range of compensation factors, inclusive of base salary only. Actual salary offer may vary based on (but not limited to) work experience, education and/or training, critical skills, and/or business considerations. Highly competitive equity grants are included in the majority of full time offers; and are considered part of Anduril's total compensation package. Additionally, Anduril offers top-tier benefits for full-time employees, including: Healthcare Benefits US Roles: Comprehensive medical, dental, and vision plans at little to no cost to you. UK & AUS Roles: We cover full cost of medical insurance premiums for you and your dependents. IE Roles: We offer an annual contribution toward your private health insurance for you and your dependents. Additional Benefits Income Protection: Anduril covers life and disability insurance for all employees. Generous time off: Highly competitive PTO plans with a holiday hiatus in December. Caregiver & Wellness Leave is available to care for family members, bond with a new baby, or address your own medical needs. Family Planning & Parenting Support: Coverage for fertility treatments (e.g., IVF, preservation), adoption, and gestational carriers, along with resources to support you and your partner from planning to parenting. Mental Health Resources: Access free mental health resources 24/7, including therapy and life coaching. Additional work-life services, such as legal and financial support, are also available. Professional Development: Annual reimbursement for professional development Commuter Benefits: Company-funded commuter benefits based on your region. Relocation Assistance: Available depending on role eligibility. Retirement Savings Plan US Roles: Traditional 401(k), Roth, and after-tax (mega backdoor Roth) options. UK & IE Roles: Pension plan with employer match. AUS Roles: Superannuation plan. The recruiter assigned to this role can share more information about the specific compensation and benefit details associated with this role during the hiring process. To view Anduril's candidate data privacy policy, please visit **********************************************

Accelerate your career. Join the organization that's driving the world's technology and shape the future. Ingram Micro is a leading technology company for the global information technology ecosystem. With the ability to reach nearly 90% of the global population, we play a vital role in the worldwide IT sales channel, bringing products and services from technology manufacturers and cloud providers to business-to-business technology experts. Our market reach, diverse solutions and services portfolio, and digital platform Ingram Micro Xvantage™ set us apart. Learn more at ******************* Come join our team where you'll make technology happen in surprising ways. Let's shape tomorrow - it'll be a fun journey! We have the flexibility of hiring this role in 3 markets: Irvine-CA, Dallas/Fort Worth-TX and Carol Stream, IL. The role has the opportunity to work up to two days remote per week. The Sr Information Security Compliance & Audit Analyst will report to our Sr Manager of Quality and will be part of the OpEx compliance team. The Analyst will support global activities as they relate to ISO27001, ISO9001 and ISO14001. You will be responsible for providing subject matter expertise in ISO27001 Information Security regarding compliance requirements. In addition, implementing, maintaining and improving the Information Security Management System at a corporate level for Ingram Micro facilities across North and Central America. The Information Security Compliance & Audit Analyst will perform and lead complex compliance reviews, within the IT audits including network, internet, applications, telecommunications, security administration, and contingency planning. Assess risks, develops detail audit/compliance programs, execute audit/compliance programs steps, analyses result and effectively communicates results to senior management. Your role: Manage and Support IT compliance activities for regional information security support of ISO27001 auditing, reporting and remediation where appropriate. Coordinate and communicate IT compliance activities to align with Global Information Security leadership in support and improvement of ISO27001 management system. Ensure regional Information Security compliance to Information security standards (ISO27001) requirements Plan and conduct complex IS and integrated audit/compliance projects, including preparation of an objective risk-based assessment and an effective audit/compliance approach. Leads and/or participates on audit/compliance activities of various locations and departments for compliance with plans, policies and procedures. Execute operational activities to support IS audit and compliance activities including technical validation processes. Execute collection of evidence to support compliance status Provide and present reporting including monthly metric delivery Manage escalation and enforcement for unresolved noncompliance issues Manage and Support External Audit activities and reporting Work with Information Security staff to ensure tools and reporting mechanisms are satisfactorily meeting statutory objectives Support compliance and security validation of all 3rd party IT providers Maintain strong working relationships with internal and external support teams including Global, Regional and Country Information Security associates Work on special projects as required by management Stay abreast of changes within the Information Security compliance areas including business change requirements and regulatory changes from an international perspective Support and enforce Information Security Policy, Standards, and Guidelines for business operations and technology implementations Work as the Subject Matter Expert (SME) on assigned projects and offers council regarding the intent of Compliance requirements What you bring to the role: Bachelor's degree in computer science, engineering, or related science and math discipline with an information security or business emphasis is required. A minimum of 5 years of experience with IS compliance projects (specifically ISO27001) Understands key security concepts such as access management, vulnerability and patch management, security information event management, and encryption Strong understanding of TCP/ IP and other network protocols Understanding of the basic audit best practices, standards and methodologies Ability to formulate detailed technical documentation preferred ASQ Certified Engineer, Auditor or OE Managers preferred Experience using SharePoint, MS Excel, Word, PowerPoint and Visio Must possess a valid passport and be legally allowed to leave and return to originating country. Attributes we look for: The ability to work independently and in cross functional teams Actively looks for opportunities to develop new ideas to positively impact existing methods, services, or products. Understands, analyzes, and documents cost/benefit analysis where appropriate. Actively accepts individual and team responsibilities and meet commitments. Takes responsibility for own performance and actions and demonstrates responsibility and teamwork towards overall team/department goals. Ability to multi-task and work on projects concurrently and under tight deadlines Must be detail oriented and customer focused with excellent time management skills Takes and exhibits initiative to further develop technical and professional skills, by attending training and/or willingness to learn new systems or technologies in use by the Information Systems department. Possesses understanding of Ingram Micro's business including knowledge of department names and business processes conducted by each, company global organization, and key customer and vendor segments. Behavorial Competencies: Communication Excellent verbal, written and inter-personal communication skills Strong communication skills; capable of explaining technical issues simply both verbally and in writing Keeps his/her manager informed of any problems, challenges, or unanticipated events affecting his/her work. Listens respectfully and avoids interrupting. Expresses ideas and suggestions in an organized and concise manner both orally and in written form. Solicits and readily accepts constructive feedback. Maintains composure when addressing an adversarial or hostile audience. Decision Making Researches and collects appropriate data points for effective decision making. Readily makes recommendations and includes necessary documentation and material to support conclusions. Develops Innovative Practices Identify, develop and manage innovative ideas and solutions to problems. Identify opportunities to reduce inefficiencies in work processes. Recognizes when it is appropriate to challenge the status quo and when it is not. Works as a Team Member Supports team decisions to implement changes, suggestions, improvements, and solutions. Encourages and supports the exploration and application of best practices. Offers assistance to others and shares information regardless of personal likes or dislikes. Acts with Integrity & Respect Prevents personal conflicts from interfering with his/her objectivity. Consistently arrives on time for meetings and appointments. Accepts responsibility for the results of his/her decisions and actions. Behaves in a way that is consistent with Ingram Micro's values. #LI-Hybrid #LI-AH1 The typical base pay range for this role across the U.S. is USD $93,000.00 - $158,100.00 per year. The ranges above reflect the potential annual base pay across the U.S. for all roles; the applicable base pay range will depend on the candidate's primary work location, pay grade, and variable compensation plan. Individual base pay within each range depends on various factors, in addition to primary work location, such as complexity and responsibility of role, job duties/requirements, and relevant experience and skills. Base pay ranges are reviewed and typically updated each year. Offers are made within the base pay range applicable at the time of hire. New hires starting base pay generally falls in the bottom half (between the minimum and midpoint) of a pay range. At Ingram Micro certain roles are eligible for additional rewards, including merit increases, annual bonus or sales incentives and long-term incentives. These awards are allocated based on position level and individual performance. U.S.-based employees have access to healthcare benefits, paid time off, parental leave, a 401(k) plan and company match, short-term and long-term disability coverage, basic life insurance, and wellbeing benefits, among others. This is not a complete listing of the job duties. It's a representation of the things you will be doing, and you may not perform all these duties. Please be prepared to pass a drug test and successfully pass a pre-employment (post offer) background check. Ingram Micro Inc. is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, veteran status, or any other protected category under applicable law.

Country: United States of America Onsite U.S. Citizen, U.S. Person, or Immigration Status Requirements: Active and transferable U.S. government issued security clearance is required prior to start date. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance Security Clearance: Secret - Current At Raytheon, the foundation of everything we do is rooted in our values and a higher calling - to help our nation and allies defend freedoms and deter aggression. We bring the strength of more than 100 years of experience and renowned engineering expertise to meet the needs of today's mission and stay ahead of tomorrow's threat. Our team solves tough, meaningful problems that create a safer, more secure world. Raytheon is seeking a well-qualified Systems Security Engineer II (P2) to join our Systems Security Engineering (SSE) team in developing solutions to protect the Warfighter's technology advantage. Systems Security Engineering creates holistic security solutions leveraging Cyber Security, Software Assurance and Supply Chain Risk Management to support Program Protection Implementation on embedded weapons systems. Join our highly visible team and perform technically challenging assignments, which will directly contribute to protecting our nation and our Warfighters. This is an onsite position at Raytheon in Fullerton, CA. What You Will Do Lead the patch team, ensuring on-time delivery of patches to our customer Perform analysis on cybersecurity collected data and test results Validate secure configuration of routers, switches, firewalls, servers, operating systems, applications, and other assets, using DoD approved scanning and assessment tools such as Nessus, STIG, Evaluate STIG, and/or RADIX Create and maintain Linux Bash and Python scripts Create patch artifacts such as patch media and information assurance posture reports Qualifications You Must Have Typically requires a Bachelor's Degree in Science, Technology, Engineering or Mathematics (STEM) and 2 years of prior relevant experience Active and transferable U.S. government issued DoD Secret security clearance is required prior to start date. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance Experience in System Security Engineering, computer technology reverse engineering, cybersecurity or embedded security Qualifications We Prefer Experience with scrum planning and scrum tools such as Jira Experience in the SSE implementation throughout the entire life cycle Experience contributing to a team environment for the purpose of developing creative solutions to technical problems Cyber Certifications in accordance with DoDD 8570/DoDD 8140 such as CISSP, GSLC, CEH Experience supporting the development of Risk Management Framework (RMF) documents and controls validation testing for Authority to Operate (ATO) accreditations Candidate must exhibit an exceptional degree of ingenuity, creativity and resourcefulness Excellent communication, technical writing, oral presentation and interpersonal skills What We Offer Our values drive our actions, behaviors, and performance with a vision for a safer, more connected world. At RTX we value: Trust, Respect, Accountability, Collaboration, and Innovation Relocation Eligible - Relocation assistance is available As part of our commitment to maintaining a secure hiring process, candidates may be asked to attend select steps of the interview process in-person at one of our office locations, regardless of whether the role is designated as on-site, hybrid or remote. The salary range for this role is 72,000 USD - 144,000 USD. The salary range provided is a good faith estimate representative of all experience levels. RTX considers several factors when extending an offer, including but not limited to, the role, function and associated responsibilities, a candidate's work experience, location, education/training, and key skills.Hired applicants may be eligible for benefits, including but not limited to, medical, dental, vision, life insurance, short-term disability, long-term disability, 401(k) match, flexible spending accounts, flexible work schedules, employee assistance program, Employee Scholar Program, parental leave, paid time off, and holidays. Specific benefits are dependent upon the specific business unit as well as whether or not the position is covered by a collective-bargaining agreement.Hired applicants may be eligible for annual short-term and/or long-term incentive compensation programs depending on the level of the position and whether or not it is covered by a collective-bargaining agreement. Payments under these annual programs are not guaranteed and are dependent upon a variety of factors including, but not limited to, individual performance, business unit performance, and/or the company's performance.This role is a U.S.-based role. If the successful candidate resides in a U.S. territory, the appropriate pay structure and benefits will apply.RTX anticipates the application window closing approximately 40 days from the date the notice was posted. However, factors such as candidate flow and business necessity may require RTX to shorten or extend the application window. RTX is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or veteran status, or any other applicable state or federal protected class. RTX provides affirmative action in employment for qualified Individuals with a Disability and Protected Veterans in compliance with Section 503 of the Rehabilitation Act and the Vietnam Era Veterans' Readjustment Assistance Act. Privacy Policy and Terms: Click on this link to read the Policy and Terms

Are you passionate about administrating and enforcing solutions that safeguard data? Are your interested in serving your fellow team and the community? If so, we want to talk to you - we are currently looking for Service Superstars to join our Team! An Information Security Analyst 1 takes a lead role in the research, design, and implementation of all information security related hardware or software; including operating systems and communications products, coordinating implementations with third party vendors and supporting representatives as needed. This role also serves as a liaison between vendors and other departments on information security related projects. Duties and Essential Functions: Service Personally, provides exceptional member service; uses Service Standards in every work-related interaction. Ensures that exceptional member service is being provided to members and team members, at all times. Serves as a strong example of leadership in work ethic, professionalism, and conduct. Promotes a harmonious work environment that motivates others towards team participation, goal setting/accomplishment, and personal development. Daily Operations Assists in the management of multiple information security systems, ensuring proper integration of the components with computer systems, network equipment and other devices. Assists in research of data security needs and requirements for current and future systems. Performs regular vulnerability analysis for intentional and unintentional systems misuse and identifies appropriate counter measures. Takes a supporting role in the management of the Credit Union's information security program including establishing, implementing and monitoring of information security, incident response procedures and policies, system configuration standards and ongoing risk assessments. Assists the credit union management team with the creation, modification, and implementation of Information Security policies and standards. Performs routine audits of security databases including Active Directory, Anti-Virus, Data Loss Prevention (DLP), Group Policy, Remote Authentication Dial-In User Service (RADIUS), and regularly reviews other security logging systems. Designs and/or implements changes to these systems in response to any discovered vulnerabilities. Performs regular audits of credit union procedures including new hire/transfer/separation process, configuration checklists, firewall changes, Uniform Resource Locator (URL)/Spam filter changes, DLP changes, file permission changes, inventory changes, equipment changes, and system health checks. Takes a supporting role in the management of Credit Union patch management, anti-virus, Spam filtering, DLP, URL filtering, and intrusion prevention systems. Assists with the development and implementation of active directory group policy objects with an emphasis on enhancing computer systems security. Manages the creation, deletion, or alteration of systems access for Credit Union team members. Makes key decisions on whether to honor system access requests and responds appropriately. Takes a supporting role in the research, design, and implementation of all information security related hardware or software including operating systems and communications products; assists with coordination of implementations with third party vendors and supports representatives as needed; serves as a liaison between vendors and other departments on information security related projects. Conducts various training and instruction programs for credit union team members on the secure use of e-mail and the internet as well as operating systems, networking, computer applications and databases. Assists in the evaluation of new projects and proposes systems for security risks and makes recommendations for implementation to management. Takes supporting role in analyzing, planning and implementing projects including software, in-house development, hardware, and networks to provide new products and services to members of the credit union and to improve the effectiveness of member data security. Performs capacity planning and tuning of information security systems to assure maximum availability and optimal utilization; directs/assists with hardware and software upgrades as needed. Develops project scope and timeline documents for individual projects per Information Systems (IS) Department standards. Stays current with evolving trends in information security related hardware, applications, development, and the internet. Provides guidance and assistance on technical skills to other IS staff. Provides regular documentation and reports on the progress of information security initiatives as well as provides suggestions or plans to further improve the credit union's security efforts. Other duties as deemed necessary and assigned by Supervisor to achieve the goals of the department and the Credit Union. Benefits Include: (not a complete list) Wellbeing Weekly pay 401K Retirement Savings Plan with company match Paid time off accrual begins upon hire, 15 paid vacation days, 11 paid holidays Paid sick leave Company-provided life insurance at twice your annual salary Financial Education Programs DoorDash DashPass Health Medical, Dental, and Vision Insurance for part-time and full-time employees Modern Health Care.com subscription Teladoc Career Development Career development opportunities Team members are eligible to apply for assistance with educational expenses through ArrowHeart's scholarship program. To learn more about Arrowhead Credit Union and our service culture, visit our Career page, and our ArrowHeart Foundation. The pay range for this position is listed below. Starting pay for successful applicants is generally within the minimum to midpoint of the pay range. Our consideration for pay is designed to support career growth and development over time. Offers extended depend on a variety of job-related factors, including but not limited to individual experience, knowledge, training, education, geographic location, market demands, and internal equity. Pay range: Minimum: $35.11/hourly | Midpoint: $43.89/hourly | Maximum: $52.67/hourly

If you are a technology visionary with a passion for transforming global tax business with digital technology, consider working with the US Tax Transformation technology team. This is an exciting opportunity to support global execution of Deloitte's tax strategy as we shift from "doing digital" to "being digital" by reimagining how we engage with our clients, deliver our services, operate our business, and create value. Work you'll do As a Deloitte Manager, AI Security Engineer, you will be crucial in safeguarding our advanced AI models, data, and infrastructure. You'll work closely with Data Scientists, Data Engineers, and MLOps/DevOps teams. Additional responsibilities include: * Implement defenses against AI-specific attacks (adversarial, prompt injection, data leakage) * Conduct AI-focused security assessments, penetration tests, red/purple team exercises * Analyze AI system vulnerabilities, develop mitigation strategies, and create AI risk heat maps * Implement security controls throughout the AI/ML lifecycle (data handling, training with GPU isolation, deployment, monitoring, versioning, provenance). Integrate SAST/DAST for ML artifacts * Manage audit trails and automated compliance checks * Implement AI-specific incident response and develop regulatory disclosure playbooks * Manage AI security monitoring, implement executive dashboards linking security to business KPIs, develop security metrics (Adversarial Risk Score, Model Drift Index) * Implement secure training environments and fine-grained data access controls * Contribute to AI-generated fraud detection in transaction monitoring systems. * Act as an AI security SME, continuously research emerging threats The team Deloitte Tax LLP's Tax Transformation Office (TTO) is responsible for the design, development, and deployment of innovative, enterprise technology, tools, and standard processes to support the delivery of tax services. The TTO team focuses on enhancing Deloitte Tax LLP's ability to deliver comprehensive, value-added, and efficient tax services to our clients. It is a dynamic team with professionals of varying backgrounds from tax technical, technology development, change management, Six Sigma, and project management. The team consults and executes on a wide range of initiatives involving process and tool development and implementation including training development, engagement management, tool design, and implementation. Qualifications Required: * Bachelor's degree in computer science, Engineering, or a related field. * Ability to perform job responsibilities within a hybrid work model that requires US Tax professionals to co-locate in person 2 - 3 days per week. * 5+ years of experience in cybersecurity (application, cloud and data security) with strong proficiency in security scripting, automation, and tool development. * Deep understanding of AI-specific threat vectors (adversarial attacks, prompt injection, data leakage). * Demonstrated, hands-on experience with the Azure Cloud ecosystem and its security services. * Proven experience translating regulatory frameworks (NIST AI RMF, EU AI Act) into technical controls. * Ability to travel 20%, on average, based on the work you do and the clients and industries/sector you serve. * Limited immigration sponsorship may be available. * One of the following active accreditations obtained: * Licensed CPA in state of practice/primary office if eligible to sit for the CPA * If not CPA eligible: * Licensed Attorney * Enrolled Agent * Technology Certifications: * AWS Certified Solutions Architect * Certified in Risk and Information Systems Controls (CRISC) * Certified Information Systems Security Professional (CISSP) * Certified SAFe Advanced Scrum Master * Certified SAFe Agile Software Engineer * Certified SAFe Architect * Certified SAFe DevOps Practitioner * Certified SAFe Practitioner * Certified SAFe Scrum Master * Certified Secure Software Lifecycle Professional (CSSLP) * Certified Secure Software Lifecycle Professional (CSSLP) - (ISC)2 * IASA's Certified IT Architect (CITA) (Level F or A) * ITIL Certification * Lifecycle Management and Advanced Functional Testing Certifications (HP) * Microsoft Azure * SEI - Software Engineering Institute Certification Preferred: * Master's degree in computer science or related field. * Knowledge of AI security frameworks. * Familiarity with relevant data privacy and security regulations (GDPR, DORA). * Azure Cloud security services ecosystem (Microsoft Sentinel, Azure Monitor, Azure Policy, Purview, Key Vault, Azure ML security). * Securing MLOps/LLMOps pipelines (data versioning, provenance, GPU isolation). * Security frameworks (OWASP AI Security & Privacy Guide). * Automated compliance checks (e.g., via Azure Monitor). * Security monitoring (e.g., Microsoft Sentinel with KQL). * Secure training environments (Azure ML, HSMs). * Data access controls (Azure Policy, Purview). * Security assessment tools (SAST, DAST) adapted for ML. The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $113,890 to $227,370. You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance. Information for applicants with a need for accommodation: ************************************************************************************************************ Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Our purpose Deloitte's purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Learn more. Professional development From entry-level employees to senior leaders, we believe there's always room to learn. We offer opportunities to build new skills, take on leadership opportunities and connect and grow through mentorship. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career. As used in this posting, "Deloitte" means Deloitte Tax LLP, a subsidiary of Deloitte LLP. Please see ********************************* for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. Certain services may not be available to attest clients under the rules and regulations of public accounting. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law. Qualified applicants with criminal histories, including arrest or conviction records, will be considered for employment in accordance with the requirements of applicable state and local laws, including the Los Angeles County Fair Chance Ordinance for Employers, City of Los Angeles's Fair Chance Initiative for Hiring Ordinance, San Francisco Fair Chance Ordinance, and the California Fair Chance Act. See notices of various fair chance hiring and ban-the-box laws where available. Fair Chance Hiring and Ban-the-Box Notices | Deloitte US Careers Requisition code: 315489 Job ID 315489

** Sandisk understands how people and businesses consume data and we relentlessly innovate to deliver solutions that enable today's needs and tomorrow's next big ideas. With a rich history of groundbreaking innovations in Flash and advanced memory technologies, our solutions have become the beating heart of the digital world we're living in and that we have the power to shape. Sandisk meets people and businesses at the intersection of their aspirations and the moment, enabling them to keep moving and pushing possibility forward. We do this through the balance of our powerhouse manufacturing capabilities and our industry-leading portfolio of products that are recognized globally for innovation, performance and quality. Sandisk has two facilities recognized by the World Economic Forum as part of the Global Lighthouse Network for advanced 4IR innovations. These facilities were also recognized as Sustainability Lighthouses for breakthroughs in efficient operations. With our global reach, we ensure the global supply chain has access to the Flash memory it needs to keep our world moving forward. **Job Description** **ESSENTIAL DUTIES AND RESPONSIBILITIES:** + Development of various cryptography-based security features such as data encryption, Secure Boot, and Device Attestation. + Integrate these security protocols and features into the SSD data and control flows to ensure a robust and secure system. Additionally, investigate and resolve any security protocol compatibility issues that may arise. + Investigating failures, documenting bug reports, and providing valuable assistance to product teams in identifying and resolving issues. + Debugging, optimizing, and validating the Firmware on SoC platforms, as well as bringing up of FPGA and ASIC. + Contribute to the Security Development Lifecycle of the Firmware by supporting its development at different stages, including design, threat analysis, implementation, validation, vulnerability testing, certification, and audit. **Qualifications** **REQUIRED:** To qualify for this position, an ideal candidate would have/be. + A degree in Computer Science, Electrical/Computer Engineering, Software Engineering, or a related field. + **3+ years of experience** in embedded programming, with proficiency in C/C++ and one or more of the following: Python, Rust, Go. + Strong understanding of microcontroller architectures and debugging of hardware/firmware issues. + Experience in firmware code review, CI/CD test and validation methodology, as well as static and dynamic code analysis. Familiarity with the Agile software development process life cycle is also desired. + Proficiency in failure analysis in debugging an embedded firmware application, using JTAG/debuggers such as Lauterbach. + An engineer who can take ownership of given features and manage them from start to finish. Being self-motivated and driven is essential for this role. + Good communication skills and be able to work effectively with cross-functional teams. **What Sets You Apart** + Detailed knowledge of RISC-V Instruction Set Architectures (ISA) + Technical expertise in applied cryptography and firmware/hardware security, including knowledge of data encryption, trusted execution environment, secure boot, and device attestation. + Knowledge of storage controller architectures and security protocols, such as TCG Opal/Ruby/Pyrite, IEEE 1667, SPDM, and IDE. + Develop firmware on SoC platforms, run simulation or bringing up FPGA and ASIC. + Familiarity with writing code in Github repository and it's CI/CD testing framework. **Additional Information** Sandisk is committed to providing equal opportunities to all applicants and employees and will not discriminate against any applicant or employee based on their race, color, ancestry, religion (including religious dress and grooming standards), sex (including pregnancy, childbirth or related medical conditions, breastfeeding or related medical conditions), gender (including a person's gender identity, gender expression, and gender-related appearance and behavior, whether or not stereotypically associated with the person's assigned sex at birth), age, national origin, sexual orientation, medical condition, marital status (including domestic partnership status), physical disability, mental disability, medical condition, genetic information, protected medical and family care leave, Civil Air Patrol status, military and veteran status, or other legally protected characteristics. We also prohibit harassment of any individual on any of the characteristics listed above. Our non-discrimination policy applies to all aspects of employment. We comply with the laws and regulations set forth in the "Know Your Rights: Workplace Discrimination is Illegal (************************************************************************************** " poster. Our pay transparency policy is available here (*********************************************************************************************** . Sandisk thrives on the power and potential of diversity. As a global company, we believe the most effective way to embrace the diversity of our customers and communities is to mirror it from within. We believe the fusion of various perspectives results in the best outcomes for our employees, our company, our customers, and the world around us. We are committed to an inclusive environment where every individual can thrive through a sense of belonging, respect and contribution. Sandisk is committed to offering opportunities to applicants with disabilities and ensuring all candidates can successfully navigate our careers website and our hiring process. Please contact us at jobs.accommodations@sandisk.com to advise us of your accommodation request. In your email, please include a description of the specific accommodation you are requesting as well as the job title and requisition number of the position for which you are applying. Based on our experience, we anticipate that the application deadline will be **03/15/2026** (3 months from posting), although we reserve the right to close the application process sooner if we hire an applicant for this position before the application deadline. If we are not able to hire someone from this role before the application deadline, we will update this posting with a new anticipated application deadline. \#LI-RT1 **Compensation & Benefits Details** + An employee's pay position within the salary range may be based on several factors including but not limited to (1) relevant education; qualifications; certifications; and experience; (2) skills, ability, knowledge of the job; (3) performance, contribution and results; (4) geographic location; (5) shift; (6) internal and external equity; and (7) business and organizational needs. + The salary range is what we believe to be the range of possible compensation for this role at the time of this posting. We may ultimately pay more or less than the posted range and this range is only applicable for jobs to be performed in California, Colorado, New York or remote jobs that can be performed in California, Colorado and New York. This range may be modified in the future. + You will be eligible to participate in Sandisk's Short-Term Incentive (STI) Plan, which provides incentive awards based on Company and individual performance. Depending on your role and your performance, you may be eligible to participate in our annual Long-Term Incentive (LTI) program, which consists of restricted stock units (RSUs) or cash equivalents, pursuant to the terms of the LTI plan. Please note that not all roles are eligible to participate in the LTI program, and not all roles are eligible for equity under the LTI plan. RSU awards are also available to eligible new hires, subject to Sandisk's Standard Terms and Conditions for Restricted Stock Unit Awards. + We offer a comprehensive package of benefits including paid vacation time; paid sick leave; medical/dental/vision insurance; life, accident and disability insurance; tax-advantaged flexible spending and health savings accounts; employee assistance program; other voluntary benefit programs such as supplemental life and AD&D, legal plan, pet insurance, critical illness, accident and hospital indemnity; tuition reimbursement; transit; the Applause Program, employee stock purchase plan, and the Sandisk's Savings 401(k) Plan. + Note: No amount of pay is considered to be wages or compensation until such amount is earned, vested, and determinable. The amount and availability of any bonus, commission, benefits, or any other form of compensation and benefits that are allocable to a particular employee remains in the Company's sole discretion unless and until paid and may be modified at the Company's sole discretion, consistent with the law.

It's fun to work in a company where people truly BELIEVE in what they're doing! We're committed to bringing passion and customer focus to the business. The Information Security Engineer is responsible for contributing to the corporate Information Security program by assisting in the identification, recommendation and implementation of industry leading application security tools and techniques. The incumbent will also maintain and update application security processes and procedures and train team members on any relevant updates. This position is remote, but local to the Temecula, CA office. Essential Functions Assist with the development, implementation, and administration of information security policies, standards, and procedures, adhering to industry best practices Assist in integrating regulatory compliance requirements (e.g., PCI, GLBA) into the organizational security roadmap Assist in ensuring that the corporate IT environment is secure and complies with all external audit requirements and federal standards Coordinate with IT Operations to ensure endpoints and network devices conform to security standards, and that security devices and controls are working as designed Assist in the identification, evaluation and implementation of industry leading application security tools and techniques Plan, coordinate, and implement security measures to regulate access to computer data files and prevent unauthorized modification, destruction, or disclosure of information Perform risk assessments and execute system tests to ensure proper functioning of data processing activities and security measures Identify potential security risks, and define and document remediation options or mitigating controls Perform security incident investigations including: chain of custody, containment measures, root cause analysis, and identification of preventive measures Define and assist in the management of an Incident Response Team that addresses potential or in-progress security events, establishing and adhering to escalation procedures and response times Perform information systems evidence gathering, to support e-discovery requests and messaging searches Perform security reviews on requests for new commercial software or material configuration changes to existing software Perform periodic internal IT security audit functions on IT operational controls, to include system access controls, firewall rule reviews, etc. Participate in on-call rotation Perform related duties as requested Essential Knowledge, Skills, & Abilities Excellent written and verbal communication skills required Solid presentation skills Significant knowledge of security-oriented regulatory requirements and compliance Excellent familiarity with IT security principles and practices including firewalling, hardening, data loss prevention, threat prevention, and identity management. Ability to provide technical guidance to less experienced team members Knowledge of the mortgage industry is helpful, but not required Commitment and ability to cultivate a diverse and inclusive work environment. Education Bachelor's degree in computer science, Engineering, Information Systems Security or a related field is required. Security class certifications strongly preferred Azure certifications preferred CISSP license preferred Experience 5+ years of related IT experience required 2+ years in an Information Security engineering role 3+ years of experience in a regulated IT environment including some combination of SOX, HIPAA, GLBA, PCI preferred Compensation and Benefits Covius offers an extensive benefits package for all employees, including medical, dental, vision and 401(k)! Compensation: $96,000 to $120,000 annually with a 10% AIP opportunity Application Guidelines: For best consideration, please submit your resume and application materials as soon as possible. Review of applications will begin immediately. Working Conditions Work is performed in a climate controlled indoor administrative office setting. The noise level in the work environment is usually quiet to moderate, depending upon the office or meeting location. Physical Demands and Activities While performing the duties of this job, the employee is frequently required to communicate. The employee frequently is required to remain stationary. The employee is frequently required to move about the office, operate a computer and other office machinery, such as calculator, copy machine, and computer printer; rarely position self to maintain files; rarely moves boxes weighing up to 10 lbs. Close and distance observation required with the ability to observe objects at close range in presence of glare or bright lighting (e.g., computer screen). Must possess the ability to communicate information and ideas so others will understand and have the ability to interact with external and internal stakeholders. Covius is committed to equal opportunity in all employment practices to all qualified applicants and employees without regard to race, color, religion, gender, gender identity, age, national origin, pregnancy, disability, genetics, marital status, military or veteran status or any other protected category as established by local, state, and federal law. This policy applies to all aspects of the employment relationship including recruitment and hiring, placement, promotion, transfer, compensation, disciplinary action, layoff, leaves of absence, training, and termination. All such employment decisions will be made without unlawful discrimination based on any prohibited basis. The essential functions, working conditions and physical demands described above are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of this position. Please note that all s are not intended to be all-inclusive. This job description is not designed to cover all activities, duties or responsibilities that are required of the employee for this job. Employees may be required to perform other duties at any time with or without notice to meet the ongoing needs of the organization. If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us!

**BANC OF CALIFORNIA AND YOUR CAREER** Banc of California, Inc. (NYSE: BANC) is a bank holding company headquartered in Los Angeles with one wholly-owned banking subsidiary, Banc of California (the "bank"). Banc of California is one of the nation's premier relationship-based business banks focused on providing banking and treasury management services to small, middle-market, and venture-backed businesses. Banc of California offers a broad range of loan and deposit products and services, with full-service branches throughout California and Denver, Colorado, as well as full-stack payment processing solutions through its subsidiary, Deepstack Technologies. The bank is committed to its local communities by supporting organizations that provide financial literacy and job training, small business support, affordable housing, and more. At Banc of California, our success is driven by our people, and we take pride in fostering an environment where everyone can reach their full potential. We embrace a culture of empowerment, progressive thinking, and entrepreneurial spirit, ensuring our team members have an opportunity to make an impact and play an important role in the future of Banc of California. Our core values - Entrepreneurialism, Operational Excellence, and Superior Analytics - empower us in creating a dynamic and inclusive workplace. We are committed to supporting your growth and well-being with comprehensive benefits, career development programs, a variety of employee resource groups, and more. TOGETHER WE WIN **THE OPPORTUNITY** The Senior GRC Information Security Analyst role will be part of the Information Security Governance, Risk, & Compliance (GRC) team at Banc of California. The Information Security GRC team is responsible for the overall security posture of Banc of California by ensuring compliance with applicable regulations and contractual obligations and maintaining effective and efficient governance, risk, and compliance programs. In addition, the Information Security GRC team is directly involved with supporting and enabling Information Technology, Information Security compliance initiatives. We seek a Senior GRC Information Security Analyst with extensive experience implementing, managing, and maturing compliance programs, including but not limited to SOC2, ISO27xxxx, GLBA, GDPR, and CCPA. The individual must possess a significant level of technical knowledge that allows for clear communication with security and technology stakeholders and the ability to provide actionable guidance and recommendations on processes. As a member of the Information Security GRC team, this role will be instrumental in supporting the strategy of the GRC program in partnership with senior management. In addition to technical acumen, the role requires an individual who is results-oriented, pragmatic, and demonstrates effective problem-solving and communication skills. The Senior GRC Information Security Analyst often serves as the subject matter expert for colleagues and line-of-business managers, and experience with multiple technologies, compliance requirements and risk management methodologies are crucial. Performs all duties in accordance with the Company's policies and procedures, all U.S. state and federal laws and regulations, wherein the Company operates. **HOW YOU'LL MAKE A DIFFERENCE** + Contribute to the development, management, and ongoing improvement of Information Security risk program, compliance initiatives, and overall security risk posture. + Partner with senior management to design and implement maturity strategies and operations into the Information Security GRC team. + Lead critical control activities with stakeholders across the business, quantifying risk, evaluating mitigations, and driving actions to measurably reduce risk. + Conduct regular risk assessments to identify potential threats and vulnerabilities across the organization analyzing their impact and likelihood of occurrence. + Generate reports on risk assessments, compliance status, and control effectiveness to communicate findings to stakeholders at various levels within the organization. + Establish and contribute to risk and compliance activities with an eye toward continuous controls monitoring automation. + Validate that information security requirements are built into architecture and new technology projects. + Maintain Information Security risk register, report monthly to appropriately address key risk areas. + Conduct technical security posture review for annual vendor monitoring and re-assessment processes for new and existing vendors. + Provide support to the Information Security Incident Response team during cyber/privacy incidents. + Support internal and external audits by providing documentation and supporting evidence of compliance. + Support policies and procedures maintenance aligned with in-scope security frameworks, regulations, and internal standards to manage identified risk effectively. + Prepare detailed reports for senior leadership, including KRI and KPI. + Act as a mentor, advisory, and escalation point for team members and stakeholders. + Treat people with respect; keep commitments; inspire the trust of others; work ethically and with integrity; uphold organizational values; accept responsibility for own actions. + Demonstrates knowledge of and adherence to EEO policy; shows respect and sensitivity for cultural differences; educates others on the value of diversity; promotes working environment free of harassment of any type; builds a diverse workforce and supports affirmative action. + Follows policies and procedures; completes tasks correctly and on time; supports the company's goals and values. + Performs the position safely, without endangering the health or safety to themselves or others and will be expected to report potentially unsafe conditions. The employee shall comply with occupational safety and health standards and all rules, regulations and orders issued pursuant to the OSHA Act of 1970, which are applicable to one's own actions and conduct. + Performs other duties and projects as assigned. **WHAT YOU'LL BRING** + Bachelor's degree in information systems, engineering, business, risk management, or related field; and related certifications (e.g., CRISC, CISSP, CISS, CISM, CISA, Security+, CEH, GSEC). + 5+ years of experience in GRC, security, risk management or related fields, particularly in highly regulated industries such as financial, professional services, or government, with expertise in navigating complex regulatory requirements. + High technical knowledge across Cybersecurity domains, including Security Operations, Incident Response, Security Engineering, Cloud Security, Artificial Intelligence (AI), Data Security, Configuration Management, Log Generation, Security Risk Assessments/testing methodologies, Secure Software Development Lifecycle, evaluating the adequacy and efficiency of internal controls. + Expert knowledge of GRC frameworks and regulations (e.g., PCI-DSS, GDPR, CCPA, GLBA, NIST, ISO 27001). + Strong knowledge in OWASP, CIS and/or other security standards and secure configuration baselines. + Experience developing and implementing GRC framework, policies and procedures. + Excellent analytical skills with the ability to assess complex risks and develop effective mitigation security strategies. + Proven ability to lead and manage projects, including coordinating cross-functional teams and delivering results on time. + Ability to adapt to a fast-paced and dynamic environment, with a focus on continuous improvement and innovation. + Ability to work on multiple GRC projects simultaneously. + Excellent communication and interpersonal skills. **HOW WE'LL SUPPORT YOU** + **Financial Security:** You will be eligible to participate in the company's 401k plan which includes a company match and immediate vesting. + **Health & Well-Being:** We offer comprehensive insurance options including medical, dental, vision, AD&D, supplemental life, long-term disability, pre-tax Health Savings Account with employer contributions, and pre-tax Flexible Spending Account (FSA). + **Building & Supporting Your Family:** Banc of California partners with providers that offeradoption, surrogacy, and fertility assistance as well as paid parental leave and family support solutions including care options for your family. + **Paid Time Away:** Eligible team members receive paid vacation days, holidays, and volunteer time off. + **Career Growth Opportunities:** To support career growth of our team members, we offer tuition reimbursement, an annual mentorship program, leadership development resources, access to LinkedIn Learning, and more. **SALARY RANGE** The base salary ultimately offered is determined through a review of education, industry experience, training, knowledge, skills, abilities of the applicant in alignment with market data and other factors. Banc of California is an equal opportunity employer committed to creating a diverse workforce. All qualified applicants will receive consideration for employment without regard to age (40 and over), ancestry, color, religious creed (including religious dress and grooming practices), denial of Family and Medical Care Leave, disability (mental and physical) including HIV and AIDS, marital status, medical condition (cancer and genetic characteristics), genetic information, military and veteran status, national origin (including language use restrictions), race, sex (which includes pregnancy, childbirth, breastfeeding and medical conditions related to pregnancy, childbirth or breastfeeding), gender, gender identity, gender expression, and sexual orientation. If you require reasonable accommodation as part of the application process, please contact Talent Acquisition. Equal Opportunity Employer This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the Know Your Rights (**************************** notice from the Department of Labor. Equal Opportunity Employer PacWest Bancorp and its affiliates are fully committed to the principles of equal opportunity and diversity. We take pride in building a workplace culture where all employees feel supported and respected, and have equal access to career and development opportunities without regard to race, religion/creed, color, national origin, age, marital status, ancestry, sex, gender (including pregnancy, childbirth, breastfeeding or related medical conditions), gender identity/expression, sexual orientation, veteran status, physical or mental disability, medical condition, military status, genetic information, or any other characteristic protected by federal, state or local laws.

About GoodLeap:GoodLeap is a technology company delivering best-in-class financing and software products for sustainable solutions, from solar panels and batteries to energy-efficient HVAC, heat pumps, roofing, windows, and more. Over 1 million homeowners have benefited from our simple, fast, and frictionless technology that makes the adoption of these products more affordable, accessible, and easier to understand. Thousands of professionals deploying home efficiency and solar solutions rely on GoodLeap's proprietary, AI-powered applications and developer tools to drive more transparent customer communication, deeper business intelligence, and streamlined payment and operations. Our platform has led to more than $30 billion in financing for sustainable solutions since 2018. GoodLeap is also proud to support our award-winning nonprofit, GivePower, which is building and deploying life-saving water and clean electricity systems, changing the lives of more than 1.6 million people across Africa, Asia, and South America. Position Summary The GoodLeap security team is responsible for both business enablement and safeguarding the organization's information assets; it is involved in virtually all aspects of the business, from product safety and resilience, to building security paved roads, customer, partner, and regulatory trust, managing technology governance and compliance, and ensuring the privacy, and safety of GoodLeap's customers, partners, and employees information. The senior security engineer role provides a unique opportunity to shape the security and resilience of GoodLeap corporate systems, services, and operational processes. In this role, you will work closely with product, engineering, IT, and business teams within GoodLeap, acting as the key individual with both the authority and responsibility to ensure the safety and resilience of enterprise systems, products, and services. Your oversight will encompass: - Enterprise systems:Identifying potential misuse and abuse cases, proposing solutions to address these scenarios, and identifying product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. - Build-time controls: Managing applications/products security controls and activities during development. - Runtime controls: Overseeing security measures at runtime, from prevention to detection and response. Additionally, you will be involved with aspects of internally built products and represent all areas of security, spanning governance, risk, and compliance (GRC) to security monitoring, for a number of departments/teams. You will also have the authority and ability to involve other security team members as needed. While you will take on multiple responsibilities-from advisor to builder and beyond-your primary focus will be designing and building security patterns and practices for services and processes, and fostering strong relationships with product, business, and engineering. Essential Job Duties & Responsibilities Lead, participate in, and contribute to partnerships between security, IT, General & Administrative teams, engineering, product, and operations teams to build, orchestrate, and automate security controls and services in GoodLeap enterprise systems, products, services, and operational processes. Identify potential misuse and abuse cases in enterprise systems, propose solutions to address these scenarios, and identify product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. Support or develop components of the security analytics platform. Contribute to investigations, threat hunting, and incident response activities in a supporting role. Collaborate with the monitoring and response team to create playbooks for specific incident response scenarios related to the products and services you oversee. These investigations, incidents, and playbooks may address security, fraud, privacy, resilience, and related concerns. Support the security operations team with the vulnerability management lifecycle for products and services under your purview. Ensure technical alignment for the products and services you oversee with team initiatives, including GRC, security operations, and monitoring and response activities. Required Skills, Knowledge & Abilities Strong communicator with the ability to lead technical architecture discussions, drive technical decisions, and effectively communicate with non-technical audiences. Expertise in agile product lifecycles. Ideally, you have experience in a product manager or engineering manager role and understand how SaaS products (B2B, B2B2C, and B2C) are built, including roadmap planning and feature and defect prioritization. Experience with threat modeling methodologies, with the ability to create efficient and scalable approaches to conducting such assessments. Familiarity with AWS services, including KMS, SST, Container Registry, ELBs, Lambda, API Gateway, CloudTrail, and IAM (knowledge of GCP and/or Azure is a plus). Proven ability to establish credibility and build trust with business, engineers, and operational staff; confident yet humble. Hands-on experience with managing security for core enterprise systems, e.g., ERP, HCM, Salesforce, etc. Strong understanding of both human and non-human identity management and common enterprise and consumer authentication standards and use cases. Practical experience with CI/CD pipelines and DevOps tools, including Infrastructure-as-Code (IaC) tools like Terraform, Pulumi, or CDK; GitHub and GitHub Actions; artifact management; and secrets management tools like Doppler and HashiCorp Vault. Passionate about learning new technologies. While you're not expected to know everything, you should demonstrate a willingness and ability to learn as needed. Prior experience interfacing and supporting with G&A teams, internal product teams, and other cross-functional areas. Proficiency in writing automation scripts in multiple languages, with prior experience automating security processes in cloud or SaaS environments. Experience engaging with vendors in design partnerships. Experience overseeing vulnerability and threat management at the platform and application levels. Familiarity with penetration testing and red team exercises, including manual verification, exploitation, and lateral movement. Ability to balance a high-level view of security strategy with attention to detail, ensuring thorough and effective execution. In addition to the above salary, this role may be eligible for a bonus. Additional Information Regarding Job Duties and s: Job duties include additional responsibilities as assigned by one's supervisor or other managers related to the position/department. This job description is meant to describe the general nature and level of work being performed; it is not intended to be construed as an exhaustive list of all responsibilities, duties and other skills required for the position. The Company reserves the right at any time with or without notice to alter or change job responsibilities, reassign or transfer job position or assign additional job responsibilities, subject to applicable law. The Company shall provide reasonable accommodations of known disabilities to enable a qualified applicant or employee to apply for employment, perform the essential functions of the job, or enjoy the benefits and privileges of employment as required by the law. If you are an extraordinary professional who thrives in a collaborative work culture and values a rewarding career, then we want to work with you! Apply today! We are committed to protecting your privacy. To learn more about how we collect, use, and safeguard your personal information during the application process, please review our Employment Privacy Policy and Recruiting Policy on AI. We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

Join the Market Leader in Electric Power Data and Analytics Solutions The electrical grid is the largest and most complicated machine ever built. Yes Energy's industry-leading electric power trading analytics software provides real-time visibility into the massive amount of data generated by the North American electrical grid daily. Our unique and innovative view of the data informs real-time trading decisions and mid-to-long-term investment decisions that keep utility prices low, support the energy transition, and keep the grid running. It's both challenging work and work with a purpose. Be a part of our successful, growing business during international transformation. Position Summary As a Security Analyst II, you will be helping keep the grid safe and our customers secure. You will be part of our growing Security & Compliance team, building security automations, creating baselines for on-premises and cloud environments, assisting teams with vulnerability scans and management, supporting our compliance team with evidence gathering and audits, and more. This is an opportunity to be part of a small team with increasing importance and responsibility. You will help Yes Energy stay secure into the future. Position Details Salary range: 80,000 - 95,000 Location: Yes Energy Core Offices or Remote Full-time Reporting to: Senior Manager, IT and Compliance Travel requirement: up to 15% to Yes Energy's core offices Primary Responsibilities Review and triage findings from vulnerability scans, penetration tests, and configuration assessments to identify potential security risks. Work with DevOps, engineers, and system owners to remediate vulnerabilities across multi-cloud and on-prem assets. Support secure configuration baselines for AWS, Azure, and Oracle Cloud resources. Monitor cloud environments for misconfigurations and suspicious activity. Assist with IAM policy reviews and privilege audits. Write scripts (Python, PowerShell, or Bash) to automate detection, reporting, or remediation of security issues. Integrate security tools and data into dashboards or workflow systems (e.g., Jira, SIEM, or ticketing). Provide technical evidence and control implementation support for SOC 2, ISO 27001, or customer security assessments. Partner with the compliance team to map technical controls to framework requirements. Assist with incident triage, response, and root cause analysis. Support endpoint protection, log monitoring, and threat intelligence initiatives. Minimum Qualifications Bachelor's degree in a related field or equivalent related experience Minimum of two years of experience with security exposure in information security, systems administration, or DevOps. Proficient in at least one scripting language (Python, PowerShell, or Bash). Strong understanding of operating systems, networking, and cloud fundamentals. Knowledge of security frameworks such as NIST Familiarity with vulnerability management tools (e.g., Tenable, Qualys, Rapid7, AWS Inspector, or Microsoft Defender). Working knowledge of AWS, Azure, and/or Oracle Cloud security controls and services. Comfortable working cross-functionally with engineering, IT, and compliance teams. Knowledge, Skills, and Abilities Ability to travel up to 15% to assist in team building and planning exercises. Strong, professional communication skills, both verbal and written, including the skill in articulating and translating technical language to non-technical customers. Ability to plan for contingencies and anticipate problems. Ability to ask critical questions to assess needs and requirements Preferred Qualifications Experience with SIEM or SOAR platforms (e.g., Splunk, Microsoft Sentinel). Familiarity with infrastructure such as code (Terraform, CloudFormation). Exposure to compliance frameworks such as SOC 2, ISO 27001, or NIST 800-53. Security certifications (Security+, GSEC, AWS Security Specialty, or similar). Endpoint Security/Patching/Inventory experience At Yes Energy, we value connecting directly with candidates. We kindly ask that third-party recruiters and agencies not submit resumes, as we are not open to external recruiting partnerships. ABOUT YES ENERGY Overview Yes Energy delivers real-time market data and electric power trading decision solutions. Over 1,000 market participants use Yes Energy solutions daily. The business is a leader in all aspects of information content collection and management, developing and delivering data and market analytics solutions. Since its inception in 2008, Yes Energy has become a trusted and respected supplier of innovative and reliable solutions focused on the needs of power market analysts, traders, and trade managers. Yes Energy has a team of over 350 amazing professionals in Boulder, CO (HQ); Boston, MA; Chicago, IL; Glendora, CA; Richmond, VA; London, United Kingdom; Auckland, New Zealand, Tokyo, Japan; and Bucharest, Romania. Culture Yes Energy has been named one of the Best Places to Work in Colorado, and we have the culture to prove it. At Yes Energy, we care about saying “Yes” to customers. We like to listen, learn, and develop our solutions in line with their needs. We think about customers as business partners, and when we help them be more successful … we are more successful, too. Around the office, our culture is driven by some pretty fundamental values that we're proud of: We love innovation and solving tough challenges; We are “high standards people” who combine passion and pride with hard work and rewards of all kinds-- in an ethic that is consistent across the company; We're team-focused with a flat hierarchy-- we work in small teams on well-defined projects that directly impact the success of the business; We play to the strengths and experience of each person while each of us also works along a continuum of roles adjacent to our focus area. This presents the challenge of maintaining a broad set of skills as well as an opportunity to learn and contribute in many ways; We are constantly growing. Professional development happens every day and every year. Compensation and Benefits We offer highly competitive salaries and real bonuses that are achievable and that you can impact. Our benefits package is also very competitive, including medical insurance, a 401 (k) Plan with matching, flexible vacation, and flexible work schedules. Yes Energy encourages and funds investment in both formal and informal professional development. At Yes Energy, we are dedicated to building a diverse, inclusive, and authentic workplace. If you're excited about this role but your experience doesn't perfectly align with every qualification in the job description, we encourage you to apply anyway. You may be just the right candidate for this or other roles. In accordance with Colorado law, the range provided is Yes Energy's reasonable estimate of the base compensation for this role. The actual amount may be higher or lower based on non-discriminatory factors such as location, experience, knowledge, skills, and abilities. Yes Energy provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability, or genetics. In addition to federal law requirements, Yes Energy complies with applicable state and local laws governing nondiscrimination in employment in every location where the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.

This role is Hybrid, 3 days a week to any local, US based UL Solutions Office. We are seeking a highly skilled Cloud Security Engineer with strong Application Security expertise to join our security architecture team. This role will be responsible for designing, implementing, and maintaining secure cloud environments and applications across multi-cloud platforms, with a focus on Azure. The ideal candidate will have hands-on experience with cloud-native security tools, DevSecOps practices, and compliance frameworks such as NIST 800-53, SOC 2, and CIS Controls. Cloud Security Engineering + Design and implement security controls for cloud infrastructure (Azure, AWS, GCP). + Develop and maintain security architecture patterns (e.g., hub-and-spoke, Zero Trust). + Integrate security tools such as Wiz, Microsoft Defender for Cloud, Silverfort, and Terraform. + Conduct threat modeling and risk assessments for cloud-native services. + Collaborate with IAM, SOC, and GRC teams to align cloud security with enterprise policies. Application Security + Perform secure code reviews, static/dynamic analysis, and vulnerability assessments. + Integrate security into CI/CD pipelines using tools like Snyk, Checkmarx, or Veracode. + Guide development teams on secure coding practices and OWASP Top 10. + Design and implement API security strategies including OAuth2, OpenID Connect, and mTLS. + Support remediation of application vulnerabilities and provide technical guidance. Compliance & Governance + Map cloud and application security controls to compliance frameworks (NIST 800-53, SOC 2, CIS). + Assist in audits and evidence collection for regulatory compliance. + Maintain documentation of security architecture, policies, and procedures. + Bachelor's degree in Computer Science, Cybersecurity, or related field. + 3-4 years of experience in cloud security engineering and application security. + Strong understanding of Azure security services and architecture. + Experience with infrastructure-as-code (Terraform, Bicep). + Familiarity with Snowflake security features and data protection strategies. + Knowledge of identity and access management (Azure AD, Conditional Access, MFA). + Hands-on experience with DevSecOps tools and practices. Preferred Qualifications + Certifications: Azure Security Engineer Associate, CISSP, CCSP, OSCP, or GIAC. + Experience with multi-subscription Azure environments. + Familiarity with Zero Trust architecture and implementation. + Experience with security automation and orchestration. Soft Skills + Strong analytical and problem-solving skills. + Excellent communication and collaboration abilities. + Ability to work independently and in cross-functional teams. + Passion for continuous learning and staying current with security trends. What you'll experience working for ULS UL Solutions has been pioneering change since 1894 and we're still leading the way. From day one, we've blazed a trail protecting the planet and everyone on it. Our teams have influenced billions of products, plus services, software offerings and more. We break things, burn things and blow things up. All in the name of safety science. That's where you come in - because none of it could happen without you. It takes passion to protect people, problem-solving to safeguard personal data and conviction to make the world a more sustainable place. It takes bold ideas and brilliant minds to build a better world for future generations across the globe. This is more than a job. It's a calling. A passion to use our expertise and play our part in creating a more secure, sustainable world today - and tomorrow. As a member of our safety science community, you'll use your ideas, your energy and your ambition to innovate, challenge and ultimately, help create a safer world. Everyone here is unique. But we're also a global community, working together to help create a safer world. Join UL Solutions and you can connect with the brightest minds in the business, all bringing their distinct perspectives and diverse backgrounds together to deliver real change. Empowering our customers to keep the world safe means thinking ahead. It means investing in training and empowering our people to learn and innovate. At UL Solutions, we help build a better future - one where everyone benefits. Join UL Solutions to be at the center of safety. To learn more about us and the work we do, visit UL.com Total Rewards: We understand compensation is an important factor as you consider the next step in your career. The estimated salary range for this position is $95,000 to $120,000 and is based on multiple factors, including job-related knowledge/skills, experience, geographical location, as well as other factors. This position is eligible for annual bonus compensation with a target payout of 10% of the base salary. This position also provides health benefits such as medical, dental and vision; wellness benefits such as mental and financial health; and retirement savings (401K) commensurate with the standard rewards offered in each individual location or country. We also provide full-time employees with paid time off including vacation (15 days), holiday including floating holidays (12 days) and sick time off (72 hours). #LI-SG2 #LI-Hybrid UL LLC has been and will continue to be an equal opportunity employer. To assure full implementation of this equal employment policy, we will take steps to assure that: Persons are recruited, hired, assigned and promoted without regard to race, color, age, sex or gender, sexual orientation, gender identity, gender expression, transgender status, religion, creed, national origin, ethnicity, citizenship, ancestry, disability, genetic information, military or veteran status, pregnancy, marital or familial status, or any other protected category under applicable law.

Momenti is a dynamic and immersive content company that revolutionizestraditional media by bringing visceral experiences to all forms of content. Wespecialize in interactive video that breaks the 4th wall, creating deeperconnections and emotions with our audience. Join us in transforming the waypeople engage with content and bring moments to life. Momenti is at theforefront of the content revolution, and we want you to be part of it. Job Summary:We are seeking a talented and experienced Security Engineer to join Momentias our first security hire and report directly to our Engineering Director. In thisrole, you will be responsible for ensuring the security and integrity of oursystems, applications, and data. You will work closely with cross-functionalteams to identify potential vulnerabilities, develop and implement securitymeasures, and provide ongoing support to maintain a secure environment. Thisis a unique opportunity to make a significant impact and shape the securitylandscape at Momenti. Key Responsibilities:• Develop and implement effective security strategies, policies, and proceduresto protect Momenti's systems, applications, and data.• Conduct regular security assessments, vulnerability testing, and risk analysisto identify and address potential security weaknesses.• Collaborate with software engineers and other stakeholders to design andimplement secure coding practices and ensure secure applicationdevelopment.• Monitor and respond to security incidents, including investigating andresolving security breaches, intrusions, and unauthorized access attempts.• Stay up-to-date with the latest security technologies, trends, and bestpractices, and provide recommendations for enhancements to our securityposture.• Educate and train employees on security awareness and best practices topromote a culture of security throughout the organization.Preferred Qualifications:• Solid experience in a security engineering or related role, with a focus onapplication and system security.• Strong understanding of web application security, network security principles,and secure coding practices.• Familiarity with security frameworks such as OWASP, NIST, and CISbenchmarks.• Knowledge of cloud security principles and experience securing cloud-basedenvironments (e.g., GCP, AWS, Azure).• Experience with security assessment tools and techniques, such asvulnerability scanners, penetration testing, and log analysis.Basic Qualifications:• Proven experience in implementing and managing security controls in aproduction environment.• Familiarity with compliance standards and regulations (e.g., GDPR, HIPAA,PCI DSS).• Strong problem-solving and analytical skills, with the ability to assess risksand develop effective mitigation strategies.• Excellent communication and collaboration skills, with the ability to workeffectively in cross-functional teams.

What you do Be responsible for Pre Sales Support & End User Support for, but not limited to the design, configuration, and operation of complete building low voltage systems, including fire, security, and other low voltage control sub-systems (i.e. lighting, nurse call, data networks, etc.) to meet the intent of the project requirements. Accountable to field teams for quality, timeliness and efficiency of designs. Develops complex software programs, commissions and troubleshooting to ensure proper operations of the building control system. Provides detailed information and submittals to communicate design and operation to customers, consultants, Johnson Controls field installation team and subcontractors. How will you do it - Sales Support and End User Support * Possible job walks with the Sales Team on the initial design phase * Designs and configures are technically complex building control systems as defined by the contract documents. * Creates flow diagrams, sequence of operations, bill of material, network layouts and electrical schematics as required. * Develop and tests software programs necessary to operate the system per the project requirements' intent. * Coordinates the creation of necessary drawings and equipment schedules for submittals and installation. * Assists in the loading and commissioning of all system and network-level controllers as required. * Assists in validation of complete system functionality and troubleshoots problems with subcontractors and other trades to ensure proper operation. * Provides field change information to the project team for the creation of as-built drawings and software. * Keeps management and JCI contractor or customer informed of job progress and issues. * Assists in performing site-specific training for owner/operator on the total building control system. * Participates in release meeting with the project field team. * Performs value engineering to provide cost effective results while maintaining customer satisfaction. * Adheres to safety standards. * High degree of employee and subcontractor safety. What we look for Required Qualifications * Minimum of seven years of experience, or an associate degree in a related technical field with seven years of relevant work experience required. * Demonstrated knowledge of the construction, mechanical, electrical, or HVAC service industry. * Demonstrated knowledge of mechanical drawings, electrical wiring diagrams, control theory, automatic temperature controls, building automation systems and other building subsystems. * Demonstrated experience in the integration of low voltage building sub-systems using various industry protocols (i.e. LON, BACnet, etc.). * Ability to relate technical knowledge to a non-technical audience. * Demonstrated advanced computer skills required, particularly computer-related drafting tools, such as Visio. Preferred Qualifications * Bachelor's degree in engineering with a minimum of five years of experience, or an associate degree in a related technical field with seven years of relevant work experience required. * Understanding of IP networking for building automation systems. * Understanding of Tridium/Niagara Framework HIRING SALARY RANGE: $100K to $125K (Salary to be determined by the education, experience, knowledge, skills, and abilities of the applicant, internal equity, location and alignment with market data.) This role offers a competitive Bonus plan that will take into account individual, group, and corporate performance. This position includes a competitive benefits package. For details, please visit the About Us tab on the Johnson Controls Careers site at *****************************************

The Information Security Analyst will be tasked with monitoring and identifying organizational security risks, detecting attack methods and sources, and preserving electronic evidence when required. This role requires expertise in analyzing, recommending, designing, implementing, and maintaining systems and processes that safeguard business and client data. Core responsibilities include conducting risk assessments, performing security analyses, and creating remediation strategies. The individual should be capable of working independently while contributing to security programs as part of the incident response team. Strong written communication skills are essential for preparing formal reports. Professional fluency in English and Portuguese is required. This is an onsite position in Brazil, five days per week, offered as a 6-12 month contract with potential for extension or conversion to a full-time role. Responsibilities but not limited to: - IT Security Administration: Focus on minimizing downtime and ensuring scalability by addressing security risks across systems and networks. - Application Security Alignment: Guarantee that security architecture, designs, plans, controls, and policies comply with IT standards and overall security requirements. - Documentation: Develop and maintain detailed records for all security systems and networks, updating documentation whenever changes occur. - Project Participation: Contribute to initiatives and projects centered on information security. - Program Support: Assist with implementing, maintaining, and monitoring the information security program, including gap analysis, risk assessments, third-party evaluations, procedure development, recurring processes, and incident response. - Solution Deployment: Handle integration, initial configuration, and upgrades of new and existing security solutions following industry best practices. - Operating Systems Expertise: Demonstrate advanced knowledge of Linux, Windows, and OS X environments. - Cloud Security: Apply experience in securing cloud infrastructures such as AWS and Azure. - Vulnerability Management: Lead efforts to identify and remediate security weaknesses in networks and systems, providing technical guidance and support. - Policy Development: Create, implement, and maintain internal procedures to safeguard data and manage incident response effectively. - Collaboration: Work with project teams and system architects to design secure systems and project plans that meet established security standards. - Threat Awareness: Stay informed on current and emerging security threats and design architectures to mitigate potential risks. We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to ********************.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: **************************************************** Skills and Requirements · Knowledge with Security solutions: SIEM, IAM, PAM, EDR/XDR, CSAM, CASB, Proxies, ZTNA · Solid security understanding with Microsoft security controls (AD, Entra, O365, Intune MDM, etc) · Minimum 7+ years of experience in information technology security or equivalent combination of education and experience · Security+, CISSP, CISA or SANS GIAC certification · Understanding of application, network, operating system, and core infrastructure security concepts. · Knowledge on security monitoring tools such as UTM, IPS, IDS and other security appliances · Project management, organizational and prioritizing skills · Understanding of WAN, MPLS, and technologies such as VoIP beneficial · Working knowledge of common information technology management frameworks such as ISO/IEC 27001, ITIL, COBIT, and NIST