Cyber security analyst jobs in San Buenaventura, CA - 22 jobs

Country: United States of America Onsite U.S. Citizen, U.S. Person, or Immigration Status Requirements: Active and transferable U.S. government issued security clearance is required prior to start date. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance Security Clearance: DoD Clearance: Secret At Raytheon, the foundation of everything we do is rooted in our values and a higher calling - to help our nation and allies defend freedoms and deter aggression. We bring the strength of more than 100 years of experience and renowned engineering expertise to meet the needs of today's mission and stay ahead of tomorrow's threat. Our team solves tough, meaningful problems that create a safer, more secure world. Our Senior Security Analyst provides industrial security support within the following areas: clearance processing, visit certifications, document control, and physical security, including alarm response for Open Storage Areas. You will make critical security decisions concerning high value contracts and implement security procedures that will prevent unauthorized access to company and government facilities or information. What You Will Do Administrative duties of administering security clearance briefings to employees who are granted a security clearance Debriefing Personal upon notification of Retirement/Termination Continuously evaluates compliance of personnel security activities with security requirements Conduct security self-inspections, program security reviews, apply risk mitigation methodologies, support customer assessments, and implement security measures to meet requirements Administer day-to-day security programs, personnel processing, program reviews, document control system, audits & self-inspections, violation investigations & reports, receipt/dispatch/destruction/mail logs, visit certs, etc. Analyze security issues/problems and provide focused solutions Solve routine problems of limited scope and complexity Willing to work extended hours, in a fast paced, driven environment Must possess a valid driver's license Qualifications You Must Have Typically requires a Bachelor's degree and 2 years relevant experience OR in absence of a degree, 6 years relevant experience. Active and transferable U.S. government issued SECRET security clearance is required prior to start date. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance. Experience with any of the following: NISPOM, ICD 705, or experience working in a classified environment. Qualifications We Prefer Ability to solve routine problems of limited scope and complexity Self-starter with minimal supervision Willing to work extended hours, in a fast paced, driven environment Able to perform well in fast-paced, multi-task environment Great attention to detail Strong organizational and interpersonal skills Customer service oriented Team player What We Offer Our values drive our actions, behaviors, and performance with a vision for a safer, more connected world. At RTX we value: Trust, Respect, Accountability, Collaboration, and Innovation. Relocation Non-Eligible - Relocation assistance not available . Learn More & Apply Now! Please consider the following role type definition as you apply for this role. ‒ Onsite: Employees who are working in Onsite roles will work primarily onsite. This includes all production and maintenance employees, as they are essential to the development of our products. As part of our commitment to maintaining a secure hiring process, candidates may be asked to attend select steps of the interview process in-person at one of our office locations, regardless of whether the role is designated as on-site, hybrid or remote. The salary range for this role is 72,000 USD - 144,000 USD. The salary range provided is a good faith estimate representative of all experience levels. RTX considers several factors when extending an offer, including but not limited to, the role, function and associated responsibilities, a candidate's work experience, location, education/training, and key skills.Hired applicants may be eligible for benefits, including but not limited to, medical, dental, vision, life insurance, short-term disability, long-term disability, 401(k) match, flexible spending accounts, flexible work schedules, employee assistance program, Employee Scholar Program, parental leave, paid time off, and holidays. Specific benefits are dependent upon the specific business unit as well as whether or not the position is covered by a collective-bargaining agreement.Hired applicants may be eligible for annual short-term and/or long-term incentive compensation programs depending on the level of the position and whether or not it is covered by a collective-bargaining agreement. Payments under these annual programs are not guaranteed and are dependent upon a variety of factors including, but not limited to, individual performance, business unit performance, and/or the company's performance.This role is a U.S.-based role. If the successful candidate resides in a U.S. territory, the appropriate pay structure and benefits will apply.RTX anticipates the application window closing approximately 40 days from the date the notice was posted. However, factors such as candidate flow and business necessity may require RTX to shorten or extend the application window. RTX is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or veteran status, or any other applicable state or federal protected class. RTX provides affirmative action in employment for qualified Individuals with a Disability and Protected Veterans in compliance with Section 503 of the Rehabilitation Act and the Vietnam Era Veterans' Readjustment Assistance Act. Privacy Policy and Terms: Click on this link to read the Policy and Terms

Join Goodwin's Global Operations Team, and make a real impact on a global scale. At Goodwin, we work with some of the world's most successful and innovative investors, entrepreneurs and disruptors in the life sciences, private equity, real estate, technology and financial industries, and where they converge. As part of the Global Operations Team - all business professionals at the firm - you'll collaborate with colleagues from varied backgrounds and experiences, fostering an environment where cross-functional learning, networking, and collaboration are at the core of what we do. Here, we're not just supporting a law firm; we're partnering with attorneys and clients to deliver cutting-edge solutions in high-stakes litigation and dispute resolution, world-class regulatory compliance and advisory services, and complex transactions. Our commitment to integrity, ingenuity, agility, and ambition drives us, and we're proud to have been recognised as the “Best Business Team” by The American Lawyer. This is your opportunity to grow professionally in a dynamic, global environment, surrounded by forward-thinking peers. Working with the Director, Information Security, this position is responsible for the operation, implementation, management, auditing and reporting, and engineering support of Goodwin's network and information security systems infrastructure. Assists with security automation, threat detection engineering, risk assessments, vulnerability management, incident response, and disaster recovery testing. Provides internal consulting to project owners and technical resources to ensure the confidentiality, integrity and availability of firm data and systems. Reviews, tests and implements new security technology platforms. Advocates information security practices to all firm members. What You Will Do: Identify new threats to IT systems and create rules to identify, prevent and remediate. Expand security auditing and ensuring the proper ongoing operations of security tools Providing internal information security consulting for other business and IT projects. This includes identifying, documenting and implementing secure configurations and architectures. Assist with the creation and maintenance of security policies, standards, guidelines and other documentation for IT and business audiences. Responsible for security metrics on a monthly basis to ensure the proper service levels are maintained. Support incident response lifecycle including identification, triage, remediation and communications for security breaches and malware infections. Identify latest security vulnerabilities, malware, breaches, and industry news which could affect the firm Maintains vulnerability management process including identification, rating, remediation and monitoring. Provides additional coverage for approvals and notifications to other IT groups for critical time sensitive operations including firewall changes, password reset approvals, and application vetting. Assist with automation of security processes, integration of security platforms, and creation of tools. Ongoing reviews of access controls by investigating improper access; revoking access; reporting violations; monitoring requests; recommending improvements Provides technical leadership for incident response capabilities including malware analysis, breach investigation, and remediation efforts. Creation of internal training materials and other items to support the advancement of information security within the firm. Maintains awareness of industry trends and their advantages with the ability to make recommendations for improving technology used by the firm. Participates in and/or manages cross-functional team projects to implement new or updated technology. Cross-trains other IT staff in security best practices, the use or maintenance of technology. Effectively manages small projects. Displays professionalism, quality service and a "can do" attitude to internal members/departments of the Firm as well as external clients and vendors via electronic and print correspondence, over the telephone and in-person. Provides information security knowledge transfer to other IT staff and business Assumes additional responsibilities as assigned. Who You Are: Bachelor's Degree or equivalent. Minimum of 3 years' experience working in the capacity of an Information Security Analyst CISSP or equivalent preferred Expert knowledge in IT Security frameworks and solutions. Active participation in IT Security Forums inside/outside of the Legal Industry. Excellent technical communication skills with a strong desire to achieve customer satisfaction; must be able to communicate effectively across entire organizations. Operating knowledge of security configurations with respect to one or more of the following security products SIEM: Splunk, Sentinel Firewalls: Cisco, Palo Alto Networks IDS/IPS: Cisco, Palo Alto Networks NAC: Cisco, Aruba Vulnerability Management: Tenable, Rapid7 Programming Languages: Python, Powershell, Node.js Security Automation: LogicApps, Power Automate, Splunk Operating knowledge of security issues associated with one or more of the following cloud platforms: Azure, AWS Strong security knowledge of O/S (desktop and server) Security - Windows, Mac, Linux. Strong security knowledge of browser security issues (Edge, Chrome). Ability to learn new technologies and security features. Excellent analytical, problem solving and troubleshooting skills. Excellent organizational, interpersonal, communication and customer service skills. Knowledge of ITIL Service Management principles. Travel 1 week per quarter #LI - TV1 Benefits and More At Goodwin, you will discover your next career opportunity with a rewarding compensation package and comprehensive benefits, including: Flexible work arrangements and hybrid work schedule Health, dental, and vision insurance Life and disability insurance Retirement & Savings Plan Emergency back-up child and adult care Paid vacation, sick time off, and holidays Professional development and career advancement opportunities Employee recognition and reward programs Employee wellness and assistance programs Employee discounts and perks Consistent with the City of Los Angeles' Fair Chance Initiative for Hiring Ordinance an arrest and conviction record will not automatically disqualify a qualified applicant from consideration. Consistent with the SF Fair Chance Ordinance, an arrest and conviction record will not automatically disqualify a qualified applicant from consideration. Goodwin Procter LLP is an equal opportunity employer. This means that Goodwin Procter LLP considers applicants for employment, and makes employment decisions without unlawful discrimination on the basis of race, color, gender, gender identity or expression, age, religion, national origin, citizenship status, disability, medical condition, genetic information, marital status, sexual orientation, military or veteran status, or other legally protected status. To request a reasonable accommodation to participate in the job application or interview process in the US, contact the Benefits Department by email or by phone at ************. To request any disability or neurodivergence related accommodations to participate in the job application or interview process in the UK or Germany, please email the Recruiting Department. Any information you provide will be in the strictest confidence, and only used for the purpose of providing the accommodations needed. Requesting accommodations will not adversely affect the outcome of your application. This position is eligible for overtime: NoThe target salary range for this position varies by location and is commensurate with relevant experience: Boston $103,700 - $138,300 | Los Angeles $111,500 - $148,700 | New York $111,500 - $148,700 | Philadelphia $101,600 - $135,500 | San Francisco $119,300 - $159,000 | Santa Monica $111,500 - $148,700 | Silicon Valley $119,300 - $159,000 | Washington DC $103,700 - $138,300

**Country:** United States of America ** Onsite **U.S. Citizen, U.S. Person, or Immigration Status Requirements:** Active and transferable U.S. government issued security clearance is required prior to start date. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance **Security Clearance:** DoD Clearance: Secret At Raytheon, the foundation of everything we do is rooted in our values and a higher calling - to help our nation and allies defend freedoms and deter aggression. We bring the strength of more than 100 years of experience and renowned engineering expertise to meet the needs of today's mission and stay ahead of tomorrow's threat. Our team solves tough, meaningful problems that create a safer, more secure world. Our Senior Security Analyst provides industrial security support within the following areas: clearance processing, visit certifications, document control, and physical security, including alarm response for Open Storage Areas. You will make critical security decisions concerning high value contracts and implement security procedures that will prevent unauthorized access to company and government facilities or information. **What You Will Do** + Administrative duties of administering security clearance briefings to employees who are granted a security clearance + Debriefing Personal upon notification of Retirement/Termination + Continuously evaluates compliance of personnel security activities with security requirements + Conduct security self-inspections, program security reviews, apply risk mitigation methodologies, support customer assessments, and implement security measures to meet requirements + Administer day-to-day security programs, personnel processing, program reviews, document control system, audits & self-inspections, violation investigations & reports, receipt/dispatch/destruction/mail logs, visit certs, etc. + Analyze security issues/problems and provide focused solutions + Solve routine problems of limited scope and complexity + Willing to work extended hours, in a fast paced, driven environment + Must possess a valid driver's license **Qualifications You Must Have** + Typically requires a Bachelor's degree and 2 years relevant experience OR in absence of a degree, 6 years relevant experience. + Active and transferable U.S. government issued SECRET security clearance is required prior to start date. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance. + Experience with any of the following: NISPOM, ICD 705, or experience working in a classified environment. **Qualifications We Prefer** + Ability to solve routine problems of limited scope and complexity + Self-starter with minimal supervision + Willing to work extended hours, in a fast paced, driven environment + Able to perform well in fast-paced, multi-task environment + Great attention to detail + Strong organizational and interpersonal skills + Customer service oriented + Team player **What We Offer** + Our values drive our actions, behaviors, and performance with a vision for a safer, more connected world. At RTX we value: Trust, Respect, Accountability, Collaboration, and Innovation. + Relocation Non-Eligible - Relocation assistance not available . **Learn More & Apply Now!** + Please consider the following role type definition as you apply for this role. ‒ Onsite: Employees who are working in Onsite roles will work primarily onsite. This includes all production and maintenance employees, as they are essential to the development of our products. **_As part of our commitment to maintaining a secure hiring process, candidates may be asked to attend select steps of the interview process in-person at one of our office locations, regardless of whether the role is designated as on-site, hybrid or remote._** The salary range for this role is 72,000 USD - 144,000 USD. The salary range provided is a good faith estimate representative of all experience levels. RTX considers several factors when extending an offer, including but not limited to, the role, function and associated responsibilities, a candidate's work experience, location, education/training, and key skills. Hired applicants may be eligible for benefits, including but not limited to, medical, dental, vision, life insurance, short-term disability, long-term disability, 401(k) match, flexible spending accounts, flexible work schedules, employee assistance program, Employee Scholar Program, parental leave, paid time off, and holidays. Specific benefits are dependent upon the specific business unit as well as whether or not the position is covered by a collective-bargaining agreement. Hired applicants may be eligible for annual short-term and/or long-term incentive compensation programs depending on the level of the position and whether or not it is covered by a collective-bargaining agreement. Payments under these annual programs are not guaranteed and are dependent upon a variety of factors including, but not limited to, individual performance, business unit performance, and/or the company's performance. This role is a U.S.-based role. If the successful candidate resides in a U.S. territory, the appropriate pay structure and benefits will apply. RTX anticipates the application window closing approximately 40 days from the date the notice was posted. However, factors such as candidate flow and business necessity may require RTX to shorten or extend the application window. _RTX is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or veteran status, or any other applicable state or federal protected class. RTX provides affirmative action in employment for qualified Individuals with a Disability and Protected Veterans in compliance with Section 503 of the Rehabilitation Act and the Vietnam Era Veterans' Readjustment Assistance Act._ **Privacy Policy and Terms:** Click on this link (******************************************************** to read the Policy and Terms Raytheon Technologies is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.

Country: United States of America Onsite U.S. Citizen, U.S. Person, or Immigration Status Requirements: Active and transferable U.S. government issued security clearance is required prior to start date. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance Security Clearance: DoD Clearance: Secret At Raytheon, the foundation of everything we do is rooted in our values and a higher calling - to help our nation and allies defend freedoms and deter aggression. We bring the strength of more than 100 years of experience and renowned engineering expertise to meet the needs of today's mission and stay ahead of tomorrow's threat. Our team solves tough, meaningful problems that create a safer, more secure world. Our Senior Security Analyst provides industrial security support within the following areas: clearance processing, visit certifications, document control, and physical security, including alarm response for Open Storage Areas. You will make critical security decisions concerning high value contracts and implement security procedures that will prevent unauthorized access to company and government facilities or information. What You Will Do Administrative duties of administering security clearance briefings to employees who are granted a security clearance Debriefing Personal upon notification of Retirement/Termination Continuously evaluates compliance of personnel security activities with security requirements Conduct security self-inspections, program security reviews, apply risk mitigation methodologies, support customer assessments, and implement security measures to meet requirements Administer day-to-day security programs, personnel processing, program reviews, document control system, audits & self-inspections, violation investigations & reports, receipt/dispatch/destruction/mail logs, visit certs, etc. Analyze security issues/problems and provide focused solutions Solve routine problems of limited scope and complexity Willing to work extended hours, in a fast paced, driven environment Must possess a valid driver's license Qualifications You Must Have Typically requires a Bachelor's degree and 2 years relevant experience OR in absence of a degree, 6 years relevant experience. Active and transferable U.S. government issued SECRET security clearance is required prior to start date. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance. Experience with any of the following: NISPOM, ICD 705, or experience working in a classified environment. Qualifications We Prefer Ability to solve routine problems of limited scope and complexity Self-starter with minimal supervision Willing to work extended hours, in a fast paced, driven environment Able to perform well in fast-paced, multi-task environment Great attention to detail Strong organizational and interpersonal skills Customer service oriented Team player What We Offer Our values drive our actions, behaviors, and performance with a vision for a safer, more connected world. At RTX we value: Trust, Respect, Accountability, Collaboration, and Innovation. Relocation Non-Eligible - Relocation assistance not available . Learn More & Apply Now! Please consider the following role type definition as you apply for this role. ‒ Onsite: Employees who are working in Onsite roles will work primarily onsite. This includes all production and maintenance employees, as they are essential to the development of our products. As part of our commitment to maintaining a secure hiring process, candidates may be asked to attend select steps of the interview process in-person at one of our office locations, regardless of whether the role is designated as on-site, hybrid or remote. The salary range for this role is 72,000 USD - 144,000 USD. The salary range provided is a good faith estimate representative of all experience levels. RTX considers several factors when extending an offer, including but not limited to, the role, function and associated responsibilities, a candidate's work experience, location, education/training, and key skills.Hired applicants may be eligible for benefits, including but not limited to, medical, dental, vision, life insurance, short-term disability, long-term disability, 401(k) match, flexible spending accounts, flexible work schedules, employee assistance program, Employee Scholar Program, parental leave, paid time off, and holidays. Specific benefits are dependent upon the specific business unit as well as whether or not the position is covered by a collective-bargaining agreement.Hired applicants may be eligible for annual short-term and/or long-term incentive compensation programs depending on the level of the position and whether or not it is covered by a collective-bargaining agreement. Payments under these annual programs are not guaranteed and are dependent upon a variety of factors including, but not limited to, individual performance, business unit performance, and/or the company's performance.This role is a U.S.-based role. If the successful candidate resides in a U.S. territory, the appropriate pay structure and benefits will apply.RTX anticipates the application window closing approximately 40 days from the date the notice was posted. However, factors such as candidate flow and business necessity may require RTX to shorten or extend the application window. RTX is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or veteran status, or any other applicable state or federal protected class. RTX provides affirmative action in employment for qualified Individuals with a Disability and Protected Veterans in compliance with Section 503 of the Rehabilitation Act and the Vietnam Era Veterans' Readjustment Assistance Act. Privacy Policy and Terms: Click on this link to read the Policy and Terms

Job Description Mount Indie is seeking a highly skilled and experienced Cyber Accreditation Specialist with 5+ years of experience for Department of Defense (DoD) programs at the Naval Base Point Mugu located near Camarillo, CA. The Cyber Accreditation Specialist will be responsible for the development, coordination, and maintenance of cyber accreditation packages, primarily focusing on Risk Management Framework (RMF) artifacts, inheritance mapping, and Plan of Action & Milestones (POA&M) management supporting the Navy's Authority To Operate initiatives. This role ensures compliance with relevant DoD and federal cybersecurity guidelines and contributes to our organization's mission support objectives by securing critical Navy information systems. Responsibilities Cyber Accreditation Package Development: Develop and maintain RMF artifacts, including System Security Plans (SSP), generate & control implementation evidence, inheritance maps, and POA&Ms Coordination and Compliance: Coordinate with Authorizing Officials (AO) and Information System Security Managers (ISSM) to define an Authority to Operate (ATO) plan, develop an interim risk acceptance strategy, and manage control inheritance from enterprise services and range systems Reference Compliance: Ensure that all activities and documentation are compliant with the latest DoD and federal cybersecurity standards, such as: DoDI 8510.01 Risk Management Framework (RMF) NIST SP 800-53 Rev. 5 NIST SP 800-171 (CUI) DoD Zero Trust Reference Architecture DoD Cloud Security Requirements Guide (SRG) / FedRAMP baselines (aligned to IL5 unless otherwise directed) Qualifications 5+ years of experience in cybersecurity, specifically in the development and coordination of cyber accreditation packages BS or BA degree in Cybersecurity, Information Technology, or a related field. An additional 6 years of relevant work experience may be substituted for a bachelor's degree, or 4 additional years of work experience with a relevant associate degree. Active Secret Clearance Demonstrated experience with RMF, SSP development, and POA&M management Familiarity with DoD and federal cybersecurity guidelines, including DoDI 8510.01, NIST SP 800-53 Rev. 5, NIST SP 800-171, DoD Zero Trust Reference Architecture, and DoD Cloud SRG/FedRAMP baselines Strong analytical and problem-solving skills Ability to effectively coordinate and communicate with various stakeholders, including AO, ISSM, and other cybersecurity professionals Current Security+ Certificate IAM Level 2 as per DoD Directive 8570.01; and experience working with the DIACAP/Risk Management Framework processes Excellent communication and interpersonal skills-verbal, non-verbal, written, and listening-for staff, customer and organizational level communications, both formal and informal Ability to work independently, self-starter Working knowledge and use of Microsoft Office suite programs, MS Word, Excel, Access, and PowerPoint Preferred Qualifications: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or equivalent certification Experience with cloud security and FedRAMP compliance

About the Role:

Job Description Senior Information Security Analyst II (AI Focus) About the Opportunity at Invoca At Invoca, we offer a truly unique and valuable engineering experience. You'll join a team of world-class engineers dedicated to scaling our AI and Information Security program within our rapidly growing company and SaaS application. We empower you to discover innovative ways to secure our platform and people. Our remote-first team is committed to upholding high standards through modern methodologies of agile software development, test-driven development, and DevOps. Our Information Security Team: A Culture of Empowerment and Ownership Our Information Security team is dedicated to building trust and resilience into everything we do at Invoca. We embed security and compliance into our products and operations, enabling the company to move quickly and confidently without sacrificing safety. By combining security engineering expertise with compliance excellence, we protect our platform, meet and exceed industry standards, and empower innovation. If you're passionate about solving complex challenges, driving a security-first mindset, and helping build a culture of trust, you'll find a home here. You'll join a team where everyone is striving to constantly improve their knowledge of tools, practices, and processes. We are an incredibly supportive team, swarming when problems arise and providing great feedback to help each other grow. Working on our close-knit, cross-functional teams offers a fantastic opportunity to expand your knowledge across various domains, from databases to front ends to telephony and everything in between. We are passionate about continuous improvement, working at a brisk but sustainable pace, writing resilient code, maintaining production reliability, paying down technical debt, and hiring fantastic teammates; and we love to share these passions with each other. Learn more about the Invoca development team on our blog and check out our open source projects. How You'll Contribute and Grow Shape AI & Security Compliance: You'll play a key role in executing a comprehensive global AI and security compliance strategy, aligning with our business objectives and values. You'll contribute to ensuring compliance with international regulations and frameworks such as ISO 42001, ISO 27001, PCI DSS 4.0, SOC 2, GDPR, CCPA, and HIPAA. You'll collaborate with diverse teams (Product, Engineering, AI/ML, HR, Legal, Sales) to foster responsible and ethical AI practices through policies, controls, and communications. Strengthen Audit & Risk Management: You'll participate in regular internal and external AI and information security audits, ensuring our compliance programs are effective. You'll help identify control gaps, provide context to risk owners, and contribute to improvements that mitigate compliance and AI-related risks. You'll also work across teams to build a comprehensive risk register and offer guidance on Third-Party Risk Management (TPRM) and vendor risk management. Advance Policy & Program Development: You'll assist in creating and updating policies to address internal and external threats, including emerging AI risks like adversarial AI, data poisoning, and model drift. You'll help embed responsible AI and security practices into our development lifecycle through policies, playbooks, continuous monitoring, and governance guardrails. Build Customer Trust & Enable Sales: You'll support our Customer Success and Sales teams by responding to customer AI and security questionnaires, identifying opportunities for automation and process improvement. You'll build customer confidence in Invoca's AI systems and compliance programs through direct interactions and develop scalable solutions for sales enablement, including standardized compliance documentation and AI risk transparency materials. Drive Education & Awareness: You'll keep stakeholders informed about new AI regulations and compliance changes, proactively preparing the organization for third-party audits and certifications. You'll train employees on AI risk management, ethical AI principles, and compliance responsibilities, promoting awareness of AI trust, accountability, and transparency across the organization. Team Enablement & Leadership: You'll provide roadmap guidance for the long-term direction of AI and compliance practices within the team. You'll mentor junior team members, helping them build skills in AI compliance, auditing, and governance frameworks, and participate in on-call rotations to support security operations, incident response, and production reliability. What We're Looking For in You Strong knowledge and experience with compliance frameworks, including ISO 42001, ISO 27001, PCI DSS 4.0, SOC 2, GDPR, HIPAA, and CCPA. Understanding of AI risk management, governance, and ethical AI principles (bias, fairness, transparency, accountability). Excellent verbal and written communication skills with the ability to explain complex AI compliance requirements to diverse teams. Experience with compliance audits, evidence collection, and policy creation for both security and AI systems. Team leadership or project management experience, with a proven ability to mentor and influence cross-functional stakeholders. Familiarity with operational security practices: log analysis, incident response, on-call participation, and escalation management. Understanding of modern technical environments, including cloud computing, Infrastructure as Code, CI/CD pipelines, and SDLC processes. Deep understanding of AI policy domains such as explainability, transparency, fairness/non-discrimination, accountability, and the ability to design practical monitoring (e.g., fairness trackers) that align with evolving standards. Depth of knowledge beyond surface-level compliance, with the ability to adapt in the face of a rapidly changing and evolving AI regulatory landscape. This role is remote and open to candidates located in the United States and Canada only. Please note that we are unable to provide visa sponsorship for this position. Salary, Benefits & Perks: At Invoca, all new hires in the U.S. receive benefits starting on day one of employment. Our benefits offerings include: Please note that benefits for teammates outside the U.S. may vary in accordance with their country's laws and regulations. Flexible Time Off - We encourage a healthy work-life balance. Our flexible paid time off policy allows you to recharge and take time away as needed. Paid Holidays - Invoca provides 16 U.S. paid holidays, including a winter break, giving you ample opportunity to refresh and spend time with friends and family. Health Benefits - Our healthcare program includes medical, dental, and vision coverage, with multiple plan options so you can choose what works best for you and your family. Fertility assistance is also included. Retirement - Invoca offers a 401(k) plan through Fidelity with a company match of up to 4%. Stock Options - All employees are invited to share in Invoca's success through stock options. Mental Health Program- Well-being support on a broad range of issues is available through our SpringHealth program. Paid Family Leave - Up to 6 weeks of 100% paid leave is provided for baby bonding, adoption, and caring for family members. Paid Medical Leave - Up to 12 weeks of 100% paid leave is provided for childbirth and medical needs. InVacation - As a thank-you to our long-term team members, we offer a bonus after 7 years of service. Wellness Subsidy - We provide a subsidy that can be applied toward gym memberships, fitness classes, and more. Position Base Range - Salary Range $107,000 - $161,000/yr plus bonus potential DEI Statement Our company is committed to creating a culture that is not only grounded in continuous learning, teamwork, and customer success, but is fair, equitable, and welcoming for everyone." Gregg Johnson CEO And to us, diversity and inclusion means even more than treating current employees well and making them feel welcome. It also means proactively hiring people who bring different insights because of their unique demographics, ways of thinking, and prior experiences. We intend to continue hiring great people and protecting our culture so everyone can be themselves and speak their minds. That way Invoca will always be a place filled with laughter, energy, hard work, thoughtfulness and respect. We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender, gender identity or expression, or veteran status. We are proud to be an equal opportunity workplace. #LI-Remote

**Job ID:** **113110** The Leonardo DRS Land Systems business is a recognized leader in the design and integration of complex technologies into new and legacy systems and platforms for global military and commercial customers. We are a 5 year running Top Workplace in the Greater St. Louis area. **Job Summary** Leonardo DRS Land Systems is seeking a full time Information System Security Officer (ISSO) four our Goleta, CA facility. As an ISSO, you will be challenged to stay current with the latest technological developments in information security. You will be exposed to advanced technologies and will play a major role in identifying potential vulnerabilities and intrusions on Information Technology (IT) systems by our adversaries. In this role, you will collaboratively assist the Facility Security Officer (FSO) with daily industrial security operations, support security education and training, and ensure compliance with DRS policies and procedures related to the 32 CFR part 117. Together we'll address evolving threats to national security, thus keeping our nation and our warfighter safe. Successful candidates for this role will coordinate with the Corporate Risk Management Framework Support Center, other ISSOs, and Information System Security Managers (ISSM) across the company to obtain and maintain certifications and accreditations under the Defense Counterintelligence Security Agency (DCSA) and Intelligence Community (IC) Risk Management Framework. If you are interested in information system security, industrial security, management, and the opportunity to obtain industry professional certifications on the job, please apply now! **Job Responsibilities** + Develop, implement, and administer security procedures for classified computer systems based on the Defense Counterintelligence Security Agency (DCSA) and other U.S. Government agency security requirements + Apply current Computer Science best practices and technologies to the development, evaluation, and integration of computer systems and networks to maintain system security for classified information systems + Serve as Assistant Facility Security Officer (AFSO) by supporting the Facility Security Officer (FSO) in ALL aspects of Industrial Security + Serve as primary advisor to the Business Unit Information System Security Manager (ISSM) on all local classified Information Systems Security matters, and as liaison to the local Defense Counterintelligence and Security Agency (DCSA) Information Systems Security Professional (ISSP) on all matters pertaining to classified information systems + Implement local policies, processes, procedures, and compliance with all National Industrial Security Program (NISP), Defense Information System Agency (DISA), and Defense Counterintelligence and Security Agency Assessment and Authorization Process Manual (DAAPM) requirements + Develop and maintain all DoD requirements, including the DAAPM & Risk Management Framework (RMF) standards to ensure compliance with the National Industrial Security Program Operating Manual (NISPOM) + Review and approve requests for access to cleared computer systems in the development and implementation of policies and System Security Plans supporting Corporate Security & Government agency requirements + Conduct periodic self-inspections on local processes and practices to ensure compliance; accurately reports security posture to management & ensure corrective actions are taken + Identify and document unique local threats and vulnerabilities to classified information systems security + Conduct and coordinate investigations into security violations related to cleared information systems; ensures corrective actions are implemented + Perform independently, or with a group, on department or enterprise-level security projects designed to enhance the security posture of DRS + DISA STIG/SCAP implementation and management of security configurations utilizing Corporate ISSM toolkit + Support, communicate, reinforce, and defend the mission, values, and culture of the organization + Assist with execution of typical security related issues may include physical access to buildings, room, couriers, escort, clearances, packages, documentation, and debriefings + Obtain access to and keep information current on required government websites to include: DISS, NBIS, SWFT, eMASS + May serve as alternate COMSEC custodian + Other duties as assigned **Qualifications** + Associate's degree in Information System Security, Computer Science, Cybersecurity, Information Technology, and/or a Computer Technical Certificate (I.E. MSCE Server 2016, CCNA, GIAC certificate) or equivalent related experience + 1 - 3 years of relevant experience + Must be a United States Citizen and have a current active Security Clearance. This will be confirmed prior to offer + Strong knowledge of information systems security components and best practices including firewalls, intrusion detection systems, anti-virus software, data encryption, and other industry-standard techniques + Analytical ability to understand and interpret Department of Defense (DoD) and Company Security policies and procedures + Knowledge of U.S. Government Information System security standards (i.e. NIST and ISO27) + Highly self motivated and strong organizational skills and excellent attention to detail + Strong interpersonal oral, written and communication skills + Exceptional attention to detail + Be a self-starter, able to work under pressure with limited supervision, and work well with others in a large and diverse environment + Ability to successfully prioritize and manage to completion multiple complex tasks and deliverables, and demonstrate the highest degree of integrity and accountability in all actions + Must complete CDSE Facility Security Officer Curriculum for Possessing Facilities course within six months from date of hire + Willing and able to travel up to 25% of the time Preferred Skills and Experience: + A strong knowledge and understanding of NIST Special Publication 800-53, ISO27001, DoD 8510.01, NISPOM, & ICDs + Experience troubleshooting Windows 10/11 Operating Systems + Experience with the SCAP Compliance Checker and the DISA STIG Viewer + Working knowledge of 32 CFR Part 117 National Industrial Security Program Operations Manual (NISPOM) U.S. Citizenship required. This position requires an active DOD. _The expected pay scale for this position is_ _$69,051.00/year - $89,767.00/year for the state of California._ _Should the level, location, or scope of the position change during the hiring process, the pay scale may be modified accordingly. When extending an offer of employment, Leonardo DRS considers factors such as (but not limited to) the scope and responsibilities of the position; any Federal Government contract labor categories and contract wage rates, the candidate's relevant work experience, education/training, certifications, and key skills; internal equity; and market and business considerations._ _Taking care of our people is a top priority at Leonardo DRS. We are proud to offer competitive salaries and comprehensive benefits, including medical, dental, and vision coverage, a company contribution to a health savings account, telemedicine, life and disability insurance, legal insurance, and a 401(k) savings plan. We champion wellness programs that focus on physical, emotional, and financial well-being. We develop our talent by offering programs and activities to support career-growth, professional development, and skill enhancement. And we understand there is more to life than work, and the importance of offering flexible work schedules with our 9/80 program, competitive vacation, health/emergency leave, paid parental leave, and community service hours._ _*Some employees are eligible for limited benefits only_ _Leonardo DRS, Inc. and its subsidiaries provide equal opportunities to all employees and applicants for employment and prohibit discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, protected veteran status, or any other characteristic protected by federal, state, or local laws. #LSY_

The Leonardo DRS Land Systems business is a recognized leader in the design and integration of complex technologies into new and legacy systems and platforms for global military and commercial customers. We are a 5 year running Top Workplace in the Greater St. Louis area. Job Summary Leonardo DRS Land Systems is seeking a full time Information System Security Officer (ISSO) four our Goleta, CA facility. As an ISSO, you will be challenged to stay current with the latest technological developments in information security. You will be exposed to advanced technologies and will play a major role in identifying potential vulnerabilities and intrusions on Information Technology (IT) systems by our adversaries. In this role, you will collaboratively assist the Facility Security Officer (FSO) with daily industrial security operations, support security education and training, and ensure compliance with DRS policies and procedures related to the 32 CFR part 117. Together we'll address evolving threats to national security, thus keeping our nation and our warfighter safe. Successful candidates for this role will coordinate with the Corporate Risk Management Framework Support Center, other ISSOs, and Information System Security Managers (ISSM) across the company to obtain and maintain certifications and accreditations under the Defense Counterintelligence Security Agency (DCSA) and Intelligence Community (IC) Risk Management Framework. If you are interested in information system security, industrial security, management, and the opportunity to obtain industry professional certifications on the job, please apply now! Job Responsibilities * Develop, implement, and administer security procedures for classified computer systems based on the Defense Counterintelligence Security Agency (DCSA) and other U.S. Government agency security requirements * Apply current Computer Science best practices and technologies to the development, evaluation, and integration of computer systems and networks to maintain system security for classified information systems * Serve as Assistant Facility Security Officer (AFSO) by supporting the Facility Security Officer (FSO) in ALL aspects of Industrial Security * Serve as primary advisor to the Business Unit Information System Security Manager (ISSM) on all local classified Information Systems Security matters, and as liaison to the local Defense Counterintelligence and Security Agency (DCSA) Information Systems Security Professional (ISSP) on all matters pertaining to classified information systems * Implement local policies, processes, procedures, and compliance with all National Industrial Security Program (NISP), Defense Information System Agency (DISA), and Defense Counterintelligence and Security Agency Assessment and Authorization Process Manual (DAAPM) requirements * Develop and maintain all DoD requirements, including the DAAPM & Risk Management Framework (RMF) standards to ensure compliance with the National Industrial Security Program Operating Manual (NISPOM) * Review and approve requests for access to cleared computer systems in the development and implementation of policies and System Security Plans supporting Corporate Security & Government agency requirements * Conduct periodic self-inspections on local processes and practices to ensure compliance; accurately reports security posture to management & ensure corrective actions are taken * Identify and document unique local threats and vulnerabilities to classified information systems security * Conduct and coordinate investigations into security violations related to cleared information systems; ensures corrective actions are implemented * Perform independently, or with a group, on department or enterprise-level security projects designed to enhance the security posture of DRS * DISA STIG/SCAP implementation and management of security configurations utilizing Corporate ISSM toolkit * Support, communicate, reinforce, and defend the mission, values, and culture of the organization * Assist with execution of typical security related issues may include physical access to buildings, room, couriers, escort, clearances, packages, documentation, and debriefings * Obtain access to and keep information current on required government websites to include: DISS, NBIS, SWFT, eMASS * May serve as alternate COMSEC custodian * Other duties as assigned Qualifications * Associate's degree in Information System Security, Computer Science, Cybersecurity, Information Technology, and/or a Computer Technical Certificate (I.E. MSCE Server 2016, CCNA, GIAC certificate) or equivalent related experience * 1 - 3 years of relevant experience * Must be a United States Citizen and have a current active Security Clearance. This will be confirmed prior to offer * Strong knowledge of information systems security components and best practices including firewalls, intrusion detection systems, anti-virus software, data encryption, and other industry-standard techniques * Analytical ability to understand and interpret Department of Defense (DoD) and Company Security policies and procedures * Knowledge of U.S. Government Information System security standards (i.e. NIST and ISO27) * Highly self motivated and strong organizational skills and excellent attention to detail * Strong interpersonal oral, written and communication skills * Exceptional attention to detail * Be a self-starter, able to work under pressure with limited supervision, and work well with others in a large and diverse environment * Ability to successfully prioritize and manage to completion multiple complex tasks and deliverables, and demonstrate the highest degree of integrity and accountability in all actions * Must complete CDSE Facility Security Officer Curriculum for Possessing Facilities course within six months from date of hire * Willing and able to travel up to 25% of the time Preferred Skills and Experience: * A strong knowledge and understanding of NIST Special Publication 800-53, ISO27001, DoD 8510.01, NISPOM, & ICDs * Experience troubleshooting Windows 10/11 Operating Systems * Experience with the SCAP Compliance Checker and the DISA STIG Viewer * Working knowledge of 32 CFR Part 117 National Industrial Security Program Operations Manual (NISPOM) U.S. Citizenship required. This position requires an active DOD. The expected pay scale for this position is $69,051.00/year - $89,767.00/year for the state of California. Should the level, location, or scope of the position change during the hiring process, the pay scale may be modified accordingly. When extending an offer of employment, Leonardo DRS considers factors such as (but not limited to) the scope and responsibilities of the position; any Federal Government contract labor categories and contract wage rates, the candidate's relevant work experience, education/training, certifications, and key skills; internal equity; and market and business considerations. Taking care of our people is a top priority at Leonardo DRS. We are proud to offer competitive salaries and comprehensive benefits, including medical, dental, and vision coverage, a company contribution to a health savings account, telemedicine, life and disability insurance, legal insurance, and a 401(k) savings plan. We champion wellness programs that focus on physical, emotional, and financial well-being. We develop our talent by offering programs and activities to support career-growth, professional development, and skill enhancement. And we understand there is more to life than work, and the importance of offering flexible work schedules with our 9/80 program, competitive vacation, health/emergency leave, paid parental leave, and community service hours. * Some employees are eligible for limited benefits only Leonardo DRS, Inc. and its subsidiaries provide equal opportunities to all employees and applicants for employment and prohibit discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, protected veteran status, or any other characteristic protected by federal, state, or local laws. #LSY Our Vision. To be the leading mid-tier defense technology company in the U.S. Our Values. The Leonardo DRS culture is defined by our Core Values and Principles: * Integrity * Agility * Excellence * Customer Focus * Community & Respect * Innovation We strive to uphold them in all aspects of our business practices to inspire our employees and provide outstanding support for our customers. Nearest Major Market: Santa Barbara Nearest Secondary Market: Santa Maria

About Us At SimplePractice, we are improving access to quality care by equipping health and wellness clinicians with all the tools they need to thrive in private practice. More than 250,000 providers trust SimplePractice to build their business through our industry-leading software with powerful tools that simplify every part of practice management. From admin work to clinical care, our suite of innovative solutions work together to reduce administrative burden-empowering solo and small group practitioners to thrive alongside their clients. Recognized by MedTech Breakthrough as the Best Practice Management Solution Provider in 2024 and the Digital Health Awards in 2023, SimplePractice is proud to pave the future of health tech. The Role SimplePractice is a leading practice management platform for health & wellness professionals. We are dedicated to empowering practitioners to run their businesses more efficiently and securely. We are seeking an Applied AI Security Engineer who will play a pivotal role in safeguarding our platform. In this role, you will be a hands-on builder and implementer, working closely with our innovative product and engineering teams to develop and deploy AI-driven security solutions to protect our client data. You will actively contribute to enabling enhanced security capabilities, mitigating risks, ensuring compliance with healthcare regulations, and advancing our mission of securely empowering health & wellness professionals through reliable AI solutions. You've been a hands-on, early adopter of AI technologies and understand the promise and the pitfalls. You've applied your knowledge to traditional security functions like cloud security, application security, security operations and are eager to take an AI-first approach. You bring full stack skills that can develop and productionalize AI agents to help us scale our security capabilities. Responsibilities Applied AI Security Engineering: Design, build, and implement secure AI solutions to automate our security function, serving as a hands-on expert in secure AI implementation patterns. Enable our security team to move from AI as assistant to AI as automated enabler Collaborate with product teams to evaluate security implications of new AI features Actively develop and contribute code to AI security testing tools, including red team AI agents, to proactively identify and address vulnerabilities in new features and models. Lead incident response for AI-related security events Integrate AI capabilities directly into security operations workflows to automate threat detection, incident response, and vulnerability management. AI Security Architecture & Strategy: Design and implement security architecture for AI systems, including LLMs and ML platforms Develop security standards and patterns for AI development and deployment Threat modeling for AI features Establish security controls for model training and monitoring Translate AI security strategies into actionable development plans and prototypes. Vendor & Technology Assessment: Evaluate AI vendors and SaaS providers for security, compliance and data protection Assess emerging AI security tools and technologies Review cloud-based AI services for healthcare compliance Risk Management & Compliance: Partner with legal and compliance teams ensure AI initiatives meet regulatory and contractual requirements Implement controls for data privacy, model integrity, and access management Develop metrics and reporting for AI security posture Liaison with customers and auditors on SimplePractice's approach to AI security and compliance Leverage AI and automation to operationalize security and compliance workflows, continuously monitoring and improving our security posture Desired Skills & Experience 5+ years of experience in information security, with recent focus on AI/ML systems Proven hands-on experience in designing, developing, and deploying AI/ML security solutions, including expertise in model security, data poisoning prevention, prompt injection guardrails, and privacy-preserving techniques. Strong background in security architecture and threat modeling Strong bias towards automating with AI as a partner Demonstrated experience in implementing AI security controls within a regulated environment, with a strong emphasis on practical application and automation. Degree in Computer Science, Cybersecurity, or a related field Experience implementing Nvidia NeMo guardrails, ModelArmor or similar LLM protect frameworks Demonstrated experience with serverless cloud technologies like Lambda, Cloud Run Knowledgeable in Amazon Bedrock, OpenAI APIs, Langchain, ADK or similar AI model platforms Strong software development background with proficiency in python, rust or similar languages, including experience with MLOps and DevSecOps practices and tools such as terraform. Understanding of healthcare compliance (HIPAA, HITECH) Excellent analytical, problem-solving, and communication skills Ability to work independently to learn new technologies, processes, frameworks, and systems. Bonus Points A ‘hands-on' security certification (SANS, CEH, etc) Experience in healthcare or medical device security Familiarity with AI ethics and responsible AI development practices Experience with containerization and orchestration technologies (e.g., Docker, Kubernetes) Experience contributing to open-source AI security projects or developing internal AI security tools/frameworks. Familiarity with security automation and orchestration platforms (e.g., SOAR) and how AI can augment or replace these tools. Base Compensation Range $115,000 - $145,000 annually Base salary is one component of total compensation. Employees may also be eligible for an annual bonus or commission. Some roles may also be eligible for overtime pay. The above represents the expected base compensation range for this job requisition. Ultimately, in determining your pay, we'll consider many factors including, but not limited to, skills, experience, qualifications, geographic location, and other job-related factors. Benefits We offer a competitive benefits program including: Medical, dental, vision, life & disability insurance 401(k) plan with company match Flexible Time Off (FTO), wellbeing days, paid holidays, and summer Fridays Mental health resources Paid parental leave & Backup Care Tuition reimbursement Employee Resource Groups (ERGs) California Job Applicant Privacy Notice Thank you for your interest in opportunities at SimplePractice LLC ("SimplePractice" or "us" or "we" or "our"). Please note that when you submit your resume or application materials to us for employment purposes, you are subject to the SimplePractice California Job Applicant Privacy Notice. For more information about our privacy practices, please contact us at privacy@simplepractice.com.

At Deckers Brands, Together, Every Step is a promise kept that every employee can bring their authentic self, is valued and supported, as a whole person, at work and beyond. Together, Every Step is how we continue to deliver exceptional business results, experience an amazing place to work, and have a positive impact on the communities and world around us. Job Title: Lead Vulnerability Management Security Engineer Reports to: Dir, Security Engineering Location: United States (Remote) Interested applicants must reside in one of the following approved states: Arizona, California, Colorado, Indiana, Massachusetts, Minnesota, New York, Oregon, Pennsylvania, Texas, Utah, Washington The Role As the Lead Vulnerability Management Security Engineer, you'll be at the heart of Deckers Brands' commitment to safeguarding our people, products, and platforms. You'll set the strategic direction for vulnerability management, collaborating with cross-functional teams to identify, assess, and remediate security risks. Your expertise will help shape our security standards, drive the adoption of advanced technologies, and ensure our environment is resilient against emerging threats. This is a unique opportunity to make a meaningful impact-protecting our business, empowering our teams, and building trust with our customers worldwide. We celebrate diversity--of your background, your experiences and your unique identity. We are committed to ensuring an inclusive and equitable workplace where all of our employees can Come as They Are. We believe that when we bring our different perspectives to work, we are truly Better Together. Your Impact Lead the review and analysis of vulnerability data to identify trends, patterns, and key risks across Deckers' global environment Facilitate vulnerability management meetings and drive risk-based discussions to prioritize and accelerate remediation efforts Advise and support remediation teams in developing actionable plans to address vulnerabilities and strengthen our security posture Perform risk-based assessments for both on-premise and cloud-based services, ensuring robust protection for critical assets Integrate advanced security technologies and automation tools to enhance threat detection and response capabilities Build and present business cases for adopting new security solutions to mitigate emerging risks Develop, consolidate, and maintain security metrics to measure the effectiveness of our cybersecurity program Apply industry-leading frameworks (NIST, ISO27001/2, CIS Top 20 Controls) to establish and maintain best-in-class security measures Foster strong relationships with technical teams, serving as a trusted advisor and championing a culture of security awareness Contribute to the strategic direction of the Technical Security team by designing and implementing tools that enhance customer trust and detect suspicious activity Who You Are BA/BS degree or equivalent experience in a relevant field Security professional certification (CISSP, CVA, GEVA, or similar) preferred 4+ years of hands-on experience in vulnerability management, including scanning, assessment, and remediation Proven success in starting and growing a vulnerability management program Proficiency with leading vulnerability management tools (Tenable, CrowdStrike) and scripting/automation languages (PowerShell, Python) Deep understanding of security frameworks and compliance standards (NIST, ISO27001/2, CIS Top 20 Controls, PCI-DSS, HIPAA) Strong analytical skills to identify patterns, trends, and actionable insights from complex vulnerability data Excellent communication skills for reporting and stakeholder engagement Collaborative mindset with the ability to serve as a trusted advisor across cross-functional teams Self-driven, strategic thinker with a passion for advancing cybersecurity programs What We'll Give You - Competitive Pay and Bonuses - We've created a variety of competitive compensation programs to foster career development, reward success and to show our employees just how much they're valued. Financial Planning and wellbeing - No matter what financial goals our employees have set, we want to help them get there. Our plans provide powerful ways to protect income, pay for expenses and invest in the future. Time away from work - Sometimes we need time away to be with family, focus on our health or just simply recharge. Our plans support our employees' needs to get out, get healthy and come back stronger than ever. Extras, discounts and perks - Being a valued member of the Deckers Brands team means more than just a paycheck. From generous discounts to community-based programs, we offer a variety of cool extras Growth and Development - Deckers Brands was built on the idea of pursuing passion. That's why we offer extensive opportunities and support for personal and professional development. Health and Wellness - There's nothing basic about our comprehensive health and wellness programs and offerings. While at work and at play, we aim to support a healthy lifestyle. $120,000 - $130,000 The salary range posted reflects the minimum and maximum target for new hire salaries for this role in our Goleta, CA location. Individual pay will be determined by location and additional factors, including job related skills, experience, and relevant education or training. Your recruiter can share more about the specific salary for your preferred location during the hiring process. Equal Employment Opportunity Diversity and inclusion are key to our success. We are proud to be an equal opportunity employer, and our employees are people with different strengths, experiences and backgrounds who share a passion for our brands. We welcome qualified applicants regardless of their race, color, religion, sex, sexual orientation, gender identity, gender expression, national origin, age, military or veteran status, mental or physical disability, medical condition and all the other beautiful parts of your identity. #LI-AR1

A FORTUNE 500, multi-state health care organization, arranges for the delivery of health care services and offers health information management solutions to nearly five million individuals and families who receive their care through Medicaid, Medicare and other government-funded programs in fifteen states. Job Description Senior Security Engineer (Contract) Beachbody, a billion-dollar company and the leader of in-home fitness programs and nutritional products, is on the lookout for top-notch talent. We're an equal-opportunity employer who offers competitive compensation and incredible incentive opportunities, not to mention a laid-back office filled with smart, friendly people and positive energy. We also provide free Shakeology, onsite gyms, flexible work hours, and cool product discounts. Are you ready to help us achieve our goal of helping people live healthier, more fulfilling lives? Read on. Why is the Security Team important to Beachbody? Beachbody's legal team is tasked with mitigating risk so we can continue to fight the epidemic of obesity in North America. This critically-important team oversees contracts and compliance and ensures that the company is successful as it grows. What you will be doing at Beachbody as a Senior Security Engineer? Beachbody is building-out its global information security function and is looking to recruit an experienced and dynamic information security professional for the newly created position of Senior Security Engineer. As a seasoned Senior Security Engineer, with deep technical knowledge of systems engineering/administration, specifically in emerging cloud technologies, will help grow and assist the organization with both on premise and cloud deployments. This individual will develop, engineer, and define secure network and cloud information systems and will focus on identifying risks, implementing security solutions, and securing Beachbody cloud systems. We'd love to chat if you have… Passion about security and protecting our customers and a strong familiarity with security tools, software and hardware such as protocol analyzers, IDS/IPS consoles, SIEM tools, FIM, log collection and analysis tools, vulnerability scanning tools, and firewalls both on premise and cloud based. Experience with plans, designs, and evaluations of security systems and architectures. Experience working in 24 x 7 operations with complex, high transaction, high availability environments and security standards including those from PCI-DSS, ISO27000 and NIST. Strong understanding of cryptography, protocol design and analysis. Security certifications a plus including CCSP, CCSK, Azure/AWS Cert., CISM, CISA, CEH, CISSP, and working knowledge of AWS cloud services. Qualifications We'd love to chat if you have… Passion about security and protecting our customers and a strong familiarity with security tools, software and hardware such as protocol analyzers, IDS/IPS consoles, SIEM tools, FIM, log collection and analysis tools, vulnerability scanning tools, and firewalls both on premise and cloud based. Experience with plans, designs, and evaluations of security systems and architectures. Experience working in 24 x 7 operations with complex, high transaction, high availability environments and security standards including those from PCI-DSS, ISO27000 and NIST. Strong understanding of cryptography, protocol design and analysis. Security certifications a plus including CCSP, CCSK, Azure/AWS Cert., CISM, CISA, CEH, CISSP, and working knowledge of AWS cloud services. Additional Information All your information will be kept confidential according to EEO guidelines.

Join Goodwin's Global Operations Team, and make a real impact on a global scale. At Goodwin, we work with some of the world's most successful and innovative investors, entrepreneurs and disruptors in the life sciences, private equity, real estate, technology and financial industries, and where they converge. As part of the Global Operations Team - all business professionals at the firm - you'll collaborate with colleagues from varied backgrounds and experiences, fostering an environment where cross-functional learning, networking, and collaboration are at the core of what we do. Here, we're not just supporting a law firm; we're partnering with attorneys and clients to deliver cutting-edge solutions in high-stakes litigation and dispute resolution, world-class regulatory compliance and advisory services, and complex transactions. Our commitment to integrity, ingenuity, agility, and ambition drives us, and we're proud to have been recognised as the "Best Business Team" by The American Lawyer. This is your opportunity to grow professionally in a dynamic, global environment, surrounded by forward-thinking peers. Working with the Director, Information Security, this position is responsible for the operation, implementation, management, auditing and reporting, and engineering support of Goodwin's network and information security systems infrastructure. Assists with security automation, threat detection engineering, risk assessments, vulnerability management, incident response, and disaster recovery testing. Provides internal consulting to project owners and technical resources to ensure the confidentiality, integrity and availability of firm data and systems. Reviews, tests and implements new security technology platforms. Advocates information security practices to all firm members. What You Will Do: * Identify new threats to IT systems and create rules to identify, prevent and remediate. * Expand security auditing and ensuring the proper ongoing operations of security tools * Providing internal information security consulting for other business and IT projects. This includes identifying, documenting and implementing secure configurations and architectures. * Assist with the creation and maintenance of security policies, standards, guidelines and other documentation for IT and business audiences. * Responsible for security metrics on a monthly basis to ensure the proper service levels are maintained. * Support incident response lifecycle including identification, triage, remediation and communications for security breaches and malware infections. * Identify latest security vulnerabilities, malware, breaches, and industry news which could affect the firm * Maintains vulnerability management process including identification, rating, remediation and monitoring. * Provides additional coverage for approvals and notifications to other IT groups for critical time sensitive operations including firewall changes, password reset approvals, and application vetting. * Assist with automation of security processes, integration of security platforms, and creation of tools. * Ongoing reviews of access controls by investigating improper access; revoking access; reporting violations; monitoring requests; recommending improvements * Provides technical leadership for incident response capabilities including malware analysis, breach investigation, and remediation efforts. * Creation of internal training materials and other items to support the advancement of information security within the firm. * Maintains awareness of industry trends and their advantages with the ability to make recommendations for improving technology used by the firm. * Participates in and/or manages cross-functional team projects to implement new or updated technology. * Cross-trains other IT staff in security best practices, the use or maintenance of technology. * Effectively manages small projects. * Displays professionalism, quality service and a "can do" attitude to internal members/departments of the Firm as well as external clients and vendors via electronic and print correspondence, over the telephone and in-person. * Provides information security knowledge transfer to other IT staff and business * Assumes additional responsibilities as assigned. Who You Are: * Bachelor's Degree or equivalent. * Minimum of 3 years' experience working in the capacity of an Information Security Analyst * CISSP or equivalent preferred * Expert knowledge in IT Security frameworks and solutions. * Active participation in IT Security Forums inside/outside of the Legal Industry. * Excellent technical communication skills with a strong desire to achieve customer satisfaction; must be able to communicate effectively across entire organizations. * Operating knowledge of security configurations with respect to one or more of the following security products * SIEM: Splunk, Sentinel * Firewalls: Cisco, Palo Alto Networks * IDS/IPS: Cisco, Palo Alto Networks * NAC: Cisco, Aruba * Vulnerability Management: Tenable, Rapid7 * Programming Languages: Python, Powershell, Node.js * Security Automation: LogicApps, Power Automate, Splunk * Operating knowledge of security issues associated with one or more of the following cloud platforms: Azure, AWS * Strong security knowledge of O/S (desktop and server) Security - Windows, Mac, Linux. * Strong security knowledge of browser security issues (Edge, Chrome). * Ability to learn new technologies and security features. * Excellent analytical, problem solving and troubleshooting skills. * Excellent organizational, interpersonal, communication and customer service skills. * Knowledge of ITIL Service Management principles. * Travel 1 week per quarter #LI - TV1 Benefits and More At Goodwin, you will discover your next career opportunity with a rewarding compensation package and comprehensive benefits, including: * Flexible work arrangements and hybrid work schedule * Health, dental, and vision insurance * Life and disability insurance * Retirement & Savings Plan * Emergency back-up child and adult care * Paid vacation, sick time off, and holidays * Professional development and career advancement opportunities * Employee recognition and reward programs * Employee wellness and assistance programs * Employee discounts and perks Consistent with the City of Los Angeles' Fair Chance Initiative for Hiring Ordinance an arrest and conviction record will not automatically disqualify a qualified applicant from consideration. Consistent with the SF Fair Chance Ordinance, an arrest and conviction record will not automatically disqualify a qualified applicant from consideration. Goodwin Procter LLP is an equal opportunity employer. This means that Goodwin Procter LLP considers applicants for employment, and makes employment decisions without unlawful discrimination on the basis of race, color, gender, gender identity or expression, age, religion, national origin, citizenship status, disability, medical condition, genetic information, marital status, sexual orientation, military or veteran status, or other legally protected status. To request a reasonable accommodation to participate in the job application or interview process in the US, contact the Benefits Department by email or by phone at ************. To request any disability or neurodivergence related accommodations to participate in the job application or interview process in the UK or Germany, please email the Recruiting Department. Any information you provide will be in the strictest confidence, and only used for the purpose of providing the accommodations needed. Requesting accommodations will not adversely affect the outcome of your application. This position is eligible for overtime: No The target salary range for this position varies by location and is commensurate with relevant experience: Boston $103,700 - $138,300 | Los Angeles $111,500 - $148,700 | New York $111,500 - $148,700 | Philadelphia $101,600 - $135,500 | San Francisco $119,300 - $159,000 | Santa Monica $111,500 - $148,700 | Silicon Valley $119,300 - $159,000 | Washington DC $103,700 - $138,300

Country: United States of America Onsite U.S. Citizen, U.S. Person, or Immigration Status Requirements: Active and transferable U.S. government issued security clearance is required prior to start date. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance Security Clearance: Secret - Current At Raytheon, the foundation of everything we do is rooted in our values and a higher calling - to help our nation and allies defend freedoms and deter aggression. We bring the strength of more than 100 years of experience and renowned engineering expertise to meet the needs of today's mission and stay ahead of tomorrow's threat. Our team solves tough, meaningful problems that create a safer, more secure world. Our cybersecurity team is seeking a Senior Information Systems Security Officer (ISSO) to support our team 100% onsite at our facility in Goleta, California. The successful candidate will interface with the Information Systems Security Manager (ISSM) to ensure adherence with NIST Special Publications, customer directives, and company policies as applicable all NISPOM Chapter 8, DAAPM, JSIG policies. What You Will Do Assessing and monitoring system compliance, auditing, security plan development and delivering information systems security education and awareness. Investigating information system security violations and help prepare reports specifying corrective and preventative actions. Reviewing and approving (within authority) configuration management requests. Conducting technical and administrative assessments. Integrating new cybersecurity processes, procedures, and tools. Support the creation, review and update of cybersecurity documentation and other technical writing. Qualifications You Must Have Typically requires a University Degree or equivalent experience and minimum 5 years prior relevant experience, or an Advanced Degree in a related field and minimum 3 years' experience. Current IAM Level I certification (Security+ or other). Relevant Experience Considered in any combination: Cybersecurity, systems security or hardening Information Technology Compliance-based auditing using the Risk Management Framework (RMF), DCSA Assessment and Authorization Process Manual (DAAPM), Joint SAP Implementation Guide (JSIG), National Industrial Security Program Operating Manual (NISPOM), and/or non-defense regulations such as FAA, Payment Card Industry (PCI), ISO 9001 Quality Management standards, or HIPPA Experience working with and/or supporting computer technologies (such as: databases, operating systems, computer network hardware, software programs, hardware troubleshooting or electronics) Physical security/security, policework/criminal justice, investigations, or Border Patrol Project or program management, office management, senior administration, or account management Qualifications We Prefer Experience working in DoD classified operating and/or laboratory environments. Experience with various information system security tools that address vulnerability analysis and mitigation. These may include Splunk, Forcepoint, Ivanti, Tenable, ACAS, HBSS, etc. Familiarity with implementation of Government directives and policies derived from NIST, CNSSI, DoD, or other Government Regulatory compliance standards within a professional industry. Experience in the execution of the Assessment & Authorization processes, as defined within the Risk Managed Framework (RMF). Experience providing technical security consultation for complex, cross-domain, heterogeneous classified networked environments in collaboration with internal/external Customers, Information Technology (IT). Familiarity with large multi-facility networks including various complex components, including Windows and Linux environments. Experience interpreting, implementing, and assessing DISA STIGs. Familiarity with the execution and management of cyber incident response; preservation, containment, and eradication. What We Offer Our values drive our actions, behaviors, and performance with a vision for a safer, more connected world. At RTX we value: Trust, Respect, Accountability, Collaboration, and Innovation. Relocation Eligible - Relocation assistance available Please consider the following role type definition as you apply for this role: Onsite: Employees who are working in Onsite roles will work primarily onsite. This includes all production and maintenance employees, as they are essential to the development of our products. We are RTX #LI-Onsite As part of our commitment to maintaining a secure hiring process, candidates may be asked to attend select steps of the interview process in-person at one of our office locations, regardless of whether the role is designated as on-site, hybrid or remote. The salary range for this role is 95,500 USD - 181,700 USD. The salary range provided is a good faith estimate representative of all experience levels. RTX considers several factors when extending an offer, including but not limited to, the role, function and associated responsibilities, a candidate's work experience, location, education/training, and key skills.Hired applicants may be eligible for benefits, including but not limited to, medical, dental, vision, life insurance, short-term disability, long-term disability, 401(k) match, flexible spending accounts, flexible work schedules, employee assistance program, Employee Scholar Program, parental leave, paid time off, and holidays. Specific benefits are dependent upon the specific business unit as well as whether or not the position is covered by a collective-bargaining agreement.Hired applicants may be eligible for annual short-term and/or long-term incentive compensation programs depending on the level of the position and whether or not it is covered by a collective-bargaining agreement. Payments under these annual programs are not guaranteed and are dependent upon a variety of factors including, but not limited to, individual performance, business unit performance, and/or the company's performance.This role is a U.S.-based role. If the successful candidate resides in a U.S. territory, the appropriate pay structure and benefits will apply.RTX anticipates the application window closing approximately 40 days from the date the notice was posted. However, factors such as candidate flow and business necessity may require RTX to shorten or extend the application window. RTX is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or veteran status, or any other applicable state or federal protected class. RTX provides affirmative action in employment for qualified Individuals with a Disability and Protected Veterans in compliance with Section 503 of the Rehabilitation Act and the Vietnam Era Veterans' Readjustment Assistance Act. Privacy Policy and Terms: Click on this link to read the Policy and Terms

Job Description About the Role: The Information Security Risk Specialist plays a critical role in safeguarding an organization's information assets by identifying, assessing, and mitigating security risks. This position involves developing and implementing risk management strategies that align with business objectives and regulatory requirements. The specialist will collaborate with cross-functional teams to ensure security controls are effective and that risk exposure is minimized.The ideal candidate must have an understanding of current and emerging technological trends and be able to implement appropriate security controls. Also requires an awareness of IT standards, regulations, and laws affecting financial institutions. They are responsible for examining applications from new customers, requesting supportive and missing data and information, and working with other departments to classify data. Understanding the way the Bank operates and the various internal and external factors that may affect its performance and information security is vital to this role. Strong communication skills are also necessary to communicate technological concepts and techniques in daily work. Analytical thinking skills are also crucial, as they must apply a high level of technical knowledge and skill while working in a fast-paced environment. This role also requires strong problem-solving skills and the ability to work independently to successfully perform the assigned tasks. Must learn effective methods to manage risk and have the ability to analyze complex data, interpret laws, and represent management views. Good understanding of all risk-related issues and procedures relating to bank products and services. Minimum Qualifications: Bachelor's degree in Information Security, Computer Science, or a related field. At least 3 years of experience in information security risk management or a similar role. Strong understanding of risk assessment methodologies and information security frameworks such as NIST, ISO 27001, or CIS Controls. Familiarity with regulatory requirements such as GDPR, HIPAA, or SOX. Excellent analytical, communication, and problem-solving skills. Preferred Qualifications: Professional certifications such as CISSP, CISM, CRISC, or equivalent. Experience with security governance, risk, and compliance (GRC) tools. Knowledge of cloud security risk management and emerging technologies. Experience working in a large enterprise or highly regulated industry. Advanced degree in cybersecurity, risk management, or business administration. Responsibilities: Conduct comprehensive risk assessments to identify potential threats to information systems and data. Develop, implement, and maintain risk management frameworks and policies in accordance with industry standards and regulations. Collaborate with IT, compliance, and business teams to design and enforce security controls that mitigate identified risks. Monitor and report on risk metrics, security incidents, and compliance status to senior management and stakeholders. Stay current with evolving cybersecurity threats, vulnerabilities, and regulatory changes to update risk strategies accordingly. Skills: The Information Security Risk Specialist uses analytical skills daily to evaluate complex security risks and develop effective mitigation strategies. Communication skills are essential for collaborating with diverse teams and conveying risk findings to both technical and non-technical stakeholders. Proficiency with risk management frameworks and tools enables the specialist to implement structured and repeatable processes for assessing and managing risks. Knowledge of regulatory environments ensures that risk strategies comply with legal and industry standards. Additionally, staying informed about emerging threats and technologies allows the specialist to adapt risk management approaches proactively, maintaining a strong security posture.

**Country:** United States of America ** Onsite **U.S. Citizen, U.S. Person, or Immigration Status Requirements:** Active and transferable U.S. government issued security clearance is required prior to start date. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance **Security Clearance:** Secret - Current At Raytheon, the foundation of everything we do is rooted in our values and a higher calling - to help our nation and allies defend freedoms and deter aggression. We bring the strength of more than 100 years of experience and renowned engineering expertise to meet the needs of today's mission and stay ahead of tomorrow's threat. Our team solves tough, meaningful problems that create a safer, more secure world. Our cybersecurity team is seeking a **Senior Information Systems Security Officer (ISSO)** to support our team **100% onsite** at our facility in **Goleta, California.** The successful candidate will interface with the Information Systems Security Manager (ISSM) to ensure adherence with NIST Special Publications, customer directives, and company policies as applicable all NISPOM Chapter 8, DAAPM, JSIG policies. **What You Will Do** + Assessing and monitoring system compliance, auditing, security plan development and delivering information systems security education and awareness. + Investigating information system security violations and help prepare reports specifying corrective and preventative actions. + Reviewing and approving (within authority) configuration management requests. + Conducting technical and administrative assessments. + Integrating new cybersecurity processes, procedures, and tools. + Support the creation, review and update of cybersecurity documentation and other technical writing. **Qualifications You Must Have** + Typically requires a University Degree or equivalent experience and minimum 5 years prior relevant experience, or an Advanced Degree in a related field and minimum 3 years' experience. + Current IAM Level I certification (Security+ or other). + Relevant Experience Considered in any combination: + Cybersecurity, systems security or hardening + Information Technology + Compliance-based auditing using the Risk Management Framework (RMF), DCSA Assessment and Authorization Process Manual (DAAPM), Joint SAP Implementation Guide (JSIG), National Industrial Security Program Operating Manual (NISPOM), and/or non-defense regulations such as FAA, Payment Card Industry (PCI), ISO 9001 Quality Management standards, or HIPPA + Experience working with and/or supporting computer technologies (such as: databases, operating systems, computer network hardware, software programs, hardware troubleshooting or electronics) + Physical security/security, policework/criminal justice, investigations, or Border Patrol + Project or program management, office management, senior administration, or account management **Qualifications We Prefer** + Experience working in DoD classified operating and/or laboratory environments. + Experience with various information system security tools that address vulnerability analysis and mitigation. These may include Splunk, Forcepoint, Ivanti, Tenable, ACAS, HBSS, etc. + Familiarity with implementation of Government directives and policies derived from NIST, CNSSI, DoD, or other Government Regulatory compliance standards within a professional industry. + Experience in the execution of the Assessment & Authorization processes, as defined within the Risk Managed Framework (RMF). + Experience providing technical security consultation for complex, cross-domain, heterogeneous classified networked environments in collaboration with internal/external Customers, Information Technology (IT). + Familiarity with large multi-facility networks including various complex components, including Windows and Linux environments. + Experience interpreting, implementing, and assessing DISA STIGs. + Familiarity with the execution and management of cyber incident response; preservation, containment, and eradication. **What We Offer** Our values drive our actions, behaviors, and performance with a vision for a safer, more connected world. At RTX we value: Trust, Respect, Accountability, Collaboration, and Innovation. Relocation Eligible - Relocation assistance available **Please consider the following role type definition as you apply for this role:** + Onsite: Employees who are working in Onsite roles will work primarily onsite. This includes all production and maintenance employees, as they are essential to the development of our products. We are RTX (**************************************** \#LI-Onsite **_As part of our commitment to maintaining a secure hiring process, candidates may be asked to attend select steps of the interview process in-person at one of our office locations, regardless of whether the role is designated as on-site, hybrid or remote._** The salary range for this role is 95,500 USD - 181,700 USD. The salary range provided is a good faith estimate representative of all experience levels. RTX considers several factors when extending an offer, including but not limited to, the role, function and associated responsibilities, a candidate's work experience, location, education/training, and key skills. Hired applicants may be eligible for benefits, including but not limited to, medical, dental, vision, life insurance, short-term disability, long-term disability, 401(k) match, flexible spending accounts, flexible work schedules, employee assistance program, Employee Scholar Program, parental leave, paid time off, and holidays. Specific benefits are dependent upon the specific business unit as well as whether or not the position is covered by a collective-bargaining agreement. Hired applicants may be eligible for annual short-term and/or long-term incentive compensation programs depending on the level of the position and whether or not it is covered by a collective-bargaining agreement. Payments under these annual programs are not guaranteed and are dependent upon a variety of factors including, but not limited to, individual performance, business unit performance, and/or the company's performance. This role is a U.S.-based role. If the successful candidate resides in a U.S. territory, the appropriate pay structure and benefits will apply. RTX anticipates the application window closing approximately 40 days from the date the notice was posted. However, factors such as candidate flow and business necessity may require RTX to shorten or extend the application window. _RTX is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or veteran status, or any other applicable state or federal protected class. RTX provides affirmative action in employment for qualified Individuals with a Disability and Protected Veterans in compliance with Section 503 of the Rehabilitation Act and the Vietnam Era Veterans' Readjustment Assistance Act._ **Privacy Policy and Terms:** Click on this link (******************************************************** to read the Policy and Terms Raytheon Technologies is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.

Country: United States of America Onsite U.S. Citizen, U.S. Person, or Immigration Status Requirements: Active and transferable U.S. government issued security clearance is required prior to start date. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance Security Clearance: Secret - Current At Raytheon, the foundation of everything we do is rooted in our values and a higher calling - to help our nation and allies defend freedoms and deter aggression. We bring the strength of more than 100 years of experience and renowned engineering expertise to meet the needs of today's mission and stay ahead of tomorrow's threat. Our team solves tough, meaningful problems that create a safer, more secure world. Our cybersecurity team is seeking a Senior Information Systems Security Officer (ISSO) to support our team 100% onsite at our facility in Goleta, California. The successful candidate will interface with the Information Systems Security Manager (ISSM) to ensure adherence with NIST Special Publications, customer directives, and company policies as applicable all NISPOM Chapter 8, DAAPM, JSIG policies. What You Will Do Assessing and monitoring system compliance, auditing, security plan development and delivering information systems security education and awareness. Investigating information system security violations and help prepare reports specifying corrective and preventative actions. Reviewing and approving (within authority) configuration management requests. Conducting technical and administrative assessments. Integrating new cybersecurity processes, procedures, and tools. Support the creation, review and update of cybersecurity documentation and other technical writing. Qualifications You Must Have Typically requires a University Degree or equivalent experience and minimum 5 years prior relevant experience, or an Advanced Degree in a related field and minimum 3 years' experience. Current IAM Level I certification (Security+ or other). Relevant Experience Considered in any combination: Cybersecurity, systems security or hardening Information Technology Compliance-based auditing using the Risk Management Framework (RMF), DCSA Assessment and Authorization Process Manual (DAAPM), Joint SAP Implementation Guide (JSIG), National Industrial Security Program Operating Manual (NISPOM), and/or non-defense regulations such as FAA, Payment Card Industry (PCI), ISO 9001 Quality Management standards, or HIPPA Experience working with and/or supporting computer technologies (such as: databases, operating systems, computer network hardware, software programs, hardware troubleshooting or electronics) Physical security/security, policework/criminal justice, investigations, or Border Patrol Project or program management, office management, senior administration, or account management Qualifications We Prefer Experience working in DoD classified operating and/or laboratory environments. Experience with various information system security tools that address vulnerability analysis and mitigation. These may include Splunk, Forcepoint, Ivanti, Tenable, ACAS, HBSS, etc. Familiarity with implementation of Government directives and policies derived from NIST, CNSSI, DoD, or other Government Regulatory compliance standards within a professional industry. Experience in the execution of the Assessment & Authorization processes, as defined within the Risk Managed Framework (RMF). Experience providing technical security consultation for complex, cross-domain, heterogeneous classified networked environments in collaboration with internal/external Customers, Information Technology (IT). Familiarity with large multi-facility networks including various complex components, including Windows and Linux environments. Experience interpreting, implementing, and assessing DISA STIGs. Familiarity with the execution and management of cyber incident response; preservation, containment, and eradication. What We Offer Our values drive our actions, behaviors, and performance with a vision for a safer, more connected world. At RTX we value: Trust, Respect, Accountability, Collaboration, and Innovation. Relocation Eligible - Relocation assistance available Please consider the following role type definition as you apply for this role: Onsite: Employees who are working in Onsite roles will work primarily onsite. This includes all production and maintenance employees, as they are essential to the development of our products. We are RTX #LI-Onsite As part of our commitment to maintaining a secure hiring process, candidates may be asked to attend select steps of the interview process in-person at one of our office locations, regardless of whether the role is designated as on-site, hybrid or remote. The salary range for this role is 95,500 USD - 181,700 USD. The salary range provided is a good faith estimate representative of all experience levels. RTX considers several factors when extending an offer, including but not limited to, the role, function and associated responsibilities, a candidate's work experience, location, education/training, and key skills.Hired applicants may be eligible for benefits, including but not limited to, medical, dental, vision, life insurance, short-term disability, long-term disability, 401(k) match, flexible spending accounts, flexible work schedules, employee assistance program, Employee Scholar Program, parental leave, paid time off, and holidays. Specific benefits are dependent upon the specific business unit as well as whether or not the position is covered by a collective-bargaining agreement.Hired applicants may be eligible for annual short-term and/or long-term incentive compensation programs depending on the level of the position and whether or not it is covered by a collective-bargaining agreement. Payments under these annual programs are not guaranteed and are dependent upon a variety of factors including, but not limited to, individual performance, business unit performance, and/or the company's performance.This role is a U.S.-based role. If the successful candidate resides in a U.S. territory, the appropriate pay structure and benefits will apply.RTX anticipates the application window closing approximately 40 days from the date the notice was posted. However, factors such as candidate flow and business necessity may require RTX to shorten or extend the application window. RTX is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or veteran status, or any other applicable state or federal protected class. RTX provides affirmative action in employment for qualified Individuals with a Disability and Protected Veterans in compliance with Section 503 of the Rehabilitation Act and the Vietnam Era Veterans' Readjustment Assistance Act. Privacy Policy and Terms: Click on this link to read the Policy and Terms

About Us At SimplePractice, we are improving access to quality care by equipping health and wellness clinicians with all the tools they need to thrive in private practice. More than 250,000 providers trust SimplePractice to build their business through our industry-leading software with powerful tools that simplify every part of practice management. From admin work to clinical care, our suite of innovative solutions work together to reduce administrative burden-empowering solo and small group practitioners to thrive alongside their clients. Recognized by MedTech Breakthrough as the Best Practice Management Solution Provider in 2024 and the Digital Health Awards in 2023, SimplePractice is proud to pave the future of health tech. The Role SimplePractice is a leading practice management platform for health & wellness professionals. We are dedicated to empowering practitioners to run their businesses more efficiently and securely. We are seeking a hands-on Application Security Engineer who will play a pivotal role in enhancing and safeguarding our platform. In this role, you will be a hands-on builder and implementer, working closely with our innovative product and engineering teams to integrate robust security practices into the entire software development lifecycle (SDLC). You will actively contribute to building and scaling our application security program, mitigating risks, ensuring compliance with healthcare regulations, and advancing our mission of securely empowering health & wellness professionals. You've been a hands-on, security-focused engineer with a deep understanding of application vulnerabilities and defensive coding practices. You've built your knowledge and are eager to partner directly with engineering teams to embed security from the start. You bring full stack skills that can help develop and implement security controls, tools, and processes to scale our application security capabilities. Responsibilities Applied AI Security Engineering: Design, build, and implement secure solutions and automation to embed security testing and controls within the SDLC, serving as a hands-on expert in secure development practices. Partner with engineering teams to move from reactive security fixes to proactive, embedded security in their development workflows. Collaborate with product and engineering teams to perform security reviews, threat modeling, and design reviews for new features and architectural changes. Actively develop and contribute code to internal security tools, security testing frameworks (e.g., SAST, DAST, SCA), and defensive libraries to proactively identify and address vulnerabilities. Lead incident response for application-related security events, focusing on root cause analysis and implementing preventative controls. Integrate security capabilities directly into CI/CD pipelines and engineering workflows to automate vulnerability detection and remediation. AI Security Architecture & Strategy: Design and implement security architecture for web applications, APIs, and microservices, ensuring security by design. Develop secure coding standards, security patterns, and reusable components for application development and deployment. Conduct threat modeling across the application portfolio to identify and prioritize risks. Establish and maintain security controls for development, staging, and production environments. Translate application security strategies into actionable development plans and prototypes. Vendor & Technology Assessment: Evaluate third-party components, libraries, and SaaS providers for security, compliance, and data protection. Assess emerging application security tools and technologies. Review cloud-based services and configurations for compliance and security posture. Risk Management & Compliance: Partner with legal and compliance teams to ensure application security initiatives meet regulatory (e.g., HIPAA, HITECH) and contractual requirements. Implement and monitor controls for data privacy, integrity, and access management within the application layer. Develop metrics and reporting for the application security posture across engineering teams. Liaison with customers and auditors on SimplePractice's approach to application security and compliance. Leverage automation to operationalize security and compliance workflows, continuously monitoring and improving our security posture. Desired Skills & Experience 5+ years of experience in information security, with recent focus on application security, secure SDLC, and partnership with engineering. Proven hands-on experience in designing, developing, and deploying security controls and automation, including expertise in code review, vulnerability remediation, and security testing. Strong background in security architecture and threat modeling for modern web applications and APIs. Strong bias towards automating security tasks and processes to scale the program. Demonstrated experience in implementing security controls within a regulated environment (e.g., healthcare, finance), with a strong emphasis on practical application and automation. Degree in Computer Science, Cybersecurity, or a related field. Demonstrated experience with serverless cloud technologies (e.g., Lambda, Cloud Run) and/or containerization and orchestration (e.g., Docker, Kubernetes). Strong software development background with proficiency in ruby, python, rust, go, or similar languages, including experience with DevSecOps practices and tools such as Terraform, Git, and CI/CD pipelines. Understanding of healthcare compliance (HIPAA, HITECH) is highly desirable. Excellent analytical, problem-solving, and communication skills, especially the ability to explain security risks to engineering partners. Ability to work independently to learn new technologies, processes, and frameworks. Bonus Points A ‘hands-on' security certification (SANS, OSCP, CSSLP, etc.). Experience in healthcare or medical device security. Experience contributing to open-source security projects or developing internal application security tools/frameworks. Familiarity with security automation and orchestration platforms (e.g., SOAR) and their integration with application security tools. This role offers an exciting opportunity to shape the future of application security in healthcare. The successful candidate will play a crucial role in ensuring the safe and compliant operation of our platform, protecting sensitive client data, and maintaining the integrity of our healthcare systems through strong partnerships with our engineering organization. Base Compensation Range $115,000 - $145,000 annually Base salary is one component of total compensation. Employees may also be eligible for an annual bonus or commission. Some roles may also be eligible for overtime pay. The above represents the expected base compensation range for this job requisition. Ultimately, in determining your pay, we'll consider many factors including, but not limited to, skills, experience, qualifications, geographic location, and other job-related factors. Benefits We offer a competitive benefits program including: Medical, dental, vision, life & disability insurance 401(k) plan with company match Flexible Time Off (FTO), wellbeing days, paid holidays, and summer Fridays Mental health resources Paid parental leave & Backup Care Tuition reimbursement Employee Resource Groups (ERGs) California Job Applicant Privacy Notice Thank you for your interest in opportunities at SimplePractice LLC ("SimplePractice" or "us" or "we" or "our"). Please note that when you submit your resume or application materials to us for employment purposes, you are subject to the SimplePractice California Job Applicant Privacy Notice. For more information about our privacy practices, please contact us at privacy@simplepractice.com.

A FORTUNE 500, multi-state health care organization, arranges for the delivery of health care services and offers health information management solutions to nearly five million individuals and families who receive their care through Medicaid, Medicare and other government-funded programs in fifteen states. Job Description Senior Security Engineer (Contract) Beachbody, a billion-dollar company and the leader of in-home fitness programs and nutritional products, is on the lookout for top-notch talent. We're an equal-opportunity employer who offers competitive compensation and incredible incentive opportunities, not to mention a laid-back office filled with smart, friendly people and positive energy. We also provide free Shakeology, onsite gyms, flexible work hours, and cool product discounts. Are you ready to help us achieve our goal of helping people live healthier, more fulfilling lives? Read on. Why is the Security Team important to Beachbody? Beachbody's legal team is tasked with mitigating risk so we can continue to fight the epidemic of obesity in North America. This critically-important team oversees contracts and compliance and ensures that the company is successful as it grows. What you will be doing at Beachbody as a Senior Security Engineer? Beachbody is building-out its global information security function and is looking to recruit an experienced and dynamic information security professional for the newly created position of Senior Security Engineer. As a seasoned Senior Security Engineer, with deep technical knowledge of systems engineering/administration, specifically in emerging cloud technologies, will help grow and assist the organization with both on premise and cloud deployments. This individual will develop, engineer, and define secure network and cloud information systems and will focus on identifying risks, implementing security solutions, and securing Beachbody cloud systems. We'd love to chat if you have… Passion about security and protecting our customers and a strong familiarity with security tools, software and hardware such as protocol analyzers, IDS/IPS consoles, SIEM tools, FIM, log collection and analysis tools, vulnerability scanning tools, and firewalls both on premise and cloud based. Experience with plans, designs, and evaluations of security systems and architectures. Experience working in 24 x 7 operations with complex, high transaction, high availability environments and security standards including those from PCI-DSS, ISO27000 and NIST. Strong understanding of cryptography, protocol design and analysis. Security certifications a plus including CCSP, CCSK, Azure/AWS Cert., CISM, CISA, CEH, CISSP, and working knowledge of AWS cloud services. Qualifications We'd love to chat if you have… Passion about security and protecting our customers and a strong familiarity with security tools, software and hardware such as protocol analyzers, IDS/IPS consoles, SIEM tools, FIM, log collection and analysis tools, vulnerability scanning tools, and firewalls both on premise and cloud based. Experience with plans, designs, and evaluations of security systems and architectures. Experience working in 24 x 7 operations with complex, high transaction, high availability environments and security standards including those from PCI-DSS, ISO27000 and NIST. Strong understanding of cryptography, protocol design and analysis. Security certifications a plus including CCSP, CCSK, Azure/AWS Cert., CISM, CISA, CEH, CISSP, and working knowledge of AWS cloud services. Additional Information All your information will be kept confidential according to EEO guidelines.