Cyber security analyst jobs in San Mateo, CA

Security Engineer | $120K + Bonus + Benefits | Fremont (ONSITE) A major player in the technology hardware industry continues to grow their Fremont campus which manufactures servers for all the top companies in Silicon Valley. Given their success and rapid growth, they are building out an IT Infrastructure team and are looking to add a Security Engineer. I have been working with hiring manager building out his team over the last year and hands-down one of most liked managers and this role offers great career experiences and mentorship. Key Skill Sets: Expertise in analyzing security logs and identifying incidents and suspicious activity. Strong understanding of operating systems, network protocols, architecture, and security vulnerabilities. Experience managing security technologies (SIEM, IDS/IPS, EDR, malware analysis, and protection) Knowledge of compliance frameworks (ISO 27001, NIST, SOC2, FedRAMP) and experience with audits a plus Azure environments Location: Fremont, CA (onsite with some flexible hours) Compensation: up to $120K base salary + Annual Bonus (base on individual/company performance) Benefits: Medical/Dental/Vision, Life/Disability Insurance, 401K (match), Flexible Spending Accounts, PTO, tuition reimbursement. (US Citizenship or Green Card required) If interested in joining a fun, highly collaborative team for a division that continues to grow rapidly, please apply!

About this Job Senior Threat Detection Engineer - Contract to hire (With strong intention of converting to full time permanent) - Remote in the U.S. (Must reside in the US) We're looking for a Security Detection Engineer. In this role, you will be responsible for the following: Improve alerting and monitoring coverage; reduce noise and increase signal fidelity. Advise on proactive security measures beyond standard policies and controls. Conduct hands-on threat hunting and investigate potential threats, including dark web intelligence. Manage and optimize the SIEM (Sumologic). Build and customize advanced queries, dashboards, and behavior-based risk scoring. Please Note: At this time, our client can only consider applications from U.S. Citizens and Green card holders. They are unable to offer visa sponsorship or work with C2C. Requirements: 5+ years of security experience, with at ideally 2-3 years focused on security operations or monitoring. Deep understanding of enterprise IT environments, systems, and user access processes. Hands-on experience with enterprise SIEM Sumologic with the ability to build dashboards, create custom queries, and manage detections across multiple systems. Experience analyzing and improving alerting, reducing noise, and increasing signal fidelity. Familiarity with Infrastructure as Code (IaC) concepts to support accurate detection; able to navigate IaC configurations. Background in SecOps, threat detection, or hunting preferred. Some Python scripting or programming experience. Understanding of cloud security concepts and secure system design. Knowledge of threat frameworks (e.g., MITRE ATT&CK) and attacker techniques. Must be a U.S. Citizen or Green Card holder. Why CyberSN? CyberSN is the leading Cybersecurity Jobs and Career Marketplace. We're dedicated to helping cybersecurity professionals find jobs they love and assisting companies in building strong, diverse teams. From our innovative online matching platform to our full-service recruitment solutions, we provide the tools and expertise needed to maximize career success and team performance.

A global consumer brand is seeking a Lead Information Security Analyst to lead enterprise-wide cybersecurity initiatives and elevate their security posture across both cloud and on-premises environments. Key Responsibilities Architect, deploy, and manage security solutions aligned with business goals and regulatory requirements. Lead strategic initiatives including Data Loss Prevention (DLP), Zero Trust architecture, Cloud Security, Network Segmentation, IAM, and Endpoint Security modernization. Oversee email protection platforms and gateway solutions to defend against phishing, malware, and data exfiltration. Implement DNS security controls to mitigate domain hijacking and malicious communications. Conduct threat detection, incident response, and post-incident analysis to ensure rapid containment and recovery. Manage vulnerability assessment and remediation programs, providing visibility into risk posture for leadership. Develop and refine incident response and disaster recovery plans to minimize disruption and enhance resilience. Establish and enforce security policies and standards based on frameworks such as NIST, CIS, ISO 27001, and SOX. Collaborate with IT, DevOps, and business units to embed security into system architecture and development pipelines. Lead security awareness initiatives to foster a culture of vigilance and reduce human-related risk. Continuously assess and improve security maturity through innovation in tools, processes, and governance. Utilize automation and orchestration to streamline detection, response, and compliance efforts. Mentor junior team members and advise cross-functional groups on secure design principles. Stay current on emerging threats and technologies to proactively strengthen defenses. Qualifications and Skills Bachelor's degree in Computer Science, Cybersecurity, or related field (Master's preferred). 7+ years of progressive experience in security engineering, architecture, or operations. Deep expertise in data protection, cloud security, email/DNS security, and identity management. Hands-on experience with Microsoft 365 security tools and email gateway platforms. Familiarity with DNS filtering and protection solutions. Proven success in leading awareness programs and advancing security maturity. Strong grasp of Zero Trust, vulnerability management, endpoint protection, and automation. Knowledge of security frameworks (NIST CSF, CIS Controls, ISO 27001, SOX). Experience with multi-cloud environments and DevSecOps practices. Scripting or automation skills (Python, PowerShell, Bash) preferred. Relevant certifications such as: CISSP, CISM, GIAC Microsoft Cybersecurity Architect Expert or Security Operations Analyst AWS Security Specialty CompTIA Security+, CySA+, CASP+ Azure Security Engineer Associate Excellent communication and leadership skills with the ability to influence across teams.

Job Description Forhyre is seeking a talented individual that will be able to provide security architecture support and interface across the program as needed. This support includes, but is not limited to, cybersecurity solutions, providing technical strategy for solutions, guidance, policy, and implementations. The successful candidate for this position is a highly motivated individual, with a strong IT security background who excels integrating, operating, and deploying security technology and solutions and interacts well with both internal teams and clients. Note: U.S. citizens and those authorized to work in the U.S. are encouraged to apply. We are unable to sponsor at this time. Responsibilities: Engineer, implement and monitor security measures for the protection of computer systems, networks and information Develop and implement security policies and controls to support the Cyber Security framework Manage the existing cyber security training program across global, multilingual business Assists in ensuring global Information security program meets all industry regulations, standards, and compliance requirements Drive adoption of infrastructure security best practices and work with Information Technology teams to ensure security standards are maintained Implement technology to proactively scan Information Technology environment for security breaches and suspicious activity Continuous improvement in the areas of Information Security technologies, techniques and processes Develops and maintains an effective system for the distribution of regular key performance indicator reports and dashboard Ability to interpret penetration test results and describe issues and fixes to non-security expert Responsible for leading an accurate & comprehensive status reporting to the executive steering committee Create and implement SOP/ process improvement initiatives to achieve outcomes that align or exceed the expectations of strategic roadmap Skills & Experience Bachelor's degree and 12+ years of experience; additional years of directly applicable experience may be accepted in lieu of a degree. Certified Information Systems Security Professional (CISSP) 8+ years hands-on experience designing or implementing security solutions, including all related documentation and artifacts Analytical ability, problem-solving skills, and ability to break down complex problems into actionable steps Extensive experience in design and development of enterprise security architectures. Experience must include a wide range of work in creating diagrams and documentation with all components that comprise IT systems including network topology. Strong knowledge and experience in secure enterprise architecture design, especially with regard to IAM, NDR, EDR, SIEM, AI/ML, and other cybersecurity tools and resultant applications Experience selecting effective methods, techniques, and evaluation criteria to achieve desired outcomes Previous experience developing architectures, strategies, strategic plans, roadmaps, and technical standards for the federal IT enterprise environment. Vulnerability Assessment testing and/or Penetration Testing (preferred) Robotic Process Automation/Intelligent Automation (preferred) Business case development supporting security technology solutions (preferred) Additional certifications demonstrating cybersecurity/technical mastery (preferred)

Our client seeking a Cyber Security Operations Analyst to support an operations team that supports a large government customer. The candidate will be relied upon to assist teammates and perform troubleshooting as needed. The candidate should excel in a fast-paced work environment and be willing to face new challenges. Qualifications • Proficiency with vulnerability scanning, remediation and reporting • Knowledge in web application scanning using various tools • Demonstrated proficiency with Windows, UNIX, & LINUX operating systems • Experience working in a customer service information technology environment • Network security and system security experience • Ability to discuss real world troubleshooting; problems and solutions encountered • Knowledge of IT security best practices, US federal government standards, regulations and policy (FedRamp, TIC, NIST 800-37rev1 & 800-53rev3) • Must be motivated and able to work independently • Proven project leadership (PowerPoint presenting, MS Project Planning) • Experience working with change implementation in a controlled environment • Excellent verbal, written communication and technical writing skills Bachelors Degree in Computer Science or a related technical discipline, or the equivalent combination of education, professional training or work experience. 2-5 years of related experience in data security administration. Experience using some of the following tools: o Nessus o Tenable Security Center o Netsparker o WebInspect o BurpSite Additional Information Work with blue Stone recruiting to find your next Cyber Security role. You can find us at ******************************* We look forward to speaking with you.

reports to the Cyber Security Manager and is responsible for reviewing and analyzing threat feeds in order to assist in optimizing currently deployed tools/procedures/processes throughout the organization. Analyst must analyze escalated security incidents from linear departments to validate, understand, and create lessons learned to help strengthen the posture of the organization. Analyst must also be able to advise on IT initiatives, IT business projects, and IT engineering in regards to security industry best practice. The analyst must also have a firm understanding of penetration testing and vulnerability assessments. A strong networking background and security certifications are preferred. Qualifications Demonstrate a comprehensive understanding of security processes for installation, management, monitoring and response of enterprise networks In depth experience with Information System Security (ISS), PKI, firewalls, intrusion detection/protection and related vulnerability assessment tools for network periphery and internal network/service discovery and topology mapping Experience working with a Security Operation Center Experience in full life cycle information technology solution implementation from conceptualization, requirements, design and specification through development (coding), integration testing and commissioning Demonstrate the ability to communicate clearly, to both technical and non-technical audiences, risks, threats, and vulnerabilities identified during assessments Demonstrated understanding of TCP/IP networking Must have strong incident handling experience including knowledge of common probing and attack methods, network/service discovery, system auditing, viruses, and worms Security testing of Enterprise networks through ethical hacking Experience responding to incidents in a 24/7 environment Experience working in a fast paced industry dealing with sensitive data Demonstrate strong understanding of Windows, networking, telephony and wireless security skills

Job Description Job Title: Cyber Security Threat Analyst/Specialist Duration: November 03, 2025 - June 03, 2026 Job Responsibilities: ·& & & & & Monitors daily cybersecurity activity in shifts through looking at tools to determine if activity is malignant or benign and then engage others as required ·& & & & Provides analysis on malware and escalates as appropriate to incident response Teams ·& & & Does baseline threat hunting based on intelligence for utility peers and other intelligence sources ·& & & & Provides hunting/analysis on phishing cases and reports of potential compromise/breach ·& & & & Performs proficient forensic analysis using security tools and monitoring systems to discover the source of anomalous security events ·& & & & Assists in performing basic research internally and externally ·& & & & Performs complex system administration tasks (e.g. customization, cross-tool integration) for security tools ·& & & & Develops a strategy to implement work in department Qualifications Minimum: ·& & & & High School or GED-General EducationalDevelopment-GED Diploma Desired: ·& & Bachelors Degree in Computer Science or job-related discipline or equivalent experience ·& & & IT-Information Technology Security certification

The pay range for this position at commencement of employment is expected to be between $104,400 and $171,000/year. However, base pay offered may vary depending on multiple individualized factors, including market location, job-related knowledge, skills, and experience. If hired, employee will be in an "at-will position" and the Company reserves the right to modify base salary (as well as any other discretionary payment or compensation program) at any time, including for reasons related to individual performance, Company or individual department/team performance, and market factors. We are Alibaba Cloud's Network and Application Security R&D Team, specializing in the research, development, operations, and management of foundational network security and application security. Our core mandate revolves around advancing the capabilities of DDoS Protection, Web Application Firewall (WAF), and Cloud Firewall solutions. As a young, dynamic team with deep technical expertise and R&D excellence, we deliver robust network traffic security and application security services to users, committed to safeguarding their network infrastructure and application-layer security. Core Responsibilities: System Construction and Maintenance ●Deploy, monitor, and maintain cloud security product systems (including foundational services, operation platforms, consoles, and security components such as cloud firewalls, DDoS protection, and WAF), ensuring high availability and security. ● Participate in disaster recovery and circuit breaker drills for high-availability systems to enhance stability and risk resilience. Product Release and Management ● Lead the release of cloud security foundational services and core network security products, conduct independent operational testing, and ensure post-launch stability and performance. Operational Observability Management ●Configure and manage hardware/software monitoring systems (e.g., Prometheus) for 24/7 real-time monitoring and rapid response, ensuring timely issue detection and resolution. Automated Operations Development ● Design and develop automated operation and maintenance tools/platforms to improve efficiency, reduce manual intervention, and optimize system performance. Service Support and Troubleshooting ● Monitor system logs, independently troubleshoot application issues, propose solutions, and collaborate with R&D teams for fixes and validation. Capacity Planning and Budget Management ● Develop annual capacity plans and budgets based on product usage and scaling needs, ensuring rational resource allocation and utilization.

Opportunity Type CLASSIFIED EMPLOYMENT OPPORTUNITY Position Title INFORMATION SECURITY ANALYST Posting Number S2549 Close/First Review Date 11/16/2025 Department ITSS (Information Technology Support Services) Work Location District Office Position Status Full Time Salary Range $141,330 - $172,437 Annual Salary (Range 150: Classified Salary Schedule Fiscal Year 2025-2026). Starting placement is generally at Step 1. Benefits Summary In addition to the salary, this position qualifies for the choice of one of the District's excellent Health Benefits and Welfare plans, which the premium cost is 100% paid by the District for the employee and their eligible dependents, and one health plan costing an estimated $60,000 for the District for fiscal year 2025-2026. We offer two medical plans (Anthem Blue Cross [PPO] and Kaiser Permanente (HMO]); dental (Delta Dental PPO); vision (VSP Choice); life insurance for the employee (The Hartford); life insurance for eligible dependents (The Hartford); a long term disability/income protection plan (The Hartford); and an employee assistance plan (Anthem EAP). In addition, the District contributes an additional 26.81% of the employee's salary towards an eligible employee's pension (CalPERS). Employees may also elect to participate in optional plans including purchasing additional life insurance for themselves and their eligible dependent(s); enroll in a medical, transportation, and/or dependent care Flexible Spending Account(s) (with the $4 monthly administrative fee paid by the District); and set pre-taxed dollars aside to supplement their pension in a 403b (tax shelter annuity) and/or a 457 (deferred compensation) plan(s). Classified employees also earn 10 to 22 days per year of vacation (based on years of service), and up to 12 sick leave days (pro-rated for less than full-time positions). There are currently 20 paid holidays. Position Description POSITION SUMMARY The Information Security Analyst reports to Executive Director of ITSS (Information Technology Support Services) at the District Office. The work schedule is 12 months per year; 40 hours per week; Monday - Friday; 8:00 a.m. - 5:00 p.m. This position is represented by CSEA (California School Employees Association), Chapter 363. POSITION PURPOSE Reporting to Executive Director, ITSS or an assigned administrator, the Information Security Analyst performs complex work related to the District's information security program including testing, analysis and evaluation of the integrity and confidentiality of enterprise systems, network, assets and communication technology throughout the District. The position monitors security systems and conducts periodic risk assessments to identify, troubleshoot, diagnose, resolve and report security problems and breaches; assists in coordinating and conducting investigations involving District technology resources, and assists with security awareness training. DISTINGUISHING CHARACTERISTICS This position focuses on threat and vulnerability management with exposure and support on all aspects of the cybersecurity practice. Incumbent in this position should have advanced knowledge on risk identification, protection and compliance, threat detection, incident response plan development and annual review, and recovery services to achieve business resilience. KEY DUTIES AND RESPONSIBILITIES 1. Analyze, evaluate and implement security applications, policies, standards and procedures intended to prevent the unauthorized use, disclosure, modification, loss or destruction of data; work with the campus community and other staff to ensure the integrity and security of the information technology infrastructure. 2. Lead the development, testing and implementation of information security products and control techniques in all locations throughout the District. 3. Work with campus and district technology teams to ensure the security of all applications and assets. 4. Monitor and review security systems and logs. Identify, troubleshoot, diagnose, resolve, document and report security problems and incidents; help coordinate and conduct investigations of suspected breaches; respond to emergency information security situations. 5. Collaborate with application programming team and other IT staff to ensure production applications meet established security policies and standards. 6. Assist with training and education on information security and privacy awareness topics for District administrators, faculty and staff; assist in the development of appropriate security-incident notification procedures for District management. 7. Work with vendors to conduct vulnerability assessments to identify existing or potential electronic data and assets compromises and their sources; participate in investigative matters with appropriate law enforcement agencies. 8. Perform audits and periodic inspections of District information systems to ensure security measures are functioning and effectively utilized and recommend appropriate remedial measures to eliminate or mitigate future system compromises. 9. Review, evaluate, and recommend software products related to IT systems security, such as virus scanning and repair, encryption, firewalls, internet filtering and monitoring, intrusion detection, etc. 10. Monitor and maintain the District's security event information system (SEIM) and data loss prevention software. 11. Manage security systems and policies including but not limited to servers, firewalls, email security, and Microsoft 365 environment. 12. Recommend and implement security policies, protocols, practices and lead in creation of security training and guidance to staff. 13. Assist in the secure management and maintenance of the District's network authentication systems for wired and wireless network access. 14. Review security practices and controls of third-party service providers that handle District sensitive data, and review security controls and features of third-party software systems. 15. Ensure that maintenance, configuration, repair and patching of systems occurs on a scheduled and timely basis utilizing best practices in change management and consistent with policies and procedures. 16. Keep current with latest emerging security issues and threats through list servers, blogs, newsletters, conferences, user groups, and networking and collaboration with peers in other institutions. 17. Perform other duties reasonably related to the job classification. EMPLOYMENT STANDARD Knowledge of: 1. Compliance and industry cybersecurity standards frameworks such as NIST 800 and ISO standards. 2. Emerging technologies and the possible impact on existing information systems, instructional processes and business operations. 3. Incident response best practices and software license compliance laws. 4. Troubleshooting tools for computing hardware, servers and network equipment including but not limited to switches, routers, and firewalls. 5. Enterprise resource planning systems, Microsoft 365 and Active Directory and Azure Active Directory. 6. Principles of program design, coding, testing and implementation. 7. Advanced knowledge of desktop and server operating systems including Windows and Linux. 8. Disaster recovery and backup including business continuity planning. 9. Principles of training, support, and services to end-users. 10. General research techniques and data driven analytics. 11. Modern office administrative practices and use of tools including computers, websites and other applications related to this job. Skills and Ability to: 1. Apply current NIST and ISO standards to current operations. 2. Respond to incidents and events in a timely manner. 3. Prepare clear and concise system documentation and reports. 4. Prioritize assigned tasks and projects. 5. Communicate complicated technical issues and the risks they pose to stakeholders and management. 6. Establish and maintain effective and cooperative working relationships with others. 7. Analyze situations accurately and adopt effective course of action. 8. Coordinate, develop, and implement projects. 9. Work with attention to detail and independently with minimum supervision. Required Qualifications EDUCATION AND EXPERIENCE 1. A Bachelor's degree from an accredited institution with major course work in computer information systems, computer science, business administration, or related field. 2. Two years of experience performing information security duties, which may include implementing, overseeing, and/or managing information security technologies, process, or programs, including identification, protection, detection, response, and recovery activities. Certification: 1. Professional security or privacy certification, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or other similar credentials. District's Diversity * Demonstrated sensitivity, knowledge and understanding of the diverse academic, socioeconomic, gender identity, sexual orientation, cultural, disability, and ethnic background of groups historically underrepresented, and groups who may have experienced discrimination. * Success integrating diversity as appropriate into the major duties outlined in the job description and in the duties listed in the District's hiring policy; or demonstrated equivalent transferable skills to do so. Desired Qualifications 1. Bilingual abilities, desirable. Foreign Degree For positions that require a degree or coursework: Degree(s) must have been awarded by a college or university accredited by an accrediting body recognized by the U.S. Council on Post-Secondary Accreditation and/or the U.S. Department of Education. All degrees and credits earned outside of the United States must have a U.S. evaluation (course by course) of the transcripts and must be submitted with the application. Degrees earned outside of the U.S. without a U.S. credential evaluation attached, will not be considered. Working Environment Physical Demands: 1. Must sit for long periods of time, use hands and fingers to operate an electronic keyboard, reach with hands and arms, and speak clearly and distinctly to ask questions and provide information, hear and understand voices over telephone and in person. 2. The physical demands described here are representative of those that must be met by an individual to successfully perform the essential functions of this job. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions. About San Jose/Evergreen Community College District The District is represented by dedicated and talented employees who are passionate about providing our student population with the best educational experience possible. The District recognizes that cultural diversity in the academic environment promotes academic excellence; fosters cultural, racial and human understanding; provides positive roles models for all students, and creates an inclusive and supportive educational and work environment for its employees, students, and the community it serves. As of Spring 2024, with enrollment of approximately 15,655 students per semester, and an extremely diverse student population (Hispanic/Latino 45.20%, Black/African-American 3.45%, Asian/Pacific Islander 31.70%, American Indian/Native American 0.36%, White/Caucasian 12.76%) attaining educational goals reflecting 56% - Transfer to a 4-Year College/ University, the District's emphasis on student success makes it a recognized educational leader in the State. The District encourages a diverse pool of applicants to serve as colleagues to an existing diverse classified staff consisting of 43.9% Latinx, 25.3% Asian/Pacific Islander, 4.2% Black/African American, 0.3% American Indian/Native American, 17.9% White/Caucasian, and as well as encouraging applications from all qualified, outstanding applicants. Important Information EQUAL OPPORTUNITY EMPLOYER STATEMENT: San José-Evergreen Community College District is an Equal Opportunity Employer committed to nondiscrimination on the basis of ethnic group identification, race, color, language, accent, immigration status, ancestry, national origin, age, gender, gender identity, religion, sexual orientation, transgender, marital status, veteran status, medical condition, and physical or mental disability consistent with applicable federal and state laws. CONTACT: Employment Services, Human Resources, SJECCD 40 S. Market Street, San Jose, CA 95113 Phone: ************** Email: ******************************* Employment Website: ****************************** District Website: ************** APPLICATION PROCEDURES: Interested applicants MUST SUBMIT ONLINE ALL of the following materials by the First Review Date/Closing Date as listed on the job announcement. Applications received after the First Review Date will only be forwarded to the hiring committee at their request. 1. A completed online San José-Evergreen Community College District APPLICATION. 2. A COVER LETTER (Stating how you feel you meet the qualifications as outline in the job announcement). 3. A current RESUME/CURRICULUM VITAE 4. TRANSCRIPT - (If Required) If a degree is listed as a requirement, transcripts (Not Diplomas) MUST INCLUDE confer or award date of stated degree. Unofficial transcripts will be accepted; however if the position is offered, official transcripts will be required prior to employment. If the transcripts or degrees are from outside of the United States, an official certification of equivalency to U.S. degrees by a certified U.S. credential review service (course by course of the transcripts) MUST also be submitted. (See below for a list of suggested services that provide foreign degree equivalency evaluation to U.S. degrees). Note: Some positions may require additional documents and/or certificates, in addition to the items listed above. Please refer to the job announcement. OTHER APPLICANT INFORMATION: 1. Only complete application materials will be considered. No exceptions. 2. Letters of Recommendation are NOT required and will not be forwarded to the hiring committee. 3. Upon hire the successful candidate must provide the required documents of identity and authorization to work and attest he/she is authorized to work in the United States. 4. Application materials become the property of the District and will not be returned or duplicated. 5. Travel expenses to attend the interview are the responsibility of the candidate. 6. Meeting the minimum qualifications does NOT assure an interview. 7. The District may re-advertise, delay, choose not to fill the position, or choose to fill more than one position. Suggested services that provide foreign degree equivalency evaluation to U.S. degrees: Academic Credentials Evaluation Institute, Inc. Website: *************************** Education Records Evaluation Services Website: ************ International Education Research Foundation Website: ******************** World Education Services Website: ***********

This role supports Stellarus within the Ascendiun Family of Companies. The Risk Management & Controls Assurance team delivers actionable insights by quantifying IT and business risk to increase resilience while driving a security culture. This Information Security Risk & Governance Specialist, Principal role will report to the Director working as a Risk Quantification Analyst. This position will play a critical role in identifying, evaluating, and quantifying risks, supporting executive decision-making, and driving data-driven business insights. The ideal candidate will bring thought leadership, technical expertise, and a proactive approach to evolve the existing risk management program. Requires a bachelor's degree or equivalent experience Requires at least 5 years of prior relevant experience Your Work In this role, you will: Program Leadership: Lead and further develop the existing risk quantification function, ensuring alignment with the FAIR methodology, NIST CSF 2.0, Unified Control Framework (UCF) and healthcare regulatory requirements (e.g., HIPAA, PCI). Risk Analysis: Oversee and perform detailed quantitative analysis on IT, operational and business risks using ThreatConnect and other FAIR-based platforms. Translate quantified risks into financial and business terms to support risk appetite, risk tolerance, and risk-informed decision-making. Risk Scenario Development: Design and lead scenario analyses and simulations to evaluate risks related to cybersecurity, IT operations, third parties, and strategic initiatives. Provide quantified insights to support investment justification, control prioritization, and vendor or partner selection. Cross-Functional Collaboration: Partner with stakeholders in IT, Enterprise Architecture, Finance, and Operations to ensure risk quantification informs business strategy. Support executive and board-level risk reporting with clear, actionable insights. Metrics, Data & Reporting: Develop and implement metrics, KRIs, and KPIs to monitor and communicate risk exposures, emerging trends, and mitigation outcomes. Leverage enterprise data warehouse and analytics platforms to produce timely, accurate, and transparent reporting. Thought Leadership and Change Adoption: Act as an internal champion for quantitative risk management, fostering adoption across all three lines of defense. Stay current with industry best practices, frameworks, and tools; recommend new approaches to advance program maturity.

Details: Stefanini Group is hiring! Stefanini is looking for an Information Security Analyst for San Francisco, CA/Salt Lake City, UT/Los Angeles, CA (Onsite Role). For quick Apply, please reach out to Rahul Kumar: ************/ ************************* W2 candidates only! Responsibilities: Knowledge of SPL and use of Splunk; experience with KQL(Kusto Query Language) Coding experience or knowledge, preferably in Python and/or R Knowledge of SQL and database experience Proficiency in Microsoft Office applications, especially Excel and PowerPoint Knowledge of Level 1 & 2 SOC operations Public speaking skills #LI-RK1#LI-HYBRID Details: Qualifications: Peraton high BG check or secret clearance Bachelor's degree in Cyber Security, Information Security, Computer Science, or 3+ years of experience in Information Security or Cyber Security Preference is local to SF, open to remote Splunk experience, SQL Microsoft Office Cyber kill chain/incident response SOC experience programming experience-python Listed salary ranges may vary based on experience, qualifications, and local market. Also, some positions may include bonuses or other incentives. Stefanini takes pride in hiring top talent and developing relationships with our future employees. Our talent acquisition teams will never make an offer of employment without having a phone conversation with you. Those face-to-face conversations will involve a description of the job for which you have applied. We also speak with you about the process including interviews and job offers. About Stefanini Group: The Stefanini Group is a global provider of offshore, onshore and near shore outsourcing, IT digital consulting, systems integration, application, and strategic staffing services to Fortune 1000 enterprises around the world. Our presence is in countries like the Americas, Europe, Africa, and Asia, and more than four hundred clients across a broad spectrum of markets, including financial services, manufacturing, telecommunications, chemical services, technology, public sector, and utilities. Stefanini is a CMM level 5, IT consulting company with a global presence. We are CMM Level 5 company.

Anthropic's mission is to create reliable, interpretable, and steerable AI systems. We want AI to be safe and beneficial for our users and for society as a whole. Our team is a quickly growing group of committed researchers, engineers, policy experts, and business leaders working together to build beneficial AI systems. About the Role We're seeking a Systems Integrity Security Engineer to design and implement security architectures for bare-metal infrastructure. You'll work with teams across Anthropic to build firmware, bootloaders, operating systems, and attestation systems to ensure the integrity of our infrastructure from the ground up. This role requires expertise in low-level systems security and the ability to architect solutions that balance security requirements with the performance demands of training AI models. What you'll do: * Design and implement secure boot chains from firmware through OS initialization for diverse hardware platforms (CPUs, BMCs, peripherals, embedded microcontrollers) * Architect attestation systems that provide cryptographic proof of system state from hardware root of trust through application layer * Define trust boundaries and security policies for multi-party authorization systems * Develop measured boot implementations and runtime integrity monitoring * Create reference architectures and security requirements for bare-metal deployments * Integrate security controls with infrastructure teams without impacting training performance * Prototype and validate security mechanisms before production deployment * Conduct firmware vulnerability assessments and penetration testing * Build firmware analysis pipelines for continuous security monitoring * Document security architectures and maintain threat models * Collaborate with hardware vendors to ensure security capabilities meet our requirements Who you are: * 8+ years of experience in systems security, with at least 5 years focused on firmware and hardware security (firmware, bootloaders, and OS-level security) * Hands-on experience with secure boot, measured boot, and attestation technologies (TPM, Intel TXT, AMD SEV, ARM TrustZone) * Strong understanding of cryptographic protocols and hardware security modules * Experience with UEFI/BIOS security, bootloader hardening, and chain of trust implementation * Proficiency in low-level programming (C, Rust, Assembly) and systems programming * Knowledge of firmware vulnerability assessment and threat modeling * Track record of designing security architectures for complex, distributed systems * Experience with supply chain security and firmware vulnerability analysis * Ability to work effectively across hardware and software boundaries * Knowledge of NIST firmware security guidelines and hardware security frameworks Strong candidates may also have: * Experience with confidential computing technologies and hardware-based TEEs * Knowledge of SLSA framework and software supply chain security standards * Experience securing large-scale HPC or cloud infrastructure * Contributions to open-source security projects (coreboot, CHIPSEC, etc.) * Background in formal verification or security proof techniques * Experience with silicon root of trust implementations * Experience working with building foundational technical designs, operational leadership, and vendor collaboration * Previous work with AI/ML infrastructure security Deadline to apply: None. Applications will be reviewed on a rolling basis. The expected base compensation for this position is below. Our total compensation package for full-time employees includes equity, benefits, and may include incentive compensation. Annual Salary: $300,000-$405,000 USD Logistics Education requirements: We require at least a Bachelor's degree in a related field or equivalent experience. Location-based hybrid policy: Currently, we expect all staff to be in one of our offices at least 25% of the time. However, some roles may require more time in our offices. Visa sponsorship: We do sponsor visas! However, we aren't able to successfully sponsor visas for every role and every candidate. But if we make you an offer, we will make every reasonable effort to get you a visa, and we retain an immigration lawyer to help with this. We encourage you to apply even if you do not believe you meet every single qualification. Not all strong candidates will meet every single qualification as listed. Research shows that people who identify as being from underrepresented groups are more prone to experiencing imposter syndrome and doubting the strength of their candidacy, so we urge you not to exclude yourself prematurely and to submit an application if you're interested in this work. We think AI systems like the ones we're building have enormous social and ethical implications. We think this makes representation even more important, and we strive to include a range of diverse perspectives on our team. How we're different We believe that the highest-impact AI research will be big science. At Anthropic we work as a single cohesive team on just a few large-scale research efforts. And we value impact - advancing our long-term goals of steerable, trustworthy AI - rather than work on smaller and more specific puzzles. We view AI research as an empirical science, which has as much in common with physics and biology as with traditional efforts in computer science. We're an extremely collaborative group, and we host frequent research discussions to ensure that we are pursuing the highest-impact work at any given time. As such, we greatly value communication skills. The easiest way to understand our research directions is to read our recent research. This research continues many of the directions our team worked on prior to Anthropic, including: GPT-3, Circuit-Based Interpretability, Multimodal Neurons, Scaling Laws, AI & Compute, Concrete Problems in AI Safety, and Learning from Human Preferences. Come work with us! Anthropic is a public benefit corporation headquartered in San Francisco. We offer competitive compensation and benefits, optional equity donation matching, generous vacation and parental leave, flexible working hours, and a lovely office space in which to collaborate with colleagues. Guidance on Candidates' AI Usage: Learn about our policy for using AI in our application process

About 1X We're an AI and robotics company based in Palo Alto, California, on a mission to build a truly abundant society through general-purpose robots capable of performing any kind of work autonomously. We believe that to truly understand the world and grow in intelligence, humanoid robots must live and learn alongside us. That's why we're focused on developing friendly home robots designed to integrate seamlessly into everyday life. We're looking for curious, driven, and passionate people who want to help shape the future of robotics and AI. If this mission excites you, we'd be thrilled to hear from you and explore how you might contribute to our journey. Role Overview We are seeking a Product Security Engineer with expertise in operating system security to strengthen the foundation of our robotics platform. In this role, you will design and implement critical security features such as secure boot, trusted execution environments, and system service hardening. You will ensure that sensitive operations and data remain protected while enabling developers to maintain security best practices. This role will directly influence the resilience and trustworthiness of our robotics systems. Responsibilities * Develop and maintain secure critical services for Linux system * Implement secure boot chains from fused hardware keys, ensuring verified OS and data partitions with rollback protection * Integrate OP-TEE to safeguard sensitive assets such as mTLS certificates and disk encryption keys * Harden system services using least-privilege operations, systemd features, namespacing, and syscall filtering * Build hardening templates and automation tools to streamline security boundary enforcement for developers * Automate security validation processes within CI/CD pipelines * Design and enforce device access controls for Linux systems

Union Technologies is reindustrializing America's defense manufacturing base with a first-of-its-kind Factories-as-a-Stockpile™ model, integrating advanced robotics, manufacturing, and software into sovereign factory systems at scale. Headquartered in Dallas, Texas, UNION is dedicated to restoring America's industrial strength and guaranteeing deterrence for the century ahead. We recently emerged from stealth with $50M in funding led by top-tier venture investors and strategic partners. Read more in our Press Release Overview We need a Staff Security Engineer - Industrial Control Systems to design and implement practical compliance solutions enabling industrial automation equipment (PLCs, CNCs, Robots, HMIs, SCADA systems, Control Cabinets) to operate securely and reliably in a CMMC Level 2, ITAR-controlled environment with rich MES connection. This is a senior IC role. You will directly own compliance for critical defense-related production lines. Responsibilities Compliant Production Line on Day 1- Take advantage of a greenfield build to land equipment that is compliant on Day 1 Invent & implement solutions for the missing controls that let PLCs, CNCs, robots, HMIs, and SCADA join a CMMC Level 2 network on Day 1- no waivers, no delays. Author, own, and iterate a vendor-consumable spec (hardware, network, and procedures) that survives FAT, site acceptance, and yearly audits. Embed with vendors- drive design reviews, cabinet builds, and every FAT until the crate ships. Sustain compliance-automate patching, credential rotation, evidence collection, and CMMC artifact prep Deliver the outcome- leverage consultants or specialists to achieve the outcome as you see fit Requirements Shipped at least one hardware + software security product that protects OT or critical infrastructure (network appliance, secure gateway, or similar). Hands-on with ICS/OT stacks: EtherNet/IP, Modbus/TCP, OPC UA, CNC file transfer, cabinet power/grounding, switch configs, industrial networking. Proven track record translating NIST 800-171/172 or CMMC L2 (in force 16 Dec 2024) into run-time controls U.S. Persons status 40% travel to vendor plants and FATs- no exceptions. Bonus Requirements Systems-level engineering in C/C++, Rust, or Go on Linux-based platforms plus basic HDL/Firmware literacy. Join the mission. We'll handle the move. Exceptional talent shouldn't be bound by geography. If you're ready to relocate to Dallas, TX and join us in reindustrializing America's defense backbone, we'll make it easy-and for those who move quickly, additional incentives may be available.

JOB FUNCTION/PURPOSE: The CAD Security Systems Engineer is responsible for the design, engineering, and implementation of physical security systems across client and internal projects. This role works closely with Pre-Construction and Operations teams to interpret project specifications and drawings, determine optimal system layout, and develop detailed installation drawings to support successful project execution. The Engineer will design and layout electronic security systems including access control, video surveillance (CCTV), intrusion detection and may also assist with intercom, nurse call, paging, and A/V systems. Utilizing deep system knowledge, AutoCAD, and other design tools, the Security Systems Engineer plays a critical role in ensuring a seamless transition from engineering to operations. The role supports effective collaboration between Pre-Construction, Solutions Management, and Engineering teams to deliver reliable, compliant, and high-performing integrated security solutions for awarded projects. KEY ACCOUNTABILITIES: Conduct detailed site assessments to identify security risks, environmental considerations, and operational requirements. Develop comprehensive physical security system designs, including CCTV, access control, intrusion detection, intercom, duress, and perimeter protection. Create system layouts, riser diagrams, wiring schematics, device placement plans, and bills of material using CAD or similar tools. Specify appropriate hardware and technologies, including camera types and placement, access control devices (readers, locks, credentials), and network components. Design systems that are scalable, integratable with third-party platforms, and aligned with IT infrastructure and cybersecurity best practices. Ensure all designs comply with applicable codes, standards, and regulations (e.g., NFPA 731, UL 294, NEC, ADA, FIPS 201). Coordinate closely with architects, general contractors, and other trades to integrate systems into building designs and construction timelines. Perform technical evaluations of manufacturers, products, and designs to ensure optimal performance and value. Prepare technical documentation for bidding, permitting, construction, and client approval, including scopes of work and installation details. Support peer reviews and participate in design workshops to validate concepts and identify improvement opportunities. Build and maintain subcontractor relationships. Collaborate with project managers, general contractors, IT teams, and vendors to align project scope, timelines, and milestones. Participate in design reviews and construction planning sessions. Maintain accurate and complete system documentation including as-builts, configuration records, and asset tags. Assist with on boarding of new employees. OPERATE AS ONE TEAM: Build strong win-win relationships with other departments within Beacon. JOB QUALIFICATIONS: Knowledge: In-depth understanding of physical security systems including access control, CCTV, intrusion detection, intercom, and related technologies. Familiarity with industry standards and codes such as UL 294, NFPA 731, NEC, ADA, and NIST. Working knowledge of low-voltage systems. Knowledge of building construction, system integration practices, and coordination with other trades. Experience with major security platforms (e.g., Lenel, Avigilon, Software House) is highly preferred. Skills and Abilities Proficient in AutoCAD, Revit, Bluebeam, or other design/drafting software for producing system layouts and construction drawings. Strong analytical and problem-solving skills with a detail-oriented mindset. Ability to interpret technical drawings, project specifications, and floorplans. Effective communication skills, both written and verbal, for coordination with internal teams, vendors, and clients. Ability to manage multiple tasks and projects under tight deadlines. Collaborative mindset with the ability to work across engineering, pre-construction, and operations teams. Comfortable working in both office and construction site environments. Must understand implicit instructions and react favorably in all work situations. Capable of producing accurate documentation including BOMs, riser diagrams, and installation packages. Must be able to communicate providing verbal feedback in a professional manner. Education: Bachelors degree in electrical engineering, Security Engineering, or a related field; equivalent work experience may be considered. 37 years of experience in security systems engineering or low-voltage design. Certifications on low voltage systems. WORK ENVIRONMENT: This position is a hybrid role after the initial onboarding phase has been completed. Must be in the office three times a week, with one of the days being Monday or Friday. A work environment can be an office environment, medical facility, educational facility, or a customer site under construction, renovation, or warehouse space. Job sites will have a variety of environmental factors including but not limited to noise, dust, and temperature changes. Candidates must have the capability to transfer job sites, as necessary. ESSENTIAL FUNCTIONS: Requires prolonged sitting, standing, some bending, stooping, and stretching. Requires manual dexterity and eye-hand coordination for data input. Occasionally lift and carry items weighing up to fifty pounds. Must maintain a clear background check to satisfy customer job site badging requirements. Must be willing to submit to all vaccinations and screening tests required for customer jobsite badging protocol. Maintain a clear drug and alcohol screening protocol. This does not list all the duties of the job. Supervisors or management may ask you to perform other instructions and duties. You will be evaluated in part based upon your performance of the tasks listed in this . Management has the right to revise this description at any time. The job description is not a contract for employment, and either you or the employer may terminate employment at any time, for any reason as outlined in the employee manual or other written agreement. An Equal Opportunity Employer We do not discriminate based on race, color, religion, national origin, sex, age, disability, genetic information, or any other status protected by law or regulation. It is our intention that all qualified applicants are given equal opportunity and that selection decisions be based on job-related factors.

**Be visionary** Teledyne Technologies Incorporated provides enabling technologies for industrial growth markets that require advanced technology and high reliability. These markets include aerospace and defense, factory automation, air and water quality environmental monitoring, electronics design and development, oceanographic research, deepwater oil and gas exploration and production, medical imaging and pharmaceutical research. We are looking for individuals who thrive on making an impact and want the excitement of being on a team that wins. **Job Description** An ISSO is an individual responsible for ensuring the appropriate operational security posture is maintained for a system. The ISSO will be assigned by the ISSM and appointed in writing. The ISSO must be a U.S. citizen and employed by the cleared contractor or its subcontractor. The ISSO assists the ISSM in meeting their duties and responsibilities. Responsibilities of the ISSO include, but are not limited to: + Ensuring systems are operated, maintained, and disposed of in accordance with security policies and procedures as outlined in the security plan. + Verifying the implementation of delegated aspects of the system security program. + Ensuring all proper account management documentation is completed prior to adding and deleting system accounts. + Verifying all system security documentation is current and accessible to properly authorized individuals. + Conducting periodic assessments of authorized systems and providing the ISSM with corrective actions for all identified findings and vulnerabilities. + Ensuring audit records are collected and analyzed in accordance with the security plan. + Reporting all security-related incidents to the ISSM. + Monitoring system recovery processes to ensure security features and procedures are properly restored and functioning correctly. + Formally notifying the ISSM of any changes to a system that could affect authorization. + Serving as a member of the Configuration Control Board (CCB), if designated by the ISSM. + Possessing sufficient experience and technical competence commensurate with the complexity of the systems. + Completing the required training identified in the ISSM Required Training Table in the DAAPM. + Ensuring user activity monitoring data is analyzed, stored, and protected in accordance with the ITPSO policies and procedures. + Executing the continuous monitoring strategy. Additional ISSO Tasks + On the job training specific to Teledyne RF & Microwave, Mountain View + Train employee's internal security policy and procedure, as needed. + Classified GSA container check, daily. + Classified IS station event log audit and backup, weekly. + Virus definition updates - download files, burn DVD, monthly. + Virus definition updates - all classified computers, monthly. + General user account administration. + Spill containment and redeployment. + Hard drive backup, imaging. + General computer hardware support. Education Bachelor's degree related to Information Systems or have a certification in Security +. Requirements Must be a U.S. citizen in order to obtain Security Clearance or have an active Security Clearance. **Salary Range:** $61,600.00-$82,100.000 **Pay Transparency** The anticipated salary range listed for this role is only an estimate. Actual compensation for successful candidates is carefully determined based on several factors including, but not limited to, location, education/training, work experience, key skills, and type of position. Teledyne and all of our employees are committed to conducting business with the highest ethical standards. We require all employees to comply with all applicable laws, regulations, rules and regulatory orders. Our reputation for honesty, integrity and high ethics is as important to us as our reputation for making innovative sensing solutions. Teledyne is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age, or any other characteristic or non-merit based factor made unlawful by federal, state, or local laws. You may not realize it, but Teledyne enables many of the products and services you use every day **.** Teledyne provides enabling technologies to sense, transmit and analyze information for industrial growth markets, including aerospace and defense, factory automation, air and water quality environmental monitoring, electronics design and development, oceanographic research, energy, medical imaging and pharmaceutical research.

blue Stone Recruiting is a national search firm with a focus of placing top Cyber Security talent from the Analyst level to CISO with prestigious organizations nationwide Job Description Our client seeking a Cyber Security Operations Analyst to support an operations team that supports a large government customer. The candidate will be relied upon to assist teammates and perform troubleshooting as needed. The candidate should excel in a fast-paced work environment and be willing to face new challenges. Qualifications • Proficiency with vulnerability scanning, remediation and reporting • Knowledge in web application scanning using various tools • Demonstrated proficiency with Windows, UNIX, & LINUX operating systems • Experience working in a customer service information technology environment • Network security and system security experience • Ability to discuss real world troubleshooting; problems and solutions encountered • Knowledge of IT security best practices, US federal government standards, regulations and policy (FedRamp, TIC, NIST 800-37rev1 & 800-53rev3) • Must be motivated and able to work independently • Proven project leadership (PowerPoint presenting, MS Project Planning) • Experience working with change implementation in a controlled environment • Excellent verbal, written communication and technical writing skills Bachelors Degree in Computer Science or a related technical discipline, or the equivalent combination of education, professional training or work experience. 2-5 years of related experience in data security administration. Experience using some of the following tools: o Nessus o Tenable Security Center o Netsparker o WebInspect o BurpSite Additional InformationWork with blue Stone recruiting to find your next Cyber Security role. You can find us at ******************************* We look forward to speaking with you.

reports to the Cyber Security Manager and is responsible for reviewing and analyzing threat feeds in order to assist in optimizing currently deployed tools/procedures/processes throughout the organization. Analyst must analyze escalated security incidents from linear departments to validate, understand, and create lessons learned to help strengthen the posture of the organization. Analyst must also be able to advise on IT initiatives, IT business projects, and IT engineering in regards to security industry best practice. The analyst must also have a firm understanding of penetration testing and vulnerability assessments. A strong networking background and security certifications are preferred. Qualifications Demonstrate a comprehensive understanding of security processes for installation, management, monitoring and response of enterprise networks In depth experience with Information System Security (ISS), PKI, firewalls, intrusion detection/protection and related vulnerability assessment tools for network periphery and internal network/service discovery and topology mapping Experience working with a Security Operation Center Experience in full life cycle information technology solution implementation from conceptualization, requirements, design and specification through development (coding), integration testing and commissioning Demonstrate the ability to communicate clearly, to both technical and non-technical audiences, risks, threats, and vulnerabilities identified during assessments Demonstrated understanding of TCP/IP networking Must have strong incident handling experience including knowledge of common probing and attack methods, network/service discovery, system auditing, viruses, and worms Security testing of Enterprise networks through ethical hacking Experience responding to incidents in a 24/7 environment Experience working in a fast paced industry dealing with sensitive data Demonstrate strong understanding of Windows, networking, telephony and wireless security skills

Details: Stefanini Group is hiring! Stefanini is looking for an Information Security Risk Analyst for San Francisco, CA/Salt Lake City, UT/Los Angeles, CA (Onsite Role). For quick Apply, please reach out to Akash Gupta: ************/ ************************* W2 candidates only! Responsibilities: The ideal candidate for this role will have the ability to blend and apply their technical, organizational, business, and cyber security abilities, to: Support risk strategies, identify risks in processes and technologies, and lead improvement initiatives to minimize risk. Support the application of security policy and contribute insights to policy discussions as needed. Support and advise partners to enable them to understand security controls, policies, and procedures. Establish and foster long-term relationships with partners and contacts in assigned business areas and partner with them to understand their technical and business requirements to help enable them to do their work securely. Advise and assess application development teams on Secure Cloud Development and Operations to enable them to mature their practices and processes. Understand technical implementation details necessary to assess security risk in Cloud and on-prem environments and recommend security control improvements or identify mitigating controls. Perform complex analysis of security issues and advise business partners on relevant risks and mitigations. Evaluate external service providers to identify and communicate associated risks and identify shared security responsibility between the vendor and the Client. Perform security control assessments and prepare assessment reports to document assessment scope, procedures, findings, and recommendations; interpret the significance of assessment findings, conclude on findings, and make practical recommendations for remediation. Communicate security risk and implications to partners at all levels, including executives. Collaborate and influence work multi-functionally; navigate ambiguity while leading multiple projects simultaneously in a fast-paced, results-driven environment, accepting accountability of the process and delivering on commitments. #LI-AG#LI-HYBRID Details: Qualifications: Moderate Peraton Local to SF who can come onsite or LA or SLC, Soft skills, partnering with many different people at different levels. Ability to convey and communicate risk to multiple parties. Listed salary ranges may vary based on experience, qualifications, and local market. Also, some positions may include bonuses or other incentives. Stefanini takes pride in hiring top talent and developing relationships with our future employees. Our talent acquisition teams will never make an offer of employment without having a phone conversation with you. Those face-to-face conversations will involve a description of the job for which you have applied. We also speak with you about the process including interviews and job offers. About Stefanini Group: The Stefanini Group is a global provider of offshore, onshore and near shore outsourcing, IT digital consulting, systems integration, application, and strategic staffing services to Fortune 1000 enterprises around the world. Our presence is in countries like the Americas, Europe, Africa, and Asia, and more than four hundred clients across a broad spectrum of markets, including financial services, manufacturing, telecommunications, chemical services, technology, public sector, and utilities. Stefanini is a CMM level 5, IT consulting company with a global presence. We are CMM Level 5 company.