Cyber security analyst jobs in West Islip, NY

Job Title: Cyber Security Risk Analyst. Job Type: Contract. IS NOT OPEN TO AGENCIES. The Cyber Security Risk Analyst supports enterprise governance, risk, and compliance (GRC) initiatives by strengthening cyber risk management practices, enhancing third-party risk oversight, and contributing to cybersecurity governance across a complex organizational environment. This role works closely with cybersecurity leadership, internal stakeholders, and partner teams to mature risk assessment processes and ensure consistent, well-documented risk management activities. Key Responsibilities Design, develop, and enhance cybersecurity risk management processes and supporting frameworks Support enterprise cyber risk governance, including risk identification, evaluation, and remediation tracking Perform cybersecurity risk assessments in collaboration with business and IT stakeholders Evaluate and manage third-party and vendor cybersecurity risk throughout the vendor lifecycle Contribute to the development and maintenance of a third-party risk register Review and analyze cybersecurity risk cases, exceptions, and justifications Document risks, mitigations, and remediation actions within a centralized risk register Assist in developing risk assessment procedures, methodologies, and testing approaches aligned with industry frameworks Collaborate with cross-functional teams and subject matter experts to gather risk intelligence Support remediation efforts by helping initiate corrective actions where vulnerabilities or weaknesses are identified Participate in special cybersecurity initiatives and projects as assigned Required Qualifications Minimum of 4 years of experience in one or more of the following areas: Cybersecurity risk management Cybersecurity risk assessment Third-party or vendor risk management within a cybersecurity function Strong understanding of GRC concepts and the cyber risk lifecycle Experience working in large, complex, multi-stakeholder environments Strong analytical, investigative, and documentation skills Excellent written and verbal communication skills Preferred Qualifications Bachelor's degree in Cybersecurity, Risk Management, Information Systems, Computer Science, or a related field Familiarity with one or more cybersecurity frameworks or standards, including: NIST ISO/IEC 27001 / 27002 CIS SANS PCI Relevant certifications are a plus, including but not limited to: CISSP, CISM, CRISC, CISA CompTIA Security+, CySA+, Network+ GIAC certifications Knowledge of cybersecurity laws, regulations, and data privacy principles Ability to work independently in a self-directed and organized manner About Buchanan Technologies Since Buchanan's inception over 30 years ago, we have operated on 5 core values - People Matter, Customers Matter, Principles Matter, Community Matters, and Every Interaction Matters. These values are represented across each facet of the company, from employee relations to client service delivery to corporate social responsibility initiatives and beyond. Why Work at Buchanan? At Buchanan Technologies, we offer a great employment experience with a fun but professional work environment, competitive salary, and various employee career advancement programs that add value to your skills and daily life. If you are excited about being part of an energetic team where your contributions are appreciated and hard work is recognized, Buchanan is the place for you. Things We Are Passionate About We are passionate about providing top-tier technology services to our customers and clients and fostering a culture of continuous learning for our employees. We are a people- centric company, focused on growth and diversity for our workforce. Come join us and let's build something amazing together. Follow Us: LinkedIn: ******************************************************* Website: **************** Buchanan Technologies provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability, protected veteran status, or genetics. In addition to federal law requirements, Buchanan Technologies complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.

JOB FUNCTION The Cybersecurity Engineer will be responsible for implementing and maintaining the firm's cybersecurity technology solutions, monitoring for security incidents and vulnerabilities, coordinating end user activities, and participating in the investigation and response of any breaches or attacks. The ideal candidate will be a self-starter who can work both independently and collaboratively with diverse technical and business teams. He or she will report to the Chief Information Security Officer. Additional responsibilities include: Managing the vulnerability management program, including internal and external scanning, monitoring threat feeds, news sources, and vendor bulletins for risks and tracking remediation Maintaining and monitoring control baselines, hardening standards, asset/coverage metrics, and configuration compliance Monitoring and documenting key performance indicators (KPIs) and governance, risk, and compliance (GRC) evidence Suggesting and evaluating new technologies Educating employees on security best practices to reduce the risk of human error Collaborating with the Cloud, Systems, Network, Database, Desktop, and Development engineering teams on risk identification, analysis, and remediation Assisting with vendor due diligence Assisting with physical security infrastructure projects, maintenance, and updates QUALIFICATIONS The ideal candidate should have the following experience: 3+ years of experience in a Security Engineer role Proficiency with managing EDR solutions, SIEM, network security, cloud security, mobile security, vulnerability management, identity and access management, encryption, and a solid understanding of operating systems like Windows and Linux Strong ability to analyze security data, identify threats, and create effective solutions Ability to document and communicate technical information clearly to both technical and non-technical audiences Scripting/automation experience a plus The ideal candidate possesses the following traits: Creativity: the ability to deploy different approaches and be resourceful. Intellectual curiosity: passion for learning and investigating a broad range of subject matter; satisfaction derived from the consumption and understanding of information and increasing knowledge base. Accountability: ownership of individual responsibilities and work product. Strong people skills: ability to build relationships internally and externally and to be versatile in engaging with different constituents.

We are seeking a highly skilled and motivated CyberArk PAM Administrator to support the deployment, configuration, and ongoing management of privileged access management (PAM) and cybersecurity technologies. This role is ideal for a cybersecurity professional who enjoys working in collaborative environments, driving secure system design, and supporting enterprise-scale security initiatives. The successful candidate will play a key role in implementing new cybersecurity solutions, supporting infrastructure upgrades, and ensuring systems are secure, reliable, and well-documented. This position offers the opportunity to work with modern security platforms while contributing to the organization's overall cyber maturity and growth. Key Responsibilities Implement and support new deployments of cybersecurity technologies, including CyberArk PAM and related security products. Assist with infrastructure upgrades to support application growth and evolving cybersecurity requirements. Configure, deploy, and maintain systems in accordance with security best practices and architectural standards. Troubleshoot and support all aspects of CyberArk Privileged Access Management, including onboarding, vault management, and access controls. Develop and maintain technical documentation, procedures, and runbooks for daily operations and major initiatives. Propose and document system architectures for secure and scalable deployments. Collaborate with internal teams, vendors, and stakeholders to ensure successful technology implementations. Patch, maintain, and monitor security platforms to ensure system stability and compliance. Train team members and end users on new systems and security processes as needed. Follow up promptly with stakeholders to address issues, changes, and enhancements. Required Skills / Education Proven experience as a CyberArk Administrator or in a similar Privileged Access Management role. Hands-on experience troubleshooting and supporting CyberArk PAM components. Strong understanding of cybersecurity principles, access control, and secure system administration. Ability to create clear, detailed technical documentation and operational procedures. Excellent written and verbal communication skills, with the ability to work effectively across technical and non-technical teams. Preferred Qualifications Experience with scripting or programming languages. Hands-on experience with PowerShell. Familiarity with enterprise infrastructure environments and security integrations. Strong interpersonal skills and the ability to collaborate with stakeholders at all organizational levels. About Seneca Resources At Seneca Resources, we are more than just a staffing and consulting firm-we are a trusted career partner. With offices across the U.S. and clients ranging from Fortune 500 companies to government organizations, we provide opportunities that help professionals grow their careers while making an impact. When you work with Seneca, you're choosing a company that invests in your success, celebrates your achievements, and connects you to meaningful work with leading organizations nationwide. We take the time to understand your goals and match you with roles that align with your skills and career path. Our consultants and contractors enjoy competitive pay, comprehensive health, dental, and vision coverage, 401(k) retirement plans, and the support of a dedicated team who will advocate for you every step of the way. Seneca Resources is proud to be an Equal Opportunity Employer and is committed to fostering a diverse and inclusive workplace where all qualified individuals are encouraged to apply.

You will provide guidance and technical support to clients deploying security integrations. You'll act as the technical partner, providing strategic guidance around complex systems to secure a digital environment. Interacting directly with the client, you'll partner closely with client personnel to guide and suggest integrations to better serve their success. Your thorough understanding of our product integrations contributes to the development of new principles and concepts - providing detailed analysis around what's working, what's not, and what could be better. You enjoy implementation work, are proactive about resolving potential concerns, and operate well around strict best practices that enable our clients on their road to a more secure digital world. You're creative, innovative, and you love a challenge - learning how integrations might work better around new products and technologies. Responsibilities Communicate with the customer(s), sales teams, peers, engineering and support teams as appropriate Understand the customer environment, requirements, and security roadmap to implement the appropriate security solution Configure, implement, and maintain Security Operating Platform Optimize and migrate policies and objects from the existing environment to our Next-Gen Firewall Test and validate the migration environment Coordinate and execute cutover to production Provide guidance on code upgrades Facilitate the development of new application and threat signatures Interact with our Technical Assistance Center (TAC) to understand and diagnose support cases Some travel may be required, dependent on customer request You work with the customer's security & network teams to build confidence across the business units impacted by the change Experience High level of experience with Panorama and log collectors NGFW Global Protect BS in Computer Science, MIS, business, or equivalent education/training/experience Minimum of 5 years' experience with network/security solutions and technologies (BGP, SD-WAN concepts, VXLAN and general routing and switching) Minimum of 3 years' experience leading security solutions in large environments) Detailed technical experience in the installation, configuration, and operation of high-end firewall appliances, ideally Palo Alto Networks products You're experienced in internetworking, LAN, and WAN technologies You have a good understanding of Internet protocols and applications Any of the following industry certifications or equivalent experience is a plus: CISSP, CCNA, PCNSE, JNCIE-SEC You effectively handle multiple projects and work calmly in high pressure You're an excellent writer, with strong verbal communication skills, with demonstrable ability to communicate to senior leaders and technical peers

This young and agile company, providing identity risk solutions is currently seeking a Senior Cloud Security Engineer with a focus on Infrastructure and Security to join their growing team. You will assist with the continuous maturation of their Cloud Security services within the Security division. This is an excellent opportunity for an experienced Cloud Security Engineer with experience in both Infrastructure and Security to take the next step into a challenging position with a company offering significant growth potential. About the Company: Founded in the last 10 years, they are one the fastest growing companies in their space. They are a fast-growing company that have built a platform that allows finance organisations and fintechs to strengthen their security defences. Their mission is to allow companies to manage their identity and fraud risk. Everything they do is entrenched in achieving engineering excellence. Their culture is not corporate, and they like to trust their employees to take on a lot of responsibility and have input into the shape of growth of the organisation. About the Senior Cloud Security Engineer (Infrastructure and Security) Vacancy: What you will be doing: • Serve as a cloud security subject matter expert, advise on and implementing best practices • Respond to security incidents and provide timely and appropriate solutions • Conduct cloud security risk assessments and audits • Conduct investigations into security incidents and potential threats • Take part in on call rotations for incident response and remediation • Assist with policy management, security audits, and due diligence for cloud security concerns • Advise on, configuring, and managing a variety of security tools • Keep informed about and respond to emerging security threats and vulnerabilities • Assist with cloud security reviews of potential vendors Ideal Requirements for the Senior Cloud Security Engineer (Infrastructure and Security) Vacancy: • Several years of experience working in a similar role with a focus on Cloud Security in AWS • Experience provisioning infrastructure in AWS using Terraform, CloudFormation, CDK, or similar tools • Experience configuring VPCs, route tables, NACLs, Security Groups, iptables, Web Application Firewall, Config, GuardDuty, Inspector, KMS, IAM, etc. • In depth knowledge of AWS security best practices around systems hardening, monitoring, and incident response • Experience taking part in an on-call rotation • You are passionate about securing infrastructure, reducing risk, and protecting data! • You are a subject matter expert on cloud security in AWS • You have a solid understanding of network architecture and protocols • You can advise on cloud security policies and procedures Apply to the Role: Roles like these are snapped up very quickly, so act now if you do not want to miss out! Reply to this advert or email your CV to **********************

Sr. Technical Security Engineer, W2 remote Minimum Requirements 5+ years of experience in application or product security, with a track record of securing desktop and mobile applications. Strong understanding of secure architecture for thick clients, including local storage protection, inter-process communication, JavaScript engines, OS-level security features, and web security standards (CSP, same-origin policy, TLS/HTTPS). Experience with mobile (iOS/Android) and desktop (Windows/mac OS/Linux) application security models. Proficiency in GenAI security, modern cryptography, certificate management, secure authentication (OAuth, WebAuthn, FIDO2), and secure session handling. Knowledge of OS-level hardening techniques, sandboxing, privilege separation, and secure use of platform APIs. Hands-on experience with secure coding practices in at least one systems language (C++, Rust, Go) and one application language (Kotlin, Swift, C#). Familiarity with static/dynamic analysis tools, fuzzing, penetration testing, and reverse engineering for client applications. Experience embedding security into the software development lifecycle (threat modeling, code reviews, secure design patterns). Ability to manage incident response and vulnerability remediation for thick client environments. Strong cross-team communication skills and ability to write clear developer-facing security guidelines.

The Team: The Security Engineering Lead will be responsible for designing, building, and maintaining the organization's security infrastructure. This role requires a highly skilled professional who can lead a team of engineers, implement innovative security solutions, and ensure the resilience of the organization's systems and networks. The ideal candidate will have extensive experience in security engineering, a strong technical background, and the ability to manage and deliver complex security projects. **This Role does NOT provide sponsorship** Salary: $150k-$190k base w/ 20% bonus Responsibilities: Leadership and Management: Lead and mentor a team of security engineers, fostering a culture of continuous learning and innovation. Build and scale a global team to meet organizational needs. Architecting Security Solutions: Assist teams in designing and implementing advanced security solutions, including cloud security, privilege access management and application/system security. Collaboration: Partner with software development, infrastructure, and operations teams to embed security into the development lifecycle and operational processes. Performance Optimization: Regularly evaluate and optimize existing security tools and technologies to ensure maximum efficacy and efficiency. Training and Knowledge Sharing: Develop and deliver technical security training to engineers and other staff, ensuring a strong organizational security posture. Documentation and Reporting: Create detailed documentation for security systems and processes, and provide regular project reports senior management. Required Skills and Experience: Experience (3+ year) in people leadership roles, nurturing security engineers into high-performing teams. Experience (5+ years) in a security engineering role, focusing on designing and implementing security solutions and managing security infrastructure, both on-premise and cloud. Experience working with privilege and identity management solutions. Experience with operating system security and system hardening. Knowledge of network security principles, protocols, and technologies. Strong analytical and problem-solving skills, with the ability to assess risks and develop appropriate security controls. Excellent communication and interpersonal skills, with the ability to effectively communicate complex security concepts to technical and non-technical stakeholders. Ability to work independently, prioritize tasks, and manage multiple projects simultaneously. Strong leadership skills, with the ability to mentor and guide junior team members. Skills and Experience That Would Help You Stand Out: A bachelor's degree in Computer Science, Information Security, or a related field. A master's degree is a plus. Professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or Certified Information Security Manager (CISM) are highly desirable. Linux security experience Familiarity with DevSecOps and integrating security into CI/CD pipelines. Scripting experience.

Lead Security Engineer - Hands-On Role with Leadership Opportunity We're looking to hire a senior-level Security Engineer who's ready to step up and take the lead. Someone who's still very hands-on technically but also enjoys mentoring others, setting direction, and building scalable solutions that make a real difference. Title: Lead Security Engineer Salary: $160,000 to 190,000 +Bonus Location: Queens, NY (Hybrid) This role sits at the center of engineering, operations, and security-you'll be working directly with software and infrastructure teams to make sure security is embedded into everything we do. You won't just be managing tools; you'll help shape how security is done across the company. If you're based in the NYC area and looking for the next serious step in your career-where your ideas are heard and your work actually drives change-this is worth a conversation. What the Role Looks Like: You'll lead and mentor a small but growing team of security engineers, helping them grow while staying deep in the tech yourself. Work with internal teams to design and implement security solutions-cloud security, PAM, app and system hardening, etc. You'll be the one connecting the dots between development, infrastructure, and security-building relationships across teams and making sure security is part of the process from the start. Help optimize and improve the tools we already have, and figure out what's missing. What We're Hoping You Bring: A few years of experience leading or mentoring other security engineers-you don't need to have managed huge teams, but you've helped others level up. Solid technical background (5+ years in security engineering) and experience with on-prem and cloud security solutions (AWS or Azure). Hands-on knowledge of privileged access, identity management, system hardening, and network security. Strong instincts for risk, practical problem-solving, and keeping systems both secure and usable. Someone who communicates clearly, doesn't get lost in buzzwords, and works well with people across teams. Nice to Have, But Not Dealbreakers: Certifications like CISSP, CEH, CISM Experience with Linux security or scripting Familiarity with CI/CD pipelines and how security fits into DevOps Why This Role Might Be Right for You: You're ready for more responsibility and leadership, but don't want to give up the technical side of the work. You want to be part of a stable company with real backing and complex challenges to work on.

This role is for a mid-to-senior Security Engineer who thrives in a lean, high-performance environment and takes a hands-on, engineering-first approach to security. You will operate as a generalist within a small security team, owning the design, build, and evolution of security systems that protect a highly technical organization with many proprietary platforms. This is not an analyst role; the focus is on building, integrating, and improving security capabilities end to end, with a strong emphasis on problem solving, automation, and how systems work together. You will design and implement enterprise-grade security monitoring, detection, and response solutions, integrating commercial tools and developing custom capabilities tailored to the environment. While the role includes reviewing and triaging alerts from detection and response platforms, the core responsibility is continuously improving detection quality, response workflows, and overall security posture. You will engineer and tune detections using structured data and JSON-based queries, develop automated response and orchestration workflows, and drive improvements across the full incident lifecycle. The position requires close collaboration with teams across the organization, translating security risks and technical concepts into clear, practical language for non-security stakeholders. You will partner with engineering, infrastructure, and product teams to embed security into systems and workflows, applying strong security principles that are portable across technologies rather than tied to a single toolset. The environment is fast-moving and production-heavy, with ongoing adoption of AI-driven technologies and modern development practices. The ideal candidate has several years of experience in security engineering, preferably in a fintech, startup, or similarly high-tech environment, and is accustomed to operating outside of large, siloed security teams. You bring strong hands-on experience with cloud and endpoint security platforms such as Azure, Microsoft Defender, and Elastic, with exposure to tools like Zscaler and Purview considered a plus. You are comfortable coding and scripting, particularly in Python, working with Git-based workflows, and applying infrastructure-as-code concepts. Experience building and operating detection and response systems, security orchestration and automation platforms, and threat-informed defenses is essential. They'll need someone who's fully authorized to work in the US without any sponsorship / visa (cannot support H1B).

A financial firm is looking for a Chief Information Security Officer (CISO) to join their team in New York, NY. Compensation: $150-200K Responsibilities: Define and maintain the enterprise information security strategy, roadmap, and governance framework, aligned with business objectives and regulatory requirements Draft, maintain, and periodically review security-related policies and procedures Establish and chair/co-chair an Information Security / Cyber Risk Committee and contribute to Board-level reporting on cyber risk Develop and maintain the firm's information security governance framework Lead the firm's SOC 1 (Type 1/Type 2) and SOC 2 (Type 1/Type 2) readiness and ongoing attestation efforts Own the control catalog, control testing coordination, evidence collection, and remediation tracking across technology, operations, and third parties Act as primary security point of contact for external auditors, assessment firms, and key institutional partners Ensure security program alignment with SEC Regulation S-P, Reg S-ID, Reg SCI, SEC / Client cybersecurity expectations, and NYDFS 23 NYCRR 500 Partner with Compliance and Legal to interpret new regulations, assess impact, and implement necessary control and policy changes Maintain and periodically test the Incident Response Plan, Business Continuity and Disaster Recovery (BC/DR) from a security perspective Provide security oversight for cloud (AWS) and on-prem infrastructure, including network security, endpoint security, identity and access management (IAM), and data protection Work with Infrastructure/DevOps and application teams to embed secure SDLC practices, including code review, security testing, and secure deployment pipelines Oversee vulnerability management, including patch management processes, penetration testing, and remediation programs Define and oversee Security Operations Center (SOC) / XDR usage, log management, SIEM, threat detection, and incident handling Design and enforce data classification, data loss prevention (DLP), encryption, and key management controls Partner with business and product teams to ensure client data privacy and secure data flows, including with third-party vendors and partners Own the vendor security risk management program, including security due diligence, contract security clauses, and ongoing monitoring Evaluate and manage key security vendors Build and lead a small but high-impact security team, scaling capabilities over time Promote a security-first culture through training, awareness programs, and regular communication with staff at all levels Qualifications: Required Bachelor's degree in Computer Science, Information Security, Engineering, or related field; or equivalent experience 7+ years of progressive experience in information security, including at least 3 years in a leadership role (Head of Security, Deputy CISO, CISO, or equivalent) Hands-on experience leading SOC 1 and/or SOC 2 attestation projects at a financial institution, fintech, or SaaS provider Strong background in financial services or capital markets (broker-dealer, clearing firm, trading platform, or similar) Understanding of Information security frameworks (e.g., NIST CSF, NIST 800-53, ISO 27001) Understanding of Regulatory landscape for U.S. financial firms (e.g., SEC, Client, possibly NYDFS 500) Experience with Identity & access management, network security, endpoint security, and cloud security (preferably AWS) Experience building and maintaining incident response, BC/DR, and vulnerability/patch management programs Strong track record of cross-functional leadership, communicating complex security and risk topics to non-technical executives and boards Preferred Experience as CISO, Deputy CISO, or security leader at a broker-dealer, clearing firm, exchange/ATS, or large fintech Professional certifications such as CISSP, CISM, CISA, CRISC, CCSP or similar Experience with AWS security services Familiarity with DevSecOps practices and secure CI/CD pipelines Experience managing data localization and cross-border data separation initiatives

Chief Information Security Officer (CISO) 📍 💰 Base Salary: Up to $325,000 + Bonus + Equity 🏢 Our Client: A Blockchain & Digital Asset Infrastructure Company About Our Client Our client is a fast-growing organization building infrastructure, software, and services that support the next generation of blockchain and digital asset ecosystems. They power secure transactions, institutional-grade solutions, and high-performance platforms used across the crypto economy. As the business scales, they are expanding their leadership team with a Chief Information Security Officer (CISO) who will own the strategic direction, operations, and continuous improvement of all information and cybersecurity initiatives. Role Overview The CISO will set the long-term vision for security across the entire organization, covering infrastructure, products, employee environments, and customer-facing systems. This leader will ensure that the company's digital asset capabilities, blockchain networks, APIs, and cloud environments meet the highest standards of protection, resilience, and regulatory readiness. This role requires an executive who can operate across technical, operational, and strategic levels-partnering with engineering, legal, compliance, product, and leadership teams. Key Responsibilities Design and drive a holistic security strategy covering infrastructure security, application security, product security, data governance, and operational risk. Safeguard digital asset environments, including wallets, key management systems, consensus mechanisms, and blockchain-based services. Build and lead an advanced threat detection, monitoring, and incident response program, ensuring rapid response and clear communication pathways. Collaborate with engineering teams to integrate secure development practices into blockchain, smart contract, and cloud-native workflows. Establish and maintain security controls, audits, and certifications, ensuring alignment with industry frameworks and regulatory expectations. Oversee vendor security, supply-chain risk management, and third-party assessments. Develop a culture of security throughout the business, including training, policy development, and ongoing risk awareness. Provide regular reports and briefings to the executive team on emerging threats, risk posture, and security roadmap progress. Experience & Qualifications 15+ years of experience in cybersecurity, with at least 5 years leading security organizations or programs at scale. Strong experience in blockchain security, digital asset custody, exchange or infrastructure security, or related crypto-native environments. Demonstrated success leading enterprise security programs that span cloud infrastructure, distributed systems, and high-availability environments. Skilled in working with frameworks such as SOC 2, ISO 27001, NIST, and global data protection standards. Expertise in cloud security (AWS, GCP, Azure), network security architecture, identity management, and DevSecOps. Comfortable operating in fast-moving, engineering-driven environments. Professional certifications (CISSP, CISM, CCISO, etc.) are a strong plus.

Title: Chief Information Security Officer Reports to: President The Chief Information Security Officer (CISO) is a critical leadership position responsible for establishing, managing, and evolving the enterprise-wide information security strategy and program. The Company's security strategy will initially focus on ensuring regulatory requirements are met but it must also provide a robust, scalable and secure foundation that enables future growth in the dynamic and regulated financial markets. The CISO will serve as the company's foremost authority on all matters of cybersecurity, information compliance, and information risk, protecting the core exchange and clearing technology, corporate IT, and all related data and physical assets. This role is highly visible and requires a hands-on technical leader capable of strategic direction, executive management, and detailed technical oversight, including direct interface with the CFTC and the Company's Board of Directors. Key Responsibilities 1. Strategic Leadership & Governance ● Develop, communicate, and implement a robust, risk-based, and continuously evolving information security strategy and architecture that aligns with business objectives and regulatory requirements (including but not limited to CFTC regulations and guidance as well as new emerging security standards). ● Report directly to the President, providing regular, concise, and comprehensive security and risk updates to the Executive Leadership Team and the Board of Directors. ● Drive the creation of and report upon Key Performance Indicators related to the company's security controls. ● Work closely with the Chief Risk Officer (CRO) to integrate information security risk management into the enterprise risk management framework. ● Establish and enforce security policies, standards, and procedures across all technical infrastructure, applications, and business processes. 2. Technical Security & Operations ● Direct all security operations, including threat intelligence, vulnerability management, security monitoring, incident detection, and response across the entire technology footprint (trading, clearing, corporate IT, and data platforms). ● Oversee and be responsible for the security of all data and critical systems, including secure software development lifecycle (SDLC), network security, and cloud security architecture working closely with the DevOps team. ● Cryptography and Key Management: Drive the strategy and implementation for managing, securing, and auditing cryptographic keys and secrets for all critical systems. ● Manage and direct the company's incident response and disaster recovery/business continuity planning related to information security. This is a 24/7/365 critical function. ● Manage third-party security assurance activities, including vendor evaluation, due diligence, penetration testing, and vulnerability assessments. 3. Regulatory Compliance & Audit ● Serve as the primary liaison for the CFTC, external auditors, and other regulatory bodies on all cybersecurity and information security compliance matters. ● Ensure continuous compliance with all relevant financial regulatory frameworks, including CFTC regulations applicable to DCMs and DCOs, and other applicable standards (e.g., NIST Cybersecurity Framework, ISO 27001). ● Oversee internal and external security audits and lead remediation efforts for all identified findings. 4. Team & Resource Management ● Build, mentor, and lead a high-performing team of information security professionals (analysts, engineers, and architects). ● Manage the security budget, technology procurement, and vendor relationships to ensure cost-effective and optimal security controls. ● Direct security awareness and training programs for all employees. ● Collaborate across Legal, HR, and executive management in the building of policies as well as incident management. Required Qualifications ● Minimum of 10 years of progressive experience in information security roles, with a minimum of 5 years in a senior leadership or CISO role within a large or highly regulated financial institution. ● Mandatory experience working in a regulated financial industry such as banking, brokerages, or clearing firms, with a strong preference for candidates with direct experience at a financial exchange (DCM/DCO) or other critical market infrastructure. ● Proven hands-on technical expertise in security architecture, operations, and engineering, coupled with executive-level leadership and communication skills. Beneficial Qualifications ● Deep familiarity with CFTC compliance requirements for DCMs/DCOs and a strong understanding of the financial, operational, and regulatory risks unique to exchange and clearing functions. ● Expert-level knowledge of security best practices for secrets management, hardware security modules (HSMs), and cryptographic key management, particularly as they relate to digital assets, blockchain technology, or regulated crypto asset custody. ● Bachelor's or Master's degree in Computer Science, Information Security, or a related field. ● Relevant professional certifications highly desired (e.g., CISSP, CISM, CISA, CRISC).

Client Name: City of New York Contract Length (in weeks): 52 Hybrid: 3 days in office/2 days remote. SCOPE OF SERVICES The forensics Analyst will investigate network intrusions and other cyber incidents to determine cause, extent and consequences of the breach. TASKS: Investigate network intrusions and other cybersecurity incidents to determine the cause and extent of the breach. Includes ability to perform host-based and network-based forensic analysis. Research and develop new techniques, and procedures to continually improve the digital forensics process. Produce high quality written work product presenting complex technical issues clearly and concisely. Managing and maintaining the analysis labs and forensics tools leveraged for investigations. Ensuring data is collected and preserved within industry standard best practices and in alignment evidence integrity requirements. Assisting the Cyber Emergency Response Team during critical incidents. RequirementsMANDATORY SKILLS/EXPERIENCE Note: Candidates who do not have the mandatory skills will not be considered Minimum 4 years of experience in Threat Management/Forensics Investigations/Incident Response environment Proficient in performing digital forensic investigations on a variety of platforms and operating systems with a deep understanding of digital forensics processes and tools. DESIRABLE SKILLS/EXPERIENCE: Experience with a wide range of forensic tools (TZWorks, X-Ways, SIFT, AXIOM, Volatility, etc.) Experience with memory analysis tools (i.e. Volatility) Experience with Linux and open source tools Experience investigating intrusions on Windows and Linux/Unix operating systems Knowledge of gathering, accessing, and assessing evidence from computer systems and electronic devices Knowledge of virtual environments Knowledge of forensic imaging techniques Knowledge of Microsoft Windows operating system and Windows artifacts Knowledge of Linux/UNIX operating systems and artifacts Knowledge of MAC OS operating system and forensics artifacts Knowledge of file systems Strong analytical skills

Job Description We is seeking a talented Cyber Security Analyst. As a Cyber Security Analyst, you will play a key role in ensuring the security and integrity of our organization's data and systems. Requirements Responsibilities: Monitor, detect, and respond to cyber threats and security incidents, Conduct vulnerability assessments and penetration testing to identify potential weaknesses in our systems, Develop and implement security measures and best practices to protect against cyber attacks, Stay up-to-date with the latest cyber security trends and technologies, Collaborate with cross-functional teams to identify security risks and implement appropriate solutions, Provide training and guidance to employees on cyber security awareness and best practices. Requirements: Bachelor's degree in Computer Science, Information Security, or a related field, Proven experience in cyber security or a related role, Strong knowledge of security protocols and tools, Ability to analyze and interpret complex data and make informed decisions, Excellent problem-solving and communication skills, Relevant certifications (e.g. CISSP, CISM) are preferred but not required. Benefits About Us Zone IT Solutions is an Australia-based Recruitment Company. We specialise in Digital, ERP and larger IT Services. We offer flexible, efficient and collaborative solutions to any organisation that requires IT, experts. Our agile, agnostic and flexible solutions will help you source the IT Expertise you need. If you are looking for new opportunities, your profile at *******************************. Also, follow our LinkedIn page for new job opportunities and more. Zone IT Solutions is an equal-opportunity employer, and our recruitment process focuses on essential skills and abilities.

Join our global Cyber team as a Wordings Analyst supporting the Global Cyber Wordings Manager in the strategic development and governance of our Cyber and Tech policy suite, including Liberty Cyber Resolution and Liberty Tech Resolution. This role is a hands-on business enabler: you will help translate complex legal and regulatory requirements into clear, market-ready wordings, maintain our global clause library, support manuscript negotiations, and produce practical tools that empower underwriters and strengthen broker confidence. It's an excellent opportunity for an early-career insurance wordings or legal professional to build expertise in a fast-moving, global specialty line and make a visible impact on growth, innovation, and client experience. Key responsibilities: Wording library and drafting support Maintain and expand the global wording library centered on Liberty Cyber Resolution and Liberty Tech Resolution, including endorsements, exclusions, and guidance notes. Redline and prepare first drafts of standard clauses and endorsements; ensure consistency with definitions, coverage intent, and plain-language standards. Track version control, change logs, approvals, and archiving; Assist with localization for different jurisdictions, coordinating translations and filing documentation with Legal/Compliance. Commercial enablement Build practical tools (playbooks, FAQs, objection-handling guides, coverage summaries) to help regional teams position our products and close deals efficiently. Prepare broker/client comparison decks and battlecards; support pitches, RFP/RFI responses, and manuscript negotiations with clause comparisons and recommended alternatives. Triage wording queries from regions; track SLAs and referral approvals per the global governance framework. Partner closely with Underwriting, Product, Global Cyber Engagement, Claims, Legal/Compliance, and regional leaders to deliver accurate, timely support and uphold governance standards. Regulatory and legal stewardship Monitor and synthesize global regulatory and market developments (e.g., Lloyd's cyber war/systemic guidance, GDPR, DORA, NIS2, sanctions) into succinct briefs and recommended wording actions. Maintain audit-ready documentation; assist with regulatory filings or attestations where required. Claims partnership and feedback loop Collaborate with Claims to capture lessons from disputes and litigation trends; draft guidance notes and propose clarifications to improve coverage certainty. Support coverage position letters and documentation packs with research, citations, and clause histories. Innovation and product development support Help draft prototype wordings for new propositions Check alignment between underlying policy wordings and reinsurance treaty/facultative clauses. Administer wording management tools, ensuring robust version control, approval workflows, and usage analytics. Build dashboards and trackers for adoption of standard forms, deviation rates, SLA performance, disputes, and audit findings; provide monthly reporting to stakeholders. Qualifications Bachelor's degree in business, economics, or other quantitative field. Minimum 3 years, typically 4 years or more of relevant work experience. 2 - 5 years of experience in insurance wordings, legal/paralegal support, underwriting support, or product documentation; cyber specialty experience preferred. Strong drafting, redlining, and proofreading skills with a plain-language mindset and exceptional attention to detail. Working knowledge of insurance policy structures, endorsements, exclusions, and coverage interpretation; familiarity with cyber war/systemic language, sanctions, and privacy regulations is advantageous. Research and synthesis skills to translate complex regulatory/legal topics into practical guidance and actionable updates. Proficiency with MS Word (advanced track changes/redlining), Excel (trackers and dashboards), PowerPoint (training/pitch materials), and document/enablement tools. Collaborative, service-oriented approach; comfortable operating in a global matrix and meeting defined SLAs. Curiosity about cybersecurity risks and the incident response ecosystem; willingness to learn common threat scenarios to inform practical drafting. About Us Pay Philosophy: The typical starting salary range for this role is determined by a number of factors including skills, experience, education, certifications and location. The full salary range for this role reflects the competitive labor market value for all employees in these positions across the national market and provides an opportunity to progress as employees grow and develop within the role. Some roles at Liberty Mutual have a corresponding compensation plan which may include commission and/or bonus earnings at rates that vary based on multiple factors set forth in the compensation plan for the role. At Liberty Mutual, our goal is to create a workplace where everyone feels valued, supported, and can thrive. We build an environment that welcomes a wide range of perspectives and experiences, with inclusion embedded in every aspect of our culture and reflected in everyday interactions. This comes to life through comprehensive benefits, workplace flexibility, professional development opportunities, and a host of opportunities provided through our Employee Resource Groups. Each employee plays a role in creating our inclusive culture, which supports every individual to do their best work. Together, we cultivate a community where everyone can make a meaningful impact for our business, our customers, and the communities we serve. We value your hard work, integrity and commitment to make things better, and we put people first by offering you benefits that support your life and well-being. To learn more about our benefit offerings please visit: *********************** Liberty Mutual is an equal opportunity employer. We will not tolerate discrimination on the basis of race, color, national origin, sex, sexual orientation, gender identity, religion, age, disability, veteran's status, pregnancy, genetic information or on any basis prohibited by federal, state or local law. Fair Chance Notices California Los Angeles Incorporated Los Angeles Unincorporated Philadelphia San Francisco We can recommend jobs specifically for you! Click here to get started.

States: MA, NH, RI, ME, CT, VT, NJ, NY is home office based. Meet the Team You will provide guidance and assist Security Sellers and Account teams within the territory in a pre-sales technical role, showcasing Cisco security product solutions, setting up demonstrations, explaining features and benefits to customers, and designing and configuring products to address specific customer security needs. You will form relationships with our customer's key decision-makers, positioning Cisco security solutions aligned accurately to their requirements. You will be a part of an outstanding technical pre-sales team in our Global Security Sales Organization (GSSO), responsible for driving the success of Cisco's Security Portfolio and focusing on protecting Customer Application Environments no matter where they live (on-prem / any cloud). Our mission is simple: democratize security by making it easy and effective for everyone. We're transforming security from the ground up by solving the world's most pressing geopolitical challenge - safe, secure information access. We engineer our business to enable our customers to easily address their ever-evolving security challenges. We believe that impactful work is rewarding work and that our team is at its best when everyone feels empowered to bring their whole self to work. We learn together by hiring for cultural contribution, not cultural fit, and recognize that diversity in background and thought are essential to building high-impact teams. We invest in growth and learning opportunities and encourage our people to never stop learning. We foster collaboration and believe in being recognized (and rewarded!) for hard work. We champion a healthy work-life balance. We're kinder than necessary. Together we build for the future by designing simple solutions for complex problems. And that's why we're the most loved and trusted name in security. Your Impact As an advisor to the customer, you'll be working with technology experts to craft architectures and configure products to meet customer-specific needs, are prepared to lead all technical aspects of pre-sales activities, and position security solutions effectively against competing offerings. You are an aggressive starter, self-starter with the ability to build executive relationships, develop and execute sales strategies and tactics that improve Cisco's opportunity with a customer environment, position and promote the partner and customer value proposition for Cisco security architecture, articulate Cisco's product and business strategies, and create the demand that makes deals happen! You will: * Serve as the subject matter expert in Cisco security solutions * Provide guidance and assist account teams within the territory in building solutions to address specific customer security needs * Understand business requirements for a customer base and be able to translate them into technical requirements * Understand and articulate Cisco's architecture and services within security technologies * Create, present, and document technical solutions * Perform in-depth and high-level technical presentations for customers partners and prospects * Drive identified major account opportunities (i.e. technical consulting, upper-level management presentations, and Cisco technology solutions) while allowing local account teams to maintain long-term ownership Who You Are You are passionate about the customer experience and excited about new technology. You are a true teammate and love to learn. Being a self-starter, our SEs act as an industry domain authority, and strive to help Cisco make customers for life. Minimum Qualifications * Minimum of 4 years of pre-sales experience * Hands on experience with one or more of these Cisco Security Products (or their competitive equivalent): ******************************************************************** * Experience with whiteboard discussions that transform customer requirements into security solutions Preferred Qualifications * History of successful quota achievement. * Ability to demo / POV any of these Cisco Security products (the more the better): ******************************************************************** * Knowledge of public clouds AWS, Azure, GCP, and OCI. * Experience with incident response a plus * Experience with administering security for a company (e.g. purchased and deployed Cisco security products as a customer) is a plus. * Solid presentation and interpersonal skills. * Highly motivated self-starter who does not need day-to-day management * Experience with APIs and scripting languages Why Cisco? At Cisco, we're revolutionizing how data and infrastructure connect and protect organizations in the AI era - and beyond. We've been innovating fearlessly for 40 years to create solutions that power how humans and technology work together across the physical and digital worlds. These solutions provide customers with unparalleled security, visibility, and insights across the entire digital footprint. Fueled by the depth and breadth of our technology, we experiment and create meaningful solutions. Add to that our worldwide network of doers and experts, and you'll see that the opportunities to grow and build are limitless. We work as a team, collaborating with empathy to make really big things happen on a global scale. Because our solutions are everywhere, our impact is everywhere. We are Cisco, and our power starts with you. Message to applicants applying to work in the U.S. and/or Canada: The starting salary range posted for this position is $217,200.00 to $274,100.00 and reflects the projected salary range for new hires in this position in U.S. and/or Canada locations, not including incentive compensation*, equity, or benefits. Individual pay is determined by the candidate's hiring location, market conditions, job-related skillset, experience, qualifications, education, certifications, and/or training. The full salary range for certain locations is listed below. For locations not listed below, the recruiter can share more details about compensation for the role in your location during the hiring process. U.S. employees are offered benefits, subject to Cisco's plan eligibility rules, which include medical, dental and vision insurance, a 401(k) plan with a Cisco matching contribution, paid parental leave, short and long-term disability coverage, and basic life insurance. Please see the Cisco careers site to discover more benefits and perks. Employees may be eligible to receive grants of Cisco restricted stock units, which vest following continued employment with Cisco for defined periods of time. U.S. employees are eligible for paid time away as described below, subject to Cisco's policies: * 10 paid holidays per full calendar year, plus 1 floating holiday for non-exempt employees * 1 paid day off for employee's birthday, paid year-end holiday shutdown, and 4 paid days off for personal wellness determined by Cisco * Non-exempt employees receive 16 days of paid vacation time per full calendar year, accrued at rate of 4.92 hours per pay period for full-time employees * Exempt employees participate in Cisco's flexible vacation time off program, which has no defined limit on how much vacation time eligible employees may use (subject to availability and some business limitations) * 80 hours of sick time off provided on hire date and each January 1st thereafter, and up to 80 hours of unused sick time carried forward from one calendar year to the next * Additional paid time away may be requested to deal with critical or emergency issues for family members * Optional 10 paid days per full calendar year to volunteer For non-sales roles, employees are also eligible to earn annual bonuses subject to Cisco's policies. Employees on sales plans earn performance-based incentive pay on top of their base salary, which is split between quota and non-quota components, subject to the applicable Cisco plan. For quota-based incentive pay, Cisco typically pays as follows: * .75% of incentive target for each 1% of revenue attainment up to 50% of quota; * 1.5% of incentive target for each 1% of attainment between 50% and 75%; * 1% of incentive target for each 1% of attainment between 75% and 100%; and * Once performance exceeds 100% attainment, incentive rates are at or above 1% for each 1% of attainment with no cap on incentive compensation. For non-quota-based sales performance elements such as strategic sales objectives, Cisco may pay 0% up to 125% of target. Cisco sales plans do not have a minimum threshold of performance for sales incentive compensation to be paid. The applicable full salary ranges for this position, by specific state, are listed below: New York City Metro Area: $223,000.00 - $330,300.00 Non-Metro New York state & Washington state: $217,200.00 - $315,300.00 * For quota-based sales roles on Cisco's sales plan, the ranges provided in this posting include base pay and sales target incentive compensation combined. Employees in Illinois, whether exempt or non-exempt, will participate in a unique time off program to meet local requirements.

Principal Information Security Analyst (Tier 2) As a Principal Information Security Analyst within Gen Digital's global Security Operations Center (SOC), you will play a key role in strengthening threat detection and response across the organization. The role focuses on improving SOC monitoring and detection processes through technical expertise, continuous development, and close collaboration with other security teams. In this position, you will serve as a senior specialist, leading automation and detection engineering efforts, mentoring junior analysts and contributing to projects that enhance security visibility and overall SOC performance. Operating in a follow-the-sun model, the SOC ensures 24/7 global coverage, with regional teams working during their respective business hours and sharing on-call responsibilities for weekend. Key Responsibilities: * Monitor, analyze, and correlate security alerts and events across multiple platforms (SIEM, WAF, EDR, email, cloud, network, and threat intelligence tools) to identify and validate suspicious or malicious activity * Continuously develop and fine-tune detection rules, correlation searches, security policies, and dashboards to improve visibility, reduce false positives, and increase alert accuracy across security platforms * Support and mentor Tier 1 analysts in alert triage, escalation quality, and use of tools * Collaborate with security engineers on automation and enrichment initiatives to streamline operational workflows and improve detection efficiency * Maintain complete and up-to-date documentation for all detection use cases, workflows and process improvements * Participate in security projects and collaborate with internal stakeholders (e.g., Incident Response, Security Engineering, Application Security, and IT) to enhance detection coverage, visibility, and response capabilities * Support the execution of incident response playbooks Qualification and Work Experience: * 3-5 years of hands-on experience in SOC operations, cybersecurity monitoring, or related areas such as detection engineering or threat analysis * Solid understanding of networking concepts (TCP/IP, DNS, HTTP/S) and how they apply to security monitoring and threat analysis * Strong knowledge of cybersecurity principles, common attack techniques, and threat types (e.g., phishing, malware, brute force, web application attacks) * Proven experience working with security logs, alerts, and structured data across multiple platforms (SIEM, EDR, WAF, cloud, and network telemetry) * Hands-on experience with SIEM platforms - Splunk preferred - including detection content development, rule tuning, and dashboard creation * Familiarity with Web Application Firewall (WAF) technologies and the ability to analyze or tune related alerts and policies * Understanding of cloud security concepts and experience with monitoring tools for major providers (AWS, Azure, GCP) * Working knowledge of scripting or automation (e.g., Python, PowerShell, or API-based integrations) to support analysis and enrichment workflows * Experience using AI-based tools to support daily SOC operations, including data analysis, investigation, documentation, and collaboration * Strong analytical and problem-solving skills with attention to detail and curiosity for continuous learning * Effective communication and documentation skills in English, both written and verbal * Experience collaborating across teams (e.g., Security Engineering, Incident Response, Application Security) on detection improvements or automation projects * Prior experience in a Security Operations Center (SOC) or similar environment is highly preferred * Familiarity with the fintech environment or experience supporting financial services infrastructure is considered a strong advantage #LI-AS1 Gen is proud to be an equal-opportunity employer, committed to diversity and inclusivity. We base employment decisions on merit, experience, and business needs, without considering race, color, national origin, age, religion, sex, pregnancy, genetic information, disability, medical condition, marital status, sexual orientation, gender identity or expression, military or veteran status, or other unlawful factors. Gen prohibits discrimination based on these protected characteristics and recruits talented candidates from diverse backgrounds. We consider individuals with arrest and conviction records and do not discriminate against employees for discussing their own pay or that of other employees or applicants. Learn more about pay transparency. To conform to U.S. export control regulations, applicant should be eligible for any required authorizations from the U.S. Government.

Information Security Specialist Job Responsibilities: Safeguards information system assets by identifying and solving potential and actual security problems. Protects system by defining access privileges, control structures, and resources. Recognizes problems by identifying abnormalities; reporting violations. Implements security improvements by assessing current situation; evaluating trends; anticipating requirements. Determines security violations and inefficiencies by conducting periodic audits. Upgrades system by implementing and maintaining security controls. Keeps users informed by preparing performance reports; communicating system status. Maintains quality service by following organization standards. Maintains technical knowledge by attending educational workshops; reviewing publications. Contributes to team effort by accomplishing related results as needed. Information Security Specialist Skills and Qualifications: System Administration, Network Security, Problem Solving, Information Security Policies, Informing Others, Process Improvement, On-Call, Network Troubleshooting, Firewall Administration, Network Protocols, Routers, Hubs, and Switches.

The Cloud Security Specialist is a senior technical and leadership position responsible for implementing, managing, and continuously improving cloud security across multi cloud environments including AWS, Azure, Google Cloud, and Oracle Cloud Infrastructure (OCI).This role combines hands on technical execution with team leadership. The successful candidate will lead a team of cloud security engineers, develop secure architectures, and manage enterprise grade cloud security solutions such as Cloud Security Posture Management (CSPM), Cloud Workload Protection (CWP), Container Security, API Security, and AI Security Posture Management (AISPM).The individual will partner with cloud service, DevOps, and application teams to design secure deployments, enforce policies, and integrate automation for vulnerability remediation, threat detection, and compliance. They will also implement secure private connectivity between cloud and on premise networks using technologies such as AWS PrivateLink and Azure ExpressRoute. Required Education/Experience * Master's Degree and with 3 years of relevant experience IT or Information security or * Bachelor's Degree and with 5 years of relevant experience IT or Information security or * Associate's Degree and with 6 years of relevant experience IT or Information security or * High School Diploma/GED and with 8 years of relevant experience IT or Information security. Preferred Education/Experience * Master's Degree in Cybersecurity, Computer Engineering, Computer Science, Information Systems Security, Information Technology. and 3 years in Information security, Cloud Security or Cloud Architect in a senior technical role. With certifications such as CCSP, AWS Certified Security, Azure Security Engineer Associate, or GCP Cloud Security Engineer. Experience in cloud security or cloud architecture. Experience with CSPM, CWP, AISPM, and API security implementations. Handson work with identity management, hybrid connectivity (PrivateLink, ExpressRoute). * Bachelor's Degree in Cybersecurity, Computer Engineering, Computer Science, Information Systems Security, Information Technology. and 5 years in Information security, Cloud Security or Cloud Architect in a senior technical role. With certifications such as CCSP, AWS Certified Security, Azure Security Engineer Associate, or GCP Cloud Security Engineer. Experience in cloud security or cloud architecture. Experience with CSPM, CWP, AISPM, and API security implementations. Handson work with identity management, hybrid connectivity (PrivateLink, ExpressRoute). Relevant Work Experience * Handson experience with at least two major cloud providers (AWS, Azure, GCP, or OCI), required. * Implementation and management experience with CSPM, CWP, AISPM, and API security platforms, required. * Knowledge of IAM, rolebased access control, and policy enforcement, required. * Experience integrating cloud telemetry and logs with SIEM tools, required. * Understanding of hybrid connectivity and private link technologies (PrivateLink, ExpressRoute), required. * Experience with scripting (Python, PowerShell, Bash) and automation, required. * Experience with WAF and cloud API gateway configurations, required. * Strong understanding of cloud network fundamentals and background in cloud network security, and secure architecture design, required. * Experience collaborating with cloud service teams for planning and remediation, required. * Experience implementing application security best practices and training engineering teams, required. * Familiarity with CDN operations, certificates, and brand monitoring preferred, required. * Experience with SIEM integration, telemetry collection, and event analysis, preferred. * Demonstrated experience leading technical teams or project groups, preferred. * Experience with Container Security, preferred. * Experience securing API endpoints and implementing advanced cloud application protections, preferred. * Knowledge of AI/ML data protection and secure model deployment practices, preferred. * Experience integrating security automation into DevSecOps workflows using Terraform or Ansible, preferred. * Experience developing and delivering cloud security training and awareness programs, preferred. Skills and Abilities * Effective leadership skills * Demonstrated problem solving skills * Demonstrated problem solving skills * Strong written and verbal communication skills * Ability to drive multiple projects to successful completion * Proactively approaches responsibilities Licenses and Certifications * Driver's License Required * Other: CISSP, CCNP Security, GSEC, GCIH, CEH, or equivalent certifications. Preferred * Other: CCSP, AWS Certified Security, Azure Security Engineer Associate, GCP Professional Cloud Security Engineer, or OCI Security Professional. Preferred Physical Demands * Ability to push, pull, and lift up to 25 pounds * Sit or stand to use a keyboard, mouse, and computer for the duration of the workday Additional Physical Demands * The selected candidate will be assigned a System Emergency Assignment (i.e., an emergency response role) and will be expected to work non-business hours during emergencies, which may include nights, weekends, and holidays. * The selected candidate will be assigned a System Emergency Assignment (i.e., an emergency response role) and will be expected to work non-business hours during emergencies, which may include nights, weekends, and holidays. Core Responsibilities * Lead and mentor a team of cloud security engineers, fostering technical excellence and professional growth. * Architect and maintain secure multi-cloud environments across AWS, Azure, GCP, and OCI in partnership with Enterprise Architecture. * Deploy and manage CSPM platforms to drive continuous visibility, compliance, and risk posture improvement. * Implement CWP solutions to protect cloud workloads, prevent threats, and manage vulnerabilities effectively. * Define and enforce IAM policies and least-privilege principles to strengthen identity security across all platforms. * Design and secure private and hybrid connectivity using technologies such as AWS PrivateLink, Azure ExpressRoute, and Google Cloud Interconnect. * Integrate cloud telemetry and security events with SIEM systems to enhance incident detection and response capabilities. * Automate provisioning, configuration, and remediation workflows using IaC tools like Terraform and Ansible, supported by Python or PowerShell scripting. * Implement and manage WAF policies and API gateways to safeguard cloud applications and services. * Partner with DevOps and engineering teams to embed security within CI/CD pipelines and promote secure development practices. * Collaborate with risk and architecture teams to assess emerging technologies and align them with enterprise security strategy. * Stay informed on evolving threats, regulatory frameworks, and AI security trends to continuously improve cloud security posture.