Cyber security specialist work from home jobs - 459 jobs

About Us: At Parafin, we're on a mission to grow small businesses. Small businesses are the backbone of our economy, but traditional banks often don't have their backs. We build tech that makes it simple for small businesses to access the financial tools they need through the platforms they already sell on. We partner with companies like DoorDash, Amazon, Worldpay, and Mindbody to offer fast and flexible funding, spend management, and savings tools to their small business users via a simple integration. Parafin takes on all the complexity of capital markets, underwriting, servicing, compliance, and customer service for our partners. We're a tight-knit team of innovators hailing from Stripe, Square, Plaid, Coinbase, Robinhood, CERN, and more - all united by a passion for building tools that help small businesses succeed. Parafin is backed by prominent venture capitalists including GIC, Notable Capital, Redpoint Ventures, Ribbit Capital, and Thrive Capital. Parafin is a Series C company, and we have raised more than $194M in equity and $340M in debt facilities. Join us in creating a future where every small business has the financial tools they need. About the Position We're looking for an experienced security-focused engineer to help shape and scale Parafin's security posture across our cloud and platform environments. Our Security and Infrastructure team owns the foundational systems that power all of Parafin - from compute and networking to identity and compliance - and you'll play a central role in ensuring those systems are secure, reliable, and compliant. In this role, you'll design and operate controls, tooling, and processes that keep our infrastructure resilient and compliant while enabling developers to move quickly and safely. You'll partner closely with teams across engineering and compliance to strengthen how we manage access, secure applications, monitor threats, and respond to incidents. What You'll Be Doing Lead efforts to improve Parafin's overall security posture across infrastructure, applications, and data systems. Develop and maintain frameworks for identity, access management, and least-privilege enforcement. Establish and operate best-in-class security monitoring, alerting, and incident response processes. Partner with product and infrastructure engineers to embed secure-by-default patterns in our systems and applications. Define and enforce standards for vulnerability management, secrets handling, and dependency integrity. Collaborate with compliance and risk teams to build and maintain controls aligned with frameworks such as SOC 2, PCI DSS, and other fintech regulations. Support audits and security assessments by ensuring controls are properly implemented and evidenced. Contribute to security awareness and training efforts across engineering teams. Influence long-term strategy on secure architecture, detection, and response automation. What We're Searching For 8+ years of experience in security operations or application security, preferably in a cloud-native and regulated environment. Strong understanding of AWS security, including IAM, VPC, and network segmentation best practices. Experience with threat detection and response, vulnerability management, and incident response workflows. Familiarity with Kubernetes and container security principles, including RBAC, admission controls, and runtime monitoring. Knowledge of compliance frameworks (SOC 2, PCI DSS, ISO 27001) and how to operationalize them in engineering environments. Strong communication and collaboration skills - comfortable working across engineering, product, and compliance teams. We Prefer If You Have Experience building or maturing a security operations or application security program at scale. Background in security automation, threat modeling, or secure architecture reviews. Familiarity with developer-focused security enablement - e.g., SAST/DAST integration, dependency scanning, or security education. Experience in regulated or fintech environments where security and speed must coexist. What We Offer Salary Range: $235k - $280k Equity grant Medical, dental & vision insurance Unlimited PTO Work From Home flexibility Commuter benefits Free lunches Paid parental leave 401(k) Employee assistance program If you require reasonable accommodation in completing this application, interviewing, completing any pre-employment testing, or otherwise participating in the employee selection process, please contact us. #J-18808-Ljbffr

WorkOS builds tools and services for developers to help them implement authentication, identity, authorization, and overall enterprise readiness. We're a fully distributed team with employees across North American time zones. We're well‑funded, having raised $100m in funding from top investors including Greenoaks Capital, Lachy Groom, and Lightspeed Ventures. Our fast‑growing customer base includes rapidly growing SaaS companies like OpenAI, Cursor, Perplexity, Vercel, Plaid, and hundreds of others. About the Security Team The Security team at WorkOS is responsible for keeping our company and customer data safe. As a CorpSec Engineer, you'll focus on the internal side of security-ensuring our people, devices, and systems are secure by default. We support a remote‑first, fast‑moving engineering organization and need strong, pragmatic security systems that scale with us. You'll work to improve access controls, endpoint security, and tooling across the company. This role is a mix of hands‑on execution and strategic thinking-perfect for someone who wants to shape how security works inside a modern startup. Who we're looking for Have experience with corporate security and endpoint management in a cloud‑native, remote‑friendly environment Enjoy taking ownership of systems like Okta, MDM, and EDR and making them more reliable, secure, and easy to use Can balance security best practices with the realities of usability and speed Like designing scalable controls for access, identity, and device management Are comfortable working independently and cross‑functionally with IT, Infra, and GRC Are curious, proactive, and enjoy simplifying complexity What you'll be doing Own and improve our identity and access management systems (Okta, Google Workspace, etc.) Administer and secure our MDM and endpoint protection tools (e.g. Kandji, EDRs) Partner with Infra to implement controls for least privilege, audit logging, and change management Develop automations and tooling for onboarding/offboarding, access reviews, and audit prep Proactively identify security risks and lead the rollout of mitigations Help shape security policies and practices that work well for engineers, not against them Work with vendors and evaluate new tools as needed Document systems and decisions clearly to support scale and clarity Requirements Experience with identity, access, and endpoint security tools (e.g. Okta, MDM, EDR) Familiarity with cloud‑native IT/security operations and SaaS environments Comfort working in a fast‑paced, high‑autonomy environment A practical mindset and a bias for simplicity and security‑by‑default Nice to have Experience working at a startup or on a small security team Familiarity with SOC 2, ISO 27001, or other compliance frameworks Scripting or automation experience (e.g. Python, Bash, Terraform) The annual US base salary falls within the range of $175,000 to $250,000. This range does not encompass the full spectrum of benefits such as equity, health insurance, vacation time, and paid parental leave. This salary range covers multiple levels of engineering roles and final compensation will be determined considering various factors, including experience, skills, and qualifications. For candidates outside the US, including Canada, compensation is adjusted based on local market benchmarks. Benefits (US Only) At WorkOS, we offer resources that emphasize personal and familial well‑being. We offer healthcare coverage for you and your family, including medical, dental, and vision. We offer parental leave, paid‑time off and fully remote working arrangements. Benefits include: Competitive pay Substantial equity grants Healthcare insurance (Medical, Dental and Vision) for you and your family 401k matching Wellness and fitness monthly allowances PTO + paid holidays + unlimited sick leave Autonomy and flexibility with remote work Please inquire directly with our recruiting team for benefits available to those working outside the US. Equal Opportunity Employer WorkOS is an equal opportunity employer, committed to diversity and inclusiveness. We will consider all qualified applicants without regard to race, color, nationality, gender, gender identity or expression, sexual orientation, religion, disability or age. #J-18808-Ljbffr

A leading data collaboration platform in San Francisco seeks a Senior Security Engineer to enhance threat detection and automation strategies. The role involves implementing detection logic, automating workflows, and developing scalable cloud solutions. Candidates should have a Bachelor's degree in a relevant field and strong skills in security automation and detection engineering. This position offers competitive compensation with a base range of $131,500 to $203,000. #J-18808-Ljbffr

A leading remote-first company is seeking a Senior Security Engineer to implement and manage information security projects. The ideal candidate will have over 7 years of experience in cybersecurity, with expertise in compliance, project management, and risk mitigation. This role is pivotal to ensuring the safety of digital assets within the organization. Benefits include a flexible work environment and professional development opportunities. #J-18808-Ljbffr

A financial technology company is seeking a Security Engineer to design and implement security controls for their payment infrastructure. This role involves leading application security, enhancing compliance features, and implementing DevSecOps tooling. Candidates should have over 7 years of experience in DevOps, a strong background in application security, and familiarity with technologies like AWS and Docker. The position supports candidates in various locations including San Francisco or remote. #J-18808-Ljbffr

ZetaChain is looking for a Sr. Application Security or DevSecOps Engineer to enhance its security program. This role is crucial for safeguarding applications in the blockchain domain. You will actively shape security strategies while gaining experience across diverse crypto risks in a vibrant and innovative environment. If you possess a strong foundation in application security and are passionate about blockchain technology, you will thrive here. #J-18808-Ljbffr

Senior Security Engineer - Corporate Security Rippling gives businesses one place to run HR, IT, and Finance. It brings together all of the workforce systems that are normally scattered across a company, like payroll, expenses, benefits, and computers. For the first time ever, you can manage and automate every part of the employee lifecycle in a single system. Take onboarding, for example. With Rippling, you can hire a new employee anywhere in the world and set up their payroll, corporate card, computer, benefits, and even third-party apps like Slack and Microsoft 365-all within 90 seconds. Based in San Francisco, CA, Rippling has raised $1.4B+ from the world's top investors-including Kleiner Perkins, Founders Fund, Sequoia, Greenoaks, and Bedrock-and was named one of America's best startup employers by Forbes. We prioritize candidate safety. Please be aware that all official communication will only be sent from @ Rippling.com addresses. About the role Rippling is looking for a Senior Security Engineer to join our Corporate Security team. Our mission is to reduce organizational risk by securing the tools and platforms Rippling employees use every day-SaaS apps, internal tools, endpoints, and email. We help the business make safer decisions by building secure defaults, automating away risky behavior, and working directly with stakeholders to understand and mitigate threats. As a Senior Engineer on CorpSec, you'll drive projects that span technical execution, stakeholder engagement, and strategic planning. You'll work closely with the Detection and Response, IT products, Infrastructure, Legal, and Compliance teams to improve how we manage access, detect abuse, and remediate risk-often through automation and thoughtful process design. What You'll Do Lead end-to-end security projects that secure core enterprise systems like Google Workspace, Atlassian, Salesforce, and Slack. Design and implement scalable access controls, including least privilege policies, automated approvals, and audit workflows. Deploy and tune security tooling (e.g. email security platforms, CASB/SWG, SaaS DLP tools) to reduce risk across our corp environment. Automate security workflows that reduce manual effort, close the loop on findings, and improve team efficiency. Write one-pagers and RFCs that clarify risk, propose solutions, and drive alignment with cross-functional stakeholders. Partner with Detection & Response to improve phishing protection and support incident investigations involving corp tools or user accounts. Mentor teammates and contribute to the team's technical direction through design reviews and hands‑on collaboration. Sample Projects You Might Work On Rolling out a new email security solution and defining phishing detections in partnership with Detection & Response. Building an approval system for Chrome extensions and auto‑whitelisting trusted ones using Google's API. Automating Slack‑based remediation for publicly shared sensitive Google Docs. Restricting 3rd‑party app access in Google Workspace and driving stakeholder alignment on exceptions. Threat modeling Salesforce and improving visibility into high‑risk integrations and data access patterns. What We're Looking For 5+ years of experience in security or software engineering, ideally with exposure to SaaS, corp IT, or access management. Strong programming skills (e.g. Python, Go) and a track record of building automation that solves real problems. Experience with one or more of: identity and access management, SaaS security tooling, DLP, insider threat detection, or phishing protection. Clear, empathetic communication skills-especially when working with stakeholders outside of engineering. Ability to turn ambiguous problems into scoped projects, define success metrics, and drive them to completion. Comfortable owning projects end‑to‑end and proactively reducing blockers for others. What Success Looks Like You lead multi‑stakeholder projects that reduce security risk and are measurable, repeatable, and automated. You deliver projects that enable safe default behaviours, reduce operational toil, or improve visibility into corp risk. You can clearly communicate security trade‑offs to engineering and business teams, and drive alignment across orgs. You build systems that last-flexible, reusable, and easy for others to extend or maintain. Additional Information Rippling is an equal opportunity employer. We are committed to building a diverse and inclusive workforce and do not discriminate based on race, religion, color, national origin, ancestry, physical disability, mental disability, medical condition, genetic information, marital status, sex, gender, gender identity, gender expression, age, sexual orientation, veteran or military status, or any other legally protected characteristics. Rippling is committed to providing reasonable accommodations for candidates with disabilities who need assistance during the hiring process. To request a reasonable accommodation, please email accommodations@rippling.com. Rippling highly values having employees working in‑office to foster a collaborative work environment and company culture. For office‑based employees (employees who live within a defined radius of a Rippling office), Rippling considers working in the office, at least three days a week under current policy, to be an essential function of the employee's role. This role will receive a competitive salary + benefits + equity. The salary for US‑based employees will be aligned with one of the ranges below based on location; see which tier applies to your location here. A variety of factors are considered when determining someone's compensation-including a candidate's professional background, experience, and location. Final offer amounts may vary from the amounts listed below. The pay range for this role is: 159,000 - 278,250 USD per year (US Tier 1) 143,100 - 250,425 USD per year (US Tier 2) 135,150 - 236,513 USD per year (US Tier 3) #J-18808-Ljbffr

A leading security training provider is seeking a Senior Security Engineer for their content engineering team. This role supports security professionals, builds hands-on content, and integrates security into DevOps. Ideal candidates have over 5 years of experience in application security and are passionate about improving security practices. The position is remote-first with competitive compensation and benefits. #J-18808-Ljbffr

A leading cybersecurity firm is seeking a Senior Software Applied AI Engineer to develop cutting-edge AI solutions aimed at enhancing cybersecurity. You will build and enhance the AI security agent 'Hai', creating tools that allow organizations to develop more secure software while combating emerging threats. The role embraces flexible remote work within the Seattle area, and offers competitive compensation with substantial benefits. #J-18808-Ljbffr

We're looking for an AI Security Engineer to join our Red Team and help us push the boundaries of AI security. You'll lead cutting‑edge security assessments, develop novel testing methodologies, and work directly with enterprise clients to secure their AI systems. This role combines hands‑on red‑teaming, automation development, and client engagement. You'll thrive in this role if you want to be at the forefront of an emerging discipline, enjoy working on nascent problems, and like both breaking things and building processes that scale. Key Responsibilities This is a highly cross‑functional position. AI security is still being defined, with best practices emerging in real‑time. You'll be building the frameworks, methodologies, and tooling that scale our services while staying adaptable to rapid changes in the AI landscape. This role is ideal for someone who wants to take their traditional cybersecurity expertise and apply it to the new frontier of AI security and safety. Your focus will span several key areas: Service Delivery & Client Engagement Lead end‑to‑end delivery of AI red‑teaming security assessment engagements with enterprise customers Collaborate with clients to scope projects, define testing requirements, and establish success criteria Conduct comprehensive security assessments of AI systems, including text‑based LLM applications and multimodal agentic systems Author detailed security assessment reports with actionable findings and remediation recommendations Present findings and strategic recommendations to technical and executive stakeholders through report readouts Tooling & Methodology Development Build upon and improve our established processes and playbooks to scale AI red‑teaming service delivery Develop frameworks to ensure consistent, high‑quality service delivery Find the tedious, repetitive stuff and automate it - you don't need to be a world‑class developer, just someone who can build tools that make the team more effective Research & Innovation Develop novel red‑teaming methodologies for emerging modalities: image, video, audio, autonomous systems Stay ahead of the latest AI security threats, attack vectors, and defense mechanisms Translate cutting‑edge academic and industry research into practical testing approaches Collaborate with our research and product teams to continuously level up our methodologies Required Qualifications Technical Expertise 3+ years of experience in cybersecurity with focus on red‑teaming, penetration testing, or security assessments Experience with web application and API penetration testing preferred Deep understanding of LLM vulnerabilities including prompt injection, data poisoning, and jailbreaking techniques Practical experience with threat modeling complex systems and architectures Proficiency in developing automated tooling to enable and enhance testing capabilities, improve workflows, and deliver deeper insights Professional Skills Proven track record of leading client‑facing security assessment projects from scoping through delivery Excellent technical writing skills with experience creating executive‑level security reports Strong presentation and communication skills for diverse audiences Experience building processes, documentation, and tooling for service delivery teams AI Security Knowledge Understanding of AI/ML model architectures, training processes, and deployment patterns Familiarity with AI safety frameworks and alignment research Knowledge of emerging AI attack surfaces including multimodal systems and AI agents Preferred Qualifications Relevant security certifications (OSCP, OSWA, BSCP, etc.) Hands‑on experience performing AI red‑teaming assessments, with a strong plus for experience targeting agentic systems Demonstrated experience designing LLM jailbreaks Active participation in security research and tooling communities Background in threat modeling and risk assessment frameworks Previous speaking experience at security conferences or industry events What You'll Gain Opportunity to shape the future of AI security as an emerging discipline Work with cutting‑edge AI technologies and novel attack methodologies Lead high‑visibility projects with enterprise clients across diverse industries Collaborate with world‑class research team pushing boundaries of AI safety Platform to establish thought leadership in AI security community Competitive compensation package with equity participation ❗To remove your information from our recruitment database, please email privacy@lakera.ai. #J-18808-Ljbffr

A leading company, OpenAI, is seeking a Software Engineer, Security Observability to enhance their security infrastructure in a collaborative environment. The role focuses on designing scalable systems, improving data visibility, and requires strong software engineering skills, particularly in Python and Golang. Expansion into cloud platforms like Azure is also essential in this high-impact position. #J-18808-Ljbffr

A leading telecommunications company is looking for a Senior Lead Software Security Engineer with extensive experience in security, compliance, and software architecture. This role involves leading the security advancement of the platform engineering organization, working with stakeholders to resolve policy gaps, and ensuring a compliant solution. The position is fully remote and invites candidates from anywhere in the U.S. Ideal candidates should have over 10 years of relevant software engineering experience, including expertise in Java and security practices. #J-18808-Ljbffr

A technology solutions provider seeks a Senior Backend/Middleware Engineer to develop secure, high-performance API and middleware solutions. This remote role requires expertise in Java and Spring Boot, with responsibilities including designing RESTful APIs and implementing security protocols. Ideal candidates will have experience with OAuth 2.0, OpenID Connect, and authorization principles. Benefits include health insurance, 401(k), and paid time off. #J-18808-Ljbffr

A leading tech company based in the US is seeking a Senior Incident Response Security Consultant for Google Cloud, Mandiant. You will lead incident response engagements, investigate, and help organizations effectively respond to cyber threats. The ideal candidate possesses extensive experience in incident response and forensics. This is a remote-eligible role with a competitive salary range of $132,000-$194,000 plus benefits. #J-18808-Ljbffr

Within our Unilin Infrastructure team, we are looking for an Information Security Engineer with strong technical expertise, entrepreneurship and a passion for applying innovative technology to strengthen our Unilin Group's cybersecurity posture. You will be part of the Unilin Information Security team, part of the global Mohawk cybersecurity organization, giving you exposure to international operations and standards. You will be working with leading security platforms andwill have a wide variety of responsibilities including incident management, vulnerability management, security assessments, awareness initiatives and several security projects. As Information security engineer, you will: Enhance and maintain cybersecurity operations processes, identifying gaps, analyzing trends, and recommending improvements to strengthen detection, response, and prevention capabilities. Support incident management activities by assisting with investigations, coordinating mitigation efforts with the MDR partner, and ensuring that procedures are followed correctly to minimize business impact. Maintain strong technical expertise in key platforms used across the environment, such as Palo Alto Cortex XDR, SIEM, and Tanium. Contribute to the vulnerability management programme, including scanning, prioritization, and coordination of remediation efforts with IT and OT teams. Support cybersecurity assessments, assisting with internal vulnerability assessments, penetration testing, and cyber exercises. Contribute to cybersecurity awareness and training initiatives through the KnowBe4 platform, helping to strengthen the organization's overall security culture. Lead or support cybersecurity projects that enhance the overall security posture of the Unilin Group Who are you? Bachelor's or Master's degree in IT, Computer Science, Engineering, or equivalent practical experience. At least 5 years of experience in cybersecurity operations, system administration, or incident response. Proven expertise in network and endpoint security and threat analysis. Experience with tools such as Cortex XDR, Tanium, or Prisma is an advantage. Strong analytical skills with a solution-oriented, hands-on mindset. Independent and self-motivated, able to manage tasks and projects autonomously. Proficient in English and Dutch; knowledge of French is a plus. What can you expect? A competitive remuneration package. An extensive leave system and a flexible work schedule with the option of home working. Luncheon vouchers, hospitalisation and group insurance. Possibility of bike leasing. We invest in your development and we believe in lifelong learning. In our state-of-the-art training centre The Dive you are bound to find training courses that will help you grow. Countless possibilities to build your career. An employer with a transparent sustainability strategy (for our planet, customers and employees). In different locations we have a company restaurant with a varied menu. Benefit from attractive discounts on our products. Child care is an option during a number of school holidays. Make the most of discounts at a number of partners through our Benefits at Work platform. You will often find us at sporting events. You and your family can participate for free. In short, you'll be working for a Top Employer! Who are we? Unilin is a global reference in interior design and construction with a strong focus on sustainability and innovation. Our floors, panels, insulation materials, and technologies can be found in the homes and workplaces of millions of people and public spaces around the world. Our brands Quick-Step, Pergo, and Moduleo probably ring a bell. Worldwide, around 7,900 employees work every day to push boundaries and innovate. Want to know more about our story? Be sure to check out our website. #J-18808-Ljbffr

A leading consulting firm in Washington is seeking an experienced IDS and IPS Cyber Security Engineer to join their cybersecurity team. The role requires expertise in Linux and YAML configuration management for network intrusion systems. Responsibilities include designing and maintaining IDS/IPS across multiple networks, optimizing YAML configurations, and troubleshooting system issues in a Red Hat environment. The compensation range is competitive, offering a long-term career with strong professional development opportunities. #J-18808-Ljbffr

LendSwift is a modern, technology-driven consumer lending company on a mission to provide fast, transparent credit solutions to underserved borrowers. We deliver flexible lending products while maintaining the highest standards of compliance, security, and trust. Our sister company is GigFi, which provides merchant cash advances to gig workers and small businesses. We're seeking an experienced Chief Compliance Officer (CCO) / Chief Information Security Officer (CISO) to lead our compliance and information security programs. This executive will be a key member of the leadership team, ensuring LendSwift operates with full regulatory compliance and robust data security across all operations. The ideal candidate has deep expertise in consumer lending, a strong track record in bank partnership lending models, and proven success building and overseeing compliance and information security frameworks. Tasks Compliance: Maintain and improve a comprehensive Compliance Management System (CMS) that aligns with applicable federal and state consumer lending laws and regulations (e.g., TILA, ECOA, FCRA, GLBA, UDAAP). Manage and maintain strong working relationships with our bank partners, ensuring ongoing compliance with bank oversight requirements and participation in exams and audits. Oversee licensing, regulatory reporting, and interactions with federal and state regulators. Advise senior leadership on compliance risks, trends, and mitigation strategies. Lead compliance training, monitoring, and issue management programs. Information Security: Own the design and execution of our enterprise information security program to protect customer and company data. Ensure compliance with GLBA, SOC2, PCI DSS, and other applicable data security frameworks. Develop and enforce policies, procedures, and controls for data privacy, cybersecurity, and incident response. Oversee vendor due diligence and third-party risk management as it relates to information security. Report regularly to executive leadership and the Board on the state of information security. Requirements 8+ years of progressive leadership experience in compliance and/or information security in the consumer lending industry. Extensive knowledge of the bank partnership lending model and managing bank sponsor relationships. Hands-on experience with multi-state lending operations and regulatory requirements. Proven ability to lead, build, and scale compliance and security programs in a high-growth environment. Strong communication skills; comfortable engaging with regulators, bank partners, auditors, and legal counsel. Bachelor's degree required; JD, CIPP, CISSP, or other relevant certifications a plus. Benefits Highly flexible remote work environment. Unlimited PTO. Lean, AI-forward leadership team. The chance to shape compliance and security strategy for a growing fintech innovator. Competitive compensation and comprehensive benefits. #J-18808-Ljbffr

Government IT Division REMOTE MKS2 Technologies, LLC, an award-winning high growth small business, creates innovative and customer‑centric technology solutions in the areas of Cyber Security, Instructional Design and Training, Software Engineering and IT Support Services to improve the security and well‑being of our clients. Our commitment to excellence and our “Mission First” orientation has resulted in steady growth and an expanding client base across government agencies. We have employees nationwide and for the past three consecutive years were named one of the fastest growing Veteran‑owned companies in the nation. Please take a moment to browse through our website and learn more about what it means to serve with MKS2. Senior Information System Security Engineer / Solutions Architect Location: Remote - must be within US and able to obtain Public Trust Clearance - US Citizen Pay: $100,000 - $120,000 annually (based on qualifications). Full Government benefits (W‑2) Job type: Contract We are seeking a hands‑on Senior Information System Security Engineer / Solutions Architect who will also serve as the Information System Security Engineer (ISSE) for key cybersecurity systems supporting the Department of Veterans Affairs (VA). This role is ideal for someone with deep technical engineering skills, cloud and DevSecOps experience. This individual will also lead teams to develop and implement technical solutions to remediate vulnerabilities and other complex cybersecurity challenges. Candidates will have a solutions‑oriented mindset to help the VA problem‑solve complex cybersecurity and IT challenges. The candidates should also be well‑versed with facilitating working sessions and have the ability to distill complex concepts into non‑technical/common language. The role will focus on analyzing and recommending system security architectures, vulnerability mitigation, policy‑driven compliance implementation, and full‑lifecycle support for the Department of Veteran's Affairs systems. Key Responsibilities Cybersecurity Engineering & Architecture (Primary) Analyze complex technical findings and determine necessary resources needed to solve problem‑sets across multiple cybersecurity and technical domains Partner with technical teams to develop and implement technical solutions Design, build, and deploy secure cloud‑native architectures and infrastructure components for VA information systems Develop and maintain CI/CD pipelines with integrated security scanning, policy enforcement, and remediation tools Implement secure infrastructure as code/policy as code using tools such as Terraform/CloudFormation, including writing and implementing PaC scripts Align security architectures with Federal Zero Trust strategy, VA directives, and OMB policies Enable automation of system telemetry and analytics pipelines for cyber situational awareness ISSEResponsibilities Provide engineering and technical analysis on behalf of Agency Authorizing Officials (AOs) for System Security Plans (SSPs), Risk Assessments, Security Controls Traceability Matrices (SCTMs), and POA&Ms Support system authorization and compliance activities including continuous monitoring and system audits Conduct regular and ad‑hoc analysis of security control findings and develop and implement remediation strategies Minimum Qualifications Bachelor's degree in computer science, engineering, or technical equivalent with 10 years of technical experience or a total of 18 years in lieu of education 8+ years of security engineering, DevSecOps, or cloud architecture experience Expertise in securing platforms hosted in AWS GovCloud and Azure Government Strong experience with NIST RMF, FISMA, FedRAMP, and Zero Trust architecture implementation Hands‑on skills in IaC tools like Terraform and CI/CD tools such as GitLab/Jenkins, with ability to adopt new technologies if procured by the agency Experience with network isolation tools such as Palo Alto Next Generation Firewalls (NGFW) and Juniper Mist Network Access Control (NAC) solutions or comparable Demonstrated experience securing modern applications, APIs, and automated infrastructure Excellent written and oral communication skills; ability to explain complex, technical information in easily understood terms; ability to brief Senior VA leadership regularly U.S. Citizenship and ability to obtain Public Trust clearance Preferred Qualifications Prior VA experience supporting VA OIS or major cybersecurity initiatives Experience authoring and maintaining ATO documentation in VA or HHS environments Experience with IoT/IoMT security solutions is a plus Knowledge of federal cybersecurity standards Equal Employment Opportunity Diversity creates a healthier atmosphere: MKS2 Technologies is proud to be an Equal Employment Opportunity / Affinitive Action employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, protected veteran status, disability status, sexual orientation, gender identity or expression, marital status, genetic information, or any other characteristic protected by law. As set forth in MKS2 Technologies's Equal Employment Opportunity policy, we do not discriminate on the basis of any protected group status under any applicable law. Voluntary Self‑Identification For government reporting purposes, we ask candidates to respond to the below self‑identification survey. Completion of the form is entirely voluntary. Whatever your decision, it will not be considered in the hiring process or thereafter. Any information that you do provide will be recorded and maintained in a confidential file. #J-18808-Ljbffr

Why PlayStation? PlayStation isn't just the Best Place to Play - it's also the Best Place to Work. Today, we're recognized as a global leader in entertainment producing The PlayStation family of products and services including PlayStation 5, PlayStation 4, PlayStation VR, PlayStation Plus, acclaimed PlayStation software titles from PlayStation Studios, and more. PlayStation also strives to create an inclusive environment that empowers employees and embraces diversity. We welcome and encourage everyone who has a passion and curiosity for innovation, technology, and play to explore our open positions and join our growing global team. The PlayStation brand falls under Sony Interactive Entertainment, a wholly-owned subsidiary of Sony Group Corporation. Sony Interactive Entertainment LLC seeks a Staff Information Security Analyst in San Mateo, CA to define strategic GRC (Governance, Risk and Compliance) input in global initiatives, including Artificial Intelligence (AI) and Machine Learning (ML) adoption, cloud security, and enterprise wide policies, ensuring resilience while balancing business and regulatory needs. Requires a Master's degree in Cybersecurity, Information Security, or related field or equivalent, and four (4) years of experience conducting risk assessments on critical information systems to maintain and manage risk registers; facilitating the Security Risk Assessment methodology, policy, strategy and process; writing security assessment reports following security breaches and detailing the associated impact; monitoring and reviewing IT Security controls to identify operational effectiveness; mapping security controls to policies, standards, procedures and processes to ensure compliance with security measures; managing security remediation efforts and tracking status of security deficiencies; translating security risk mitigation plans into actionable items to mitigate risk in coordination with technical and business teams; developing and implementing policy frameworks for emerging technologies, including AI/ML and cloud security, with governance and legal stakeholders; applying industry standards including NIST, ISO 27001, and PCI DSS in support of organizational security objectives; supporting the evaluation of third-party vendor security through documentation review and risk assessment; contributing to the enhancement of vendor onboarding and compliance workflows; and, in executing duties, utilizing Archer GRC, ServiceNow, Splunk, JIRA, Confluence, SharePoint, Palo Alto Prisma Cloud and AWS. Telecommuting and/or working from home may be permissible pursuant to company policies. Sony is an EOE. Salary range: $185,639.00 - $261,000.00/year Equal Opportunity Statement: Sony is an Equal Opportunity Employer. All persons will receive consideration for employment without regard to gender (including gender identity, gender expression and gender reassignment), race (including colour, nationality, ethnic or national origin), religion or belief, marital or civil partnership status, disability, age, sexual orientation, pregnancy, maternity or parental status, trade union membership or membership in any other legally protected category. We strive to create an inclusive environment, empower employees and embrace diversity. We encourage everyone to respond. PlayStation is a Fair Chance employer and qualified applicants with arrest and conviction records will be considered for employment.