Defense Analyst remote jobs

Crown Equipment Corporation is a leading innovator in world-class forklift and material handling equipment and technology. As one of the world's largest lift truck manufacturers, we are committed to providing the customer with the safest, most efficient and ergonomic lift truck possible to lower their total cost of ownership. Remote Work: Crown offers hybrid remote work for this position. A reasonable commute is necessary as some onsite work is required. Relocation assistance is available. Primary Responsibilities Define security architecture standards and blueprints for web, mobile, cloud, and Application Programming Interface (API)-based applications. Review design documents and perform architecture risk assessments for new and existing applications. Collaborate with DevOps, Engineering, and Infrastructure teams to ensure architectures align with secure design principles. Integrate automated security testing/scanning tools (Static Application Security Testing (SAST), Software Composition Analysis (SCA)) into Continuous Integration (CI) or Continuous Delivery (CD) pipelines. Define and enforce secure coding standards and practices across development teams. Provide training and guidance to developers on secure development principles and vulnerability prevention. Conduct threat modeling and attack surface reviews for high-risk or critical applications. Identify potential security flaws and recommend mitigations early in development process. Track and communicate technical risk to product managers, developers, and leadership teams. Develop and maintain application security policies, baselines, and architecture frameworks. Ensure application security practices align with regulations including General Data Protection Regulation (GDPR) and Payment Card Industry Data Security Standard (PCI-DSS). Support audit and compliance initiatives by providing documentation and evidence of secure development practices. Minimum Qualifications Bachelor's degree in Information Technology, Cyber Security, Computer Science, or related field is required, along with 2-4 years related experience. Non-degree considered if 12+ years of related experience along with a high school diploma or GED Preferred Qualifications 5+ years in cybersecurity with at least 3 years in application security or secure software development experience. Secure Software Development Life Cycle (SDLC) in development. Deep knowledge of Open Web Application Security Project (OWASP) Top 10, National Institute of Standards and Technology (NIST), and secure coding frameworks. Experience with Securing Secrets and Service Accounts desired. Experience with Web Application Firewall (WAF) implementation/support preferred. Familiarity with Identity and Access Management and cloud security practices (AWS, Azure). Certified Information Systems Security Professional (CISSP), or similar certification (Certified Secure Software Lifecycle Professional, Certified Ethical Hacker (CEH) certified). Familiarity with container security (Docker, Kubernetes). Understanding of authentication protocols (Open Authorization (OAuth) and Security Assertion Markup Language (SAML)). Experience with DevSecOps tools and container security tools desired. Work Authorization: Crown will only employ those who are legally authorized to work in the United States. This is not a position for which sponsorship will be provided. Individuals with temporary visas or who need sponsorship for work authorization now or in the future, are not eligible for hire. No agency calls please. Compensation and Benefits: Crown offers an excellent wage and benefits package for full-time employees including Health/Dental/Vision/Prescription Drug Plan, Flexible Benefits Plan, 401K Retirement Savings Plan, Life and Disability Benefits, Paid Parental Leave, Paid Holidays, Paid Vacation, Tuition Reimbursement, and much more. EOE Veterans/Disabilities

About the Role We at Abnormal AI are looking for a hands-on Security Operations/ Cyber Defense Analyst who thrives in a fast-paced, engineering-driven environment. You'll be responsible for monitoring, investigating, and responding to security alerts across cloud, endpoint, identity, and application layers. You'll work closely with detection engineers, cloud security, and IT teams to protect our hybrid environment from threats in real time. This is not a “click-through-the-console” SOC role - we're looking for someone who can think critically, automate relentlessly, and own incidents end-to-end. Key Responsibilities Detection & Triage: Monitor alerts from tools like SIEM, EDR, IAM, CSPM, CDR etc. Perform initial triage, enrichment, and correlation across multiple data sources. Identify false positives and fine-tune rules with detection engineering. Incident Response: Lead containment, eradication, and recovery for endpoint, cloud, and identity incidents. Document and communicate incidents through SOAR/Jira/ServiceNow workflows. Perform root cause analysis and propose permanent preventive controls. Threat Hunting & Analysis: Proactively hunt using hypotheses mapped to MITRE ATT&CK. Investigate anomalies across CloudTrail, Okta, GitHub, and other telemetry sources. Collaborate with threat intelligence to identify emerging TTPs. Automation & Process Improvement: Build or enhance playbooks in SOAR (Torq or equivalent). Create custom enrichment scripts and automations (Python, Bash, etc.). Suggest new detection logic and operational improvements. Reporting & Metrics: Track and report operational metrics (MTTD, MTTR, incident categories). Maintain documentation and lessons learned. Required Skills & Qualifications 5-7 years of hands-on SOC or Incident Response experience in a cloud-first or hybrid environment. Strong understanding of attacker lifecycle, MITRE ATT&CK, and threat actor TTPs. Experience with EDR (CrowdStrike preferred), SIEM (Splunk preferred), and SOAR (Torq, XSOAR, or Phantom). Familiarity with AWS, Okta, and SaaS platforms. Proficiency in writing queries and automations using Python, SPL, or equivalent. Excellent analytical and investigative skills - capable of operating independently with minimal hand-holding. Strong documentation and communication skills for technical and executive audiences. Nice to Have Experience with CSPM/CDR/VM tools. Knowledge of Containers and Kubernetes security. Relevant certifications like CEH, Security+, GCIH, GCIA, or AWS Security Specialty. What Success Looks Like You consistently deliver high-quality triage with minimal false positives. You automate repetitive tasks instead of manually doing them twice. You can take a vague alert and turn it into a well-documented case with actionable findings. #LI-EM5 You make measurable improvements to detection coverage, response time, or tooling maturity. At Abnormal AI, certain roles are eligible for a bonus, restricted stock units (RSUs), and benefits. Individual compensation packages are based on factors unique to each candidate, including their skills, experience, qualifications and other job-related reasons. Base salary range:$144,500-$170,000 USD Abnormal AI is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, protected veteran status or other characteristics protected by law. For our EEO policy statement please click here . If you would like more information on your EEO rights under the law, please click here .

GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions and minimize risk. By taking a three-tiered, holistic approach for evaluating security posture and ecosystems, GuidePoint enables some of the nation's top organizations, such as Fortune 500 companies and U.S. government agencies, to identify threats, optimize resources and integrate best-fit solutions that mitigate risk. The Senior Cyber Defense Forensic Analyst would be a member of the Cyber Threat Intelligence and Investigations team. The analyst will perform, digital forensic examinations in support of investigations by the Cyber Security Operations Center Incident Response Team, Corporate Human Resources Department, Corporate Legal Department, Corporate Physical Security, Other entities as determined by the CIO. Primary Duties and Accountabilities Perform digital forensic examinations/investigations Communicate in an easy-to-understand manner to a non-technical audience, the examination/investigation findings to appropriate individuals/business units Create and document findings in a professional manner and use incident management system to track work progress. Assist as needed with corporate security, HR, and Ethics with interviewing users by providing technical expertise. Create/Revise/Maintain procedural documentation Write variety of written products based on analysis of data Researches and maintains proficiency in tools, techniques, countermeasures, and trends in computer network vulnerabilities, data hiding and network security and encryption Assists in identifying, investigating, and analyzing computer network intrusions, Acceptable Use Violations Capable of deep-dive analysis of malicious software packages across a variety of target systems Cross-collaboration across various Cyber Defense teams Minimum Qualifications Bachelor's degree in digital Forensics or a related 4-year technical degree OR 10+ years of work experience in this field Minimum 5 years' experience conducting digital forensic examinations and in one or more of: computer evidence seizure, data recovery; intrusion analysis and incident response; network protocols, network devices, multiple operating systems, secure architectures, malware analysis. Familiarity with forensic artifacts from various operating systems Understanding of corporate network infrastructure Knowledge of Forensic Tools: EnCase, Magnet Axiom, Cellebrite, Microsoft eDiscovery Certifications desired: Guidance Software EnCE, IACIS, CFCE, GIAC GCFA, GIAC GCFE, or GIAC GREM Cybercrime investigative experience and an understanding of the investigation life cycle We use Greenhouse Software as our applicant tracking system and Zoom Scheduler for HR screen request scheduling. At times, your email may block our communication with you. Please be sure to check your SPAM folder so that you don't miss updates on your application. Why GuidePoint? GuidePoint Security is a rapidly growing, profitable, privately-held value added reseller that focuses exclusively on Information Security. Since its inception in 2011, GuidePoint has grown to over 1000 employees, established strategic partnerships with leading security vendors, and serves as a trusted advisor to more than 4,200 customers. Firmly-defined core values drive all aspects of the business, which have been paramount to the company's success and establishment of an enjoyable workplace atmosphere. At GuidePoint, your colleagues are knowledgeable, skilled, and experienced and will seek to collaborate and provide mentorship and guidance at every opportunity. This is a unique and rare opportunity to grow your career along with one of the fastest growing companies in the nation. Some added perks…. Remote workforce primarily (U.S. based only, some travel may be required for certain positions, working on-site may be required for Federal positions) Group Medical Insurance options: Zero Deductible PPO Plan (GuidePoint pays 90% of the premium for employees and 70% for family plans (spouse/children/family) or High Deductible Health Plan with HSA (GuidePoint pays 100% of the employees premiums and 75% for family plans (spouse/children/family) and GPS will contribute in one lump sum: ($500 per EE annually / $1000 per family annually (includes spouse/children/family options) Group Dental Insurance: GuidePoint pays 100% of the premium for employees and 75% of family plans 12 corporate holidays and a Flexible Time Off (FTO) program Healthy mobile phone and home internet allowance Eligibility for retirement plan after 2 months at open enrollment Pet Benefit Option

may be eligible for up to a $25K sign on bonus for external hires! What We're Doing: Lockheed Martin, Cyber & Intelligence invites you to step up to one of today's most daunting challenges: the use of advanced electronics to undermine our way of life. You'll develop innovative offensive cyber capabilities that help protect the nation and the world. Cyber | Lockheed Martin Who we are: Ready to make a real impact in the world of cybersecurity? Join Lockheed Martin Cyber & Intelligence's Offensive Cyber community and be at the forefront of securing some of the most advanced systems and networks out there. Our team doesn't just do penetration testing - we create the techniques, tools, and exploits used in world-class offensive cyber operations and defense. The Work: A CNO (Computer Network Operations) offensive cyber professional can be described as a "cyber warrior," harnessing their expertise in computer systems and networks to disrupt and disable adversary capabilities. Alternatively, they can be referred to as a "digital operator," skillfully navigating the virtual battlefield to achieve strategic objectives. They can also be characterized as "cyber operatives," leveraging their knowledge of cybersecurity and computer networks to conduct operations and gather critical intelligence. We are hiring for a variety of roles including vulnerability analysts, exploit developers, hardware/software reverse engineers, offensive cyber tool developers, embedded developers, and cyber researchers. We want your expertise in traditional computing (Windows/Linux/MacOS), mobile technology (Android/iOS), wireless technology, IoT, ICS/SCADA, enterprise technologies, and special-purpose embedded and real-time systems. Come join a company with incredible breadth and depth in the nature of programs and technologies we support that will never leave you bored or looking for your next assignment. Why Join Us: Your Health, Your Wealth, Your Life Our flexible schedules, competitive pay and comprehensive benefits enable you to live a healthy, fulfilling life at and outside of work. Learn more about Lockheed Martin's competitive and comprehensive benefits package. We support our employees, so they can support our mission. This position is participating in our External Referral Program. If you know somebody who may be a fit, click here to submit a referral. If your referral is hired, you'll receive a $3000 payment! code-extrefer #RMSCYTJ #RMSC6ISR #OneLMHotJobs #RMSTG2025 #RMSTG2026 Basic Qualifications • Candidate must possess active US security clearance with a polygraph • 8+ years overall experience • Bachelor of Science in Math, Science, Engineering, Statistics, Engineering Management, or related discipline. May substitute an additional four years' experience in lieu of a Bachelor's Degree. Masters degree may substitute for additional 2 years of experience • Experience programming in Assembly, C, C++ or Python • Experience with Offensive Cyber Tools and Techniques Desired skills • 6+ years desired of USG Offensive Cyber experience. • Experience using network sockets programming including developing packet-level programs, expert packet-level understanding of IP, TCP, and application-level protocols Lockheed Martin is an equal opportunity employer. Qualified candidates will be considered without regard to legally protected characteristics. The application window will close in 90 days; applicants are encouraged to apply within 5 - 30 days of the requisition posting date in order to receive optimal consideration. * At Lockheed Martin, we use our passion for purposeful innovation to help keep people safe and solve the world's most complex challenges. Our people are some of the greatest minds in the industry and truly make Lockheed Martin a great place to work. With our employees as our priority, we provide diverse career opportunities designed to propel, develop, and boost agility. Our flexible schedules, competitive pay, and comprehensive benefits enable our employees to live a healthy, fulfilling life at and outside of work. We place an emphasis on empowering our employees by fostering an inclusive environment built upon integrity and corporate responsibility. If this sounds like a culture you connect with, you're invited to apply for this role. Or, if you are unsure whether your experience aligns with the requirements of this position, we encourage you to search on Lockheed Martin Jobs, and apply for roles that align with your qualifications. Other Important Information By applying to this job, you are expressing interest in this position and could be considered for other career opportunities where similar skills and requirements have been identified as a match. Should this match be identified you may be contacted for this and future openings. Ability to work remotely Onsite Full-time: The work associated with this position will be performed onsite at a designated Lockheed Martin facility. Work Schedule Information Lockheed Martin supports a variety of alternate work schedules that provide additional flexibility to our employees. Schedules range from standard 40 hours over a five day work week while others may be condensed. These condensed schedules provide employees with additional time away from the office and are in addition to our Paid Time off benefits. Security Clearance Information This position requires a government security clearance, you must be a US Citizen for consideration. Pay Rate: The annual base salary range for this position in California, Massachusetts, and New York (excluding most major metropolitan areas), Colorado, Hawaii, Illinois, Maryland, Minnesota, New Jersey, Vermont, Washington or Washington DC is $113,900 - $200,905. For states not referenced above, the salary range for this position will reflect the candidate's final work location. Please note that the salary information is a general guideline only. Lockheed Martin considers factors such as (but not limited to) scope and responsibilities of the position, candidate's work experience, education/ training, key skills as well as market and business considerations when extending an offer. Benefits offered: Medical, Dental, Vision, Life Insurance, Short-Term Disability, Long-Term Disability, 401(k) match, Flexible Spending Accounts, EAP, Education Assistance, Parental Leave, Paid time off, and Holidays. (Washington state applicants only) Non-represented full-time employees: accrue at least 10 hours per month of Paid Time Off (PTO) to be used for incidental absences and other reasons; receive at least 90 hours for holidays. Represented full time employees accrue 6.67 hours of Vacation per month; accrue up to 52 hours of sick leave annually; receive at least 96 hours for holidays. PTO, Vacation, sick leave, and holiday hours are prorated based on start date during the calendar year. This position is incentive plan eligible. Pay Rate: The annual base salary range for this position in most major metropolitan areas in California, Massachusetts, and New York is $131,000 - $227,125. For states not referenced above, the salary range for this position will reflect the candidate's final work location. Please note that the salary information is a general guideline only. Lockheed Martin considers factors such as (but not limited to) scope and responsibilities of the position, candidate's work experience, education/ training, key skills as well as market and business considerations when extending an offer. Benefits offered: Medical, Dental, Vision, Life Insurance, Short-Term Disability, Long-Term Disability, 401(k) match, Flexible Spending Accounts, EAP, Education Assistance, Parental Leave, Paid time off, and Holidays. This position is incentive plan eligible.

Join our experienced roster of consultants that support Hedge Funds and Family Offices. Arootah is a personal and professional development leader in the Investment and Financial Services industry. Our mission is to provide top business advisory services to our hedge fund client base. We focus our Business Consulting on the multi-faceted needs of Hedge Funds and Family Offices. Arootah was founded by Rich Bello, the Co-Founder and COO of the industry-leading $10 billion hedge fund, Blue Ridge Capital. Rich brings more than 30 years of experience, including leadership positions at Morgan Stanley, Tiger Management, and Ernst & Young. Visit us at **************************************** for more information. WHO WE NEED: Arootah is searching for experienced Cybersecurity Analysts to consult to our highly prestigious client base. As a consultant, you will work with our Hedge Fund and Family Office clients to provide expert advice. Having previously served in this role, you have specific, hands-on experience implementing, maintaining, and operating a cybersecurity program for a leading Hedge Fund or Family Office. What You'll Do Best practice reviews. Developing realistic and effective action plans. Breaking apart goals into actionable steps. Advising on vendor selection and oversight. Creating and implementing policies, procedures, and control measures. Evaluating each client's advancement toward goal actualization through key performance indicators (KPIs) and scoring matrices. Special projects or other areas of need. Implement and assist with the day-to-day operations of securing the firm's various information systems by providing technical expertise in all areas of network, system, and application security. Protect sensitive information by installing and configuring security software like firewalls and encryption programs. Monitor network traffic and analyze records like authentication logs to identify and investigate anomalies to prevent and detect security incidents. Lead the firm's vulnerability management program, conduct the annual cybersecurity assessments and penetration tests, and research and report on emerging threats, to help the firm take pre-emptive risk mitigation steps. Implement organization-wide security best practices to protect the business against existing, new, and emerging security threats. Test and analyze the organization's business continuity and disaster recovery plan to ensure operations will continue in the event of a cyberattack or natural disaster. Assesses new security technologies to determine potential value for the firm. Execute and carry out firm incident response program to identify and prevent all potential breaches (internal or external), or misuse of data, that may occur. Review, investigate, and respond to real-time alerts within the environment. Generate real-time and historical reports for internal and external stakeholders regarding security and/or compliance violations. Qualifications A Bachelor's degree in Computer Science, Computer Engineering, Information Systems, Information Sciences, or a related field, with a strong academic record. One or more of the following certifications: CEH, CISM, CompTIA Security+, CISSP, GSEC, GCIH, GNFA, GREM or other related SANS certifications. 5+ years of specific experience as a Cybersecurity Analyst at a hedge fund or family office. Working experience with one or more of the following technology vendors and products: Splunk Cloud, Rapid7 Nexpose Vulnerability Scanner, Sophos Antivirus, Varonis DatAlert, ForeScout CounterACT, or similar. Thorough understanding of Microsoft's enterprise technology platform, including Azure, Active Directory, SQL, Office365, and the Windows server and desktop operating systems. In-depth knowledge of security event management, network security monitoring, investigating common types of attacks, network packet analysis, log collection and analysis, and reviewing security events. Demonstrated experience implementing and/or enforcing security and compliance frameworks such as NIST, Cobit, and ISO. Strong writing and presentation skills are requiredin order to communicate findings and recommendations, as well as the ability to articulate security-related concepts to a broad range of technical and non-technical staff. Job Status Contractor Hours are based on the needs of the assigned client (0-40 hours per week). Join a well-funded disruptor in finance and technology. Enjoy the flexibility of remote work and choosing your assignments. Be part of a dynamic, high-energy company in its expansion stage. Now is the time to join! For more information, visit us at Arootah.com.

About Us Endor Labs is building the Application Security platform for the software development revolution. Modern software is complex and dependency-rich, making it increasingly difficult to pinpoint the risks that truly matter. Endor Labs solves this challenge by building a call graph of your entire software estate-enabling teams to clearly identify, prioritize, and fix critical risks faster. Trusted by companies that are one or one hundred years old, Endor Labs secures code whether it was written by humans or AI, and whether it's 40-year old C++ code or cutting edge Bazel Monorepos. Endor Labs was founded by serial entrepreneurs Varun Badhwar and Dimitri Stiliadis, and is backed by leading VC firms such as Dell Technology Capital, Lightspeed, and Sierra Ventures. About the Role We are looking for a Senior Security Researcher to lead our offensive security research efforts in the domain of software supply chain security. This is a unique opportunity to work at the forefront of secure SDLC and software supply chain security, identifying zero-day vulnerabilities in software artifacts and CI/CD systems, analyzing attack trends, and influencing the next generation of security capabilities in our products. This role requires deep technical expertise in vulnerability research, application security, reverse engineering, and offensive security techniques. The ideal candidate will also play a key role in publishing groundbreaking research through blogs, white papers, and speaking engagements at top security conferences. How You'll Make an Impact Conduct offensive security research on software supply chain threats, identifying and analyzing zero-day vulnerabilities. Develop and refine exploit techniques to understand modern attack vectors targeting software supply chain through malicious code, 3rd party libraries, and CI/CD systems. Work closely with Product Management to translate research findings into innovative security capabilities within Endor Labs' products. Publish research findings through technical blogs, white papers, and industry-leading security conferences. Collaborate with security engineers and developers to prototype and implement detection and mitigation strategies for emerging threats. Contribute to the security community by developing open-source tools, methodologies, or frameworks that enhance software supply chain security. Stay ahead of the latest threats, attacker methodologies, and evolving security trends to continuously refine our research efforts. What You Bring to the Table 5+ years of experience in security research, vulnerability discovery, and offensive security. Deep expertise in reverse engineering, exploit development, and software vulnerability analysis. Strong understanding of software supply chain security, including package management systems, CI/CD pipelines, and dependency analysis. Experience discovering and responsibly disclosing zero-day vulnerabilities. Proven track record of publishing high-quality research or presenting at top security conferences (e.g., Black Hat, DEF CON, RSAC, BSides). Proficiency in programming languages such as Python, Rust, or Go. Strong analytical skills and the ability to conduct complex security research autonomously. Excellent communication skills, both written and verbal, to convey technical concepts to diverse audiences. Why Endor Labs We're building at the intersection of developer productivity and security - one of the fastest-growing spaces in software. Our dev-loved platform has real ROI, strong momentum, and customers who care about doing things right. You get to work with a world-class team dedicated to pushing the boundaries of security research and directly influence the security of modern software supply chains. At Endor Labs, we think big, start small, and learn fast. We take ownership, move with purpose, and always start with the customer's success. We debate with data, make the complex simple, and challenge each other with kindness and candor. We celebrate wins, learn from misses, and have fun along the way - because when our customers win, we all win. Endor Labs is an Equal Opportunity Employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. Even if you don't fit every requirement above, we believe in the power of diverse perspectives and experiences, so we encourage all talented individuals to apply-there's no one-size-fits-all here.

BeyondTrust is a place where you can bring your purpose to life through the work that you do, creating a safer world through our cybersecurity SaaS portfolio. Our culture of flexibility, trust, and continual learning means you will be recognized for your growth, and for the impact you make on our success. You will be surrounded by people who challenge, support, and inspire you to be the best version of yourself. The Role As a Staff Research Engineer, you'll drive the evolution of our identity security platform by combining cutting-edge security research with robust engineering practices. You'll work at the intersection of security domain expertise and software development, translating novel research findings into production-ready systems that protect our customers from sophisticated identity-based threats. This role offers the opportunity to shape the future of identity security through innovative research, scalable engineering solutions, and thought leadership in the security community. Please check out our page on X - *************************** - for an overview of our recent projects. This will help you determine if we're a good fit for you. What You'll Do Research & Innovation Conduct original security research to identify emerging identity attack vectors and develop novel detection methodologies Design and implement advanced analytics including rule-based systems, behavioral analysis, and machine learning models for threat detection Expand and optimize our large-scale entitlement graph systems that map privilege escalation paths across customer environments Develop proactive recommendation engines that identify security misconfigurations before they become attack vectors Engineering & Implementation Build production-grade security systems with emphasis on scalability, reliability, and performance optimization Implement and maintain detection pipelines using PySpark, Spark SQL, and distributed computing frameworks Design custom data representations (graphs, time-series, etc.) to support advanced analytical capabilities Establish engineering best practices including comprehensive unit testing, automation, and CI/CD pipelines Data Analysis & Optimization Explore large-scale customer datasets using Spark and Databricks to validate detection hypotheses and uncover new threat patterns Continuously monitor and tune detection algorithms based on real-world telemetry and performance metrics Collaborate with data science teams to integrate machine learning models into production detection systems Optimize system performance to handle massive data volumes efficiently Leadership & Knowledge Sharing Provide technical leadership and mentorship to product and engineering teams Present research findings at industry conferences and security forums Publish technical blogs and research papers to establish thought leadership Collaborate with cross-functional teams to translate research insights into product roadmap priorities What You'll Bring Required Qualifications Strong engineering background with proven experience developing and maintaining production security systems Strong Python programming skills with experience in large-scale data processing Proficiency in SQL and database optimization techniques Experience working with SIEM tools, log analysis platforms, or similar security data systems Knowledge of adversarial tactics, techniques, and procedures (TTPs) and corresponding defensive strategies Experience in engineering event detection and response systems with focus on tuning and optimization Preferred Qualifications Big data processing experience with Apache Spark, Databricks, or similar distributed computing platforms Background in security research with published findings or conference presentations Knowledge of cloud security, containerization, and modern infrastructure technologies Experience with graph databases and network analysis techniques Familiarity with machine learning applications in cybersecurity Track record of speaking at technical conferences or contributing to security research publications Technologies You Should Know Required Python SQL and database technologies Distributed data processing frameworks Preferred Apache Spark / PySpark Databricks platform Graph databases and analysis tools Cloud platforms (AWS, Azure, GCP) Containerization technologies (Docker, Kubernetes) Machine learning frameworks and libraries What Makes This Role Unique This position offers a rare opportunity to work at the cutting edge of identity security research while building systems that protect organizations worldwide. You'll have the freedom to pursue novel research directions, the resources to implement your ideas at scale, and the platform to share your expertise with the broader security community. We're looking for someone who thrives on solving hard problems, values engineering excellence, and wants to make a meaningful impact on the future of cybersecurity. Better Together Diversity. Inclusion. They're more than just words for us. They are the guiding values of how we build our teams, cultivate leaders, and create a culture where people feel connected. We take care of our employees so they can take care of our customers. Customers who come from all walks of life just like us. We hire incredible people from diverse backgrounds because when we are different together, we are stronger together. About Us BeyondTrust is the global identity security leader protecting Paths to Privilege™. Our identity-centric approach goes beyond securing privileges and access, empowering organizations with the most effective solution to manage the entire identity attack surface and neutralize threats, whether from external attacks or insiders. BeyondTrust is leading the charge in transforming identity security to prevent breaches and limit the blast radius of attacks, while creating a superior customer experience and operational efficiencies. We are trusted by 20,000 customers, including 75 of the Fortune 100, and our global ecosystem of partners. Learn more at ******************** #LI-BS1

Prelude Security is building the category leader in Runtime Memory Protection - an endpoint product that detects and blocks in-memory execution, memory zero-day exploitation, and ransomware execution entirely from user mode. We are a small team of security researchers and software developers working to reinvent the way we protect endpoints in a world where threats are complex, emergent, and accelerating. Backed by Sequoia Capital, Insight Partners, and other leading investors, we are building an advanced security solution to detect in-memory attacks on endpoints, which is written in Rust and runs exclusively in user mode. It leverages advances in modern edge computing architecture, hardware-level telemetry, and a graph-based understanding of the Windows operating system to catch adversaries the moment that they compromise an endpoint. Rather than endlessly attempting to predict what an adversary might do, trapping adversaries at this universal and unavoidable chokepoint that lies at the center of their operations allows us to focus all of our efforts on what they must do, regardless of their sophistication or how much creativity (or AI) they apply to their tactics. Our goal is simple: to detect out-of-context execution in a way that remains entirely outside the adversary's control. Out-of-context execution occurs when an attacker coerces an application to run code paths that were not intended by the original application. This includes in-memory execution techniques such as local and remote injection, exploitation that results in the execution of dynamic code, and fileless malware Role Prelude is seeking a Principal Security Researcher to conduct in-depth technical analysis of modern and adaptive adversary tactics, Windows internals, and operating system telemetry sources, enabling the development of relevant tests and effective detections within Prelude's endpoint protection platform. As a subject matter expert, you will specialize in one or more areas crucial to Prelude's research, such as operating system internals, reverse engineering, malware development, offensive security, program analysis, performance profiling or detection engineering. Success in this role hinges on delivering high-quality research, driving innovation, adapting swiftly, and fostering collaboration across teams and business units. Given the confidential nature of our work, we require an NDA to be signed after an introductory call if there is mutual interest in moving forward. Responsibilities Conduct in-depth research on operating system internals to pinpoint sources of defensive telemetry crucial for detecting adversary tactics, specifically targeting code execution Analyze modern adversary tradecraft, deciphering technique relevance, inner workings, and detectability Translate and implement research findings into actionable improvements for Prelude's endpoint protection platform Produce high-quality, public-facing security research content, including blog posts and conference talks Stay abreast of cutting-edge offensive and defensive security techniques through continuous self-study and research Serve as the subject matter expert in adversary tradecraft and security operations, supporting other business units on their projects as needed Support other Researchers on the team with their research and actively engage in team-driven initiatives Skills and Experience Deep knowledge of Windows operating system internals and static/dynamic reverse engineering Our most commonly used tools: IDA Pro, Binary Ninja, Ghidra, and WinDbg 5+ years of experience in one or more of the following areas: Offensive security, specifically red team operations or purple teaming Detection engineering, specifically, writing robust, production-scale queries in any major EDR Systems programming, ideally using Rust or C/C++ Program analysis and performance profiling Strong understanding of how modern EDRs/XDRs work internally Ability to explain complex technical concepts and research outputs to both executive-level and highly technical consumers Aptitude for working in a fast-paced, adaptive startup environment Nice to Haves Prior experience in enterprise software development using Rust Prior vulnerability research and exploit development experience Working at Prelude Prelude is a fully remote team across the US & Canada, built on trust, autonomy, and excellence. We empower our team to take ownership, move with purpose, and continuously improve. Our culture values top performers who align with our mission and embrace high standards. We offer generous healthcare, flexible PTO, and home-office support, ensuring our team has the freedom and resources to thrive. While we move fast, we prioritize quality, collaboration, and remain committed to building impactful security solutions with precision.

The Senior Principal Consultant will work as a senior expert on the successful delivery of projects for clients as a member of a project team within a market program. This includes providing technical expertise to the project manager and team members with initiating, planning, executing, monitoring and controlling, and closing projects. This position also includes maintaining relationships with clients and key decision-makers to help identify follow-on Business opportunities and maintain customer intelligence. What You Will Do: Provide expertise on project tasks to ensure quality services are delivered on schedule and within the available budget to meet customer requirements. Define project tasks, estimate task duration, and develop a project schedule as part of developing a project management plan Review project management plans to understand the scope, schedule, and assigned work authorization Provide technical expertise to support the execution of project tasks Develop briefing materials and write reports to communicate concepts and analysis results to clients and end users Lead research and data analysis, including but not limited to assisting with conducting customer or stakeholder analyses Prepare written documents, and reports, and provides presentations to clients. Develop conclusions and recommendations, write reports, and assist with client presentations Track and reports hours spend executing projects Work with individuals at all levels, provide input to reports and other deliverables, execute multiple assignments, meet agreed deadlines, and adjust to changing client demands Develop relationships with existing customers to facilitate the development of new business. Identify new business opportunities with existing customers for current and/or additional services Participate in marketing activities, conference presentations, technical whitepapers Assist with proposal development, including writing proposals, estimating the level of effort Learn, understand and be conversant in ABSG Industrial Cybersecurity products and services Review published reports and news articles about existing and potential new clients to identify customer intelligence Networking to meet new potential clients Serves as senior technical expert guiding project tasks and ensuring quality, schedule, and budget compliance. Project management with planning, sequencing tasks, estimating durations, and developing project schedules. Performs quality assurance on deliverables and tracks project execution metrics. Maintains and develops relationships with clients and key decision-makers. Actively participates in client meetings, presentations, and proposal development. Identifies new business opportunities through client interactions and market intelligence. Communicates client needs internally and contributes to proposal writing. Leverages subject matter expertise to drive growth and expand services. What You Will Need: Education and Experience Bachelor's degree in Computer Science, Business, or a recognized equivalent from an accredited university. Experience will be considered in lieu of education, preferably in data processing or a related field. Typically requires a minimum of five (5) years of working with a Customer Relationship Management System (CRM). Proven experience in Systems Development environment with project management responsibility for successful projects. Extensive IT and functional experience in cultivating positive customer relationships. experience working in organizations to support services provided to internal/external clients PMP Certification is preferred. Microsoft Dynamics CE experience preferred Knowledge, Skills, and Abilities Analytical and problem-solving capabilities. Strong understanding of sales, marketing, and customer service processes, to ensure functionally correct implementation. Strong understanding of Dynamics 365 CRM design, structure, functionality, and processes. Knowledge of CPQ (Configure, Price, Quote), PRM (Partner Relationship Management), CLM (Contract Lifecycle Management), and Sale Compensation Management applications, and their functionality. Managed complete life cycle projects involving multiple cross-functional business teams. Excellent verbal, written, and presentation skills consistent with a client group, including senior managers & executives. Knowledge of Microsoft Power Platform, working with Power BI to build data visualization, and Power Automate implementing business workflow. Strategic while also able to perform tactical duties. Self-starter, highly motivated with the ability to work with limited supervision. Experienced in the design and maintenance of business applications. Ability to obtain a working knowledge of the ABS Health, Safety, Quality, and Environmental Management System. Salary: $210k - $220k Reporting Relationships: Reports to a Manager, Director, or Executive level position and has no direct reports.

Founded in 2001, WaveStrong is an industry leader in enterprise and cloud information security consulting services. We pride ourselves on our best of breed security solutions and services that span a myriad of government, education and business verticals. Our staff is comprised of both certified technical and business professionals who can help you successfully navigate complexities of planning, design, implementation and management of securing data. Our approach is vendor agnostic giving our customers the freedom to choose the best customized security model for their business. Requirements We are looking for a Remote Imperva Data Security SME experienced with Imperva solutions to protect sensitive data across platforms. Key responsibilities include configuring and monitoring Imperva Data Security Fabric, managing data security controls, and collaborating to address vulnerabilities. Qualifications: Experience with Imperva Data Security Fabric (DSF), WAF and/or DAM Knowledge of data protection regulations (e.g., GDPR, CCPA) Proficiency in database security practices and security incident response. Strong problem-solving and communication skills

is remote and can be performed from anywhere in the United States. Cyber security analysts are responsible for managing, monitoring, troubleshooting and protecting both the security of our internal environment and that of our customers. They will perform any steps necessary to that end. They will design, implement, monitor, and evaluate the security systems that protect an organization's computer systems and data. As a Cyber Security Analyst, you will monitor the computer networks under management for security issues, install security software, and document any security issues you identify. This role also acts as the first point of contact for customer related security incidents and questions. KEY RESPONSIBILITIES: * Act as the primary point of escalation for Cyber Security Analyst I technicians * Provides coaching to Cyber Security Analyst I employees on how to perform their duties * Create complex detection/correlation rules utilizing our SIEM and other security infrastructure to enhance detection ratios and monitor for emerging threats * Create, distribute and perform training for the Cyber Security Analyst I technicians on techniques and capabilities to improve the team's responsiveness and effectiveness as a whole * Performs all of the following functions of a Cyber Security Analyst I, with proficiency * Monitor computer networks for security issues and respond accordingly, including: * Creating/Managing firewall rules * Managing anti-virus endpoint tools * Performing event correlation analysis on potential threats identified through our SIEM * Configuring/Managing log management * Configuring/Managing file integrity monitoring * Performing vulnerability scans and remediation of identified risks * The methodology & analysis of identifying compromised servers * Performing rule tuning in our SIEM for improved detection capabilities * Interact with customers by phone, chat, or trouble ticket on any customer facing security issues * Investigate, document and assess security breaches and other cyber security incidents * Install security measures and operate software to protect systems and information infrastructure, including firewalls and data encryption programs * Prepare security reports for customer business insights reviews to support our guidance level agreements initiatives * Identify and fix detected vulnerabilities to maintain a high-security standard * Work with other technology teams and customers to perform tests and uncover network or other vulnerabilities * May be relied upon as a technical point of contact during Escalated Events relating to security * Review, investigate and respond to any external "abuse" complaints coming from our IP space * Develop best practices for IT security * Research security enhancements and make recommendations to management * Handle escalated internal or customer security issues from support or another operations team * Takes part in any security-oriented projects or critical initiatives * Stay up to date on information technology & security news, trends and standards * Deliver an exceptional customer experience every day * Other duties as identified or assigned DESIRED ROLE OUTCOMES: * Keep us and our customers free from security incidents but respond capably when one occurs * Our detection of security threats is continually improving * Provide valuable insights and visibility around security incidents to our customers * Have a staff of customer focused, energetic and security savvy team members REQUIRED SKILLS: * A minimum of 2 years' experience in a security analyst role * Bachelor's degree in Computer Science or related field or equivalent experience. Additional certifications in security related disciplines (e.g.: Security+, CEH, CISSP, etc.) are preferred * Must have experience in a Security Operations Center (SOC) * Must have technical troubleshooting and problem-solving skills * Understanding of network management principles * Experience in systems administration of Windows and Linux based operating systems * Working knowledge of Palo Alto or Fortinet firewalls, Microsoft Azure, Microsoft Sentinel SIEM solution or similar technologies * Understanding of firewalls, proxies, SIEM, antivirus, penetration testing, vulnerability scans and IDS/IPS concepts * Ability to identify and mitigate network vulnerabilities and explain how to avoid them * Understanding of patch management with the ability to deploy patches in a timely manner while understanding business impact * Ability to learn and communicate technical information to non-technical people * Must have excellent written & oral communication skills, and strong interpersonal skills * Must emulate the Ntirety Values in all that they do Ntirety is an Equal Employment Opportunity / Affirmative Action Employer (EEO/AA). Ntirety offers a competitive salary and benefits including unlimited Paid Time Off, FREE Medical to Employees, Dental, retirement plan with 401(k) match, and much more. If you are interested in joining a profitable, growing, and dynamic company, we want to hear from you! Ntirety is an Equal Opportunity Employer and does not discriminate on the basis of race, color, religion, sex, age, national origin, disability, veteran status, sexual orientation, or any other classification protected by Federal, State or local law. Ntirety thanks all candidates for their interest; however, only shortlisted candidates will be contacted.

Country: United States of America Remote U.S. Citizen, U.S. Person, or Immigration Status Requirements: U.S. citizenship is required, as only U.S. citizens are authorized to access information under this program/contract. Security Clearance: None/Not Required RTX Corporation is an Aerospace and Defense company that provides advanced systems and services for commercial, military and government customers worldwide. It comprises three industry-leading businesses - Collins Aerospace Systems, Pratt & Whitney, and Raytheon. Its 185,000 employees enable the company to operate at the edge of known science as they imagine and deliver solutions that push the boundaries in quantum physics, electric propulsion, directed energy, hypersonics, avionics and cybersecurity. The company, formed in 2020 through the combination of Raytheon Company and the United Technologies Corporation aerospace businesses, is headquartered in Arlington, VA. The following position is to join our RTX Enterprise Services team: Role Overview: Enterprise Services (ES) Cybersecurity has an immediate opening for a qualified insider threat analyst to join RTX Cyber Defense reporting to the Associate Director of Cyber Insider Threat Operations. As an insider threat analyst, you will be responsible for supporting the analysis, monitoring and triage of alerts stemming from potential insider threats. What You Will Do: Perform log analysis to detect anomalies, leveraging expertise in security operations tools to monitor and safeguard sensitive data. Utilize behavioral analytics and endpoint security solutions to identify and investigate unusual patterns. Monitor potential data exfiltration points using data loss prevention tools and other security solutions to detect and prevent unauthorized transfers. Apply Open-Source Intelligence (OSINT) techniques to gather and analyze publicly available information related to insider threats. Identify insider threat trends and patterns to assist content teams in the development of new detection rules and models. Articulate the implications of the risks relative to insider threats and educate team members, peers and stakeholders on the potential impacts. Review data, alerts and behaviors to identify potential concerns from multiple angles, gather information and understand and articulate information gaps needed to inform decisions. Work independently and with teams to define and complete analysis activities. Document findings in a manner that technical and non-technical stakeholders understand and can articulate findings to leadership and peers. Perform initial analysis on data from systems to identify unexpected or malicious activity across channels while understanding how activity fits into the threat landscape. Assist in building processes, procedures and training for the insider threat team. Collaborate with stakeholders to provide suggestions and feedback for validation and improvement of various tools, models, and processes. Stay updated on the latest developments and trends in insider threats, emerging and/or advanced persistent attack vectors, and industry best practices, incorporating this knowledge into RTX's defense strategies. Perform other duties as assigned and as required to continuously drive process excellence. Qualifications You Must Have: Typically requires a University Degree or equivalent experience and a minimum 5 years of experience, or an Advanced Degree and a minimum 3 year's experience. Minimum 5 years supporting a cyber insider threat program and/or a cyber incident response team, including at least 3 years with cybersecurity tools and technologies used to detect and mitigate insider threats, including, but not limited to security information and event monitoring (SIEM), user entity and behavior analytics (UEBA), user activity monitoring (UAM), data loss prevention (DLP) technologies and endpoint security solutions. Must be able to effectively communicate (verbal and written) technical and strategic details to peers, leadership, and stakeholders with varying levels of operational expertise. The ability to obtain and maintain a U.S. government issued security clearance is required. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance. Qualifications We Prefer: Insider Threat specific training/certifications such as CERT Insider Threat course work or Center for Development of Security Excellence (CDSE). Industry certifications in information security or technology such as, CISSP, CISM, CGEIT. Experience collaborating with teams inside and outside of Digital Technology (ex. Privacy, Legal, HR). Preferred candidate will have experience with Operating System, cloud access, and web proxy event logs, endpoint/extended detection & response, and security incident & event management (SIEM) platforms. Demonstrate critical thinking and problem-solving skills. What We Offer: Whether you're just starting out on your career journey or are an experienced professional, we offer a robust total rewards package with compensation; healthcare, wellness, retirement and work/life benefits; career development and recognition programs. Some of the benefits we offer include parental (including paternal) leave, flexible work schedules, achievement awards, educational assistance and child/adult backup care. Learn More & Apply Now! Work Location: Remote Please consider the following role type definition as you apply for this role: Remote: This position is currently designated as remote. However, the successful candidate will be required to work from one of the 50 U.S. states (excluding U.S. Territories). Employees who are working in Remote roles will work primarily offsite (from home). An employee may be expected to travel to the site location as needed. As part of our commitment to maintaining a secure hiring process, candidates may be asked to attend select steps of the interview process in-person at one of our office locations, regardless of whether the role is designated as on-site, hybrid or remote. The salary range for this role is 82,000 USD - 164,000 USD. The salary range provided is a good faith estimate representative of all experience levels. RTX considers several factors when extending an offer, including but not limited to, the role, function and associated responsibilities, a candidate's work experience, location, education/training, and key skills.Hired applicants may be eligible for benefits, including but not limited to, medical, dental, vision, life insurance, short-term disability, long-term disability, 401(k) match, flexible spending accounts, flexible work schedules, employee assistance program, Employee Scholar Program, parental leave, paid time off, and holidays. Specific benefits are dependent upon the specific business unit as well as whether or not the position is covered by a collective-bargaining agreement.Hired applicants may be eligible for annual short-term and/or long-term incentive compensation programs depending on the level of the position and whether or not it is covered by a collective-bargaining agreement. Payments under these annual programs are not guaranteed and are dependent upon a variety of factors including, but not limited to, individual performance, business unit performance, and/or the company's performance.This role is a U.S.-based role. If the successful candidate resides in a U.S. territory, the appropriate pay structure and benefits will apply.RTX anticipates the application window closing approximately 40 days from the date the notice was posted. However, factors such as candidate flow and business necessity may require RTX to shorten or extend the application window. RTX is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or veteran status, or any other applicable state or federal protected class. RTX provides affirmative action in employment for qualified Individuals with a Disability and Protected Veterans in compliance with Section 503 of the Rehabilitation Act and the Vietnam Era Veterans' Readjustment Assistance Act. Privacy Policy and Terms: Click on this link to read the Policy and Terms

Job Description CyberSheath Services International LLC is a rapidly growing Security and IT Managed Services Provider primarily focused on providing Cybersecurity services to the Defense Industrial Base (DIB). We are excited to be expanding our staff due to our growth and are looking to add a Cyber Security Analyst to our Security Operations team! CyberSheath integrates compliance and threat mitigation efforts and eliminates redundant security practices that don't improve and, in fact, may weaken an organization's security posture. Our professionals tell clients where to stop spending, where to invest, and how to take what they are already doing and integrate it in a way that delivers improved security. Successful candidates for CyberSheath are self-motivated, think out of the box, work, and solve issues independently. Additionally, our most successful people are self-starters and willing to put on many hats in order to succeed. CyberSheath is fast-growing and seeks candidates who want to be part of our upward trajectory. Job Overview The Cyber Security Analyst II is responsible for advanced security incident triage, investigation, and response across Microsoft 365, Azure, and on-premises infrastructure. Serves as the escalation point for complex security incidents while implementing containment and remediation procedures in hybrid environments. Key Responsibilities Investigate and respond to escalated security incidents across Microsoft cloud and on-premises environments Perform advanced incident analysis using Microsoft Defender suite and Azure Sentinel Conduct security assessment of Azure/Microsoft 365 configurations and implement hardening recommendations Analyze and respond to advanced Active Directory attacks (Kerberoasting, Pass-the-Hash, Golden Ticket) Monitor and investigate Exchange Server logs, email flow patterns, and phishing campaigns Analyze federation security including ADFS token-based attacks and SAML token manipulation Configure and tune WAF/firewall rule sets and investigate related security incidents Develop network segmentation strategies and identify lateral movement attempts Develop and maintain incident response playbooks for various attack scenarios Coordinate incident response activities with cross-functional teams Required Qualifications 3-5 years in cybersecurity with 2+ years SOC experience Deep knowledge of hybrid Microsoft environments (Microsoft 365, Azure, on-premises AD) Experience with SIEM platforms and security monitoring tools Scripting proficiency (PowerShell, Python) Strong analytical and communication skills Microsoft Certified: Security Operations Analyst (SC-200) One additional security certification: EC-Council CSA, CompTIA Security+, or similar Preferred Qualifications Microsoft Certified: Azure Security Engineer (AZ-500) Microsoft Certified: Identity and Access Administrator (SC-300) CrowdStrike Certified Falcon Responder (CCFR) or equivalent EDR certification CISSP, SSCP, CCSP Skills & Expertise Strong Proficiency with Microsoft Defender suite (Endpoint, Office 365, Identity, Cloud Apps) Azure Sentinel KQL query development and alert configuration Azure AD/Entra ID security configuration and attack path analysis Active Directory security assessment including GPOs, trust relationships, and delegation Email security and phishing detection/response Cloud security posture management Incident handling and digital forensics Threat intelligence analysis and implementation Work Environment CyberSheath is a fully remote organization, and this will be a work-from-home position The schedule for this role is: Week One: Friday - Sunday 8:00 AM - 8:00 PM Week Two: Friday - Monday 8:00 AM - 8:00 PM Travel requirements: 0-5% yearly. Please note that this role will be part of our SOC on-call rotation CyberSheath is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender identity, national origin, age, protected veteran status, among other things, or status as a qualified individual with a disability. Budgeted Pay Range$70,000-$100,000 USD

The client is looking for a Cyber Threat Fusion Analyst. This position will support the Joint Service Provider (JSP) Defensive Cyber Operations (DCO) organization with Cyber Threat Intelligence products and network security monitoring and will perform as the analyst in area of cyber threat intelligence. This role will be based onsite at the Mark Center in Alexandria, VA. Some remote work will be allowed. An active TS/SCI security clearance is required prior to start. Essential Job Functions Implement the core Threat Intelligence concepts (ex. Cyber Kill Chain, MITRE ATT&CK, DoDCAR). Produce reporting for new or emerging threats and threat vectors. Utilize SIEM technologies to correlate security events and logs and identify threats Incorporate threat intelligence into countermeasures to detect and prevent intrusions and malware infections Implement the core Threat Intelligence concepts (ex. Cyber Kill Chain, MITRE ATT&CK, DoDCAR). Produce reporting for new or emerging threats and threat vectors. Utilize SIEM technologies to correlate security events and logs and identify threats. Incorporate threat intelligence into countermeasures to detect and prevent intrusions and malware infections. Identify threat actor tactics, techniques and procedures and based on indicators develops custom signatures and blocks. Understand concepts of log and packet analysis Navigate the command line using specific expressions to manipulate data Handle and organize disparate data about detections, attacks, and attackers Employ discovery techniques and vetting of new intelligence. Create Situational Awareness Reports and Threat Briefs. Minimum Required Qualifications Due to the nature of this position and the information that employees will be required to access, U.S. Citizenship is required. Bachelor's Degree in Computer Science, Computer Engineering or related field and 8+ years of prior relevant experience; additional years of experience may be substituted in lieu of a degree. Computer defense technologies spanning endpoint, network, and open source. Required Security Clearance: TS/SCI. 8570 IAT II certification is required prior to start. It is preferred you will already possess an 8570 CSSP-Analyst certification. If not, it will be required for this to be obtained within 6 months of your start date.

Responsibilities: Investigate security incidents and escalate when necessary Work Incident Response and Administrative tickets Perform and develop data mining queries using Splunk/Splunk ES Communicate in a clear and concise manner with Leadership, Customers and Peers Monitor and respond to multiple shared Mailbox inquiries Provide vulnerability, threat, and risk mitigation support Monitor Security Operations Dashboards for alerts Support daily Operations briefings Monitor and answer the SOC phone hotline Support customer defined metrics reports Support government data calls This opportunity offers remote work! Candidates must be willing to work in a SOC environment and demonstrate strong problem-solving skills Must be able to work well both on their own (in an individual setting) as well as with others (in a team setting) Must possess strong self-initiative, curiosity, and diligence - must be willing to engage with the team, in the capacity of both learning and sharing information

Join our global Cyber team as a Wordings Analyst supporting the Global Cyber Wordings Manager in the strategic development and governance of our Cyber and Tech policy suite, including Liberty Cyber Resolution and Liberty Tech Resolution. This role is a hands-on business enabler: you will help translate complex legal and regulatory requirements into clear, market-ready wordings, maintain our global clause library, support manuscript negotiations, and produce practical tools that empower underwriters and strengthen broker confidence. It's an excellent opportunity for an early-career insurance wordings or legal professional to build expertise in a fast-moving, global specialty line and make a visible impact on growth, innovation, and client experience. Key responsibilities: Wording library and drafting support Maintain and expand the global wording library centered on Liberty Cyber Resolution and Liberty Tech Resolution, including endorsements, exclusions, and guidance notes. Redline and prepare first drafts of standard clauses and endorsements; ensure consistency with definitions, coverage intent, and plain-language standards. Track version control, change logs, approvals, and archiving; Assist with localization for different jurisdictions, coordinating translations and filing documentation with Legal/Compliance. Commercial enablement Build practical tools (playbooks, FAQs, objection-handling guides, coverage summaries) to help regional teams position our products and close deals efficiently. Prepare broker/client comparison decks and battlecards; support pitches, RFP/RFI responses, and manuscript negotiations with clause comparisons and recommended alternatives. Triage wording queries from regions; track SLAs and referral approvals per the global governance framework. Partner closely with Underwriting, Product, Global Cyber Engagement, Claims, Legal/Compliance, and regional leaders to deliver accurate, timely support and uphold governance standards. Regulatory and legal stewardship Monitor and synthesize global regulatory and market developments (e.g., Lloyd's cyber war/systemic guidance, GDPR, DORA, NIS2, sanctions) into succinct briefs and recommended wording actions. Maintain audit-ready documentation; assist with regulatory filings or attestations where required. Claims partnership and feedback loop Collaborate with Claims to capture lessons from disputes and litigation trends; draft guidance notes and propose clarifications to improve coverage certainty. Support coverage position letters and documentation packs with research, citations, and clause histories. Innovation and product development support Help draft prototype wordings for new propositions Check alignment between underlying policy wordings and reinsurance treaty/facultative clauses. Administer wording management tools, ensuring robust version control, approval workflows, and usage analytics. Build dashboards and trackers for adoption of standard forms, deviation rates, SLA performance, disputes, and audit findings; provide monthly reporting to stakeholders. Qualifications Bachelor's degree in business, economics, or other quantitative field. Minimum 3 years, typically 4 years or more of relevant work experience. 2 - 5 years of experience in insurance wordings, legal/paralegal support, underwriting support, or product documentation; cyber specialty experience preferred. Strong drafting, redlining, and proofreading skills with a plain-language mindset and exceptional attention to detail. Working knowledge of insurance policy structures, endorsements, exclusions, and coverage interpretation; familiarity with cyber war/systemic language, sanctions, and privacy regulations is advantageous. Research and synthesis skills to translate complex regulatory/legal topics into practical guidance and actionable updates. Proficiency with MS Word (advanced track changes/redlining), Excel (trackers and dashboards), PowerPoint (training/pitch materials), and document/enablement tools. Collaborative, service-oriented approach; comfortable operating in a global matrix and meeting defined SLAs. Curiosity about cybersecurity risks and the incident response ecosystem; willingness to learn common threat scenarios to inform practical drafting. About Us Pay Philosophy: The typical starting salary range for this role is determined by a number of factors including skills, experience, education, certifications and location. The full salary range for this role reflects the competitive labor market value for all employees in these positions across the national market and provides an opportunity to progress as employees grow and develop within the role. Some roles at Liberty Mutual have a corresponding compensation plan which may include commission and/or bonus earnings at rates that vary based on multiple factors set forth in the compensation plan for the role. At Liberty Mutual, our goal is to create a workplace where everyone feels valued, supported, and can thrive. We build an environment that welcomes a wide range of perspectives and experiences, with inclusion embedded in every aspect of our culture and reflected in everyday interactions. This comes to life through comprehensive benefits, workplace flexibility, professional development opportunities, and a host of opportunities provided through our Employee Resource Groups. Each employee plays a role in creating our inclusive culture, which supports every individual to do their best work. Together, we cultivate a community where everyone can make a meaningful impact for our business, our customers, and the communities we serve. We value your hard work, integrity and commitment to make things better, and we put people first by offering you benefits that support your life and well-being. To learn more about our benefit offerings please visit: *********************** Liberty Mutual is an equal opportunity employer. We will not tolerate discrimination on the basis of race, color, national origin, sex, sexual orientation, gender identity, religion, age, disability, veteran's status, pregnancy, genetic information or on any basis prohibited by federal, state or local law. Fair Chance Notices California Los Angeles Incorporated Los Angeles Unincorporated Philadelphia San Francisco We can recommend jobs specifically for you! Click here to get started.

Why you should join our At-Bay Managed Detection and Response Security team: At-Bay is a fast-growth InsurSec company (Insurance x Cybersecurity) on a mission to bring innovative products to the market that help protect small businesses from digital risks. As an InsurSec provider, we uniquely combine insurance with mission-critical security technologies, threat intelligence, and human expertise, to bridge the critical security capability gap that exists among SMBs in the community. We believe InsurSec is an $80B market opportunity and we are excited to introduce the Security Analyst (MDR) role to the security team in order to help expand our reach and influence in the business and security community, of which we serve 35,000 customers. With At-Bay, our customers experience 5X fewer ransomware attacks. This is just the tip of the iceberg! Click here to learn more about what we're building. Security Analysts provide first-line security monitoring services to At-Bay's Managed Detection & Response customers with specific responsibilities including: Operation and tuning of security monitoring tools including Endpoint Detection & Response (EDR), network monitoring, email security, Data Loss Prevention (DLP), Security Information and Event Management (SIEM), security automation tools, and others as needed Identification and analysis of anomalous activity in customer technology environments Triage of event data to identity potential indicators of compromise Escalation of potentially malicious activity to engage incident responders where necessary Participation in incident investigation, containment, remediation, and recovery activities where necessary Developing and maintaining customer relationships to facilitate delivery of MDR services Developing and delivering reports on identified activity to customer stakeholders as needed Key skills: Previous EDR, MDR, XDR, security monitoring, or incident response experience Strong oral and written communications skills Previous hands-on experience performing security operations including several of the following: Security monitoring using a variety of endpoint and network tools Deployment, tuning, and operation of security tools from vendors such as CrowdStrike, SentinelOne, and others Deployment, tuning, and operation of SIEM or other tools used to aggregate and analyze security-relevant data Triage and analysis of potential indicators of compromise Performing rapid response to contain and/or remediate potentially malicious activity Development and analysis of cyber threat intelligence Participation in investigations involving digital evidence Intrusion detection / cyber threat hunting Malware analysis Previous hands-on experience working in information technology operations (e.g., Network Operations Center, Security Operations Center, Incident Response Team, etc.) Minimum requirements: Bachelor's degree or equivalent Minimum of 2 years of experience in cybersecurity operations, incident response, or another security discipline Willingness to travel as needed to perform job functions Preferred requirements: Significant undergraduate or graduate coursework in computer science, computer engineering, information systems, or cybersecurity Preferred candidates will have a mix of cybersecurity experience including either security operations or security engineering / architecture Knowledge of cloud environments including knowledge of cloud security products and services offered by major cloud service providers (e.g., AWS, Azure, Google) One or more industry cybersecurity certifications (e.g., GCIH, Security+, CISSP, etc.) Work location: USA, nationwide Our estimated base pay range for this role is $80,000-$110,000 per year. Base salary is determined by a variety of factors including but not limited to market data, location, internal equitability, domain knowledge, experiences and skills. In general, if the position sparks your interest we encourage you to apply - our team prioritizes talent. #LI-CK1

Join the cybersecurity company that puts security first; literally and without compromise. At KnowBe4, our AI-driven Human Risk Management platform empowers over 70,000 organizations worldwide to strengthen their security culture and transform their workforce from their biggest vulnerability into their strongest security asset. As the undisputed industry standard with unusually high customer retention rates and recognition as a Leader by G2 and TrustRadius, we're not just providing security awareness training - we're redefining what it means to be a trusted security partner in an increasingly complex threat landscape. Our team values radical transparency, extreme ownership, and continuous professional development in a welcoming workplace that encourages all employees to be themselves. Whether working remotely or in-person, we strive to make every day fun and engaging; from team lunches to trivia competitions to local outings, there is always something exciting happening at KnowBe4. Remote positions open to the US only. The Opportunity Join our Information Security team as the person responsible for monitoring and protecting KnowBe4's cloud infrastructure. As Cloud Security Analyst, you'll be the first responder for security alerts across our AWS and Azure environments; triaging, investigating, and coordinating responses that protect both company and customer data. You'll own the day-to-day security operations that keep our cloud ecosystem secure: analyzing alerts, hunting threats, investigating incidents, and partnering with engineering teams to ensure vulnerabilities get fixed before they become problems. The successful candidate stays calm under pressure, stays curious about new attack vectors, builds tools to make their job easier, and is passionate about cybersecurity. What You'll Do Security Monitoring & Response: Continuously monitor and triage alerts from SIEM, CSPM, CWPP, and cloud security tools - identifying what's a real threat, what needs immediate action, and what requires deeper investigation. Incident Management: Serve as primary responder for cloud security incidents, leading investigation efforts from initial detection through containment, eradication, and recovery while keeping stakeholders informed throughout. Threat Hunting & Analysis: Proactively hunt for threats across security log feeds, perform root cause analysis on vulnerabilities and incidents, and stay ahead of emerging attack patterns using frameworks like MITRE ATT&CK. Alert Engineering: Build and refine security alerts and dashboards that catch the signals that matter - reducing noise while ensuring critical issues surface quickly and clearly. Security Testing & Validation: Conduct security reviews and penetration testing across cloud infrastructure, identifying weaknesses before attackers do and validating that our defenses actually work. Cross-Team Collaboration: Partner closely with IT, engineering, and development teams to ensure security findings are understood, prioritized appropriately, and remediated with solid engineering principles-not just quick fixes. What You Bring 2+ years of hands-on experience in cloud security, information security operations, or similar roles where you've monitored alerts, investigated incidents, and worked within AWS and/or Azure environments. Practical cloud security knowledge with demonstrated ability to navigate cloud environments, understand misconfigurations, and think like an attacker to anticipate where vulnerabilities hide. Builder mindset with AI-assisted development skills - you actively leverage AI tools to write scripts, automate repetitive tasks, and solve your own problems rather than waiting for someone else to build solutions for you. Security operations foundation - you understand how to triage alerts, distinguish true positives from noise, investigate incidents methodically, and communicate findings clearly to both technical and non-technical audiences. Strong organizational skills and time management - you can juggle multiple security investigations simultaneously, prioritize what needs attention now versus what can wait, and keep track of incidents through resolution without dropping details. Some experience with offensive security - you know your way around infosec testing tools, understand OWASP Top 10, can think through how attackers exploit cloud environments, and have some exposure to penetration testing concepts. Comfort across technical domains - basic scripting ability, Linux command line navigation, understanding of application concepts (APIs, containers, databases), and some experience working with infrastructure-as-code tools like Terraform or CloudFormation. Bonus points if you have: Cloud security certifications (AWS Security Specialty, Azure Security Engineer, or similar professional credentials that validate your expertise). Bachelor's degree in information security, information systems, computer science, or related technical field. Experience with MITRE ATT&CK Framework in practical incident response scenarios where you've mapped adversary techniques to actual alerts. Background deploying security tooling as code - building alerts, automation, or security solutions using proper engineering principles that others can actually use and maintain. Why You'll Love It Here Builder-Friendly Culture: We encourage you to solve your own problems with good engineering principles; everything is deployed through Terraform, following the same standards as our development teams-you'll write solutions that scale, not just quick scripts. Remote Flexibility: Fully remote position open across the US, giving you the autonomy to work where you're most effective while staying connected to a collaborative security team. Continuous Learning: Budgets for certifications, conferences, and dedicated exploration time to research new tools and stay current Transparency and Trust: Radical candor, low ego, high accountability Global Scale: Your work will help protect users across 70,000+ organizations worldwide. The base pay for this position ranges from $80,000 - $85,000, which will vary depending on how well an applicant's skills and experience align with the job description listed above. We will accept applications until 12/30/2025. Our Fantastic Benefits We offer company-wide bonuses based on monthly sales targets, employee referral bonuses, adoption assistance, tuition reimbursement, certification reimbursement, and certification completion bonuses - all in a modern, high-tech, and fun work environment. For more details about our benefits in each office location, please visit ********************************* Note: An applicant assessment and background check may be part of your hiring procedure. Individuals seeking employment at KnowBe4 are considered without prejudice to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, gender identity, sexual orientation or any other characteristic protected under applicable federal, state, or local law. If you require reasonable accommodation in completing this application, interviewing, completing any pre-employment testing, or otherwise participating in the employee selection process, please visit ********************************************** No recruitment agencies, please.

Job Description Foresite Cybersecurity, a global Google-first security partner, delivers cutting-edge managed security, cyber consulting, and compliance services. We empower businesses to navigate the evolving cloud threat landscape with robust security outcomes. About the Role Are you a seasoned cybersecurity professional ready to defend against global threats? Join Foresite's Cyber Fusion Center in Overland Park, KS. As a Principal SOC Analyst, you'll be on the front lines, monitoring real-time events, leveraging threat intelligence, and protecting our valued clients. If you possess a strong foundation in networking, system administration, and a passion for information security, we want you! Responsibilities: Real-time Threat Detection: Monitor SIEM (including Google Chronicle SIEM) to detect and analyze security events. Incident Response: Investigate alerts, analyze incidents, and respond with precision. Proactive Threat Hunting: Identify and mitigate emerging threats. Security Analysis: Analyze events from Google Security Operations, EDR, and managed security systems. Data & System Management: Manage customer data, inventories, and operational tickets. Escalation & Resolution: Provide guidance, resolve complex issues, and escalate as needed. Continuous Improvement: Contribute to enhancing security products and services. Team Leadership: Serve as an escalation point and mentor team members. Collaboration & Communication: Work with engineers, responders, and clients. Documentation & Reporting: Document incidents, analyze patterns, and contribute to reports. Continuous Learning: Stay updated on threats, vulnerabilities, and best practices. Adapt & Thrive: Embrace the challenge of a fast-paced security environment. Other duties as assigned Qualifications: Security Expertise: Solid understanding of security principles, attack vectors, and technologies. 3+ years dedicated cybersecurity experience. Training in System Administration, Networking, and/or Security SIEM Proficiency: Hands-on experience with SIEM (preferably Google Security Operations). Analytical Skills: Strong analytical and problem-solving abilities. Communication Prowess: Excellent written and verbal communication skills. Teamwork & Collaboration: Ability to work effectively with colleagues and clients. Passion for Security: Genuine desire to protect organizations from cyber threats. CompTIA Security+ and Network+ certifications. Advanced knowledge of firewalls, routing/switching, and security operations. Experience with Google Security Operations, Google Cloud, Security Command Center, or Google Threat Intelligence. Aptitude for network/system troubleshooting. Critical thinking and logic skills. Ability to stay calm under pressure. Strong task and time management. Experience mentoring security analysts Skills: Professional demeanor and strong work ethic. Excellent written and verbal communication skills. Ability to develop technical documentation and guidelines. Strong collaboration skills with technical and non-technical stakeholders. Grow with Foresite: This is just the beginning. At Foresite, we're committed to your professional growth. As a SOC Analyst, you'll have opportunities to explore diverse career paths in Security Engineering, Consulting, Solutions Architecting, and even Sales. We offer a culture of mentorship, in-depth Google Cloud training and certification programs, and career planning resources to help you reach your full potential. Benefits: Location: This position is preferred in-person in our Kansas City office, offering the opportunity to collaborate closely with our dynamic SOC team. (Foresite also offers a variety of fully remote positions.) Shift Work: Be a part of our 24/7 Security Operations Center, contributing to a critical function that provides continuous protection for our clients. Competitive Compensation and Benefits: We offer a comprehensive benefits package and competitive compensation to all our employees.