Cyber Security Specialist jobs at Deloitte - 1190 jobs

Senior Security Engineer (Must have 3-5 years exp, Google SecOps & Security Command Center Enterprise) About Ladder We saw a problem within the life insurance industry: getting covered took too long, involved too much paperwork, and required too many in-person meetings with sales agents. Having lost his father at a young age, our CEO, Jamie, was determined to make it easier for people to get the coverage they needed to provide for their families. So, we got to work. We developed a method of real-time underwriting leveraging AI and, in doing so, reduced the months-long process of applying for life insurance to minutes. Our digital experience is quick (instant decisions!), loved by users (check out our Trustpilot or Google reviews) and prolific ($74 billion+ in coverage provided). About the role We're looking for a Senior Security Engineer to help us build out our monitoring and detection capabilities. Please note, this can be a hybrid role based in our Palo Alto headquarters or a remote role based role in one of the 23 States Ladder is currently hiring in - AZ, CA, CO, CT, FL, GA, IA, KS, MA, MD, MN, NC, NH, NJ, NV, NY, OH, OR, PA, TX, VA, WA, WI. Please note, Ladder is not currently sponsoring or transferring OPT or H1-B visa's. What You'll Do Improve ongoing monitoring and detection capabilities by adding data sources, creating detections, and building workflows in Google SecOps and Security Command Center Enterprise Ensure we are protected against the latest threat by staying current on emerging security threats and actively monitoring various threat intelligence sources for latest trends, campaigns, and adversary TTPs Collaborate with our Engineering and Product teams via threat modeling and design reviews Help secure our Googlebased corporate and production environments Assist IT in manage our SaaS applications and make sure people have access to what they should and not more Iterate on cloud, network, application, personnel, and device security Assess and secure internal and external applications, APIs, and CI/CD processes Assist with SOC2 and compliance program control implementation Triage alerts and respond to security incidents Collaborate with peers and stakeholders across the company to ensure our customers are protected as best as possible at all times Who You Are 3-5 years of experience in information security, with a strong focus on application security and/or detection engineering 1-2 years of experience in information technology Working knowledge of secure coding practices, application security frameworks, and common vulnerabilities OSCP, HTB-CPTS, PNPT, eCPPTv2, or equivalent training/certs Apple workstation security experience Familiarity with Google Cloud Platform, Datadog, Google SecOps (Chronicle), JAMF Protect, etc Passion for building security tooling to enhance and automate security processes Contributions to open-source projects or communities Experience in securing AI/ML models and pipelines What We Offer Whether you work in our beautiful office in Palo Alto or remotely, Ladder is highly collaborative and fun. To support you in your role, we offer fantastic perks and benefits that reflect our mission of care and support, including: Excellent medical, dental, and vision coverage | We offer competitive healthcare and dental plans for you and your family. Flexible paid time off | Take the time that you need to rest and recharge, including our week-long winter holiday closure. Stock options | We offer competitive stock option packages to participate in the success of building Ladder. A rewarding 401k match program | We'll match up to 4% of your contributions as you save for your retirement goals. Commuter benefits | When you work from the office, you will receive pre-tax benefits for your commute and free parking. A stocked, beautiful new office | Located in downtown Palo Alto, our office was specifically designed to accommodate all working styles. We've invested in technology to support our hybrid team, plus we provide office snacks and catered lunches so that team members can work well and have fun together. Paid parental leave | We think it's crucial that new parents have time to adjust to their new lives without worrying about work, so we provide all parents inclusive of birthing, adoption, or fostering ten weeks of paid baby bonding. Work-from-home flexibility and support | We recognize that everyone's homelife is different and support remote and hybrid work. Upon joining, we provide a one‑time $500 remote office stipend for all team members and then a monthly $150 stipend to cover WFH costs such as the internet. Fun company-wide events | Whether we work locally or remotely, we genuinely enjoy spending time together. That's why we plan fun virtual and in‑person events to let loose and laugh. The base pay range targeted for this position is $140,000.00 - $184,000.00 per year. Base pay is determined by market location and may vary depending on job‑related knowledge, skills, and experience. This role is eligible for equity and benefits as shared above. Voluntary Self-Identification For government reporting purposes, we ask candidates to respond to the below self‑identification survey. Completion of the form is entirely voluntary. Whatever your decision, it will not be considered in the hiring process or thereafter. Any information that you do provide will be recorded and maintained in a confidential file. Voluntary Self-Identification of Disability Form CC-305 Page 1 of 1 OMB Control Number 1250-0005 Expires 04/30/2026 Why are you being asked to complete this form? We are a federal contractor or subcontractor. The law requires us to provide equal employment opportunity to qualified people with disabilities. We have a goal of having at least 7% of our workers as people with disabilities. The law says we must measure our progress towards this goal. To do this, we must ask applicants and employees if they have a disability or have ever had one. People can become disabled, so we need to ask this question at least every five years. Completing this form is voluntary, and we hope that you will choose to do so. Your answer is confidential. No one who makes hiring decisions will see it. Your decision to complete the form and your answer will not harm you in any way. If you want to learn more about the law or this form, visit the U.S. Department of Labor's Office of Federal Contract Compliance Programs (OFCCP) website at ****************** How do you know if you have a disability? A disability is a condition that substantially limits one or more of your “major life activities.” If you have or have ever had such a condition, you are a person with a disability. Disabilities include, but are not limited to: Alcohol or other substance use disorder (not currently using drugs illegally) Autoimmune disorder, for example, lupus, fibromyalgia, rheumatoid arthritis, HIV/AIDS Blind or low vision Cancer (past or present) Cardiovascular or heart disease Celiac disease Cerebral palsy Deaf or serious difficulty hearing Diabetes Disfigurement, for example, disfigurement caused by burns, wounds, accidents, or congenital disorders Epilepsy or other seizure disorder Gastrointestinal disorders, for example, Crohn's Disease, irritable bowel syndrome Intellectual or developmental disability Mental health conditions, for example, depression, bipolar disorder, anxiety disorder, schizophrenia, PTSD Missing limbs or partially missing limbs Mobility impairment, benefiting from the use of a wheelchair, scooter, walker, leg brace(s) and/or other supports Nervous system condition, for example, migraine headaches, Parkinson's disease, multiple sclerosis (MS) Neurodivergence, for example, attention‑deficit/hyperactivity disorder (ADHD), autism spectrum disorder, dyslexia, dyspraxia, other learning disabilities Partial or complete paralysis (any cause) Pulmonary or respiratory conditions, for example, tuberculosis, asthma, emphysema Short stature (dwarfism) Traumatic brain injury Public burden statement: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete. EEO Statement Ladder is building a diverse team of talented and enthusiastic people. We are an equal opportunity workplace. At Ladder, differences are celebrated and supported to benefit our people, products, and community. Let us know why you're interested in this position and what unique contributions you can make to the Ladder team. We look forward to hearing from you. Interested in building your career at Ladder? Get future opportunities sent straight to your email. #J-18808-Ljbffr

A well-respected law firm in Washington, DC is seeking an experienced Information Security Engineer to enhance its security operations. This role offers the flexibility to work entirely remote or on-site. The ideal candidate will have a strong background in information security, excellent communication skills, and the ability to collaborate remotely. Competitive salary range is $122,000 to $160,000 annually, with additional benefits available. #J-18808-Ljbffr

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we're counting on your unique voice and perspective to help EY become even better. Join us and build an exceptional experience for yourself, and a better working world for all. The exceptional EY experience. It's yours to build. EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. Today's world is fuelled by vast amounts of information. Data is more valuable than ever before. Protecting data and information systems is central to doing business, and everyone in EY Information Security has a critical role to play. Join a global team of almost 950 people who collaborate to support the business of EY by protecting EY and client information assets! Our Information Security professionals enable EY to work securely and deliver secure products and services, as well as detect and quickly respond to security events as they happen. Together, the efforts of our dedicated team helps protect the EY brand and build client trust. Within Information Security we blend risk strategy, digital identity, cyber defense, application security and technology solutions as we consider the entire security lifecycle. You will join a team of hardworking, security-focused individuals dedicated to supporting, protecting and enabling the business through innovative, secure solutions that provide speed to market and business value. The opportunity Cyber Triage and Forensics (CTF) Incident Analyst will work as a senior member of the technical team responsible for security incident response for EY. The candidate will work as an escalation point for suspect or confirmed security incidents. Responsibilities include performing digital forensic analysis, following security incident response standard methodologies, malware analysis, identify indicators of compromise, support remediation or coordinate remediation efforts of a security incident, and develop documentation to support the security incident response process. Your key responsibilities Investigate, coordinate, bring to resolution, and report on security incidents as they are brought up or identified Forensically analyze end user systems and servers found to have possible indicators of compromise Analysis of artifacts collected during a security incident/forensic analysis Identify security incidents through ‘Hunting' operations within a SIEM and other relevant tools Interface and connect with server owners, system custodians, and IT contacts to pursue security incident response activities, including: obtaining access to systems, digital artifact collection, and containment and/or remediation actions Provide consultation and assessment on perceived security threats Maintain, manage, improve and update security incident process and protocol documentation Regularly provide reporting and metrics on case work Resolution of security incidents by identifying root cause and solutions Analyze findings in investigative matters, and develop fact based reports Be on-call to deliver global incident response Skills and attributes for success Resolution of security incidents by identifying root cause and solutions Analyze findings in investigative matters, and develop fact-based reports Proven integrity and judgment within a professional environment Ability to appropriately balance work/personal priorities To qualify for the role you must have Bachelors or Masters Degree in Computer Science, Information Systems, Engineering or a related field 5+ years experience in incident response, computer forensics analysis and/or malware reverse engineering; Understanding of security threats, vulnerabilities, and incident response; Understanding of electronic investigation, forensic tools, and methodologies, including: log correlation and analysis, forensically handling electronic data, knowledge of the computer security investigative processes, malware identification and analysis; Be familiar with legalities surrounding electronic discovery and analysis; Experience with SIEM technologies (i.e. Splunk); Deep understanding of both Windows and Unix/Linux based operating systems; Ideally, you'll also have Hold or be willing to pursue related professional certifications such as GCFE, GCFA or GCIH Background in security incident response in Cloud-based environments, such as Azure Programming skills in PowerShell, Python and/or C/C++ Understanding of the best security practices for network architecture and server configuration What we look for Demonstrated integrity in a professional environment Ability to work independently Have a global mind-set for working with different cultures and backgrounds Knowledgeable in business industry standard security incident response process, procedures, and life cycle Excellent teaming skills Excellent social, communication, and writing skills What we offer you The compensation ranges below are provided in order to comply with United States pay transparency laws. Other geographies will follow their local salary guidelines, which may not be a direct conversion of published US salary range/s. At EY, we'll develop you with future-focused skills and equip you with world-class experiences. We'll empower you in a flexible environment, and fuel you and your extraordinary talents in a diverse and inclusive culture of globally connected teams. Learn more . We offer a comprehensive compensation and benefits package where you'll be rewarded based on your performance and recognized for the value you bring to the business. The base salary range for this job in all geographic locations in the US is $87,700 to $164,000. The salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is $105,200 to $186,400. Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options. Join us in our team-led and leader-enabled hybrid model. Our expectation is for most people in external, client serving roles to work together in person 40-60% of the time over the course of an engagement, project or year. Under our flexible vacation policy, you'll decide how much vacation time you need based on your own personal circumstances. You'll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being. Are you ready to shape your future with confidence? Apply today. EY accepts applications for this position on an on-going basis. For those living in California, please click here for additional information. EY | Building a better working world EY is building a better working world by creating new value for clients, people, society, and the planet, while building trust in capital markets. Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow. EY teams work across a full spectrum of services in assurance, consulting, tax, strategy, and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories. EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status, or any other legally protected basis, including arrest and conviction records, in accordance with applicable law. EY is committed to providing reasonable accommodation to qualified individuals with disabilities including veterans with disabilities. If you have a disability and either need assistance applying online or need to request an accommodation during any part of the application process, please call 1-800-EY-HELP3, select Option 2 for candidate related inquiries, then select Option 1 for candidate queries and finally select Option 2 for candidates with an inquiry which will route you to EY's Talent Shared Services Team (TSS) or email the TSS at ************************** . #J-18808-Ljbffr

A global consulting firm seeks a Cyber Triage and Forensics Incident Analyst in San Francisco to lead security incident response efforts. You will analyze incidents, provide resolutions, and coordinate efforts with IT. Candidates must have 5+ years of experience in incident response and digital forensics, alongside a relevant degree. The position offers a competitive salary range of $87,700 to $164,000, with additional benefits including medical coverage and flexible vacation policies. #J-18808-Ljbffr

The National Energy Research Scientific Computing Center (NERSC) at Lawrence Berkeley National Laboratory (LBNL) is inviting applications for the position of Cyber Security Engineer. NERSC's mission is to accelerate scientific discovery through high performance computing and data analysis for the DOE Office of Science programs. NERSC provides critical HPC and data systems and support for NERSC's 10,000 users researching alternative energy sources, climate science, energy efficiency, environmental science and other DOE mission areas. In this exciting role, you will be involved in all aspects of cyber security at NERSC, working both independently and collaboratively with the rest of the security team to monitor for malicious and unauthorized activity, perform vulnerability scanning and application security testing, participate or lead responses to security incidents, work with other NERSC staff and end-users to provide security guidance, perform security assessments and reviews, assist in the remediation or mitigation of cyber security issues, and contribute to the NERSC strategy as we move to exascale and beyond. At NERSC, you will work in a collaborative, interdisciplinary environment with opportunities to explore emerging technologies, become involved in cross-team projects, and attend NERSC seminars on a wide range of scientific and technical subjects. You will: Perform security duties including monitoring for potential threats, proactively examining network traffic and log data, investigating anomalous activity, forensic analysis, and resolution of security incidents. Support and/or lead cyber incident response activities, participating in the full incident response lifecycle, from initial detection through resolution and post-incident documentation. Maintain up-to-date awareness of cybersecurity threats and trends by monitoring a variety of information sources. Assess emerging security issues to determine risk and impact to the center, advise on appropriate response strategies, and coordinate mitigation efforts across teams. Assist with vulnerability assessment activities,including configuration of scanning tools, assessment of vulnerabilities reported from a variety of sources, prioritization and triage of discovered vulnerabilities, and working closely with NERSC staff and end users to guide remediation efforts. Participate in 24/7 on-call rotation, occasionally working outside of scheduled hours as needed. Contribute to the design and development of NERSC's security architecture, identify and address operational gaps in monitoring and detection capabilities, and help evaluate and develop new cyber security tools and technologies. Participate or lead efforts to upgrade existing systems to meet evolving needs, including the specification, purchase, installation, configuration, and deployment of new hardware and security services. Perform system administration tasks, troubleshooting, and hardware maintenance and support as needed. Help maintain and manage existing cybersecurity systems using automation tools. Develop comprehensive documentation of the team's technical systems, processes, and procedures. Develop and add new signatures to IDS and monitoring infrastructure based on emerging threats and data from past incidents, ensuring detection capabilities align with the latest attack vectors and vulnerabilities. Regularly review and refine existing rules and signatures to enhance accuracy, reducing false positives and negatives. Lead or support the design and implementation of security initiatives, including a Zero Trust strategy, that reduce and mitigate risk while continuing to enable NERSC's open science mission. Promote a strong security culture through outreach, technical consulting, and security awareness activities. Provide guidance on security best practices, assist with the implementation of security controls, and effectively communicate security policies and requirements to NERSC staff and users. Collaborate closely with NERSC system engineers and software developers to integrate cyber security tools and processes throughout the center. Conduct in-depth security reviews and risk assessments, analyzing both technical and non-technical factors to identify weaknesses in existing and proposed deployments. Document review findings in detailed reports, providing actionable recommendations for addressing identified security issues and mitigating risk. Serve as a security subject matter expert on cross-functional projects and initiatives, offering guidance based on security best practices, identifying and communicating security issues, and collaborating with others to ensure security is a key consideration across all phases of the project. Contribute to the development of cybersecurity requirements, translating high-level policy into actionable security controls and guidelines. Assist with maintaining and updating documentation in a central repository. Create technical guides, best practices, and other resources to assist NERSC staff and users in understanding. May lead technical initiatives or projects focused on advancing security in areas such as containerized environments, secure software practices, Zero Trust Architecture, and secure data movement in HPC and scientific workflows. We are looking for: Typically requires a minimum of 8 years of related experience with a Bachelor's degree; or 6 years and a Master's degree; or equivalent experience. Experience administering Linux/Unix systems or configuring network security devices. Experience using cybersecurity tools and technologies, such as intrusion detection/prevention systems, firewalls, SIEM platforms, or vulnerability scanners, with demonstrated proficiency in at least one. Experience designing, implementing, and maintaining network traffic capture and monitoring solutions for complex, high-speed network environments. Experience performing or supporting incident response activities, including investigation, analysis, containment, and resolution of incidents. Experience collecting, parsing, and analyzing log and telemetry data from a variety of systems (e.g., servers, network devices, user sessions) to detect and respond to incidents. Experience leading the implementation or administration of IT infrastructure, leading projects or teams, or providing technical direction for operations or security initiatives. Experience developing scripts or programs in Python, Shell, C, C++, or similar languages. Knowledge of common security vulnerabilities and mitigations, attacker TTPs and associated detection methods, and an understanding of core cybersecurity principles. Demonstrated ability to work in a Linux or UNIX environment, primarily at a Command Line Interface (CLI). Ability to troubleshoot and resolve complex issues where analysis of situations or data requires an in-depth evaluation of variable factors. In-depth knowledge of network security and upper-layer protocols. Ability to network and collaborate with key contacts beyond one's area of expertise, and to work effectively both independently and within interdisciplinary teams. Ability to manage multiple tasks and respond to rapidly changing priorities. Excellent oral and written communication skills. Desired skills/knowledge: Experience working in High Performance Computing, higher education, or research environments. Experience implementing Zero Trust architectures, securing container platforms and workloads, or integrating security into development and deployment processes. Experience conducting policy compliance activities, such as auditing against cybersecurity frameworks (e.g., NIST, ISO 27001, CIS Controls), and performing vulnerability or risk assessments. Experience securing large-scale computing or open network environments with broadly accessible infrastructure. Familiarity with configuration automation tools such as puppet or ansible. Knowledge of dual-stack (IPv4/IPv6) and IPv6-only network environments, including common security challenges and strategies. Knowledge of API security, including secure API design principles and familiarity with OAuth 2.0, JWT, and API key management. Understanding of secure coding practices, with the ability to review source code for vulnerabilities and collaborate with development teams on secure solutions. Knowledge of data analytics, machine learning, or statistical models and their application to security analysis. We're here for the same mission, to bring science solutions to the world. Join our team and YOU will play a supporting role in our goal to address global challenges! Have a high level of impact and work for an organization associated with 17 Nobel Prizes! Why join Berkeley Lab? We invest in our employees by offering a total rewards package you can count on: Exceptional health and retirement benefits, including pension or 401K-style plans Opportunities to grow in your career - check out our Tuition Assistance Program A culture where you'll belong - we are invested in our teams! In addition to accruing vacation and sick time, we also have a Winter Holiday Shutdown every year. Parental bonding leave (for both mothers and fathers) Pet insurance Additional information: Appointment type: This is a full-time, career appointment, exempt (monthly paid) from overtime pay. Salary range: The expected salary for this position is $156,864 - $191,724, which fits into the full salary of $139,440 - $235,308 depending upon the candidate's skills, knowledge, and abilities. This includes education, certifications, and years of experience. Background check: This position is subject to a background check. Any convictions will be evaluated to determine if they directly relate to the responsibilities and requirements of the position. Having a conviction history will not automatically disqualify an applicant from being considered for employment. Work modality: This position requires substantial on-site presence, but is eligible for a flexible work mode, and hybrid schedules may be considered. Hybrid work is a combination of performing work on-site at Lawrence Berkeley National Lab, 1 Cyclotron Road, Berkeley, CA and some telework. Individuals working a hybrid schedule must reside within 150 miles of Berkeley Lab. Work schedules are dependent on business needs. Want to learn more about working at Berkeley Lab? Please visit: careers.lbl.gov Equal Employment Opportunity Employer: The foundation of Berkeley Lab is our Stewardship Values: Team Science, Service, Trust, Innovation, and Respect; and we strive to build community with these shared values and commitments. Berkeley Lab is an Equal Opportunity Employer. We heartily welcome applications from all who could contribute to the Lab's mission of leading scientific discovery, excellence, and professionalism. In support of our rich global community, all qualified applicants will be considered for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, age, protected veteran status, or other protected categories under State and Federal law. Berkeley Lab is a University of California employer. It is the policy of the University of California to undertake affirmative action and anti-discrimination efforts, consistent with its obligations as a Federal and State contractor. Misconduct Disclosure Requirement: As a condition of employment, the finalist will be required to disclose if they are subject to any final administrative or judicial decisions within the last seven years determining that they committed any misconduct, are currently being investigated for misconduct, left a position during an investigation for alleged misconduct, or have filed an appeal with a previous employer. #J-18808-Ljbffr

A leading cybersecurity company is seeking a Senior Product Manager in Foster City to bridge the gap between the Threat Research Unit and customers. In this role, you will use data analytics to prioritize the product roadmap while collaborating with Engineering and Marketing. The ideal candidate has over 5 years of product management experience in cybersecurity, exceptional communication skills, and a bachelor's degree in a related field. The salary range is $145,000 - $175,000 per year, and a competitive benefits package is offered. #J-18808-Ljbffr

A technology solutions provider seeks a Senior Backend/Middleware Engineer to develop secure, high-performance API and middleware solutions. This remote role requires expertise in Java and Spring Boot, with responsibilities including designing RESTful APIs and implementing security protocols. Ideal candidates will have experience with OAuth 2.0, OpenID Connect, and authorization principles. Benefits include health insurance, 401(k), and paid time off. #J-18808-Ljbffr

A rapidly growing compliance technology firm in San Francisco seeks a Security Engineer to establish internal security controls and manage penetration testing. Ideal candidates possess 3-5 years of security engineering experience, familiarity with Cloud security, and a strong problem-solving mindset. The role offers a competitive salary of $125,000 - $300,000 plus benefits, and the opportunity to be part of a dynamic team focused on eliminating compliance busywork. #J-18808-Ljbffr

About Us Delve is building an AI-native platform that transforms compliance from tedious, manual work into effortless, automated workflows. We're the fastest growing compliance company on the market. Delve helps 100s of companies save 100s of hours (e.g. Lovable, 11x, WisprFlow) by eliminating compliance busywork and helping them focus on what matters - securely supporting their customers. Our team is a tight‑knit group of builders-former founders, operators, and engineers-obsessed with solving real problems for real customers. We come from Stanford, MIT, Berkeley, OpenAI, and international olympiads. Backed by Insight Partners, General Catalyst, Y Combinator, and top‑tier investors, we just raised our 32M Series A and are scaling quickly! One step at a time, we're on a mission to eliminate busywork for humanity. The Role As our first Security Engineer, you'll wear multiple hats in this high‑impact position. You'll be responsible for establishing and managing our internal security controls, infrastructure, and processes while leading our penetration testing efforts and occasionally participating in customer conversations to provide technical expertise. This is a unique opportunity to build security foundations from the ground up at a company that deeply understands the security landscape. Key Responsibilities Design, implement, and maintain comprehensive security controls across our infrastructure and operations Set up and manage essential IT security tools including endpoint protection, SIEM, identity management, and monitoring systems Conduct security assessments, vulnerability management, and incident response Ensure compliance with relevant frameworks (SOC 2, ISO 27001, etc.) to support customer trust and sales efforts Manage access controls, privileged accounts, and security awareness training programs Plan, execute, and document internal penetration tests across applications, infrastructure, and networks Manage and coordinate a small team of internal and external penetration testing contractors Develop internal penetration testing capabilities and methodologies Participate in customer security discussions and technical deep‑dives during sales processes Support customer onboarding by addressing security questions and requirements Provide technical expertise during customer calls when security architecture questions arise What We're Looking For Required Qualifications 3-5 years of hands‑on security engineering or IT security experience Proven penetration testing experience with ability to perform manual testing across web applications, networks, and cloud environments Experience managing security contractors or external testing teams Extremely comfortable using AI tools for productivity and security tasks, including AI‑powered red team tools and security testing platforms Strong background in cloud security (AWS, Azure, or GCP) and infrastructure security Experience with identity and access management, network security, and endpoint protection Demonstrated ability to work independently and drive initiatives in fast‑paced startup environments Excellent communication skills with ability to explain technical concepts to both technical and non‑technical audiences Self‑starter mentality with strong problem‑solving abilities and attention to detail Preferred Qualifications Experience at early‑stage startups or high‑growth technology companies Background in AI/ML security considerations and challenges Relevant security certifications (OSCP, CISSP, CISM, Security+, CEH, etc.) Experience with compliance frameworks and audit processes Previous customer‑facing experience in technical roles Familiarity with DevSecOps practices and security automation tools Understanding of B2B SaaS security requirements and customer expectations Experience with automated penetration testing tools and frameworks Background in managing vendor relationships and security service providers Why In‑Person SF Matters You'll work shoulder‑to‑shoulder with an exceptional team: Ex‑Stanford, MIT, and Berkeley engineers with dozens of papers International Olympiad winners and medalists Ex‑OpenAI engineers with 10+ years of domain expertise for mentorship Ex‑Google DeepMind engineers Former founders who've closed $500k in revenue at 19 and hired 40+ people Decisions happen live, not in backlogged async threads A players work with A players. There's a buzzing energy in the office. Hit the whiteboard with anyone here and you'll understand why. Benefits Compensation: $125,000 - $300,000 annually, plus equity, comprehensive benefits, and professional development budget. 100% medical, dental & vision coverage (for you; partial for dependents) 401k with employer match Unlimited PTO + federal holidays GrubHub stipend + all meals covered in‑office Gym membership covered Frequent team dinners, events, and off‑sites The opportunity to eliminate busywork for humanity #J-18808-Ljbffr

The Information Technology Department of Arnold & Porter has an opening for an Information Security Engineer in the Washington, DC office or may work 100% virtual/remote in a firm-approved U.S. state as part of the “Gideon” office. The Information Security Engineer is a technical security expert responsible for supporting security operations, engineering, and architecture functions and efforts for Arnold & Porter. Under the direction of the Manager of Information Security, the Information Security Engineer helps to ensure the overall security posture of the firm, and is expected to be involved in day-to-day security operations and contribute to ensuring the integrity and availability of the firm's IT and application infrastructure and the confidentiality, integrity, and availability of the firm's data in support of enterprise IT objectives and client service delivery needs. Qualifications: Responsibilities Security Operations Performing security log and event analysis taking appropriate action as directed or required to address security risk issues or events / incidents using EDR, SIEM and log aggregation systems. Monitoring and proactively executing the vulnerability management program to prevent or reduce IT hygiene risk issues from impacting production systems. Maintaining and managing security toolsets as assigned, that help to mitigate or respond to security events and incidents including, but not limited to: Application control systems EDR/AV Email Security platform Attack simulation platform Threat intelligence/hunting Security related artificial intelligence tools Supporting security incident response and investigation efforts as directed. Helping validate and track IT operational activities to ensure compliance with policy, standards, and other applicable requirements, or as directed by organizational needs. Researching and identifying security vulnerabilities and relevant industry / cybersecurity trends for follow-up and action. Regularly reporting and tracking IT security events and metrics along with remediation activities. Helping support third-party risk management efforts as assigned. Helping support the firm security awareness training program as assigned. Helping support the firm's IT Compliance efforts as assigned. Participating in IT Security on-call rotation. Security Engineering & Architecture Advising and assisting with planning of security systems and standards by evaluating network and security technologies, developing security requirements for the enterprise infrastructure, and maintaining overall user access and data protection control in support of enterprise objectives and client service delivery. Reviewing newly requested applications and SaaS and application changes for security impacts and possible remediation to address security risk. Actively participating in the enterprise Change Advisory Board (CAB). Conducting research and providing recommendations on methods, software, and technologies to mitigate risk exposures. Helping to develop and contribute to security policies, standards and procedures to maintain an appropriate security posture and/or compliance with applicable requirements. Technical Skills & Experience Education/Experience Four year college degree preferred; equivalent experience will be considered. Minimum of three (3) years of experience in Information Security, or equivalent experience in IT-related fields with secondary security responsibilities. Technical Skills Experience and understanding of Windows, Unix/Linux, and Active Directory. Solid understanding of core networking protocols, including TCP/IP, UDP, DNS, DHCP, HTTP/HTTPS, routing protocols. Experience and technical knowledge in security engineering, system and network security, authentication and security protocols, cryptography, application security, and cloud security. Proficient in Windows operating systems, Microsoft Office Suite, and related software. Skilled in leveraging artificial intelligence tools for daily work. Strong remote collaboration capabilities. Communication & Writing Communicate complex technical information clearly to non-technical audiences. Excellent oral and written communication, including reports, business correspondence, and procedure manuals. Effective presenter to diverse groups, including managers, clients, and the public. Ability to identify and apply the appropriate method of communication. Professionalism & Judgment Strong personal initiative, judgment, and professionalism. High level of confidentiality and discretion. Exceptional client service for both internal and external stakeholders. Problem-Solving & Strategic Focus Strong problem-solving skills and strategic thinking. Ability to define goals, prioritize tasks, and follow through to achieve results. Detail-oriented with excellent organizational and time management skills. Capable of handling multiple tasks in fast-paced environments. Flexibility & Commitment Reliable, dependable, and motivated. Flexible to work additional hours as needed. Willingness to travel (1-4 weeks per year, or more if required). The anticipated base salary for this position is $122,000 to $160,000. The actual base salary offered will depend on a variety of factors, including without limitation, the qualifications of the individual applicant for the position, years of relevant experience, level of education attained, certifications or other professional licenses held, and if applicable, the location in which the applicant lives and/or from which they will be performing the job. For benefits information, please note the firm's benefits details are available upon request. The firm may provide a discretionary bonus annually. Arnold & Porter is an equal opportunity employer that does not discriminate on the basis of race, color, creed, religion, national origin, sex, pregnancy and childbirth (including breastfeeding and related medical conditions), age, marital or partnership status, familial status, sexual orientation, gender, gender identity, gender expression, transgender, physical or mental disability, medical condition, family leave status, citizenship status, immigration status, ancestry, genetic information, military or veteran status, or any other characteristic protected by local, state or federal laws, rules or regulations. Our Firm\'s equal opportunity policy applies to all employment practices and terms and conditions, including, without limitation, recruitment, employment, assignment, training, compensation, benefits, promotions, disciplinary action and terminations. For purposes of the firm\'s Anti-discrimination and Anti-harassment Policies, the term "race" includes, without limitation, traits historically associated with race, including, but not limited to, hair texture and protective hairstyles, such as braids, locks, and twists. Arnold & Porter Kaye Scholer LLP endeavours to make information accessible to any and all users. If you would like to contact us regarding accessibility of our website or need assistance completing the application process, please contact Director of Support Staff at ***************. This contact information is for accommodation requests only and cannot be used to inquire about the status of applications. For our EEO Policy Statement, please contact us for details. If you would like more information about your EEO rights as an applicant under the law, please inquire about Know Your Rights. Arnold & Porter Kaye Scholer LLP uses E-Verify, which is a web-based system, to confirm the eligibility of our employees to work in the United States. As an E-Verify employer, we verify the identity and employment eligibility of newly hired employees by electronically matching information provided by employees on the Form I-9, Employment Eligibility Verification, against records available to the Social Security Administration (SSA) and the Department of Homeland Security (DHS). We use E-Verify because we are a federal contractor containing the Federal Acquisition Regulation (FAR) E-Verify clause. Please see the posters for details regarding E-Verify or contact Arnold & Porter Kaye Scholer LLP's Human Resources Department for more information. E-Verify Participation Poster and Right-to-work Poster. #J-18808-Ljbffr

A technology company is seeking a Senior Security Engineer to enhance its security monitoring and detection processes. This role requires 3-5 years of experience in information security, focusing on application security and detection engineering. Candidates will work collaboratively, ensuring the protection of corporate environments. The position offers flexibility to work from the office in Palo Alto or remotely across multiple states. Excellent benefits include competitive healthcare, stock options, and a supportive work environment. #J-18808-Ljbffr

Akamai- Senior Security Specialist Must have skills • SOC/SIEM, Threat Hunting, Incident Response, Endpoint Security - EDR/XDR • WAF/DDoS implementation and configuration using Cloudflare/Akamai platforms • Client management skills 10+ yrs exp Job Description: As a Senior Security Specialist, you will play a critical role in safeguarding our organization's information assets and infrastructure. Your expertise in Cybersecurity, EPP, EDR, XDR, AI Security, threat hunting, network security, WAF, cloud security, threat detection, incident response, malware analysis, data and log analysis, and timeline forensics will be instrumental in identifying and mitigating security risks. You will work collaboratively with cross-functional teams, security analysts, IT professionals, and management to ensure the protection of our systems, networks, and data. Key Responsibilities: Design, develop and implement security solutions and tools like Aurora, Palo Alto Cortex to improve security posture and protect organizations infrastructure and data. Review and validate policy configurations and utilize security tools including EPP, EDR, XDR, cloud security configurations, network security technologies to improve and fine-tuning. Work with MFX and clients for endpoint security related report review and provide technical details. Proven security engineering and administration experience with EPP, EDR, XDR technologies preferably Aurora, Cortex etc. Research the latest security best practices and technologies, staying abreast of new threats and vulnerabilities and helping disseminate this information within the groups at the company. Develop and implement cybersecurity strategies, policies, and procedures. Lead and coordinate incident response activities, including containment, eradication, and recovery. Conduct post-incident analysis to identify lessons learned and recommend improvements. Work closely with internal and external stakeholders to manage and mitigate security incidents. Provide guidance and support to junior security team members during incident response activities. Perform analysis of suspicious files and malware samples. Identify malware behavior, capabilities, and potential impact. Develop and maintain a malware analysis lab and related tools. Provide recommendations for mitigation and response to malware incidents. Stay updated with emerging malware trends and techniques. Familiarity with Cyber Kill chain and MITRE ATT&CK framework. Establish, execute, communicate, and oversee project management for MFX and clients. Education / Work Experience: Minimum 10+ years of experience in cybersecurity, network security, cloud security, threat hunting including a minimum of 5+ years of experience in Endpoint Security technologies. Work experience with securing cloud infrastructure in Azure/AWS. Experience in WAF, DDoS configurations and incident handling skills. Preferred Certifications: GIAC, CISM, CCSP, CISSP, or equivalent certification, work experience, or skills. Strong knowledge of cybersecurity principles, best practices, and industry frameworks (e.g., NIST, ISO 27001). Good to have digital forensic investigations, including timeline analysis. Knowledge / skills: Advanced knowledge and understanding in various disciplines such as security engineering, system and network security, authentication and security protocols, cryptography, and application security. Experience using endpoint security technologies like Aurora, Cortex, or similar. Strong technical experience in cloud security services - network and storage encryption, network security groups, web security and identity and access management. Administering and improving industry standard security controls using security tools like EPP, EDR, XDR etc. and driving operational excellence. Experience with multiple Operating systems (Linux, Unix, Windows) Understanding of forensic principles and methodologies, including timeline forensics (Good to have) Excellent customer relationship and strong communication (i.e., written and verbal), presentation, teamwork skills and resourcefulness.

About Radiant Security We're a SF Bay Area Cyber AI startup. Our vision is simple: enable all security teams to perform security operations with the efficiency and effectiveness needed to prevent breaches . We're a small team of researchers and engineers with a deep focus in cyber and AI. Our product automates the triage for any security alert leveraging deep research, big data and dozens of AI Agents. Join us and boost your career with hands‑on AI experience. The Role As an AI Security Context Engineer, you'll sit at the intersection of cybersecurity expertise and applied AI. Your mission is to translate deep security understanding into actionable context that teaches Radiant's AI agents how to think, reason, and triage real‑world security investigations. You'll partner closely with our AI research, engineering, and product teams to define how modern attacks should be interpreted, how alerts should be enriched, and how investigations should unfold across dozens of agentic steps. The work you do directly shapes the quality and accuracy of Radiant's autonomous investigations - this is one of the most critical roles in the company and central to our core value proposition. This is a rare opportunity to bring your SOC and detection experience into an AI‑forward environment, contribute to the next evolution of security automation, and build systems used by teams around the world. What problems will you be working on? Turning complex security signals (SIEM, EDR, IPS, cloud security logs, etc.) into high‑quality AI reasoning that powers fully automated investigations Translating attacker behaviors and TTPs into teachable patterns for AI agents to detect, correlate, and triage threats Defining the logic behind multi‑step agentic investigation workflows - which signals the AI should examine/compare, why, and how it should decide next steps Closing context gaps that break investigations, improving outcomes by shaping the “security intuition” of the model Stress‑testing AI reasoning end‑to‑end to ensure it mirrors how top SOC analysts think when handling real incidents What you'll do Shape how Radiant's AI agents think: translating real SOC workflows, attacker behaviors, and detection patterns into the reasoning that drives automated investigations Design and refine multi‑step investigation logic, curating which signals matter, how alerts should be enriched, and how AI agents decide next steps Evaluate and improve AI decision‑making and stress‑testing agentic workflows to ensure they replicate how top analysts actually investigate potential incidents Work with a modern, cloud‑native AI stack and have direct impact on one of the most critical components of Radiant's platform Develop a stronger understanding of agentic AI and how it is leveraged for detection and analysis Things we're looking for An undergraduate degree in computer science Experience as a security analyst in an operational capacity Having previously worked for security product companies (startups are a plus) A working knowledge of adversarial TTPs, malware infrastructure, and the malware economy Have previously worked hands‑on with a variety of security detection technologies that are part of a robust security program (SEIM, IPS, WAF, EDR) Past, relevant experience with cloud security technologies A track record of providing security subject matter expertise and guidance to people who are not security experts Benefits Generous equity package Unlimited PTO (take time when you need it) Top‑of‑market salary Great healthcare The process We're a startup and we're making decision quickly. Our process is designed to give you the best glimpse of our team and allow us to evaluate your technical and culture fit. Step 1: Executive interview + Technical interview Step 2: Virtual On Site: Technical and Leadership interviews #J-18808-Ljbffr

A cutting-edge cybersecurity startup in San Francisco is seeking an AI Security Context Engineer to shape how AI agents think and drive automated investigations. This role bridges cybersecurity expertise with AI application, translating complex security signals into actionable context for effective investigations. Ideal candidates should possess security analyst experience, a computer science degree, and familiarity with security detection technologies. Competitive salary and generous benefits, including equity and unlimited PTO, are provided. #J-18808-Ljbffr

Information Security Engineer 3 page is loaded## Information Security Engineer 3locations: Portland, ME: Boston, MAtime type: Full timeposted on: Posted Todayjob requisition id: R20174****About the Team/Role****We're the Global Information Security Team at WEX, responsible for implementing and operating security technologies and processes throughout WEX. We partner closely with internal teams and customers to assure WEX operates in a secure and compliant manner. Our team holds itself to a high-standard and we collaborate closely with one another to ensure strong, reliable and effective relationships. We own our results and we take pride of ownership in everything we do. **We need help!** Changing the world isn't easy, and we have a lot of work ahead of us. From securing applications, data centers and cloud resources, we've got more work than we can handle and we're looking for great people to come along for the ride. We are looking for an application security engineer is responsible for ensuring the secure function of software security and familiarity with multiple general security practices and toolsets**How you'll make an impact** **Culturally, you're:*** A highly motivated security engineer who loves working on small, high performing teams that interface with the entire enterprise* A collaborative, solid communicator who works well with your team and stakeholders to drive projects from inception to completion* Someone who cares deeply for team results but is able to work independently to deliver high quality solutions for projects and operational tasks* Comfortable balancing the need to move fast with the realities of working in a highly regulated organization* Someone who thrives in situations where details and accuracy are vital* A skilled worker that has the motivation, expertise, and work ethic to operate independently across global time zones, and who is able to complete tasks and deliverables with minimal oversight* Work closely with Enterprise IT teams on securing Wex's infrastructure and applications* Able to mentor other engineers both technically and professionally**Technically, you:*** Engineer, implement, and monitor security measures to protect the enterprise* Configure and troubleshoot security infrastructure devices* Regularly review configurations and develop improvement plans* Develop technical solutions and new security tools to help mitigate security findings* Write comprehensive reports including assessment-based findings, outcomes and recommendations for security enhancement.* Have a general background in IT, Security, and supporting processes* Deep experience working with compliance and regulatory frameworks such as PCI-DSS, HIPAA/HITRUST, SOX, GDPR, NIST, etc.**Experience you'll bring*** Have 3-5 years of experience in Enterprise Information Security Engineering* Have 3-5 years of broad experience with security technologies such as NextGen AV (EDR), DLP, email security (SPF, DMARC, DKIM), web filtering, HSM, Key and Certificate management, or Identity and Access Management* Have a strong, practical understanding of modern cloud IT infrastructure, networking, and security engineering concepts* Are able to troubleshoot network and security issues within a complex environment* Have 3-5 years of experience in engineering solutions which meet security, compliance, and business needs* Can commit and deliver on very specific project/delivery timelines with minimal supervision* Are able work in an on-call rotation which may include some night and weekend shifts* Have excellent customer support skills, both written and verbal* Have 3-5 years of experience Linux and Unix operating systems* Have 3-5 years of experience with securing applications and enabling secure communication through HTTPS**It would be nice if you*** Have cloud experience with AWS and Azure* Experience working with AI/LLM Security* Experience working with Splunk* Experience working with CrowdStrike* Experience with automation technologies (SOAR) and writing code for automation* Experience working with Fortanix, Venafi, or similar Pay Range: $102,000.00 - $135,000.00WEX is a global commerce platform that helps businesses solve for operational complexities like employee benefits, managing and mobilizing fleets, and streamlining payments.With over 6,500 employees, we work with large and small companies in more than 200 countries and territories, and can tailor our services to meet the unique needs of their businesses.We hire people who share our passion for continuous innovation and client service that is unparalleled in the industry. Offering comprehensive and market competitive benefits, our offerings are designed to support your personal and professional well-being. If you're looking for a growing career - come be part of WEX today. To learn more about our employee benefits, please .WEX is an equal opportunity employer committed to diversity and inclusion in the workplace. All qualified applicants will receive consideration for employment without regard to sex, race, color, age, national origin, religion, sexual orientation, gender identity, protected veteran status, disability or other protected status. WEX promotes a drug-free workplace.Qualified individuals with a disability have the right to request a reasonable accommodation. If you require a reasonable accommodation as a result of your disability at any point in the job application process, please submit your request through our .This form is for accommodation requests only and cannot be used to inquire about the status of applications. #J-18808-Ljbffr

The Information Technology Department of Arnold & Porter has an opening for an Information Security Engineer in the Washington, DC office or may work 100% virtual/remote in a firm-approved U.S. state as part of the “Gideon” office. The Information Security Engineer is a technical security expert responsible for supporting security operations, engineering, and architecture functions and efforts for Arnold & Porter. Under the direction of the Manager of Information Security, the Information Security Engineer helps to ensure the overall security posture of the firm, and is expected to be involved in day-to-day security operations and contribute to ensuring the integrity and availability of the firm's IT and application infrastructure and the confidentiality, integrity, and availability of the firm's data in support of enterprise IT objectives and client service delivery needs. Responsibilities Security Operations Performing security log and event analysis using EDR, SIEM and log aggregation systems. Monitoring and proactively executing the vulnerability management program to prevent or reduce IT hygiene risk issues from impacting production systems. Maintaining and managing security toolsets such as Application control systems, EDR/AV, Email Security platform, Attack simulation platform, Threat intelligence/hunting, and Security related artificial intelligence tools. Supporting security incident response and investigation efforts as directed. Helping validate and track IT operational activities to ensure compliance with policy, standards, and other applicable requirements. Researching and identifying security vulnerabilities and relevant industry/cybersecurity trends for follow-up and action. Regularly reporting and tracking IT security events and metrics along with remediation activities. Helping support third‑party risk management efforts as assigned. Helping support the firm security awareness training program as assigned. Helping support the firm's IT Compliance efforts as assigned. Participating in IT Security on‑call rotation. Security Engineering & Architecture Advising and assisting with planning of security systems and standards by evaluating network and security technologies, developing security requirements for the enterprise infrastructure, and maintaining overall user access and data protection control. Reviewing newly requested applications and SaaS and application changes for security impacts and possible remediation to address security risk. Actively participating in the enterprise Change Advisory Board (CAB). Conducting research and providing recommendations on methods, software, and technologies to mitigate risk exposures. Helping to develop and contribute to security policies, standards and procedures. Qualifications Education/Experience Four‑year college degree preferred; equivalent experience will be considered. Minimum of three (3) years of experience in Information Security, or equivalent experience in IT-related fields with secondary security responsibilities. Technical Skills Experience and understanding of Windows, Unix/Linux, and Active Directory. Solid understanding of core networking protocols, including TCP/IP, UDP, DNS, DHCP, HTTP/HTTPS, and routing protocols. Experience and technical knowledge in security engineering, system and network security, authentication and security protocols, cryptography, application security, and cloud security. Proficient in Windows operating systems, Microsoft Office Suite, and related software. Skilled in leveraging artificial intelligence tools for daily work. Strong remote collaboration capabilities. Communication & Writing Communicate complex technical information clearly to non-technical audiences. Excellent oral and written communication, including reports, business correspondence, and procedure manuals. Effective presenter to diverse groups, including managers, clients, and the public. Ability to identify and apply the appropriate method of communication. Professionalism & Judgment Strong personal initiative, judgment, and professionalism. High level of confidentiality and discretion. Exceptional client service for both internal and external stakeholders. Problem‑Solving & Strategic Focus Strong problem‑solving skills and strategic thinking. Ability to define goals, prioritize tasks, and follow through to achieve results. Detail‑oriented with excellent organizational and time‑management skills. Capable of handling multiple tasks in fast‑paced environments. Flexibility & Commitment Reliable, dependable, and motivated. Flexible to work additional hours as needed. Willingness to travel (1-4 weeks per year, or more if required). The anticipated base salary for this position is $122,000 to $160,000. The actual base salary offered will depend on a variety of factors, including, without limitation, the qualifications of the individual applicant for the position, years of relevant experience, level of education attained, certifications or other professional licenses held, and if applicable, the location in which the applicant lives and/or from which they will be performing the job. The firm may provide a discretionary bonus annually. Arnold & Porter is an equal opportunity employer that does not discriminate on the basis of race, color, creed, religion, national origin, sex, pregnancy and childbirth (including breastfeeding and related medical conditions), age, marital or partnership status, familial status, sexual orientation, gender, gender identity, gender expression, transgender, physical or mental disability, medical condition, family leave status, citizenship status, immigration status, ancestry, genetic information, military or veteran status, or any other characteristic protected by local, state or federal laws, rules or regulations. Our Firm's equal opportunity policy applies to all employment practices and terms and conditions, including, without limitation, recruitment, employment, assignment, training, compensation, benefits, promotions, disciplinary action and terminations. For purposes of the firm's Anti-discrimination and Anti-harassment Policies, the term "race" includes, without limitation, traits historically associated with race, including, but not limited to, hair texture and protective hairstyles, such as braids, locks, and twists. #J-18808-Ljbffr

A leading security technology firm is looking for a Senior Java Engineer to design, develop, and maintain cloud-native SaaS solutions for their RSA ID Plus platform. Candidates should have over 5 years of experience in Java and cloud-native applications. This role emphasizes collaboration within a distributed team to deliver secure Identity and Access Management products. The position offers a competitive salary range of $90k to $195k along with comprehensive benefits including flexible paid time off and a 401(k) retirement plan. #J-18808-Ljbffr

A global consulting firm is seeking a Senior Consultant in Offensive Security to enhance client security through proactive threat assessments and vulnerability management. The successful candidate will manage penetration testing, lead response efforts, and collaborate with teams to streamline security initiatives. A minimum of 5 years of relevant experience and proficiency in scripting languages are required. This role offers competitive compensation and a supportive, inclusive environment in which to thrive. #J-18808-Ljbffr

Government IT Division REMOTE MKS2 Technologies, LLC, an award-winning high growth small business, creates innovative and customer‑centric technology solutions in the areas of Cyber Security, Instructional Design and Training, Software Engineering and IT Support Services to improve the security and well‑being of our clients. Our commitment to excellence and our “Mission First” orientation has resulted in steady growth and an expanding client base across government agencies. We have employees nationwide and for the past three consecutive years were named one of the fastest growing Veteran‑owned companies in the nation. Please take a moment to browse through our website and learn more about what it means to serve with MKS2. Senior Information System Security Engineer / Solutions Architect Location: Remote - must be within US and able to obtain Public Trust Clearance - US Citizen Pay: $100,000 - $120,000 annually (based on qualifications). Full Government benefits (W‑2) Job type: Contract We are seeking a hands‑on Senior Information System Security Engineer / Solutions Architect who will also serve as the Information System Security Engineer (ISSE) for key cybersecurity systems supporting the Department of Veterans Affairs (VA). This role is ideal for someone with deep technical engineering skills, cloud and DevSecOps experience. This individual will also lead teams to develop and implement technical solutions to remediate vulnerabilities and other complex cybersecurity challenges. Candidates will have a solutions‑oriented mindset to help the VA problem‑solve complex cybersecurity and IT challenges. The candidates should also be well‑versed with facilitating working sessions and have the ability to distill complex concepts into non‑technical/common language. The role will focus on analyzing and recommending system security architectures, vulnerability mitigation, policy‑driven compliance implementation, and full‑lifecycle support for the Department of Veteran's Affairs systems. Key Responsibilities Cybersecurity Engineering & Architecture (Primary) Analyze complex technical findings and determine necessary resources needed to solve problem‑sets across multiple cybersecurity and technical domains Partner with technical teams to develop and implement technical solutions Design, build, and deploy secure cloud‑native architectures and infrastructure components for VA information systems Develop and maintain CI/CD pipelines with integrated security scanning, policy enforcement, and remediation tools Implement secure infrastructure as code/policy as code using tools such as Terraform/CloudFormation, including writing and implementing PaC scripts Align security architectures with Federal Zero Trust strategy, VA directives, and OMB policies Enable automation of system telemetry and analytics pipelines for cyber situational awareness ISSEResponsibilities Provide engineering and technical analysis on behalf of Agency Authorizing Officials (AOs) for System Security Plans (SSPs), Risk Assessments, Security Controls Traceability Matrices (SCTMs), and POA&Ms Support system authorization and compliance activities including continuous monitoring and system audits Conduct regular and ad‑hoc analysis of security control findings and develop and implement remediation strategies Minimum Qualifications Bachelor's degree in computer science, engineering, or technical equivalent with 10 years of technical experience or a total of 18 years in lieu of education 8+ years of security engineering, DevSecOps, or cloud architecture experience Expertise in securing platforms hosted in AWS GovCloud and Azure Government Strong experience with NIST RMF, FISMA, FedRAMP, and Zero Trust architecture implementation Hands‑on skills in IaC tools like Terraform and CI/CD tools such as GitLab/Jenkins, with ability to adopt new technologies if procured by the agency Experience with network isolation tools such as Palo Alto Next Generation Firewalls (NGFW) and Juniper Mist Network Access Control (NAC) solutions or comparable Demonstrated experience securing modern applications, APIs, and automated infrastructure Excellent written and oral communication skills; ability to explain complex, technical information in easily understood terms; ability to brief Senior VA leadership regularly U.S. Citizenship and ability to obtain Public Trust clearance Preferred Qualifications Prior VA experience supporting VA OIS or major cybersecurity initiatives Experience authoring and maintaining ATO documentation in VA or HHS environments Experience with IoT/IoMT security solutions is a plus Knowledge of federal cybersecurity standards Equal Employment Opportunity Diversity creates a healthier atmosphere: MKS2 Technologies is proud to be an Equal Employment Opportunity / Affinitive Action employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, protected veteran status, disability status, sexual orientation, gender identity or expression, marital status, genetic information, or any other characteristic protected by law. As set forth in MKS2 Technologies's Equal Employment Opportunity policy, we do not discriminate on the basis of any protected group status under any applicable law. Voluntary Self‑Identification For government reporting purposes, we ask candidates to respond to the below self‑identification survey. Completion of the form is entirely voluntary. Whatever your decision, it will not be considered in the hiring process or thereafter. Any information that you do provide will be recorded and maintained in a confidential file. #J-18808-Ljbffr