Information security analyst jobs in Anaheim, CA - 256 jobs

A leading entertainment and media enterprise is seeking a Senior Software Engineer to enhance cybersecurity efforts. The role involves designing internal tools, managing security frameworks, and collaborating with compliance teams. Candidates should possess at least 5 years of software development experience, knowledge in DevSecOps, and familiarity with cloud technologies. This position is integral to securing information systems across various Disney platforms, supporting innovative consumer experiences and operational excellence. #J-18808-Ljbffr

At SimplePractice, we are improving access to quality care by equipping health and wellness clinicians with all the tools they need to thrive in private practice. More than 250,000 providers trust SimplePractice to build their business through our industry‑leading software with powerful tools that simplify every part of practice management. From admin work to clinical care, our suite of innovative solutions work together to reduce administrative burden-empowering solo and small group practitioners to thrive alongside their clients. Recognized by MedTech Breakthrough as the Best Practice Management Solution Provider in 2024 and the Digital Health Awards in 2023, SimplePractice is proud to pave the future of health tech. The Role SimplePractice is a leading practice management platform for health & wellness professionals. We are dedicated to empowering practitioners to run their businesses more efficiently and securely. We are seeking an Applied AI Security Engineer who will play a pivotal role in safeguarding our platform. In this role, you will be a hands‑on builder and implementer, working closely with our innovative product and engineering teams to develop and deploy AI‑driven security solutions to protect our client data. You will actively contribute to enabling enhanced security capabilities, mitigating risks, ensuring compliance with healthcare regulations, and advancing our mission of securely empowering health & wellness professionals through reliable AI solutions. You've been a hands‑on, early adopter of AI technologies and understand the promise and the pitfalls. You've applied your knowledge to traditional security functions like cloud security, application security, security operations and are eager to take an AI‑first approach. You bring full stack skills that can develop and productionalize AI agents to help us scale our security capabilities. Responsibilities Applied AI Security Engineering Design, build, and implement secure AI solutions to automate our security function, serving as a hands‑on expert in secure AI implementation patterns. Enable our security team to move from AI as assistant to AI as automated enabler Collaborate with product teams to evaluate security implications of new AI features Actively develop and contribute code to AI security testing tools, including red team AI agents, to proactively identify and address vulnerabilities in new features and models. Lead incident response for AI‑related security events Integrate AI capabilities directly into security operations workflows to automate threat detection, incident response, and vulnerability management. AI Security Architecture & Strategy Design and implement security architecture for AI systems, including LLMs and ML platforms Develop security standards and patterns for AI development and deployment Threat modeling for AI features Establish security controls for model training and monitoring Translate AI security strategies into actionable development plans and prototypes. Evaluate AI vendors and SaaS providers for security, compliance and data protection Assess emerging AI security tools and technologies Review cloud‑based AI services for healthcare compliance Partner with legal and compliance teams ensure AI initiatives meet regulatory and contractual requirements Implement controls for data privacy, model integrity, and access management Develop metrics and reporting for AI security posture Liaison with customers and auditors on SimplePractice's approach to AI security and compliance Leverage AI and automation to operationalize security and compliance workflows, continuously monitoring and improving our security posture Desired Skills & Experience 5+ years of experience in information security, with recent focus on AI/ML systems Proven hands‑on experience in designing, developing, and deploying AI/ML security solutions, including expertise in model security, data poisoning prevention, prompt injection guardrails, and privacy‑preserving techniques. Strong background in security architecture and threat modeling Strong bias towards automating with AI as a partner Demonstrated experience in implementing AI security controls within a regulated environment, with a strong emphasis on practical application and automation. Degree in Computer Science, Cybersecurity, or a related field Experience implementing Nvidia NeMo guardrails, ModelArmor or similar LLM protect frameworks Demonstrated experience with serverless cloud technologies like Lambda, Cloud Run Knowledgeable in Amazon Bedrock, OpenAI APIs, Langchain, ADK or similar AI model platforms Strong software development background with proficiency in python, rust or similar languages, including experience with MLOps and DevSecOps practices and tools such as terraform. Understanding of healthcare compliance (HIPAA, HITECH) Excellent analytical, problem‑solving, and communication skills Ability to work independently to learn new technologies, processes, frameworks, and systems. Bonus Points A ‘hands‑on' security certification (SANS, CEH, etc) Experience in healthcare or medical device security Familiarity with AI ethics and responsible AI development practices Experience with containerization and orchestration technologies (e.g., Docker, Kubernetes) Experience contributing to open‑source AI security projects or developing internal AI security tools/frameworks. Familiarity with security automation and orchestration platforms (e.g., SOAR) and how AI can augment or replace these tools. Base Compensation Range $115,000 - $145,000 annually Base salary is one component of total compensation. Employees may also be eligible for an annual bonus or commission. Some roles may also be eligible for overtime pay. The above represents the expected base compensation range for this job requisition. Ultimately, in determining your pay, we'll consider many factors including, but not limited to, skills, experience, qualifications, geographic location, and other job‑related factors. We offer a competitive benefits program including: Medical, dental, vision, life & disability insurance 401(k) plan with company match Flexible Time Off (FTO), wellbeing days, paid holidays, and summer Fridays Mental health resources Paid parental leave & Backup Care Employee Resource Groups (ERGs) California Job Applicant Privacy Notice Thank you for your interest in opportunities at SimplePractice LLC (“SimplePractice” or “us” or “we” or “our”). Please note that when you submit your resume or application materials to us for employment purposes, you are subject to the SimplePractice California Job Applicant Privacy Notice. Equal Opportunity Employer Statement The legal stuff: All individuals that are seeking employment are considered without regards to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, pregnancy, veteran status, gender identity, gender expression, or sexual orientation. #J-18808-Ljbffr

WHO WE ARE: Headquartered in Southern California, Skechers-the Comfort Technology Company -has spent over 30 years helping men, women, and kids everywhere look and feel good. Comfort innovation is at the core of everything we do, driving the development of stylish, high-quality products at a great value. From our diverse footwear collections to our expanding range of apparel and accessories, Skechers is a complete lifestyle brand. ABOUT THE ROLE: Skechers is seeking a passionate Application Security Engineer to join our team and serve as a security champion who bridges the gap between development and security operations. This role is critical to strengthening our security posture by embedding security practices throughout the software development lifecycle and fostering a security-first culture across our development teams. The ideal candidate will be a hands-on security professional who thrives on collaboration, enjoys mentoring developers, and has the technical expertise to identify vulnerabilities while providing practical remediation guidance. You will play a pivotal role in scaling our application security program and ensuring our applications are secure by design. WHAT YOU'LL DO: Successfully integrate security practices into development workflows, resulting in measurable reduction of security vulnerabilities in production applications Conduct thorough security-focused code reviews that identify critical vulnerabilities while providing actionable feedback to development teams Establish and implement efficient processes for triaging, prioritizing, and tracking remediation of security findings with clear SLAs and accountability measures Enhance developer engagement through proactive security awareness initiatives, building trusted relationships that enable developers to implement secure coding practices throughout the development process. Assist with management and optimization of SAST, DAST, OSS, WAF, and other application security tools to maximize coverage and minimize false positives Provide analysis and support as needed during security incidents to contribute to faster resolution times WHAT YOU'LL BRING: Proficiency with application security tools including SAST, DAST, dependency scanning, and WAF technologies Strong understanding of common web application vulnerabilities (OWASP Top 10) and secure coding practices Experience with at least one programming language (Java, Python, JavaScript, C#, or similar) Knowledge of API security, authentication mechanisms, and authorization frameworks Familiarity with DevSecOps practices and CI/CD pipeline integration REQUIREMENTS: 3-5 years of hands-on application security experience with demonstrated expertise in secure code review Retail or e-commerce experience a plus The pay range for this position is $110,000-$155,000/yr USD.

Security Engineer II Assignment Length: 6 month W2 Assignment (possible extension) Pay Rate: $53- $59/ HR About the Organization This organization is a leading healthcare provider delivering patient-centered care through advanced clinical services, research, and education. The technology and security teams support critical healthcare systems that enable safe, compliant, and reliable patient care operations. Position Summary The Security Engineer II provides operational, administrative, and project support for the Information Security team. This role is responsible for protecting information systems and organizational data from unauthorized access, misuse, or destruction. The position supports network and system security, incident response, monitoring, reporting, policy development, and implementation of security solutions. The Security Engineer II serves as an escalation point for complex security issues and collaborates closely with senior engineers and cross-functional IT teams. Key Responsibilities Implement and monitor security measures to protect computer systems, networks, and organizational data Perform technical analysis, installation, maintenance, and modification of security systems and software Monitor, analyze, and report on system and security performance Participate in security solution implementations and system hardening initiatives Investigate, respond to, mitigate, and remediate security incidents using established incident response protocols Support the full incident lifecycle including detection, response, mitigation, reporting, recovery, remediation, and lessons learned Provide escalation support to senior engineers for complex security issues Assist in the development and maintenance of security policies, standards, procedures, and documentation Configure, manage, and troubleshoot security infrastructure devices Identify and define system security requirements Develop and recommend short- and long-term security strategies and enhancements Create and maintain standard operating procedures and security documentation Prepare reports documenting security incidents and impact assessments Collaborate with other IT and Information Security teams on incidents, remediation, and security initiatives Provide after-hours and weekend support as needed in a 24x7 incident response environment Perform other duties as assigned Required Education Associate's degree in Computer Science or a related field OR an equivalent combination of education and experience demonstrating the ability to perform the role successfully Required Experience Minimum of 5 years of experience in Information Security Healthcare industry experience Experience with PCI, HIPAA, and NIST frameworks Proven experience as a system security engineer or information security engineer Hands-on experience maintaining and supporting security systems Knowledge of security control concepts including physical, logical, and administrative controls Required Knowledge, Skills, and Abilities Strong technical knowledge of operating system security Hands-on experience with security tools and systems such as: Intrusion detection and prevention systems Anti-virus and endpoint protection solutions Authentication and access control systems Log management and monitoring tools Content filtering solutions Solid understanding of network security concepts and networking technologies Ability to analyze security events and respond effectively to incidents Please submit your resume in Word or PDF format to be considered.

At Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work - and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they're making history. Put your skills to the test by pushing the boundaries of what's possible. From global defense to sustainment and modernization to mission readiness, your experience and ability will make it a reality. Our programs are built on equal parts of curiosity and collaboration. Our combined effort means our customers can connect and defend millions of people around the world. With Northrop Grumman, you'll have the opportunity to be an essential part of projects that will define your career, now and in the future. Northrop Grumman Defense Systems is seeking an Principal or Sr. Principal Industrial Security Analyst (3/4) for our Northridge, CA location. **Roles and Responsibilities:** + Develops and administers physical security programs and procedures for classified or proprietary materials, documents, and equipment. Studies and implements federal security regulations that apply to company operations + Obtains rulings, interpretations, and acceptable deviations for compliance with regulations from government agencies + Prepares manuals outlining regulations, and establishes procedures for handling, storing, and keeping records, and for granting personnel and visitors access to restricted records and materials + Conducts security education classes and security audits + Ensures security compliance as a CSSO in accordance with DoDM 5205.07 + Responsible for offsite and subcontractor security standups and posture **ISA duties will include:** + CSSO for offsite and subcontractor sites associated with the program + Support a fast-paced, high-profile program; creating, maintaining, and leveraging working relationships with internal and external customers + Study and implement company and federal security policies, regulations, and procedures that apply to company operations + Obtain rulings, interpretations, and acceptable deviations for compliance with regulations from government agencies + Manage program security compliance and operations across multiple functions, including security SCIF and/or SAPF administration, PHYSEC, COMSEC, PERSEC, OPSEC, Contract Security, Security Education, Investigations, Visitor Control, and Document Control Management + Develop and implement a security education and awareness program + Conduct internal security audits. Investigate security violations and prepare reports specifying preventive action to be taken + Ensure adherence to contractual guidance for classified programs and cleared facilities in accordance with the Security Statements of Work, DD Form 254, DoD Contract Security Classification Specifications guidance + Assist program managers and professional staff in interpreting, applying, and complying with program Security Classification Guides (SCG) + Provide personnel security (PERSEC) support to include but not limited to reviewing and processing required documentation in support of SCI and SAP nomination processes; maintain PERSEC databases; prepare and administer program indoctrination and debriefings; access, review, and submit clearance and access information using the appropriate government database and other information systems + Provide facility security administration, documentation, and support: implement Standard Operating Procedures (SOP); conduct SCI and SAP security program self-inspections + Provide security support for Sensitive Compartmented Information Facility (SCIF) and Special Access Program Facility (SAPF) build construction projects to include obtaining customer accreditation in accordance with SCI and SAP DoD Manuals, ICD, ICS Tech Spec, and other government requirements + Manage and maintain UL-2050 Compliant Intrusion Detection Systems (IDS) and automated Access Control Systems (ACS) + Other duties as assigned **Basic Qualifications:** **Principal Industrial Security Analyst (level 3)** + Must have a high school diploma or GED with at least 9 years of related experience; OR 5 year of experience with a bachelor's degree + Experience with any of the following: Government manuals (32 CFR Part 117, NISPOM, DODM 5205.07, etc.) + Strong working knowledge of basic office automation tool suites such as MS Office (Word, Excel, PowerPoint) + Excellent customer service and communication skills + Must have an active Secret clearance + Ability to maintain flexibility to deal with changing priorities and deadlines. + Ability to work extended hours, in a fast paced, deadline driven environment, excellent communication skills speaking, writing skills and organized skills enabling effective communications + CSSO Experience + Ability to travel **Basic Qualifications:** **Sr. Principal Industrial Security Analyst (level 4)** + Must have a high school diploma or GED with at least 12 years of related experience; OR 8 year of experience with a bachelor's degree + Experience with any of the following: Government manuals (32 CFR Part 117, NISPOM, DODM 5205.07, etc.) + Strong working knowledge of basic office automation tool suites such as MS Office (Word, Excel, PowerPoint) + Excellent customer service and communication skills + Must have an active Secret clearance + Ability to maintain flexibility to deal with changing priorities and deadlines. + Ability to work extended hours, in a fast paced, deadline driven environment, excellent communication skills speaking, writing skills and organized skills enabling effective communications + CSSO Experience + Ability to travel **Preferred Qualifications:** + Experience Leading Security Teams from Subcontractors and Offsite + Ability to work independently and follow projects through to completion. + Current Top-Secret clearance + Self-starter with minimal supervision + Security experience in a manufacturing environment + Supply Chain Security Experience Primary Level Salary Range: $94,200.00 - $141,200.00 Secondary Level Salary Range: $117,500.00 - $176,300.00 The above salary range represents a general guideline; however, Northrop Grumman considers a number of factors when determining base salary offers such as the scope and responsibilities of the position and the candidate's experience, education, skills and current market conditions. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay. Annual bonuses are designed to reward individual contributions as well as allow employees to share in company results. Employees in Vice President or Director positions may be eligible for Long Term Incentives. In addition, Northrop Grumman provides a variety of benefits including health insurance coverage, life and disability insurance, savings plan, Company paid holidays and paid time off (PTO) for vacation and/or personal business. The application period for the job is estimated to be 20 days from the job posting date. However, this timeline may be shortened or extended depending on business needs and the availability of qualified candidates. Northrop Grumman is an Equal Opportunity Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO and pay transparency statement, please visit *********************************** U.S. Citizenship is required for all positions with a government clearance and certain other restricted positions.

The Information Security Analyst will be tasked with monitoring and identifying organizational security risks, detecting attack methods and sources, and preserving electronic evidence when required. This role requires expertise in analyzing, recommending, designing, implementing, and maintaining systems and processes that safeguard business and client data. Core responsibilities include conducting risk assessments, performing security analyses, and creating remediation strategies. The individual should be capable of working independently while contributing to security programs as part of the incident response team. Strong written communication skills are essential for preparing formal reports. Professional fluency in English and Portuguese is required. This is an onsite position in Brazil, five days per week, offered as a 6-12 month contract with potential for extension or conversion to a full-time role. Responsibilities but not limited to: - IT Security Administration: Focus on minimizing downtime and ensuring scalability by addressing security risks across systems and networks. - Application Security Alignment: Guarantee that security architecture, designs, plans, controls, and policies comply with IT standards and overall security requirements. - Documentation: Develop and maintain detailed records for all security systems and networks, updating documentation whenever changes occur. - Project Participation: Contribute to initiatives and projects centered on information security. - Program Support: Assist with implementing, maintaining, and monitoring the information security program, including gap analysis, risk assessments, third-party evaluations, procedure development, recurring processes, and incident response. - Solution Deployment: Handle integration, initial configuration, and upgrades of new and existing security solutions following industry best practices. - Operating Systems Expertise: Demonstrate advanced knowledge of Linux, Windows, and OS X environments. - Cloud Security: Apply experience in securing cloud infrastructures such as AWS and Azure. - Vulnerability Management: Lead efforts to identify and remediate security weaknesses in networks and systems, providing technical guidance and support. - Policy Development: Create, implement, and maintain internal procedures to safeguard data and manage incident response effectively. - Collaboration: Work with project teams and system architects to design secure systems and project plans that meet established security standards. - Threat Awareness: Stay informed on current and emerging security threats and design architectures to mitigate potential risks. We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to ********************.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: **************************************************** Skills and Requirements · Knowledge with Security solutions: SIEM, IAM, PAM, EDR/XDR, CSAM, CASB, Proxies, ZTNA · Solid security understanding with Microsoft security controls (AD, Entra, O365, Intune MDM, etc) · Minimum 7+ years of experience in information technology security or equivalent combination of education and experience · Security+, CISSP, CISA or SANS GIAC certification · Understanding of application, network, operating system, and core infrastructure security concepts. · Knowledge on security monitoring tools such as UTM, IPS, IDS and other security appliances · Project management, organizational and prioritizing skills · Understanding of WAN, MPLS, and technologies such as VoIP beneficial · Working knowledge of common information technology management frameworks such as ISO/IEC 27001, ITIL, COBIT, and NIST

at The Azoff Music Company LLC Information Security Analyst About the RoleWe are looking for an Information Security Ånalyst to operate and maintain our information security systems. As a mid-size entertainment company with global reach, we manage sensitive intellectual property and digital assets that demand the highest level of security. This role will be responsible for helping to design, implement, and maintain a robust information security program that aligns with business objectives and compliance requirements. Key Responsibilities Governance, Risk Management, and Compliance Establish and maintain security policies, standards, and procedures that comply with applicable regulations (e.g., GDPR, CCPA, SOC 2, ISO 27001, PCI-DSS). Oversee risk assessments and audits, ensuring remediation plans are executed effectively. Manage vendor security evaluations and third-party risk management programs. Operational Security Oversee incident detection, response, and recovery processes to ensure rapid containment and resolution of security events. Implement and monitor security controls across endpoints, networks, and cloud infrastructure. This may include selecting, implementing, and monitoring security software, reviewing network settings like firewall rules and access policies, inspecting hardware and software for vulnerabilities. Lead vulnerability management, penetration testing, and threat intelligence initiatives. Awareness and Culture Develop and deliver ongoing security training and awareness programs for all employees. Champion a culture of security across departments, ensuring staff understand their role in protecting company assets. Mentor junior technical staff on information security best practices, operations, and technology. Technology and Innovation Partner with IT and digital teams to integrate security into technology architecture and workflows. Evaluate and implement advanced security tools, automation, and analytics for proactive threat management. Stay current with emerging threats, trends, and technologies in cybersecurity and the entertainment industry. Qualifications Bachelor's degree in Computer Science, Information Security, or a related field. 5+ years of progressive experience in information security. Proven experience supporting enterprise security programs, preferably in media, entertainment, or technology environments. Strong knowledge of cloud security, identity and access management, and data loss prevention. Strong knowledge of Conditional Access Policies and Device Compliance in Microsoft Entra ID. Experience implementing and managing SSO and SCIM configurations. Familiarity managing PAM solutions like Microsoft Privileged Identity Management. Strong programming (Python) and/or scripting skills (PowerShell/Bash) Familiarity with common device management tools like Intune, Jamf, Mosyle, Addigy, etc. Professional certifications such as Security +, Network +, CISSP, CCSP or CASP, or similar highly desired. Excellent communication and stakeholder management skills - able to translate complex technical risks into clear business implications. The base salary range for this role is $120,000 - $150,000 depending upon experience.Our offices are located in Westwood Village, Los Angeles, CA. Employees work in the office Monday through Thursday and from home on Fridays. We offer a very competitive benefits package, annual bonus, and a creative and dynamic working environment. We are a fully vaccinated workforce. Successful candidates will be required to show proof of being vaccinated against COVID-19. You are up to date when you have received a two-dose series and a booster, or a single dose series and a booster. Reasonable accommodations will be considered on a case-by-case basis for exemptions to this requirement in accordance with applicable law. Disclaimer: This job description only provides an overview of job responsibilities that are subject to change. We are an Equal Opportunity Employer

Job Description Forhyre is seeking a talented individual that will be able to provide security architecture support and interface across the program as needed. This support includes, but is not limited to, cybersecurity solutions, providing technical strategy for solutions, guidance, policy, and implementations. The successful candidate for this position is a highly motivated individual, with a strong IT security background who excels integrating, operating, and deploying security technology and solutions and interacts well with both internal teams and clients. Note: U.S. citizens and those authorized to work in the U.S. are encouraged to apply. We are unable to sponsor at this time. Responsibilities: Engineer, implement and monitor security measures for the protection of computer systems, networks and information Develop and implement security policies and controls to support the Cyber Security framework Manage the existing cyber security training program across global, multilingual business Assists in ensuring global Information security program meets all industry regulations, standards, and compliance requirements Drive adoption of infrastructure security best practices and work with Information Technology teams to ensure security standards are maintained Implement technology to proactively scan Information Technology environment for security breaches and suspicious activity Continuous improvement in the areas of Information Security technologies, techniques and processes Develops and maintains an effective system for the distribution of regular key performance indicator reports and dashboard Ability to interpret penetration test results and describe issues and fixes to non-security expert Responsible for leading an accurate & comprehensive status reporting to the executive steering committee Create and implement SOP/ process improvement initiatives to achieve outcomes that align or exceed the expectations of strategic roadmap Skills & Experience Bachelor's degree and 12+ years of experience; additional years of directly applicable experience may be accepted in lieu of a degree. Certified Information Systems Security Professional (CISSP) 8+ years hands-on experience designing or implementing security solutions, including all related documentation and artifacts Analytical ability, problem-solving skills, and ability to break down complex problems into actionable steps Extensive experience in design and development of enterprise security architectures. Experience must include a wide range of work in creating diagrams and documentation with all components that comprise IT systems including network topology. Strong knowledge and experience in secure enterprise architecture design, especially with regard to IAM, NDR, EDR, SIEM, AI/ML, and other cybersecurity tools and resultant applications Experience selecting effective methods, techniques, and evaluation criteria to achieve desired outcomes Previous experience developing architectures, strategies, strategic plans, roadmaps, and technical standards for the federal IT enterprise environment. Vulnerability Assessment testing and/or Penetration Testing (preferred) Robotic Process Automation/Intelligent Automation (preferred) Business case development supporting security technology solutions (preferred) Additional certifications demonstrating cybersecurity/technical mastery (preferred)

Headquartered in the United States, TP-Link Systems Inc. is a leading global provider of networking devices and smart home products. Consistently ranked as the world's top provider of Wi-Fi devices, TP-Link is dedicated to delivering innovative solutions that improve people's lives by offering faster, more reliable connectivity. Serving customers in over 170 countries, we are committed to expanding our global footprint. At TP-Link Systems Inc., we believe that technology has the power to transform the world for the better. Our mission is to design reliable, high-performance products that connect users worldwide to the limitless possibilities of technology. We are driven by our core values of professionalism, innovation, excellence, and simplicity. Our goal is to help clients achieve outstanding global performance and to provide consumers with a seamless, effortless technology experience. TP-Link Systems Inc. is seeking a skilled and proactive Sr. Security Compliance Analyst who will be responsible for developing and overseeing TP-Link's enterprise security governance framework, ensuring compliance with regulatory requirements, industry standards, and internal policies. This individual will collaborate with cross-functional teams to embed security into business operations, manage risk, and enhance security resilience across TP-Link's enterprise ecosystem. Key Responsibilities: Security Governance & Policy Development Develop, implement, and maintain security policies, standards, and guidelines aligned with industry best practices (e.g., NIST, ISO 27001, CIS). Establish and lead a security governance framework to ensure consistent application of security controls across the enterprise. Risk Management & Compliance Identify, assess, and mitigate security risks across TP-Link's global operations. Ensure compliance with regulatory requirements such as GDPR, CCPA, NIST CSF, and other applicable cybersecurity frameworks. Oversee security audits, risk assessments, and third-party security evaluations. Partner with legal, IT, and business leaders to address security compliance gaps. Third-Party & Supply Chain Security Develop and enforce security requirements for vendors, suppliers, and third-party partners. Conduct security assessments of supply chain partners to identify and mitigate potential risks. Security Awareness & Training Develop and lead security awareness programs to educate employees on cybersecurity risks and best practices. Foster a security-first culture across all levels of the organization. Provide guidance and training on security governance processes for internal stakeholders. Incident Response & Continuous Improvement Support security incident response efforts by ensuring governance processes facilitate rapid detection and response. Lead post-incident analysis to refine security policies and controls. Monitor emerging threats, regulatory changes, and industry trends to evolve TP-Link's security governance strategies. Requirements Qualifications Education: Bachelor's degree in Computer Science, Cybersecurity, Information Security, or a related field. Experience: 5+ years of experience in security governance, risk management, or compliance in a global technology or networking company. Proven track record in developing and implementing security governance frameworks for enterprise security. Experience managing compliance with industry standards and regulations (ISO 27001, NIST CSF, SOC 2, GDPR, CCPA, etc.). Hands-on experience with supply chain security, third-party risk management, and vendor security assessments. Skills: Deep understanding of security frameworks (ISO 27001, NIST, CIS, SOC 2) and regulatory requirements. Strong expertise in risk management methodologies, security policy development, and compliance auditing. Proficient in conducting security assessments, third-party risk evaluations, and internal security reviews. Ability to communicate complex security concepts to business and technical stakeholders effectively. Strong leadership skills with experience in cross-functional collaboration and executive reporting. Benefits Salary range: $100,000-$150,000 Free snacks and drinks, and provided lunch on Fridays Fully paid medical, dental, and vision insurance (partial coverage for dependents) Contributions to 401k funds Bi-annual reviews, and annual pay increases Health and wellness benefits, including free gym membership Quarterly team-building events At TP-Link Systems Inc., we are continually searching for ambitious individuals who are passionate about their work. We believe that diversity fuels innovation, collaboration, and drives our entrepreneurial spirit. As a global company, we highly value diverse perspectives and are committed to cultivating an environment where all voices are heard, respected, and valued. We are dedicated to providing equal employment opportunities to all employees and applicants, and we prohibit discrimination and harassment of any kind based on race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws. Beyond compliance, we strive to create a supportive and growth-oriented workplace for everyone. If you share our passion and connection to this mission, we welcome you to apply and join us in building a vibrant and inclusive team at TP-Link Systems Inc. Please, no third-party agency inquiries, and we are unable to offer visa sponsorships at this time.

The Information Security organization at Sony Pictures Entertainment is responsible for protecting our content, systems, and data from being stolen, damaged, or destroyed. To do so, we are continuously improving our tools, capabilities, and processes to stay ahead of evolving threats. The Manager, Information Security Productions is accountable for operationalizing the Information Security Productions program across all SPE U.S. productions. This includes driving consistent implementation of approved security standards, tools, and controls; ensuring data-driven visibility into production security risk; and supporting compliance and readiness reporting to leadership. Success in this role requires strong cross-functional collaboration across Information Security, IT, S3, and production teams to embed security into creative workflows without friction, while ensuring protection of SPE's most valuable assets-our stories and intellectual property. This role will also ensure program consistency with regional and global counterparts, contribute to automation and standardization of key controls, and support ongoing improvement of information security for productions practices across the production lifecycle. Key indicators of success in this role will be: + Business leaders have near real-time visibility into production information security risk using meaningful, actionable metrics that drive timely and effective decision-making. + Consistent application of approved tools, workflows, and controls across productions, ensuring compliance and readiness reporting aligns with studio KPIs. + Production teams trust SPE to provide a secure, highly available, and easy-to-use digital production environment that safeguards our content and data. + Information Security, Physical Security, and IT operate as unified partners to protect SPE productions from concept to archive. Within this organization, we value learning, agility, and collaboration. The Manager, Information Security Productions (CC, US) will be a key contributor to Sony Pictures Entertainment's goal of being the most trusted studio in the industry. Responsibilities Provide visibility and actionable insight into Information Security risk across active U.S. productions. + Monitor, analyze, and report on production security posture and key control performance metrics for each production. + Partner with global InfoSec, Risk, Threat Intelligence, Incident Response, Training, and Governance teams to align production needs with enterprise programs. + Prepare and present dashboards and reports on security trends, compliance status, and improvement opportunities. + Support the development of production-specific metrics and KPIs to measure control effectiveness. + With IT and Physical Security, maintain security controls in place for productions to most effectively meet our business goals. Operationalize the Production Information Security Program across U.S. productions. + Ensure consistent implementation of approved security tools, policies, and workflows within productions. + Coordinate adoption of automated controls with productions, such as provisioning, watermarking, and access telemetry. + Support the standardization and scalability of production security practices across production titles and business units. Ensure and track production security culture, awareness, and response readiness. + Amplify the reach of security training and awareness initiatives by coordinating rollout to productions, ensuring consistent messaging and participation tracking. + Gather feedback from productions to help refine information security for productions training and awareness efforts. + Partner with Incident Response to ensure clear communications, timely follow-up, and closure of corrective actions. + Track cultural and operational readiness indicators (e.g., onboarding rates, reporting engagement, post-incident improvements) to measure program maturity and continuous improvement. Qualifications + 5+ Years of experience in Information Security, Information Technology or a related field + 5+ Years of experience in an organization directly involved in movie, television and/or other entertainment production, or equivalent educational experience. + Bachelor's degree preferred + Strong understanding of the technologies, tools and processes used in production of movies and/or television. + Knowledge of Information Security frameworks, standards and best practices and their relevance to business success + Specific knowledge of processes, tools and practices used to maintain confidentiality in the context of movie and television productions. + Ability to develop and maintain meaningful metrics to track program and process effectiveness. + Strong planning and analytical skills + Strong communications skills Sony Pictures Entertainment is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, national origin, disability, veteran status, age, sexual orientation, gender identity, or other protected characteristics. To request an accommodation for purposes of participating in the hiring process, you may contact us at SPE_Accommodation_Assistance@spe.sony.com.

Job Title: Manager, Information Security & Compliance Reports to: Sr. Director of Technology Operations & Information Security Officer FLSA: Exempt EEO: Professional Manages others: Yes Department: Technology Operations ADP Job Code: 310-19 General Job Description The Manager, Information Security & Compliance leads all security engineering and compliance operations at WPS, ensuring the confidentiality, integrity, and availability of systems and data. This is a hands-on technical role that oversees vulnerability management, SIEM operations, incident response, identity security, secure configurations, cloud security architecture, and disaster recovery. The Manager leads the Compliance Engineer and oversees the company's compliance program, ensuring that security practices and technical controls align with SOC 2, HIPAA, GDPR, CCPA, customer requirements, and any future regulatory or industry frameworks required by WPS. This role sets security priorities, governs security standards, and ensures that all IT systems, including endpoints, identity, infrastructure, and cloud environments, operate securely and in compliance with regulatory and contractual obligations. This role also owns WPS's Disaster Recovery (DR) program, including planning, governance, testing, and continuous improvement of recovery capabilities across systems, infrastructure, and cloud environments. This role is both strategic and hands-on, requiring direct technical involvement in security engineering and incident response. This position is central to WPS's IT security strategy, risk management, and audit readiness and reports to the Sr. Director & Information Security Officer. Essential Responsibilities Security Engineering & Operations Own vulnerability management, SIEM tuning and monitoring, incident response, and threat investigation. Maintain secure baseline configurations (CIS, hardening standards). OverseeAWS security controls, including IAM governance, cloud logging, encryption standards, network security boundaries, and enforcement of cloud security guardrails. Design and approve security controls for new systems, infrastructure changes, and applications. Govern identity security, privileged access, MFA enforcement, and periodic access reviews. Provide security oversight for DevOps pipelines and cloud deployments. Security Governance & Policy Own all security policies, standards, procedures, and security awareness training. Lead annual risk assessments, security reviews, and third-party/vendor risk management. Ownthe Disaster Recovery (DR) governance program, including planning, documentation, tabletop exercises, and driving remediation, while partnering with Infrastructure on technical DR execution. Manage data protection and data classification practices. Track and reportsecurity KPIs, risks, and initiatives to the ISO. Run regular security governance meetings and guide cross-functional alignment. Compliance Program Oversight Leadthe Compliance Engineer and review all work for accuracy and completeness. Approve technical controls, evidence, and audit documentation. EnsureIT systems meet required technical controls across SOC 2, HIPAA, GDPR, CCPA, and other applicable regulatory or customer-driven frameworks. Act as the technical owner during internal/external audits. Define evidencerequiredfrom ITandnon-IT WPSteams. Manage corrective actions, POAMs, and remediation plans. Review customer security questionnaires with the Compliance Engineer. Collaboration With Infrastructure & DevOps Securitydefines security requirements and works closely with Infrastructure to implement the necessary configurations, remediations, and technical controls. Partner with the Infrastructureteamto ensure DR plans, runbooks, and technical recovery processes are implemented and tested effectively. Security reviews and approves changes thatimpactsecurity posture. Program Development & Future Maturity Advance detection engineering, automation, and threat visibility. Implement stronger security controls to support company and platform growth. Lay groundwork for future expansion of the security/compliance function. Position Requirements (Skills, Knowledge, Abilities) Education & Experience Bachelor's degree in Cybersecurity, Information Systems, Computer Science, or equivalent experience preferred. 5+ years of hands-on IT security engineering or cybersecurity engineering experience. Experience leading security or compliance functions. Strong technical experience in SIEM, AWS security, vulnerability management, identity security, incident response, and disaster recovery. Strongproficiencywith AWS security architecture, IAM, cloud logging, and security guardrails. Working knowledge of SOC 2, HIPAA, GDPR, and CCPA compliance frameworks. Skills & Competencies Strong understanding of security architecture, secure configurations, and cloud security. Excellent judgment and risk evaluation skills. Ability to translate regulatory requirements into executable technical controls. Strong communicationskills for cross-functional work and audit interactions. Ability to mentor and develop team members. Strong analytical and troubleshooting skills. WPS IS AN EQUAL OPPORTUNITY EMPLOYER AA M/F/V/D. We proudly hire U.S. Military Veterans, and those qualified are encouraged to apply. Equal Employment Opportunity is The Law. | Pay Transparency Nondiscrimination Provision At this time, WPS is unable to provide visa sponsorship. We use E-Verify and submit information from each new employee's Form I-9 to confirm work authorization.

The System Security Engineer Level II is required to be a highly skilled and hands-on security engineer, and will be responsible for helping to maintain and expand the infrastructure of the entire Cambro network, ensuring that they are protected from cyber threats and attacks, ensuring compliance, and responding to incidents. In this role, the responsibility is to manage, monitor, and maintain our Network IT infrastructure from CVEs, cyber threats, manage and implement device firmware and software updates. Also, the role is required to assist in projects and initiatives to support, upgrade, and maintain our technical environment to improve network security. The role requirement is to be proficient with cybersecurity frameworks including NIS, ISO27001/27002, CIS, HIPAA, CCPA/CPRA and GDPR. The role requires to have a multi-disciplined background including experience with Cybersecurity Operations, firewalls, IDS/IPS, switches, VLANs, routing protocols, IPsec, VPN tunnels, multi factor authentication and e-mail security. In addition, they must have a solid understanding of virtualized servers, Windows workstations and services. This role is required to have the network monitoring skills and technologies for detecting unusual activity, investigate security breaches and lead incidence response. ESSENTIAL JOB FUNCTIONS • Monitor network traffic for anomalies, investigate alerts and respond to security incidents. • Conduct regular vulnerability scans, risk assessments, patch management and mitigation across network devices. • Ensure adherence to cybersecurity frameworks including NIS, ISO27001/27002, CIS, HIPAA, CCPA/CPRA and GDPR. • Able to proactively scan servers and network devices for vulnerable ports and protocols and rogue devices. • Manage our firewall environment with the ability to create route policies and apply cybersecurity recommendations • Install and configure Network Equipment (Switches, Firewalls, and other networking hardware) • Perform (Layer 2) switch administration and configuration on Cisco/Ruckus switches. Including configuring LAGs, interfaces, creating trunks, creating, and managing segmented VLANs. • Possess a solid understanding of Windows Server services and roles including installation and configuration • Create certificates for network devices and servers that have a web management capability • A strong understanding of Windows Active Directory and can design, implement, and configure and troubleshoot Active Directory issues • Create, Manage and Deploy Group Policy Objects (GPO's) to deploy applications and implement security including windows firewalls • Effectively use PowerShell to automate and standardize administrative tasks • Capable of installing a Linux VM and execute basic Linux commands and managing Linux appliances • Manage our virtualized server environment managing, creating VM's and patching the VMware environment. • Strong understanding of Virtual Switches, Port Groups (Distributed and Standard) • Manage the Active Backup for Business on Synology and other advanced Synology administration features • Maintain and monitor Backup solutions. • Manage our users email accounts using the cloud service M365 from Microsoft • Responsible for creating and maintaining server and network documentation to include tasks and procedures • Proactively monitor our network using a variety of tools to help identify potential network and server issues • Assist in patching our entire infrastructure when needed using a variety of tools • Maintains strong technical abilities, knowledge of new and changing technologies • Prepare for emergencies by creating and/or updating action plans • Jumping into time-sensitive projects wherever needed • Showing flexibility and a willingness to learn • Maintain healthy communication with IT Staff, IT Customers and Vendors • Actively participate in IT Infrastructure and Operations projects, managing, completing, communicating, and fully documenting assigned tasks and deliverables. • Maintain reliable and consistent attendance, including being punctual, and dependable in order to meet the needs of the department and the organization. • Execute each essential duty satisfactorily to perform job successfully. • Follows all safety procedures required in work area, wears PPE as needed, attends all safety meetings, and reports safety issues regarding equipment or unsafe/hazardous conditions. • Performs effectively as a team member, able to work well with others, open to receiving and give feedback, and treats everyone with respect. • Takes ownership of own work and behavior, accepts accountability for own actions, encourages solutions, and communicates status of work/projects. • Follow all department quality standards/criteria. Raise concerns and issues to immediate manager. • Able to understand and demonstrate Cambro company culture, display company core values (Safety, Quality, Respect, and Service). • Understands department's key performance indicators and contributes to achieve these goals both individually and as a team. • Maintains reliable and consistent attendance, including being punctual, dependable, and flexible to potential schedule changes to meet the needs of the department and the organization. • Executes each essential duty satisfactorily to perform job successfully. • Follows all safety procedures required in work area, wears PPE as needed, attends all safety meetings, and reports safety issues regarding equipment or unsafe/hazardous conditions. • Performs effectively as a team member, able to work well with others, open to receive and give feedback, and treats everyone with respect. • Takes ownership of own work and behavior, accepts accountability for own actions, encourages solutions, and communicates status of work/projects. • Follows all department quality standards/criteria. Raises concerns and issues to management. • Understands department's key performance indicators (KPIs) and contributes to achieve these goals both individually and as a team. • Other duties as needed or required. ADDITIONAL RESPONSIBILITIES • Ability to be on call 24 hours a day, 7 days a week for global operations, by periodically providing off-hours, evening, and weekend support to accommodate maintenance windows and issue resolution • Occasional travel to various Cambro locations domestically and internationally as required (15%) • May occasionally guide less experienced associates to help with technical projects • Some travel may be required. REQUIRED QUALIFICATIONS The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. • Bachelor's degree (B.A.) from a four-year accredited college or university. • 5-10 years of experience in IT security, network, administration, and support roles. • Ability to interpret a variety of instructions furnished in written, oral, diagram, or schedule form. • Ability to adapt and adjust plans to meet changing needs. • Proficient in Microsoft Office Suite • Experience with Fortinet solutions, EDR, email security solutions • Solid knowledge of cybersecurity frameworks including NIS, ISO27001/27002, CIS, HIPAA, CCPA/CPRA and GDPR. • Solid working knowledge of Layer 2 (VLANs, Inter-VLANs, VTP Domains, bridge groups, MVRP, ACL's) technologies and network segmentation. • Strong knowledge of DNS records including reverse zones and maintaining DNS records • Strong DHCP Knowledge to include DHCP Fail over and able to configure DCHP relay on Switches • Solid understanding of routing protocols, static routes and ARP cache • Proficient in creating and implementing certificates on layer 2 devices (Switches, Firewalls, Linux Appliances) • Strong troubleshooting skills and possess the ability to find security and network issues in a timely manner • Strong Windows administration skills including Active Directory/GPO's and security policies • Solid working knowledge of Virtualization, such as VMware ESXi servers and vCenter 7.x • Solid working knowledge of Veeam/Bacula/Exagrid backup software to manage backup and restore procedures • Must be able to follow instructions and procedures and ask questions if something is unclear • Excellent documentation skills including ability to create network drawings • Self-motivated and energetic with the ability to manage time efficiently without supervision and to work effectively under pressure • Strong customer service and communication skills • Excellent organizational skills and strong sense of urgency • Familiarity with various network types including LANs, WANs, SDWAN, WLANs, SANs, and VoIP networks • Great accuracy and attention to detail PREFERRED QUALIFICATIONS • Experience in Business Continuity and disaster recovery is a plus • Knowledge of Ruckus Access Points and Switches • Knowledge of IBMi PHYSICAL DEMANDS The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Sitting, walking, standing, bending at the neck, bending at the waist, squatting, climbing, kneeling, crawling, twisting at the neck and waist, repetitive use of hands, simple grasping, power grasping, fine manipulation, pushing and pulling, reaching above and below the shoulder, carrying/lifting up to 50 lbs. Driving cars and other IT equipment Working around equipment and machinery Exposure to excessive noise Exposure to dust, gas, fumes or chemicals Working at heights Use of special visual or auditory protective equipment Walking on uneven ground PPE Requirements Safety glasses Steel-toe slip-resistant shoes - When in production area Hearing protection (e.g. ear plugs, ear muffs) - When in production area Face covering (mask) in accordance with company policy. Hardhat/bump camp IT Application COMPENSATION RANGE: $97,000- $120,000 Salary may vary based on experience. CAMBRO is proud to be an equal-opportunity workplace. All qualified applicants will receive consideration for employment without regard to and will not be discriminated against based upon race, color, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, genetic information, military or veteran status, or other characteristics protected by law.

This position is responsible for ensuring that the Bank's Security operations and preventive controls are managed and maintained in accordance with established Information Security policies, standards and procedures, published regulations and industry best practices. Primarily responsible for the constant review of vendor security controls in comparison with policies and industry frameworks, risk assessments, determination of control gaps and their remediation. ESSENTIAL FUNCTIONS Performs vendor security risk assessments to determine inherent risk on proposed projects and assesses vendor security controls to determine residual risk. Evaluates the potential exposure to application security risks and threats based on industry security frameworks and recommends appropriate mitigation. Assesses security practices including Information Security governance, Identity and access control, Incident monitoring and response, Vulnerability assessment and Penetration tests, Network Security and Endpoint Security, among others. Acts as liaison with Third Party Risk Management, Information Technology and business department Relationship Managers related to vendor risk assessments. Reports information security risks and follows-up remediations. Remediates audit and regulatory findings and recommendations related to Information Security and Vendor Risk Management. QUALIFICATIONS Education: College degree in Information Technology or Information Security or equivalent; Security+, SSCP, CISSP, CISM or similar information security certifications preferred. Experience: Minimum two years of experience in Information Security Risk, Information Security Operations or Security Auditing. Proven experience on third-party risk management and vendor security assessments. Working knowledge of security practices such as Endpoint Security, Network Security, Security Operations and Security Governance required. Experience working with Vendor Risk Management (VRM) applications preferred. Skills/Ability: Proven ability to initiate and manage projects. Excellent communication and problem-solving skills. Strong inter-personal communication and collaboration skills. Self-starter, highly motivated, and able to work with general supervision. OTHER DETAILS $28.84 - $33.65 / hour Pay determined based on job-related knowledge, skills, experience, and location. This position may be eligible for a discretionary bonus.

Full-time Description For nearly 50 years, CSA has delivered integrated technology and operational support services to meet the defense and federal sector's most complex enterprise needs. Working from operations centers and shipyards to training sites and program offices, CSA deploys experienced teams, innovative tools, and proven processes to advance federal missions. Client Solution Architects (CSA) is currently seeking an Information Systems Security Officer to support a program at Grafenwoehr, Germany. Works with System Administrators (SA), Command Information System Security Manager (ISSM), other Information System Security Officers (ISSOs), multiple Branch Heads, multiple Program Managers (PMs) and a project strategist in support of the completion of a mixture of Certification and Accreditation (C&A) boundaries consolidated into overarching master boundaries in support of information assurance policy and regulations. In addition to C&A package development, the individual will be responsible for the day-to-day operations as an ISSO. How Role will make an impact: Develop and maintain an organizational or system-level cybersecurity program that includes cybersecurity architecture, requirements, objectives and policies, cybersecurity personnel, and cybersecurity processes and procedures. Provide support to the System Owner and the ISSM for maintaining the appropriate operational IA posture for a system, program, or enclave. Provide support to the customer on all matters involving the security of their information systems. Assist with the management of all security aspects of the information system and as assigned performs day-to-day security operations of the system. Assist in the development of the system security policy and ensures compliance with that policy on a routine basis. Prepare, validate, and maintain security documentation including, but not limited to: system security plan (SSP), risk assessment (RA), contingency plan (CP), privacy impact assessment (PIA), eAuthentication assessment, FIPS categorization. Provide configuration management for security-relevant information system software, hardware, and firmware, controlling changes to the system and assessing the security impact of those changes. Identify and mitigate security business and system risks. Identify and manage POA&Ms through remediation as well as develop corrective action plans for each POA&M. Maintain a repository for all organizational or system-level cybersecurity-related documentation such as RMF processes within eMASS or other automated process. Maintain Defense Information Technology Portfolio Registry (DITPR) for client systems and software. Ensure implementation of Information System (IS) security measures and procedures, including reporting incidents to the Command Information System Security Manger (ISSM) and appropriate reporting chains as well as coordinating system-level responses to unauthorized disclosures in accordance with DoDM 5200.01 Vol 3 for classified information or DoDM 5200.01 Vol 4 for CUI, respectively. Implement and enforce all DoD IS and Platform Information Technology (PIT) system cybersecurity policies and procedures, as defined by cybersecurity-related documentation. Ensure that all users have the requisite security clearances and access authorization, and are aware of their cybersecurity responsibilities for DoD IS and PIT systems under their purview before being granted access to those systems. In coordination with the ISSM, initiate protective or corrective measures when a cybersecurity incident or vulnerability is discovered. Establish a process for authorized users to report all cybersecurity-related events and potential threats and vulnerabilities to the ISSO. Ensure that all DoD IS cybersecurity-related documentation is current and accessible to properly authorized individuals. Ensures proper Configuration Management procedures are followed. Prior to implementation and contingent upon necessary approval with the ISSM. Initiates requests for temporary and permanent exception, deviations, or waivers to IA requirements such as Plan of Action and Milestones (POA&Ms). Ensures IA and IA-enabled software, hardware and firmware comply with appropriate security configuration guides. Provide status updates of assigned duties to the appropriate agency heads as defined in their respective Service Level Agreement (SLA). Respond to all applicable data calls, CTO's, FRAGO's, IAVA's ,etc within the requested timeframe. Attend all Cybersecurity Workforce Meetings when requested. Perform as needed system administration on JLCCTC or other simulations or interface systems as needed. Perform as needed technical operations, setup and tear down of servers, systems and integration tools; maintaining RMF compliance; providing input to exercise design and technical planning products. Support as needed other set-up, transition, and break down for all training and training support activities pertaining to this task order. Participate in individual training, seminars, conferences, exercise/experiment planning events, site surveys, and exercise and training events and supports the planning and preparation processes and product development as needed. Requirements What you'll need to join our award-winning team: Clearance: Must possess and maintain an active U.S. Top Secret/SCI security clearance with the ability to pass a CI/Polygraph exam Education: A bachelor's degree plus 3 years of recent related experience OR an associate's degree plus 7 years of recent related experience OR a major certification plus 7 years of recent related experience OR 11 years of recent related experience. DoD Approved 8570 Baseline Certification for a minimum of IAM Level II. Five (5) years' experience within the past 10 years, in planning simulation exercise architectures, supervising implementation of communication systems, and integration of Army Mission Command Systems in support of distributed exercises. Five (5) years' experience in information technology management What Sets you apart: A working knowledge of RMF and the security authorization processes and procedures. Knowledge of NIST Special Publications and their counterparts, especially SP800- 37, SP800-53, ICD 503, and CNSS 1253. Ability to communicate clearly and present information to the customer in a format they can understand. Experience in several of the following areas: knowledge of current security tools, hardware and software security implementation; different communication protocols; and encryption techniques/tools. Familiarity with commercial security products, security authorization techniques, security incident management, and PKI and authorization services. Must be able to prioritize tasks, deliver solutions on time and be a team player with the ability to work independently and proactively while being flexible and prioritizing competing priorities, often under time constraints. Have strong analysis, oral and written communication, and change management skills with ability to plan, organize, prioritize, track, manage, and learn new skills. It is preferred that a candidate have at least one year of experience under the DoD Information Assurance Certification and Accreditation Process (DIACAP) and/or Risk Management Framework (RMF) accreditation process and has a familiarity with Enterprise Mission Assurance Support Service (eMASS). Technical familiarity with Windows 7 Enterprise/Windows 10 Professional, Windows Server 2012, and Red Hat Linux. Experience with providing IA or IT support to a US Army client desirable, but not required. Proficiency with using the Internet and with Microsoft Office products including e-mail, Word, Excel, Access and Project is required. Outstanding work ethic and personal integrity. Superior analytical and problem-solving skills. Ability to document and update processes. Ability to perform tasks under deadlines. Ability to work with senior Government and Industry leaders. Possess a very high degree of attention to detail. Capable of working at a computer terminal for extended periods. Ability to work 12-hour shifts, day or night, for consecutive days up to 4 weeks. • Outstanding interpersonal and written communication skills.

A leading entertainment and media enterprise is seeking a Senior Software Engineer to enhance cybersecurity efforts. The role involves designing internal tools, managing security frameworks, and collaborating with compliance teams. Candidates should possess at least 5 years of software development experience, knowledge in DevSecOps, and familiarity with cloud technologies. This position is integral to securing information systems across various Disney platforms, supporting innovative consumer experiences and operational excellence. #J-18808-Ljbffr

A health tech firm in California is seeking an Applied AI Security Engineer to enhance security for health and wellness professionals. The ideal candidate will have extensive experience in AI/ML security solutions and a strong background in information security. Responsibilities include designing secure AI solutions, collaborating with product teams, and leading incident response efforts. The position offers a competitive salary ranging from $115,000 to $145,000 annually, along with a comprehensive benefits package. #J-18808-Ljbffr

RELOCATION ASSISTANCE: No relocation assistance available CLEARANCE TYPE: SecretTRAVEL: Yes, 25% of the TimeDescriptionAt Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work - and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they're making history. Put your skills to the test by pushing the boundaries of what's possible. From global defense to sustainment and modernization to mission readiness, your experience and ability will make it a reality. Our programs are built on equal parts of curiosity and collaboration. Our combined effort means our customers can connect and defend millions of people around the world. With Northrop Grumman, you'll have the opportunity to be an essential part of projects that will define your career, now and in the future. Northrop Grumman Defense Systems is seeking an Principal or Sr. Principal Industrial Security Analyst (3/4) for our Northridge, CA location. Roles and Responsibilities: Develops and administers physical security programs and procedures for classified or proprietary materials, documents, and equipment. Studies and implements federal security regulations that apply to company operations Obtains rulings, interpretations, and acceptable deviations for compliance with regulations from government agencies Prepares manuals outlining regulations, and establishes procedures for handling, storing, and keeping records, and for granting personnel and visitors access to restricted records and materials Conducts security education classes and security audits Ensures security compliance as a CSSO in accordance with DoDM 5205.07 Responsible for offsite and subcontractor security standups and posture ISA duties will include: CSSO for offsite and subcontractor sites associated with the program Support a fast-paced, high-profile program; creating, maintaining, and leveraging working relationships with internal and external customers Study and implement company and federal security policies, regulations, and procedures that apply to company operations Obtain rulings, interpretations, and acceptable deviations for compliance with regulations from government agencies Manage program security compliance and operations across multiple functions, including security SCIF and/or SAPF administration, PHYSEC, COMSEC, PERSEC, OPSEC, Contract Security, Security Education, Investigations, Visitor Control, and Document Control Management Develop and implement a security education and awareness program Conduct internal security audits. Investigate security violations and prepare reports specifying preventive action to be taken Ensure adherence to contractual guidance for classified programs and cleared facilities in accordance with the Security Statements of Work, DD Form 254, DoD Contract Security Classification Specifications guidance Assist program managers and professional staff in interpreting, applying, and complying with program Security Classification Guides (SCG) Provide personnel security (PERSEC) support to include but not limited to reviewing and processing required documentation in support of SCI and SAP nomination processes; maintain PERSEC databases; prepare and administer program indoctrination and debriefings; access, review, and submit clearance and access information using the appropriate government database and other information systems Provide facility security administration, documentation, and support: implement Standard Operating Procedures (SOP); conduct SCI and SAP security program self-inspections Provide security support for Sensitive Compartmented Information Facility (SCIF) and Special Access Program Facility (SAPF) build construction projects to include obtaining customer accreditation in accordance with SCI and SAP DoD Manuals, ICD, ICS Tech Spec, and other government requirements Manage and maintain UL-2050 Compliant Intrusion Detection Systems (IDS) and automated Access Control Systems (ACS) Other duties as assigned Basic Qualifications: Principal Industrial Security Analyst (level 3) Must have a high school diploma or GED with at least 9 years of related experience; OR 5 year of experience with a bachelor's degree Experience with any of the following: Government manuals (32 CFR Part 117, NISPOM, DODM 5205.07, etc.) Strong working knowledge of basic office automation tool suites such as MS Office (Word, Excel, PowerPoint) Excellent customer service and communication skills Must have an active Secret clearance Ability to maintain flexibility to deal with changing priorities and deadlines. Ability to work extended hours, in a fast paced, deadline driven environment, excellent communication skills speaking, writing skills and organized skills enabling effective communications CSSO Experience Ability to travel Basic Qualifications: Sr. Principal Industrial Security Analyst (level 4) Must have a high school diploma or GED with at least 12 years of related experience; OR 8 year of experience with a bachelor's degree Experience with any of the following: Government manuals (32 CFR Part 117, NISPOM, DODM 5205.07, etc.) Strong working knowledge of basic office automation tool suites such as MS Office (Word, Excel, PowerPoint) Excellent customer service and communication skills Must have an active Secret clearance Ability to maintain flexibility to deal with changing priorities and deadlines. Ability to work extended hours, in a fast paced, deadline driven environment, excellent communication skills speaking, writing skills and organized skills enabling effective communications CSSO Experience Ability to travel Preferred Qualifications: Experience Leading Security Teams from Subcontractors and Offsite Ability to work independently and follow projects through to completion. Current Top-Secret clearance Self-starter with minimal supervision Security experience in a manufacturing environment Supply Chain Security Experience Primary Level Salary Range: $94,200.00 - $141,200.00Secondary Level Salary Range: $117,500.00 - $176,300.00The above salary range represents a general guideline; however, Northrop Grumman considers a number of factors when determining base salary offers such as the scope and responsibilities of the position and the candidate's experience, education, skills and current market conditions.Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay. Annual bonuses are designed to reward individual contributions as well as allow employees to share in company results. Employees in Vice President or Director positions may be eligible for Long Term Incentives. In addition, Northrop Grumman provides a variety of benefits including health insurance coverage, life and disability insurance, savings plan, Company paid holidays and paid time off (PTO) for vacation and/or personal business.The application period for the job is estimated to be 20 days from the job posting date. However, this timeline may be shortened or extended depending on business needs and the availability of qualified candidates.Northrop Grumman is an Equal Opportunity Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO and pay transparency statement, please visit *********************************** U.S. Citizenship is required for all positions with a government clearance and certain other restricted positions.

Job Description Headquartered in the United States, TP-Link Systems Inc. is a leading global provider of networking devices and smart home products. Consistently ranked as the world's top provider of Wi-Fi devices, TP-Link is dedicated to delivering innovative solutions that improve people's lives by offering faster, more reliable connectivity. Serving customers in over 170 countries, we are committed to expanding our global footprint. At TP-Link Systems Inc., we believe that technology has the power to transform the world for the better. Our mission is to design reliable, high-performance products that connect users worldwide to the limitless possibilities of technology. We are driven by our core values of professionalism, innovation, excellence, and simplicity. Our goal is to help clients achieve outstanding global performance and to provide consumers with a seamless, effortless technology experience. TP-Link Systems Inc. is seeking a skilled and proactive Sr. Security Compliance Analyst who will be responsible for developing and overseeing TP-Link's enterprise security governance framework, ensuring compliance with regulatory requirements, industry standards, and internal policies. This individual will collaborate with cross-functional teams to embed security into business operations, manage risk, and enhance security resilience across TP-Link's enterprise ecosystem. Key Responsibilities: Security Governance & Policy Development Develop, implement, and maintain security policies, standards, and guidelines aligned with industry best practices (e.g., NIST, ISO 27001, CIS). Establish and lead a security governance framework to ensure consistent application of security controls across the enterprise. Risk Management & Compliance Identify, assess, and mitigate security risks across TP-Link's global operations. Ensure compliance with regulatory requirements such as GDPR, CCPA, NIST CSF, and other applicable cybersecurity frameworks. Oversee security audits, risk assessments, and third-party security evaluations. Partner with legal, IT, and business leaders to address security compliance gaps. Third-Party & Supply Chain Security Develop and enforce security requirements for vendors, suppliers, and third-party partners. Conduct security assessments of supply chain partners to identify and mitigate potential risks. Security Awareness & Training Develop and lead security awareness programs to educate employees on cybersecurity risks and best practices. Foster a security-first culture across all levels of the organization. Provide guidance and training on security governance processes for internal stakeholders. Incident Response & Continuous Improvement Support security incident response efforts by ensuring governance processes facilitate rapid detection and response. Lead post-incident analysis to refine security policies and controls. Monitor emerging threats, regulatory changes, and industry trends to evolve TP-Link's security governance strategies. Requirements Qualifications Education: Bachelor's degree in Computer Science, Cybersecurity, Information Security, or a related field. Experience: 5+ years of experience in security governance, risk management, or compliance in a global technology or networking company. Proven track record in developing and implementing security governance frameworks for enterprise security. Experience managing compliance with industry standards and regulations (ISO 27001, NIST CSF, SOC 2, GDPR, CCPA, etc.). Hands-on experience with supply chain security, third-party risk management, and vendor security assessments. Skills: Deep understanding of security frameworks (ISO 27001, NIST, CIS, SOC 2) and regulatory requirements. Strong expertise in risk management methodologies, security policy development, and compliance auditing. Proficient in conducting security assessments, third-party risk evaluations, and internal security reviews. Ability to communicate complex security concepts to business and technical stakeholders effectively. Strong leadership skills with experience in cross-functional collaboration and executive reporting. Benefits Salary range: $100,000-$150,000 Free snacks and drinks, and provided lunch on Fridays Fully paid medical, dental, and vision insurance (partial coverage for dependents) Contributions to 401k funds Bi-annual reviews, and annual pay increases Health and wellness benefits, including free gym membership Quarterly team-building events At TP-Link Systems Inc., we are continually searching for ambitious individuals who are passionate about their work. We believe that diversity fuels innovation, collaboration, and drives our entrepreneurial spirit. As a global company, we highly value diverse perspectives and are committed to cultivating an environment where all voices are heard, respected, and valued. We are dedicated to providing equal employment opportunities to all employees and applicants, and we prohibit discrimination and harassment of any kind based on race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws. Beyond compliance, we strive to create a supportive and growth-oriented workplace for everyone. If you share our passion and connection to this mission, we welcome you to apply and join us in building a vibrant and inclusive team at TP-Link Systems Inc. Please, no third-party agency inquiries, and we are unable to offer visa sponsorships at this time.

The Information Security organization at Sony Pictures Entertainment is responsible for protecting our content, systems, and data from being stolen, damaged, or destroyed. To do so, we are continuously improving our tools, capabilities, and processes to stay ahead of evolving threats. The Manager, Information Security Productions is accountable for operationalizing the Information Security Productions program across all SPE U.S. productions. This includes driving consistent implementation of approved security standards, tools, and controls; ensuring data-driven visibility into production security risk; and supporting compliance and readiness reporting to leadership. Success in this role requires strong cross-functional collaboration across Information Security, IT, S3, and production teams to embed security into creative workflows without friction, while ensuring protection of SPE's most valuable assets-our stories and intellectual property. This role will also ensure program consistency with regional and global counterparts, contribute to automation and standardization of key controls, and support ongoing improvement of information security for productions practices across the production lifecycle. Key indicators of success in this role will be: Business leaders have near real-time visibility into production information security risk using meaningful, actionable metrics that drive timely and effective decision-making. Consistent application of approved tools, workflows, and controls across productions, ensuring compliance and readiness reporting aligns with studio KPIs. Production teams trust SPE to provide a secure, highly available, and easy-to-use digital production environment that safeguards our content and data. Information Security, Physical Security, and IT operate as unified partners to protect SPE productions from concept to archive. Within this organization, we value learning, agility, and collaboration. The Manager, Information Security Productions (CC, US) will be a key contributor to Sony Pictures Entertainment's goal of being the most trusted studio in the industry. Responsibilities Provide visibility and actionable insight into Information Security risk across active U.S. productions. Monitor, analyze, and report on production security posture and key control performance metrics for each production. Partner with global InfoSec, Risk, Threat Intelligence, Incident Response, Training, and Governance teams to align production needs with enterprise programs. Prepare and present dashboards and reports on security trends, compliance status, and improvement opportunities. Support the development of production-specific metrics and KPIs to measure control effectiveness. With IT and Physical Security, maintain security controls in place for productions to most effectively meet our business goals. Operationalize the Production Information Security Program across U.S. productions. Ensure consistent implementation of approved security tools, policies, and workflows within productions. Coordinate adoption of automated controls with productions, such as provisioning, watermarking, and access telemetry. Support the standardization and scalability of production security practices across production titles and business units. Ensure and track production security culture, awareness, and response readiness. Amplify the reach of security training and awareness initiatives by coordinating rollout to productions, ensuring consistent messaging and participation tracking. Gather feedback from productions to help refine information security for productions training and awareness efforts. Partner with Incident Response to ensure clear communications, timely follow-up, and closure of corrective actions. Track cultural and operational readiness indicators (e.g., onboarding rates, reporting engagement, post-incident improvements) to measure program maturity and continuous improvement. Qualifications 5+ Years of experience in Information Security, Information Technology or a related field 5+ Years of experience in an organization directly involved in movie, television and/or other entertainment production, or equivalent educational experience. Bachelor's degree preferred Strong understanding of the technologies, tools and processes used in production of movies and/or television. Knowledge of Information Security frameworks, standards and best practices and their relevance to business success Specific knowledge of processes, tools and practices used to maintain confidentiality in the context of movie and television productions. Ability to develop and maintain meaningful metrics to track program and process effectiveness. Strong planning and analytical skills Strong communications skills The anticipated base salary for this position is $115,000-$150,000. This role may also qualify for annual incentive and/or comprehensive benefits. The actual base salary offered will depend on a variety of factors, including without limitation, the qualifications of the individual applicant for the position, years of relevant experience, level of education attained, certifications or other professional licenses held, and if applicable, the location of the position. Sony Pictures Entertainment is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, national origin, disability, veteran status, age, sexual orientation, gender identity, or other protected characteristics. SPE will consider qualified applicants with arrest or conviction records in accordance with applicable law. To request an accommodation for purposes of participating in the hiring process, you may contact us at SPE_Accommodation_Assistance@spe.sony.com.