Information Security Analyst jobs in Brentwood, CA

Who we are About Bridge Bridge is Stripe's fintech innovation hub focused on building a modern, stablecoin-powered cross-border payments network. We operate like a startup within Stripe: fast-paced, entrepreneurial, and product-obsessed, but with the backing of one of the most trusted names in fintech. About the team We're hiring our Lead Security Engineer to build and scale Bridge's security foundation. This is a rare opportunity to design a security program from the ground up, while also leveraging the infrastructure, best practices, and tooling of one of the most mature security organizations in the industry. What you'll do Design, own, and implement Bridge's security roadmap from first principles to production. Identify and tackle Bridge's most important security risks quickly and pragmatically. Integrate with Stripe's infrastructure where it makes sense, and find custom solutions where it doesn't. Lead threat modeling and hardening efforts for Bridge's money movement systems in collaboration with crypto and infra teams. Build key security capabilities (monitoring, secrets management, incident response, access controls, CI/CD hardening, etc). Reinforce engineering best practices around secure development and infrastructure. Ensure Bridge meets compliance and audit expectations as we scale to more regulated markets. Collaborate cross-functionally with engineering, product, and Stripe's security org to move fast without compromising safety. Minimum requirements Have 8+ years of experience in Security engineering, ideally with time spent in fast-paced startup environments where you've built security practices from the ground up. Have a startup mindset: you're scrappy, pragmatic, and move quickly to solve the most critical problems. Are comfortable writing and debugging backend application code (Ruby is a plus, but not required). Thrive in ambiguity and know how to ruthlessly prioritize. Can balance security rigor with speed, especially in fast-moving environments. Communicate clearly across technical and non-technical partners. Have experience building or scaling security programs, either at a startup or in an embedded role. Are excited about the potential of crypto and stablecoins to power global financial infrastructure (you don't need deep prior knowledge-just curiosity and openness to learn). Office-assigned Stripes spend at least 50% of the time in a given month in their local office or with users. This hits a balance between bringing people together for in-person collaboration and learning from each other, while supporting flexibility about how to do this in a way that makes sense for individuals and their teams. The annual US base salary range for this role is $224,000 - $336,000. For sales roles, the range provided is the role's On Target Earnings ("OTE") range, meaning that the range includes both the sales commissions/sales bonuses target and annual base salary for the role. This salary range may be inclusive of several career levels at Stripe and will be narrowed during the interview process based on a number of factors, including the candidate's experience, qualifications, and location. Applicants interested in this role and who are not located in the US may request the annual salary range for their location during the interview process. Additional benefits for this role may include: equity, company bonus or sales commissions/bonuses; 401(k) plan; medical, dental, and vision benefits; and wellness stipends. Office locations San Francisco Bridge HQ Team Money Movement and Storage Job type Full time Apply for this role #J-18808-Ljbffr

About Chai Discovery Chai Discovery is re-architecting drug discovery by building frontier AI foundation models to design molecules. The founding Chai team has brought together the leading researchers in this space, with seminal research accomplishments at top AI labs. The team has led AI-for-biology programs at premier labs, co-invented protein language modelling, built state-of-the-art folding algorithms, and sold AI adopted by top-10 pharma companies. The company is backed by top-tier investors, including OpenAI, Thrive Capital, Dimension, Conviction, Lachy Groom, Amplify, and many more. We're looking to add a few members to our team of scientists and engineers, who obsess over creating the most powerful AI models for antibody discovery, and turning them into products that can transform how medicines are made. About the role As a Security Engineer, you will serve as the technical and strategic driver for the company's security posture. In this landscape, security is a top priority and your mission is to build the security backbone that protects the data and models driving tomorrow's life-saving therapies - every control you design helps turn breakthrough science into medicines for millions. You will lead a small but growing team of security engineers, partnering with product and infrastructure groups to design, implement, and continuously improve secure‑by‑design solutions that scale. You design, deploy, and operate detection & response capabilities and serve as incident commander for high‑severity security incidents, coordinating investigation, containment, and remediation. At Chai, we're entering a pivotal stage. After years of foundational R&D, our models are moving beyond protein structure prediction and into real-world therapeutic engineering. We're now tasking our AI models on a broad spectrum of drug development challenges, at an exciting scale of wet-lab validation. This is not a typical role - it's a chance to push the boundaries of drug discovery by building some of the most advanced AI drug design models ever built. About you We're looking for a builder-mindset security leader who wants to set the gold standard for protecting AI-driven drug discovery. You should have: Significant security experience: 8+ years of progressive experience in information security, with at least 2 years leading or managing engineering teams Demonstrated expertise in cloud security (AWS, GCP, or Azure) and container security (Docker/Kubernetes) Hands‑on experience building and operating detection & response pipelines and handling incidents end‑to‑end Deep understanding of network protocols, authentication, encryption, and modern zero‑trust architectures Familiarity with compliance and risk frameworks (SOC 2, ISO 27001, PCI‑DSS) and ability to translate requirements into technical controls Technical leadership: Can architect and enforce zero‑trust network segmentation, IAM policies, and least‑privilege access Proven ability to define a security-engineering roadmap that balances R&D velocity, compliance, and business risk Track record producing clear security metrics, KPIs, and risk-posture updates for executives and boards Collaboration and mindset: Exceptional verbal and written communication skills Comfortable partnering with DevOps, ML infrastructure, compliance, and legal to embed security in every layer of the stack Ability to lead and mentor a team of security engineers, setting clear objectives and reviewing performance Thrives in fast-moving, high-ambiguity environments where first-principles thinking matters more than checklists What we offer Frontier technology: we're developing the next frontier of AI-driven drug discovery that will fundamentally change how new therapeutics are created. World-class team: opportunity to work with world-renowned leaders in the AI x biology and technology ecosystem who have created some of the most impactful advancements. Highly competitive compensation: we offer highly competitive salary, equity package, and healthcare and wellness benefits. Velocity and ownership: we move incredibly fast, which means continuous learning and career growth opportunities are a guarantee. Every team member owns a significant slice of the roadmap. Strong team culture: Collaborative and supportive startup culture in a small and high-energy team who are guided by our mission to increase the efficiency of creating new medicines and positively impact millions of lives. #J-18808-Ljbffr

Must be comfortable working an a fast paced and technical environment. Ability to work quickly while maintaining consistently great quality output. Running tests using complex semi-automated test equipment that requires focus and consistency during repetitions. Input, update and maintenance of records related to the movement of units and maintenance of fixtures.

Imagine what you could do here. At Apple, new ideas have a way of becoming great products, services, and customer experiences very quickly. Bring passion and dedication to your job and there's no telling what you can accomplish. Security is woven into the fabric of everything we do. Apple Information Security (AIS) develops services, systems, and tools to mitigate security risks. We empower teams across the company, ensuring they innovate and create with security and privacy as a priority. We are seeking an exceptional individual with a deep passion for information security at the intersection of the public and private sectors. The ideal candidate will possess a strong background in both information security and public policy, along with a proven track record in producing security analysis for diverse audiences. This is a hands-on role that emphasizes engagement, relationships, and expanding the avenues through which AIS safeguards Apple and our customers. Navigating the evolving global geopolitical cybersecurity landscape is not merely a compliance obligation but a strategic imperative.Apple is seeking a security professional to join its newly established Information Security government engagement function. As cybersecurity policy has become an integral component of national and international politics, this individual will be responsible for engaging with internal business units and collaborating with partners to develop new mechanisms that enhance Apple's resilience against threat actors and cybersecurity risks. Trusted partnerships provide the means for engaging in cybersecurity-related public policy, where our objective is to create a more stable and secure ecosystem for Apple's business and customers. This role will work closely with various Apple teams, including government affairs. This work will directly impact our current security operations and future security service endeavors. Through thorough research, we will identify and communicate relevant cybersecurity narratives, context, and security implications to key stakeholders. You will provide context to complex security information, enabling AIS decision makers to be better informed as they shape the security services that empower businesses to succeed, securely. At Apple, people matter, and you will develop a network that facilitates interactions between the information security community, policymakers, and other important entities in the public sector. You will have the opportunity to work on security innovation and processes with global reach.Bachelor's degree in Government, International Affairs, or Information Security, or equivalent practical experience Ability to foster an environment that emphasizes collaboration, relationships, and accountability Experienced working with compliance regulations and standards (NIS2, PCI, CIS) Proficient in developing information security-focused communications Expertise in the communication process and the impact of different inputs and messaging on various audiences Strong project management experience, with the ability to manage multiple priorities simultaneously within deadlines and budgets Persuasive approach and a proven track record of effective collaboration with cross-functional partners Ability to model collaboration across the organization and facilitate open dialogue with a diverse range of contributors and stakeholders Proficiency in influencing without direct authority Array

Get to know Okta Okta is The World's Identity Company. We free everyone to safely use any technology, anywhere, on any device or app. Our flexible and neutral products, Okta Platform and Auth0 Platform, provide secure access, authentication, and automation, placing identity at the core of business security and growth. At Okta, we celebrate a variety of perspectives and experiences. We are not looking for someone who checks every single box - we're looking for lifelong learners and people who can make us better with their unique experiences. Join our team! We're building a world where Identity belongs to you. Role Summary: We seek an experienced and detail-oriented Principal Data Security Analyst to contribute to our strategic Data Classification and Governance Program. In this role, you will be instrumental in the operational execution of our data governance strategy. You will work hands-on with data discovery and classification tools, apply data protection policies, and collaborate extensively with cross-functional teams, including Business Technology (BT), Legal, Data & Insights (D&I), and other Security teams. Your focus will be on implementing and maintaining the data classification framework, supporting the rollout of technical controls, and ensuring that our data handling practices align with our security and compliance objectives. Key Responsibilities: Data Classification & Labeling: Actively participate in data discovery initiatives to identify and inventory sensitive data (PII, SPI, financial, IP, AI training data) across key enterprise systems (e.g., Google Workspace, Salesforce, Workday, NetSuite, Snowflake). Assist in executing pilot programs for data classification on high-priority systems and contribute to refining classification processes. Policy Operationalization & Control Support: Assist data Stewards and system owners in implementing the data classification policy and data handling standards to support their operationalization. Collaborate with BT and Security engineering teams to test and validate the implementation of technical controls (e.g., DLP rules, CASB configurations) based on data classification. Help define and test controls related to sensitive data input into enabled AI tools. Tooling & Process Support: Become proficient in using selected data discovery, classification, and governance tools (potential tools include Varonis, native Google/Snowflake capabilities). Assist with the configuration, including helping to set up scans and reviewing results. Contribute to developing and maintaining documentation for classification procedures and tool usage. Collaboration & Stakeholder Engagement: Work closely with Data Stewards (from D&I and business units) to understand data context, validate classification results, and ensure alignment with business needs. Partner with BT application owners to facilitate classification efforts and implement necessary data handling changes. Support Security GRC by providing data and insights for risk assessments and compliance reporting related to data classification. Monitoring, Reporting & Continuous Improvement: Assist in establishing and tracking key metrics for data classification coverage, accuracy, and the effectiveness of associated controls. Contribute to developing dashboards and reports for program stakeholders and the Data Governance Council. Required Qualifications & Skills: Bachelor's degree in Information Security, Computer Science, Information Systems, or a related field, or equivalent practical experience. 10+ years of experience in data security, governance, IT risk management, or a similar analytical role focusing on data protection. Strong, demonstrable understanding of data classification principles, methodologies, data lifecycle management, and data handling best practices. Hands-on experience with data discovery and/or data classification tools and technologies. Solid understanding of data protection concepts and technologies (e.g., DLP, data masking, tokenization, encryption, IAM). Knowledge of key data privacy regulations (e.g., CCPA, GDPR) and their impact on data handling. Excellent analytical, problem-solving, and critical-thinking skills with meticulous attention to detail. Proven ability to work effectively in a cross-functional team environment and manage multiple tasks. Strong written and verbal communication skills, with the ability to articulate technical concepts to varied audiences. Preferred Qualifications: Experience with specific data governance or classification platforms (e.g., Varonis, OneTrust, Google Cloud DLP, Snowflake Data Classification). Experience implementing or operating data security controls in SaaS environments (e.g., Salesforce, Workday, Google Workspace, M365) and cloud platforms (AWS, Azure, GCP). Familiarity with security considerations for AI/ML systems and data inputs, including knowledge of AI-native solutions for data labeling and classification. Hands-on experience with AI governance principles and frameworks, including implementing controls for responsible AI use. Experience in developing and delivering training or awareness materials. Relevant industry certifications (e.g., CISM, CISSP, CIPP, CDMP, or tool-specific certifications). #LI-BF1 #LI-Hybrid The annual base salary range for this position for candidates located in the San Francisco Bay area is between: $170,000—$254,000 USD Below is the annual base salary range for candidates located in California, Colorado, New York and Washington. Your actual base salary will depend on factors such as your skills, qualifications, experience, and work location. In addition, Okta offers equity (where applicable), bonus, and benefits, including health, dental and vision insurance, 401(k), flexible spending account, and paid leave (including PTO and parental leave) in accordance with our applicable plans and policies. To learn more about our Total Rewards program please visit: **************************** The annual base salary range for this position for candidates located in California (excluding San Francisco Bay Area), Colorado, New York, and Washington is between:$151,000—$227,000 USD What you can look forward to as a Full-Time Okta employee! Amazing Benefits Making Social Impact Developing Talent and Fostering Connection + Community at Okta Okta cultivates a dynamic work environment, providing the best tools, technology and benefits to empower our employees to work productively in a setting that best and uniquely suits their needs. Each organization is unique in the degree of flexibility and mobility in which they work so that all employees are enabled to be their most creative and successful versions of themselves, regardless of where they live. Find your place at Okta today! ************************************** Some roles may require travel to one of our office locations for in-person onboarding. Okta is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, ancestry, marital status, age, physical or mental disability, or status as a protected veteran. We also consider for employment qualified applicants with arrest and convictions records, consistent with applicable laws. If reasonable accommodation is needed to complete any part of the job application, interview process, or onboarding please use this Form to request an accommodation. Okta is committed to complying with applicable data privacy and security laws and regulations. For more information, please see our Privacy Policy at *************************************

This job requires relocation to the United States, Silicon Valley, through the use of a TN visa. If selected for this job, the process of coming to the United States will be handled by Tech-Mex. The Information Security Engineer maintains 24x7 support, responds to vendor security questionnaires, performs monitoring and maintenance of the security infrastructure and components, participates in project planning and deployment of new technologies and will be responsible for remediation of identified compliance and risk gaps. He/she works independently, operating under the defined guidelines established by the Director of Information Technology and Security. ESSENTIAL Job Duties & Responsibilities Monitor and advise on information security issues related to the systems and workflow to ensure the internal and external security controls for the company are appropriate and operating as intended Documenting gaps between vendor requirements and National MIs infrastructure Coordinate and execute IT security projects Coordinate response to information security incidents Conduct company-wide audits and manage remediation plans Collaborate with other areas of IT to manage security vulnerabilities Conduct research to keep abreast of latest security issues Ensures that system documentation is accurate and updated as needed Participates in disaster recovery (DR) exercises as directed Logfile review and analysis Install and maintain new systems Prioritize remediation of gaps based on internal and external audits Prepares compliance reports by collecting, analyzing, and summarizing data Evaluates information to determine compliance with laws, regulations, or standards MINIMUM QUALIFICATIONS 3-5 plus years related work experience Vendor audit and compliance experience, preferably with the SIG framework Strong technical skills in anti-virus, DLP, and PKI Strong experience with the McAfee suite of products Solid understanding of networking concepts and system administration Experience with Nessus, RSA envision, RedHat Linux and database security Knowledge of data compliance and privacy standards and regulations as they apply to insurance and banking industries Knowledge of Information Security Standards (ISO27001, NIST, etc) Self-motivated, self-directed and shows attention to detail while working Ability to effectively prioritize and execute reporting tasks in a fast-paced, results-driven environment Extensive experience working in a team-oriented, collaborative environment with a diverse team of business and IT staff Bachelor's degree in Computer Science or Information Systems preferred; Professional certifications are an advantage Essential Worker Competencies The ability to function independently with minimal supervision. Works ethically and with integrity supporting organizational goals and values Displays commitment to excellence Completes work in a timely manner and meets deadlines Good verbal and written communication skills Meets productivity standards and achieves key outcomes Is dependable and keeps commitments Contributes to building a positive team spirit and treats others with respect Candidate will be relocated to the United States

Join Fortinet, a cybersecurity pioneer with over two decades of excellence, as we continue to shape the future of cybersecurity and redefine the intersection of networking and security. At Fortinet, our mission is to safeguard people, devices, and data everywhere. We are currently seeking a dynamic SOC Analyst to contribute to the success of our rapidly growing business. You would act as a SOC Analyst for global Security Operations Center (SOC) team at our Sunnyvale HQ office. This highly technical role requires continuous security event monitoring, threat identification, risk assessment, incident response, and collaboration with regional leaders to advance Fortinet's security posture and compliance. As part of a 24x7x365 “follow the sun” SOC model, this role involves working five days per week (40 hours), which may include weekend shifts as part of the standard workweek. As an SOC Analyst, your responsibilities will include: Actively monitor and analyze security events, alerts, and logs using SIEM, SOAR, EDR, DLP, Threat Intelligence and Cloud Security platforms. Investigate incidents to mitigate risks. Define and refine SOC automation workflows, including playbooks, alerts, reports, and dashboards, to improve threat detection and incident response. Analyze security logs to identify anomalies, policy violations, or potential attacks, and take appropriate action based on procedures. Provide support and guidance to system administrators, developers, and end-users on security best practices and control implementation. Contribute to the maintenance and enforcement of security policies, standards and procedures to ensure compliance. We are looking for: Experience: Minimum of 5 years of hands-on experience in Information Technology, cybersecurity, or working in a Security Operations Center (SOC) or Network Operations Center (NOC). Technical Skills: Solid understanding of the threat landscape, attacker tactics (e.g., phishing, malware, APTs, DoS attacks), and defensive strategies. Proficiency in at least one scripting language (e.g., Python preferred). Skilled in security technologies such as SIEM, SOAR, EDR, ID/IPS, access control, vulnerability management, cloud security, and External Attack Surface Management (EASM). Experience with cloud security concepts, tools, and best practices across platforms like AWS, Azure, or GCP. Soft Skills: Exceptional written, verbal, and interpersonal communication skills, with strong attention to detail. Proven ability to collaborate across teams and foster a customer-focused and security-aware culture. Educational & Certification Requirements: Education: Bachelor's degree in Computer Science, Information Security, or a related field. Certifications: Preferred certifications: CISSP, CCSP, CISA, CISM, CRISC, CCNA, GIAC GCFE, GCFA, GCIH. About Our Team: Join our team, known for its collaborative ethos, working seamlessly with global customers, internal engineering teams and product development groups. Our team culture emphasizes continuous learning, innovation, and a strong commitment to customer satisfaction. We embrace Fortinet's core values of openness, teamwork and innovation, fostering an environment where team members support each other, share knowledge, and leverage AI to solve complex technical challenges. Our inclusive and dynamic team thrives on collaboration and is driven by the shared goal of maintaining Fortinet's high standards of excellence in cybersecurity solutions. Why Join Us: We encourage candidates from all backgrounds and identities to apply. We offer a supportive work environment and a competitive Total Rewards package to support you with your overall health and financial well-being. Embark on a challenging, enjoyable, and rewarding career journey with Fortinet. Join us in bringing solutions that make a meaningful and lasting impact to our 660,000+ customers around the globe. The US base salary range for this full-time position is $160,000-$180,000. Fortinet offers employees a variety of benefits, including medical, dental, vision, life and disability insurance, 401(k), 11 paid holidays, vacation time, and sick time as well as a comprehensive leave program. Wage ranges are based on various factors including the labor market, job type, and job level. Exact salary offers will be determined by factors such as the candidate's subject knowledge, skill level, qualifications, experience, and geographic location. All roles are eligible to participate in the Fortinet equity program, Bonus eligibility is reviewed at time of hire and annually at the Company's discretion. #GD

Job Description Forhyre is seeking a talented individual that will be able to provide security architecture support and interface across the program as needed. This support includes, but is not limited to, cybersecurity solutions, providing technical strategy for solutions, guidance, policy, and implementations. The successful candidate for this position is a highly motivated individual, with a strong IT security background who excels integrating, operating, and deploying security technology and solutions and interacts well with both internal teams and clients. Note: U.S. citizens and those authorized to work in the U.S. are encouraged to apply. We are unable to sponsor at this time. Responsibilities: Engineer, implement and monitor security measures for the protection of computer systems, networks and information Develop and implement security policies and controls to support the Cyber Security framework Manage the existing cyber security training program across global, multilingual business Assists in ensuring global Information security program meets all industry regulations, standards, and compliance requirements Drive adoption of infrastructure security best practices and work with Information Technology teams to ensure security standards are maintained Implement technology to proactively scan Information Technology environment for security breaches and suspicious activity Continuous improvement in the areas of Information Security technologies, techniques and processes Develops and maintains an effective system for the distribution of regular key performance indicator reports and dashboard Ability to interpret penetration test results and describe issues and fixes to non-security expert Responsible for leading an accurate & comprehensive status reporting to the executive steering committee Create and implement SOP/ process improvement initiatives to achieve outcomes that align or exceed the expectations of strategic roadmap Skills & Experience Bachelor’s degree and 12+ years of experience; additional years of directly applicable experience may be accepted in lieu of a degree. Certified Information Systems Security Professional (CISSP) 8+ years hands-on experience designing or implementing security solutions, including all related documentation and artifacts Analytical ability, problem-solving skills, and ability to break down complex problems into actionable steps Extensive experience in design and development of enterprise security architectures. Experience must include a wide range of work in creating diagrams and documentation with all components that comprise IT systems including network topology. Strong knowledge and experience in secure enterprise architecture design, especially with regard to IAM, NDR, EDR, SIEM, AI/ML, and other cybersecurity tools and resultant applications Experience selecting effective methods, techniques, and evaluation criteria to achieve desired outcomes Previous experience developing architectures, strategies, strategic plans, roadmaps, and technical standards for the federal IT enterprise environment. Vulnerability Assessment testing and/or Penetration Testing (preferred) Robotic Process Automation/Intelligent Automation (preferred) Business case development supporting security technology solutions (preferred) Additional certifications demonstrating cybersecurity/technical mastery (preferred)

About the Company: Ready to apply Before you do, make sure to read all the details pertaining to this job in the description below. World is a network of real humans, built on privacy-preserving proof-of-human technology, and powered by a globally inclusive financial network that enables the free flow of digital assets for all. It is built to connect, empower, and be owned by everyone. This opportunity would be with Tools for Humanity. About the Orb World's launch requires a "Proof-of-Personhood": a way to determine someone is human (not a bot) and hasn't already claimed their free share of Worldcoin. This is why we developed the Orb. The Orb is an advanced biometric imaging device, custom-designed for Worldcoin's launch. Orbs are deployed to a global network of operators, who use the device to onboard new World users. During this onboarding, the Orb generates an encoding of each user's iris and submits it to World's backend. For more details on how the Orb is part of World's privacy-preserving approach to Proof-of-Personhood, see the World whitepaper. The Orb solves a fierce combination of engineering and UX challenges, centered around image quality, security, and ease-of-use. Each device has an advanced iris imaging system, designed to work consistently across real-world lighting conditions. An additional suite of sensors feeds into an onboard fraud detection system, enabling use in insecure environments. These systems are combined in a sleek industrial design with a simple, minimalist user interface. About the Team: Our multidisciplinary team's mission is to detect & respond to attacks against the global-scale identity World ID service, which leverages a unique hardware device (the Orb), cloud-hosted APIs, mobile apps, and operations on the Ethereum blockchain to provide privacy-preserving “proof of human”. Together, we apply expertise in hardware, cloud infrastructure, application security, mobile devices, intrusion detection, machine learning/AI, blockchain, incident response, and more to solve these novel challenges. This team will be working closely with the teams building the core technologies (apps, orbs, network protocols, encryption designs, attestation, etc) because D&R and Privacy are foundational elements of the World Network. About the Role: You will work with our team of security experts to leverage a variety of logs and security events from cloud deployed applications (especially in AWS) to detect and respond to intrusion activity and attacks on cloud-deployed APIs as part of the global-scale World ID identity service. About You 5-8 years experience developing and deploying advanced security detection on log data (especially leveraging ML, deep learning or AI-based techniques). Experience with detecting attacks against cloud-deployed applications. Experience with Python programming for data engineering or data science. Experience with SQL. Willing to participate in an oncall rotation and learn incident handling (or relevant experience). Strong critical thinking, communication, and leadership skills. Comfort working cross-functionally with peer teams to negotiate and reach consensus solutions that improve security and privacy. Energized by working in a fast-paced, collaborative environment. If you don't think you meet all of the criteria but still are interested in the job, please apply. Nobody checks every box, and we're looking for someone excited to join the team. Nice-to-Have Skills Experience with creating dashboards and visualizations in SQL- or Python-based tools. Experience with AWS infrastructure, especially analyzing cloud logs (e.g. AWS CloudTrail). Experience with Datadog for metrics and log analysis. Experience deploying code to a containerized environment via CI/CD. Experience with notebook-based analysis environments. By submitting your application, you consent to the processing and internal sharing of your CV within the company, in compliance with the GDPR. Pay transparency statement (for CA and NY based roles): The reasonably estimated salary for this role at TFH ranges from $272,000-$320,000 plus a competitive long term incentive package. Actual compensation is based on factors such as the candidate's skills, qualifications, and experience. In addition, TFH offers a wide range of best in class, comprehensive and inclusive employee benefits for this role including healthcare, dental, vision, 401(k) plan and match, life insurance, flexible time off, commuter benefits, professional development stipend and much more! #J-18808-Ljbffr

Our client seeking a Cyber Security Operations Analyst to support an operations team that supports a large government customer. The candidate will be relied upon to assist teammates and perform troubleshooting as needed. The candidate should excel in a fast-paced work environment and be willing to face new challenges. Qualifications • Proficiency with vulnerability scanning, remediation and reporting • Knowledge in web application scanning using various tools • Demonstrated proficiency with Windows, UNIX, & LINUX operating systems • Experience working in a customer service information technology environment • Network security and system security experience • Ability to discuss real world troubleshooting; problems and solutions encountered • Knowledge of IT security best practices, US federal government standards, regulations and policy (FedRamp, TIC, NIST 800-37rev1 & 800-53rev3) • Must be motivated and able to work independently • Proven project leadership (PowerPoint presenting, MS Project Planning) • Experience working with change implementation in a controlled environment • Excellent verbal, written communication and technical writing skills Bachelors Degree in Computer Science or a related technical discipline, or the equivalent combination of education, professional training or work experience. 2-5 years of related experience in data security administration. Experience using some of the following tools: o Nessus o Tenable Security Center o Netsparker o WebInspect o BurpSite Additional Information Work with blue Stone recruiting to find your next Cyber Security role. You can find us at ******************************* We look forward to speaking with you.

Apply locations San Jose time type Full time posted on Posted 2 Days Ago job requisition id R00594 Job Details:Job Description: Ready to make your application Please do read through the description at least once before clicking on Apply. We are seeking a dynamic and experienced Chief Information Security Officer to lead the process of all assurance activities related to the availability, integrity, and confidentiality of customer, business partner, employee, and business information in compliance with the organization's information security policies. A key element of the CISO's role is working with executive management to determine acceptable levels of risk for the organization. This position is responsible for establishing and maintaining a corporate-wide information security management program to ensure that information assets are adequately protected. About the Role: Strategic Leadership: Develop, implement and monitor a strategic, comprehensive enterprise information security and IT risk management program Work directly with the business units to facilitate risk assessment and risk management processes Assist with the overall business technology planning, providing a current knowledge and future vision of technology and systems Provide leadership to the enterprise's information security organization Cross-Functional Collaboration: Partner with business stakeholders across the company to raise awareness of risk management concerns Interact with Global Markets engineering stakeholders to understand and communicate risks to critical infrastructure and systems, defining potential business impact, and tracking commitments to apply effective mitigating controls Understand and interact with related disciplines through committees to ensure the consistent application of policies and standards across all technology projects, systems, and services Implementation Focus: Develop and enhance an information security management framework Drive adoption of application security, technology privacy, privilege management, and vulnerability management controls as part of the Software Development Life Cycle (SDLC) and production management (DevOps) processes. Qualifications: • Minimum of eight to 12 years of experience in a combination of risk management, information security, and IT jobs • Knowledge of common information security management frameworks, such as ISO/IEC 27001, and NIST • Excellent written and verbal communication skills and high level of personal integrity • Innovative thinking and leadership with an ability to lead and motivate cross-functional, interdisciplinary teams • Experience with contract and vendor negotiations and management including managed services • Experience interfacing with and communicating complex technical security concepts to non-technical audiences • Information security policy, standards, guidelines or procedures development and implementation • Infrastructure, database and/or application security experience • Privilege management (i.e. access and identity management, access re-certification) experience • Control self-assessment, SOX404 technical control assessment, SOC 1/SOC 2 control assessment experience • Strong knowledge of control frameworks and the ability to design and evaluate effectiveness of controls embedded within business processes • Ability to work with large data sets, reporting dashboards and excel worksheets • Industry accepted security certifications including CISSP or CISM or CRISC or equivalent SANS certification • Specific experience in Agile (scaled) software development or other best in class development practices • Experience with Cloud computing/Elastic computing across virtualized environments. Job Type: Contract Employee (Fixed Term) Shift: Shift 1 (United States of America) Primary Location: San Jose Additional Locations:Posting Statement: All qualified applicants will receive consideration for employment without regard to race, color, religion, religious creed, sex, national origin, ancestry, age, physical or mental disability, medical condition, genetic information, military and veteran status, marital status, pregnancy, gender, gender expression, gender identity, sexual orientation, or any other characteristic protected by local law, regulation, or ordinance. About Altera: Altera: Accelerating Innovators Altera, an Intel Company, provides leadership programmable solutions that are easy-to-use and deploy in applications from cloud to edge, offering limitless AI possibilities. Our end-to-end broad portfolio of products including FPGAs, CPLDs, Intellectual Property, development tools, System on Modules, SmartNICs, and IPUs provide the flexibility to accelerate innovation. Altera is helping to shape the future through pioneering innovation that unlocks extraordinary possibilities for everyone on the planet. Don't see the dream job you are looking for? Click "Get Started" below to drop off your contact information and resume and we will reach out to you if we find the perfect fit. #J-18808-Ljbffr

These leaders have IT Management experience having grown through the ranks performing hands-on systems administration and IT operations tasks and must have worked in a medium to large heterogeneous systems environment with a breadth of experience. Qualifications * Bachelor's Degree in Computer Science (or related field) * Minimum of 5+ years of hands-on experience in IT Systems and Network, installation, configuration and administration tasks * At least 1+ years of experience leading a team of IT Admins * Strong knowledge of both Windows and Linux operating systems * Some knowledge of Active Directory/LDAP servers is expected * Exposure to one more of HPOV, Nagios, Unicenter, Tivoli or similar environments is required * Understanding of database administration tasks is assumed * Some exposure to VMWare, Citrix, LANDesk and/or other environments is a plus. * Ability to direct the efforts of IT engineers at various levels * Strong communication skills and the ability to work with onsite and client teams Responsibilities * Manage at least 1 team of medium to large IT engineers * Efficient planning of IT tasks * Manage the workflow of team members * Drive problem analysis and solution design phases * Coordinate the implementation cycles * Participate client meetings * Provide continuous status to all stakeholders Position ID: * The correct ID must be referenced when applying for this position * 301005 : Location: India Applying: * Email: Please send your resume in Microsoft Word or .PDF formats to *************** with the correct position ID in the subject line * Postal Mail: Please include a cover letter with the position ID clearly referenced at the top of the letter

Mindlance is a national recruiting company which partners with many of the leading employers across the country. Feel free to check us out at ************************* Hope you are doing fine, Please have a look at the job description and if you are comfortable with the role and responsibilities please revert with your updated resume. Job title:- Threat Intelligence Analyst/Security Analyst Location:- San Francisco CA Duration:- 6- 12 Months Contract Responsibilities: • Differentiate, collect, and evaluate technical and open source data to produce threat intelligence products; • Identify credible, new intelligence and subject matter resources relative to current/emerging threats; • Analyze reports to understand threat campaign techniques and lateral movements and extract indicators of compromise (IOCs). • Manage and maintain threat intelligence platforms and feeds • Conduct research on emerging products, services, protocols, and standards relative to the information security arena Required Qualifications: • 3-5 year's experience performing threat i management operational activities, including threat intelligence gathering and analysis, and threat metrics development and reporting • Experience working with large/multi-national organizations • Demonstrated use of analytic tools and platforms • In-depth knowledge of information security threats Windows and Unix/Linux platforms • The demonstrated ability to work effectively in a collaborative team environment as an individual contributor. • The ability to provide support after normal business hours, as needed. Preferred Qualifications: • Direct experience with Threat intelligence Platform tools • Experience with developing threat intelligence briefings Additional Information Thanks & Regards, Vikrant Thakur ************

The Doctors Company is currently seeking an Information Security Analyst. This is a hybrid opportunity based in East Lansing, MI or Napa, CA. Mission The Information Security Analyst works closely with management and senior security team, analyst will assist team to complete tasks designed to ensure the confidentiality, integrity, and availability of the organization's systems and informational assets. Support incident response and forensics efforts for all security related investigations, including collecting logs, documenting response steps, and collecting critical evidence. Assist in security risk management processes, including security assessments for both internal and 3rd party systems and software. Assist in compliance auditing internal systems against baseline configuration requirements and adherence to TDC Security Policy. Works with project teams to assist with security related deliverables of limited complexity in a supporting role. Assists management team with developing and maintaining information security policies and procedures and tracking compliance throughout the organization. Role requires analyst to maintain security certifications to demonstrate command of knowledge in the security industry and to maintain up to date knowledge of security threats, vulnerabilities, exploits, and trends in the security environment and their impact to the IT systems. Work is closely managed. Qualifications Associate degree (2 years college) or equivalent educational experience; and an expressed interest in Cybersecurity, Secure Systems Engineering and/or IT Governance Can substitute degree with additional certification from list below. One or more of the following certifications are required (2 w/o Associated Degree): CEH: Certified Ethical Hacker CompTIA Security+ CompTIA Network+ CompTIA Linux+ (ISC)2 Associate (or higher) GSEC: SANS GIAC Security Essentials. CRISC: Certified in Risk and Information Systems Control CIPP/US: Certified Information Privacy Professional/US CISM: Certified Information Security Manager CISA: Certified Information System Auditor CISSP: Certified Information Systems Security Professional CCNA: Cisco Certified Network Associate Security CCNP: Cisco Certified Network Professional Security C|HFI: Computer Hacking Forensics Investigator Similar entry level certifications which cover cyber security may be leveraged. Demonstrated desire to complete future certifications in cybersecurity or other IT fields is required. Knowledge of enterprise identity management systems such as Active Directory, Azure Active Directory. Knowledge of Identity Management Lifecycle. Knowledge of managing and securing Microsoft Windows or Linux Operating Systems. Knowledge of NTFS file system permissions management and model. Knowledge of networking, routing, switching and firewalls. Knowledge of security, vulnerability, exploits, forensics, incident response. Knowledge of virtualization technologies, including VMware, desirable. Relevant background in programming in either PowerShell, Batch or Bash Shell Knowledge of relevant IT industry concepts, practices, standards and procedures. Ability to prioritize multiple projects and meet deadlines. Excellent oral and written communication skills. Ability to work with diverse personalities. Ability to read, analyze and interpret general business periodicals, professional journals, technical procedures, or governmental regulations. Ability to write comprehensive reports, business correspondence, and technical procedure manuals. Ability to effectively present information and respond to questions from groups of managers, clients, customers, and the general public. Ability to calculate figures and amounts such as discounts, interest, commissions, proportions, percentages. Ability to define problems, collect data, establish facts, and draw valid conclusions. Ability to interpret an extensive variety of technical instructions in mathematical or diagram form and deal with several abstract and set variables. (2 - 5+) years' experience supporting technical environments required. Experience may include servers, networking, telephonic, and/or storage systems. (2 - 5+) years' experience building, administrating, and monitoring systems in a multi-site network environment with more than 500 users preferred. Ability to be on-call to support security incident response scenarios that may occur outside of standard business hours. Willingness to occasionally work outside of business hours to support project teams and perform assigned system maintenance tasks in order to minimize business interruptions. Responsibilities Security Risk Management Participate in risk management process, including cyber security assessments of both internal platforms, software, and 3rd party cloud systems. Work with team to present security findings to business partners and provide security requirements and recommendations for secure implementations Compliance and Audit Management Review organizations adherence to TDC cybersecurity policies and defined standards. Prepare audit reports describing any deficiencies or configuration issues identified during an audit. Identity and Access Management Leverage and maintains identity and access management systems, workflows, and policies designed to provision and decommission user and system accounts. Following the principle of least privilege, grant individual users and departments access to applications, data, or networks. Monitoring and Operations of Security Systems Responsibilities also include proactively monitoring the health of security systems, analyzing and troubleshooting system issues as they occur, documenting system designs, data flows, standard operating procedures, and system health validation documents. Monitoring and responds to real-time security system alerts and service tickets to protects against unauthorized access, modification, or destruction of corporate data and systems.. Vulnerability and Patch Management Assist in vulnerability identification and remediation on systems and configurations within all internal and external systems. Assist in the installation of security patching on operating systems and applications, including application health and security posture validations. Assist in developing secure configuration designs leveraging vendor best practice recommendations for all internal and external systems. Project Management & Execution Work with project teams on advanced, technical projects or business issues, requiring ability to learn state-of-the-art security infrastructure and best practices. Perform basic project management tasks such as task decomposition, basic time and cost estimating, scheduling, and basic reporting skills. Other Duties As Assigned Available for all duties, accepts delegated tasks readily and completes assigned duties as directed. Salary Range: $87,171 - $101,700 Compensation varies based on skills, knowledge, and education. We consider factors such as specialized skills, depth of knowledge in the field, and educational background to ensure fair and competitive pay. Benefits We offer competitive compensation, incentive bonus plans, outstanding career opportunities, an exceptional work environment, and an impressive benefits package, which starts with medical, family and bereavement leave; same-sex domestic partner benefits; short- and long-term disability programs; and an employee assistance program. There's more: Health, dental, and vision insurance Health care tax-free spending accounts with a company match 401(k) and Roth IRA with company match, as well as catch-up plans for both Vacation days, sick days, and paid personal days each calendar year (with vacation increases based on length of service) Paid holidays each calendar year Life and travel insurance Tax-free commuter benefits In-person and online learning opportunities Cross-function career opportunities Business casual work environment Time off to volunteer Matching donations to qualifying nonprofit organizations Company-sponsored participation at non-profit events About The Doctors Company The Doctors Company is the nation's largest physician-owned medical malpractice insurer. Founded and led by physicians, we are committed to advancing, protecting, and rewarding the practice of good medicine. The Doctors Company is proud to be Certified™ by Great Place to Work .

Job Title: Product Cyber Security Architect Work Schedule: On-site Rate: $ 83 , Based on experience, Open to C2C candidates as well. Responsibilities: • Collaborate with cross-functional teams to consolidate detailed testable technical requirements and architecture specifications for the next-generation vehicle and infrastructure security solutions. • Ensure complete requirements and architecture traceability and compliance with industry standards. • Closely collaborate with the Verification and Development engineers to establish product excellence; the teams span internal and external teams, including suppliers and partners. • Ensure optimization of software through design reviews and code reviews. • Collaborate with teams, including Supply Chain, Tier-1 teams, Vehicle Controls, Chassis, Safety, Battery, Infotainment, and UX, to realize the overall project objectives on time and within budget and explain the cybersecurity value proposition. • Approach challenges/problems laterally across the systems and domains, drill down vertically to subsystems and elements involved, and reconcile gaps and contradictions. • Follow through and follow diligently to unblock the issues. • Regularly communicate features, priorities, deliverables, and goals to our stakeholders via program documentation, launch announcements, release notes, brown bags, seminars, and user training. • Author Security-related RFPs, RFQs, and SoWs spanning in-vehicle and vehicle-to-infrastructure secure communications, secure ECU software/firmware updates, penetration testing, threat analysis and risk assessment (TARA), fleet data protection & privacy aspects, and evaluate suppliers Required Qualifications: • Bachelor's in Computer Science or Computer Engineering • 6+ years of industry experience in technical architects' roles and technical product management in network and information security, data privacy, and cybersecurity. • Conversant with embedded security spanning secure software and firmware update, secure boot, secure storage, trusted execution environment, hardware security modules, and security hardware extensions. • Experience in threat analysis and risk assessment (TARA) at the system level and component level • Experience in Scalable Public Key Infrastructure Deployments and management • Experience in Vulnerabilities in-vehicle connectivity interfaces and protocols, e.g., CAN, BLE, Wi-Fi, GNSS, mitigation mechanisms, and security enforcement. • Experience using requirement management systems like JAMA, JIRA, Confluence, or similar tools. • Experience in Cloud and Network security areas • Knowledge of Secure Software Development Preferred Qualifications • Master's in Computer Science or Computer Engineering • Experienced in the emerging security standards/frameworks, including ISO/SAE 21434, UNCE WP.29 cybersecurity, and cybersecurity management systems regulations regarding connected vehicles • Knowledge and experience of Road Vehicle Fleet Security Operations and intrusion detection and prevention systems will be a plus. • V2X adoption and security enforcement will be a plus • Knowledge and experience of Model-based systems design is a plus Candidate Requirements · Years of Experience Required: 6+ overall years of experience in the field. · Degrees or certifications required: MS/BS minimum in the areas of Computer Science or Computer engineering · Performance Indicators: Performance will be assessed based on meeting deadlines and quality of work. Top 3 Hard Skills Required + Years of Experience 1. Minimum 6 years experience industry experience in technical architects' roles and technical product management in network, cloud and information security, data privacy and embedded security 2. Minimum 6 years Experience in threat analysis and risk assessment (TARA) at the system level and component level 3. Minimum 6 years Experience in Scalable Public Key Infrastructure Deployments and management About Maxonic: Since 2002 Maxonic has been at the forefront of connecting candidate strengths to client challenges. Our award winning, dedicated team of recruiting professionals are specialized by technology, are great listeners, and will seek to find a position that meets the long-term career needs of our candidates. We take pride in the over 10,000 candidates that we have placed, and the repeat business that we earn from our satisfied clients. Interested in Applying? Please apply with your most current resume. Feel free to contact Pramod Kumar ( pramod.k@maxonic.com / (408) 400-2327) for more details.

About Us EchoTwin AI is revolutionizing automated compliance monitoring for smart cities. Using advanced artificial intelligence and digital twin technologies, we collect real-time data from vehicles, robots, and drones to maintain service, regulatory, and safety compliance, empowering the creation of resilient and sustainable communities. What The Job Involves Our Engineering teams work at the cutting edge of technology, leveraging AWS and GCP cloud services and developing our own Linux-based edge devices. As a dynamic startup, we understand the critical importance of cybersecurity in protecting our innovative solutions and ensuring the safety of our digital environment and customer data. Apply promptly! A high volume of applicants is expected for the role as detailed below, do not wait to send your CV. We're seeking a passionate Security Engineer to lead our cybersecurity initiatives and safeguard our code and infrastructure against ever-evolving threats. You will manage security for our production and corporate systems, handle security alerts, implement policies, and collaborate with external customers on security needs. Responsibilities Develop and implement comprehensive security strategies for our cloud environments (AWS and GCP) and Linux-based systems. Design and implement public/private key management and PKI (Private Key Infrastructure) for our edge devices. Perform regular security audits, risk assessments, and penetration testing to identify vulnerabilities in our code and infrastructure. This includes conducting thorough code audits from a security perspective to ensure our applications are developed with the highest security standards. Design and manage security protocols for our edge devices, ensuring robust protection against external threats. Stay abreast of the latest cybersecurity trends and threats, applying this knowledge to fortify our defenses. This includes proactive monitoring and implementing fixes for zero-day vulnerabilities to prevent exploitation. Develop and enforce security policies and procedures, conducting security awareness training across the company to cultivate a security-first culture. Collaborate with development teams to integrate security measures into the software development lifecycle (SDLC), promoting security best practices for application development to mitigate risks from the outset. Respond swiftly to security incidents, leading the investigation and remediation efforts to minimize impact. This includes resolving security breaches and ensuring that similar vulnerabilities are addressed across all projects. Manage and maintain CIS-compliant OS images for our Cloud infrastructure and field devices. Must possess demonstrable knowledge of application security, security testing methodologies, and application security testing automation. Qualifications Degree in Computer Science, Engineering, or related field. 6+ years of software engineering or equivalent experience. Experience with one of the core (Golang, Python) programming languages, scripting, and automation. Strong knowledge of encryption protocols, public/private key management, and PKI (Private Key Infrastructure). Strong understanding of network security, encryption practices, and secure coding principles. Proven experience in cloud security management (AWS, Azure, GCP). Familiarity with security policies and controls for internal corporate applications (Google Workspace, GitHub, Jira). Familiarity with security compliance standards relevant to our industry. Strong skills in managing security tools and vendor relationships. Excellent ability to develop and implement security policies and guidelines. Understanding of blockchain principles is a plus. Relevant certifications in security and cloud platforms are highly desirable. Benefits and Perks There are endless learning and development opportunities from a highly diverse and talented peer group, including experts in various fields, including Computer Vision, GenAI, Digital Twin, Government Contracting, Systems and Device Engineering, Operations, Communications, and more! Options for medical, dental, and vision coverage for employees and dependents (for US employees) Flexible Spending Account (FSA) and Dependent Care Flexible Spending Account (DCFSA) 401(k) with 3% company matching Unlimited PTO Profit sharing #J-18808-Ljbffr

STAND 8 provides end to end IT solutions to enterprise partners across the United States and with offices in Los Angeles, New York, New Jersey, Atlanta, and more including internationally in Mexico and India. We are seeking a highly organized and detail-oriented Assistant IT Budget Analyst to provide administrative, analytical, and coordination support for an Information Management Division. This individual will work closely with IT leadership, staff, and vendors to manage financial documentation, assist with procurement, and support key administrative functions. The ideal candidate will bring strong communication skills, a keen eye for detail, and the ability to handle multiple priorities in a fast-paced environment. Responsibilities Review and process invoices for payment and coordinate submissions to accounting. Respond to vendor inquiries regarding invoice status and check date information. Create and maintain detailed spreadsheets to track vendor and contract costs against budgets and authorized expenditures. Assist with IT division procurement activities. Maintain and update vendor remittance information in coordination with the Finance Department. Create and track purchase orders and related invoices. Assist administrative staff in drafting cover memos for review and approval. Provide backup administrative support to the CIO when needed. Interact professionally with internal departments, vendors, and prospective IT partners. Gather and analyze data for special reports and administrative support tasks. Utilize financial systems such as MUNIS and Simpler Reports. Compose memos and correspondence independently. Collaborate with internal and external stakeholders across multiple departments. Organize and maintain electronic files, documents, and records. Qualifications Proficiency in Microsoft Office Suite, especially Word, Excel, and PowerPoint. Strong organizational, analytical, and business writing skills. Ability to work independently, take initiative, and exercise sound judgment. Excellent verbal and written communication abilities. Demonstrated ability to manage multiple projects and priorities efficiently. Proven ability to build and maintain effective working relationships with staff, vendors, and stakeholders. Experience with financial systems such as MUNIS is a plus. Bachelor's degree in Business Administration, Public Administration, Finance, Communications, or a related field. Relevant work experience may be substituted for education on a year-for-year basis. Desired ITIL Foundation Certification (preferred but not required). Additional Details The base range for this contract position is $52-62/per hour, depending on experience. Our pay ranges are determined by role, level, and location. The range displayed on each job posting reflects the minimum and maximum target for new hires of this position across all US locations. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training. Qualified applicants with arrest or conviction records will be considered. Benefits Medical coverage and Health Savings Account (HSA) through Anthem Dental/Vision/Various Ancillary coverages through Unum 401(k) retirement savings plan Company-paid Employee Assistance Program (EAP) Discount programs through ADP WorkforceNow About Us STAND 8 provides end-to-end IT solutions to enterprise partners across the United States and globally with offices in Los Angeles, Atlanta, New York, Mexico, Japan, India, and more. STAND 8 focuses on the "bleeding edge" of technology and leverages automation, process, marketing, and over fifteen years of success and growth to provide a world-class experience for our customers, partners, and employees. Our mission is to impact the world positively by creating success through PEOPLE, PROCESS, and TECHNOLOGY. Check out more at ************** and reach out today to explore opportunities to grow together! By applying to this position, your data will be processed in accordance with the STAND 8 Privacy Policy.

Senior Manager, Information Systems Juniper Networks' Cyber Fusion (Trust Office) is seeking a certified cybersecurity professional to join our highly collaborative and diverse team. We are looking for a proven Application Security Engineer to help ensure that our products are designed, developed, and maintained with security at their core. In this role, you will be responsible for driving secure development practices across the product lifecycle-from design and architecture to implementation and deployment. You will work closely with engineering teams to identify and remediate security vulnerabilities, conduct threat modeling and code reviews, and support the integration of security tools and automation into CI/CD pipelines Responsibilities In this role, you will: Responsible for providing technical expertise on secure software development and support of all associated activities, processes, and tools for protecting technology-based information Responsible for security controls automation in the CI/CD pipeline Provides consulting services and security support through Product Security Center of Excellence to internal product team Reviews, develops, tests, and implements security plans, products, and control techniques Assists with the development of secure coding standards Documents security policies and procedures where/when needed Evaluates new and proposed security systems, products, and technologies Define and improve application security in the SDLC, ensuring security is prioritized from inception to deployment. Conduct regular security architecture risk assessments and threat modelling to implement effective risk mitigation strategies. Maintain awareness on latest DevSecOps approaches and how they fit into large enterprise organization's AppSec program. Collaborate with software engineers and leadership teams as well and cybersecurity teams to integrate security controls throughout the software development lifecycle. Be comfortable interfacing and providing guidance to senior and technical leadership on application security issues/approaches, to achieve the deployment of effective security solutions. Qualifications Bachelor's degree in computer science, Information Security, or related field 10+ years of experience in AppSec, Software/Systems Engineering, and/or Architecture. Expert level understanding of SDLC tool automation (e.g., automating SAST, SCA, DAST, IAST, Secret Scanning and compliance checks within CI/CD pipeline) Expert level understanding of NodeJS, Java, modern web development frameworks and Service Oriented Architecture (SOA). Proficiency in scripting language (e.g., Python, Bash or PowerShell) In depth understanding of API-based integration, enabling seamless orchestration of security controls within CI/CD pipelines. Expert level understanding of AppSec scanning tools across SAST/SCA/DAST/IAST/Container Security/API Security/Secret Scanning/Fuzzing in large enterprise environments. In depth knowledge of SDLC, and CI/CD pipelines best practices. Good understanding of SLSA and supply chain security. Expert level understanding of containerized platforms and security best practices. In depth understanding of cybersecurity principles, including cryptography, authentication, web security, vulnerability assessments and threat detection. Understanding of security by design principles and architecture-level security concepts. Knowledge of web, mobile, API, Microservices, network and security architectures and design patterns. Knowledge of security best practices, principles, and common security frameworks, such as NIST, ISO, Common Criteria, TCSEC, OWASP, etc. Experience with data architecture, modelling and integration. Perform threat modelling, conduct reviews of security architecture and platform/service designs, and audit source code and API configurations. Experience with IAM (identity and access management) patterns, practices, policies and architectures, and common security technologies like JWT, OAuth, and SAML. Desired expertise in various security testing activities, including penetration testing, vulnerability scanning, and code reviews. Working knowledge of major cloud platforms such as AWS, Azure, Google Cloud. Industry certifications (e.g., CISSP, CISM, CCSP, or equivalent) are a plus. #LI-AHUYNH #LI-PRIORITY Minimum Salary: $168,800.00 Maximum Salary:$242,650.00 The pay range for this position is expected to be between $168,800.00 and $242,650.00/year; however, the base pay offered may vary depending on multiple individualized factors, including market location, job-related knowledge, skills, and experience. The total compensation package for this position also includes medical benefits, 401(k) eligibility, vacation, sick time, and parental leave. Additional details of participation in these benefit plans will be provided if an employee receives an offer of employment. If hired, employee will be in an “at-will position” and the Company reserves the right to modify base salary (as well as any other payment or compensation program) at any time, including for reasons related to individual performance, Company or individual department/team performance, and market factors. Juniper's pay range data is provided in accordance with local state pay transparency regulations. Juniper may post different minimum wage ranges for permanent residency petitions pursuant to US Department of Labor requirements.

A Principal Cyber Security Analyst is a seasoned, hands-on role responsible for monitoring an organization's networks, systems, applications, external industrial events, and trends for security threats. This role involves analyzing security data, identifying Vulnerabilities, and responding to security incidents. Cyber Security Analysts work closely with other security professionals to maintain the organization's security posture. Principal Cyber Security Analyst has the following responsibilities: * Monitor networks, systems, and applications for security threats * Perform Threat Hunting using industry and A10 specific datasets to * identify threats to the company and our customers * Incident Response for threats against the company and our customers * Monitor industry trends in various areas of cybersecurity * Provide cybersecurity direction through insightful writeups and presentations * Conduct periodic penetration tests and vulnerability assessments Principal Cyber Security Analyst requires the following skills: * Master's degree in Computer Science or Information Technology, or a related field with 5+ years in Cyber Security with 10+ years overall experience * Knowledge of security principles and best practices * Understanding of Threat Hunting methods * Basic ELK stack expertise * Operational familiarity with an array of host, application, cloud and network cybersecurity technologies * Threat Intelligence and other Open source intelligence * Basic binary reverse engineering using tools like Ghidra or IDA * IP networking troubleshooting and design * Knowledge of programming languages such as Python and Go * Operational understanding of penetration testing tools * Proven track record of identifying and remediating cybersecurity threats * Analytical and problem-solving skills * Excellent communication and interpersonal skills Principal Cyber Security Analyst may use the following tools and software: * Security information and event management (SIEM) systems * Intrusion detection/prevention systems (IDS/IPS) * Firewalls and other Network security appliances * Vulnerability scanners and penetration testing tools * Malware analysis tools * Forensic tools * Programming languages, such as Python and Go Preferred Certifications: CompTIA Security+, CEH, or GIAC A10 Networks is an equal opportunity employer and a VEVRAA federal subcontractor. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability status, protected veteran status, or any other characteristic protected by law. A10 also complies with all applicable state and local laws governing nondiscrimination in employment. #LI-AN1 Compensation: up to $220K USD