Information security analyst jobs in Buffalo, NY

Senior Consultant-Physical Security; Not Cyber Midtown Manhattan Full Time - Onsite Five Days The Firm, a provider of comprehensive risk management services, is seeking a Senior Consultant to serve as the dedicated Security Lead or virtual Chief Security Officer (CSO) across their client portfolio. This is an end-to-end ownership role. The Consultant will manage engagements from the initial risk assessment and proposal delivery phase through the collaborative development, implementation, and refinement of customized security solutions, working in close partnership with key client stakeholders. The Senior Consultant reports to the Executive Director, Consulting. The Senior Consultant interacts closely with other business units within the firm, including Investigations, Intelligence, Global Security Operations, Protection, and Security Technology. As a relationship manager, the Senior Consultant will constantly consider the needs, preferences and perspectives of each client and address them by leveraging the breadth of the Firm's services and capabilities. Responsibilities: Manage the full life cycle of a client engagement, ensuring client expectations are met, scope changes are addressed and documented, and deliverables are completed on schedule and within budget Develop and implement a strategic roadmap for each client, factoring in their unique circumstances, available Firm resources, and financial viability Manage client relationships in a manner that builds confidence and trust in the delivery of customized solutions, and maximizes strategic growth in accordance with client needs, concerns, and preferences Contribute to the development of proposals, including scoping and pricing, to address identified vulnerabilities and expressed concerns Physical Security Assessments that include technology, personnel and policies; emergency plans and procedures; fire life-safety; executive protection; protective intelligence; threat management; travel risk; training; and other areas Identify program requirements and leverage firm resources to develop, deliver and manage physical security solutions Produce clear, actionable documentation, including assessment reports, travel risk analyses, security policies and procedures, emergency response and crisis management plans, and trainings Present materials and findings in a compelling manner to senior client stakeholders and/or internal leadership Stay current on evolving trends and emerging technologies, conduct security benchmarking studies, and seek opportunities to build knowledge and share new information and resources internally and with clients Track resource utilization and oversee accurate administration and invoicing in support of assigned client programs Experience and Skills: BA/BS or higher in international affairs, criminal justice, or related field required; MA preferred Minimum of seven years of security risk management experience as a senior member of a large security department, as a security consultant, or in an applicable military or law enforcement position Substantial hands-on experience designing, implementing, and managing a physical security program, or major components thereof, for high-value corporate or high-net-worth residential clients Solid knowledge base across physical security domains including: security program design, implementation, and management; security technology; investigations; threat assessment and management; protective intelligence, executive protection; event security; global security operations; travel security; emergency and critical event planning and response; and security training Deep expertise in one or several physical security domains. Hands-on familiarity with leading security technologies for access control, video management, intrusion detection, etc. a major plus Strong analytical skills for assessing risk, vulnerability and threats PSP or equivalent certification; CPP or equivalent preferred; CISSP a plus Exceptional written and verbal communications skills; proficiency in presenting to clients and other stakeholders; strong attention to detail Strong business acumen and strategic development mindset Successful management of highly confidential information Strong project management skills to include organization, multi-tasking and meeting deadlines Highly proficient in MS Office software; Smartsheet proficiency a plus Ability to travel 10% within the United States to conduct risk assessments, attend trainings or conferences, or support special events This role is only open to candidates in the NY metro area. It will not include relocation and requires US work authorization.

Job Title: Information Technology Analyst I Duration: 3 Months assignment with possible extension Schedule: 7a-3p - 5 days/week (including weekends). Hours if resource works Saturday &/or Sunday will be 9a-5p regardless of shift they are booked for. Pay Range: $25 - $28/Hour Requirements: Bachelors or equivalent exp (R). Degree in computer science (P). 1-2 yr exp (P). Excellent analytical, problem solving , written and verbal communication skills, strong customer service skills. (R). Ability to work within a team environment (R). “Pride Health offers eligible employee's comprehensive healthcare coverage (medical, dental, and vision plans), supplemental coverage (accident insurance, critical illness insurance and hospital indemnity), 401(k)-retirement savings, life & disability insurance, an employee assistance program, legal support, auto, home insurance, pet insurance, and employee discounts with preferred vendors”

If you have experience with accounting information systems, a problem-solving mindset, and enjoy working with complex data sets and delivering solutions, then we want to talk with you! Hodgson Russ LLP, a regional law firm with two hundred plus attorneys in nine offices, is seeking a Accounting Systems & Applications Analyst to join our busy accounting team. This is a hybrid role. Some on-site work is required in Buffalo and/or Rochester. In this role, you will be responsible for maintaining and supporting the Accounting Department's information systems, including upgrade management, data maintenance and user support, implementation of new modules and features, and managing integrations with third party applications. This position is project management-oriented and includes the following key responsibilities: Ownership of Elite 3E accounting software; expense management, collections management, and other accounting applications; overseeing design, system set ups, user accounts and permissions, customization, architecture, and nomenclature of each application. Liaison between Accounting and IT. Provide accounting software support as point-of-contact for problem-solving and/or escalating internally to IT or to vendor support channels as needed. Contributing to the design of financial reports using PowerBI, SSRS, and AFS (Xcelerate). Driving data consistency and integrity through record maintenance across all Accounting applications. To succeed in this role, you will need excellent communication and project management skills, as well as the ability to prioritize and meet deadlines, identify and anticipate needs, and deliver highly accurate and reliable results. Strong computer skills, including proficiency in Microsoft Office and significant practical experience with enterprise accounting applications are required. A Bachelor's Degree in Information Technology & Management, Finance, or Accounting is preferred, with eight years' full-time experience in an accounting and/or information technology role preferably working within the business services sector. Hodgson Russ offers competitive compensation and a comprehensive benefit package, including medical, dental, vision, life, long term disability, flexible spending, 401(k), Paid Time Off, pension plan, and more. At this time, the good faith estimate of the annual salary range for this position, if the successful applicant is based in Buffalo or Rochester is $87,043 to $107,130. Where a successful applicant is slotted within this range will vary based on legitimate criteria, such as experience and skill level. Please apply by clicking through application. If your skills and experience match this position, a member of the human resources team will contact you directly. Thank you for your interest in Hodgson Russ. Hodgson Russ LLP is an Equal Opportunity Employer. The Firm is committed to providing equal employment opportunities regardless of race, color, religion, sex, gender, gender identity, gender expression, sexual orientation, national origin, age, disability, veteran status, familial status, or any other legally protected basis. *************************************************

We invite you to review our current business services professionals openings to learn about the opportunities available across the firm. About Us Skadden, Arps, Slate, Meagher & Flom LLP has forged a reputation as one of the most prestigious law firms in the world. Relying on innovation, intellect, teamwork and tenacity, our lawyers deliver the highest quality advice and novel solutions to our clients' legal issues. We are known for handling the most complex transactions, litigation/controversy issues, and regulatory matters, as well as for the strong partnerships we build with clients and each other. Our attorneys, who reflect a broad range of experiences and perspectives, work together seamlessly across 50-plus practices and 21 offices in the world's major financial centers. The Opportunity We are seeking two Network Security Analysts to join our Firm. These positions will be based in our White Plains office (hybrid), and please note the roles have different shift times, listed below. The Network Security Analysts are responsible for implementing and supporting network security solutions for the Firm and, implementing and enforcing practical solutions to secure the Firm's internal and external network infrastructure. Available Shift Times (EST- Hybrid) 1.) Saturday - Sunday: 7:00 a.m. - 8:00 p.m. EST & Monday 7:00 a.m. - 7:00 p.m. 2.) Monday - Friday: 2:00 p.m. - 10:00 p.m. Note: The scheduled hours listed may be flexible and will be discussed during the interview process. Responsibilities Performs daily review of automated security reports and escalate as necessary. Responds to system generated security alerts and coordinate responses. Assists with internal audits, vulnerability scans and risk assessments. Assists with annual penetration testing, review of findings and tracking issue resolution. Participates in evaluating new technologies or new versions of existing products. Works with project teams to implement secure network connectivity solutions. Writes and maintains technical documentation including procedures and troubleshooting guides. Demonstrates effective interpersonal, written and verbal communication skills to facilitate effective work relationships with others. Manages Firm resources responsibly. Complies with and understands Firm operation, policies and procedures. Performs other related duties as assigned. Qualifications Knowledge of relevant firm computer software programs (e.g., Outlook, Excel, PowerPoint), with the ability to learn new software and operating systems Proficient with Access, Project and Visio Thorough knowledge of network management and security technologies and approaches Thorough knowledge of security techniques, latest protocols and defenses Proficient with Microsoft Active Directory and Operating Systems Basic ability to program scripts and batch files Demonstrates effective interpersonal and communication skills, both verbally and in writing Demonstrates close attention to detail Excellent analytical, troubleshooting, organizational, and planning skills Ability to handle multiple projects and shifting priorities Ability to handle sensitive matters and maintain confidentiality Ability to organize and prioritize work Ability to work well in a demanding and fast-paced environment Ability to work well independently as well as effectively within a team Ability to use discretion and exercise independent and sound judgment Flexibility to adjust hours and work the hours necessary to meet operating and business needs Education/Experience Bachelor's degree or equivalent Minimum of two years' experience in multi-national enterprise IT Culture & Life at Skadden What makes Skadden special is our people and the culture, community and spirit of collaboration we have created. We believe in teamwork and inspiring each other to be our best in an atmosphere that promotes professionalism and excellence in all that we do. We know that inclusion and drawing on the strength of a wide spectrum of talent only make us better and is vital to the firm's success. Our goal is for everyone at the firm to enjoy a challenging career with opportunities for development and growth and to support the well-being of our attorneys and business services professionals. Benefits The overall well-being of our team is important to us. We offer generous benefits to help you achieve wellness in all areas of your life. Competitive salaries and year-end discretionary bonuses. Comprehensive health care (medical, dental, vision), savings plan/401(k) and voluntary benefits. Generous paid time off. Paid leave options, including parental. In-classroom, remote, and on-demand learning and professional development opportunities. Robust well-being classes and programs. Opportunities to give back and make an impact in local communities. For further details, please visit: ******************************************************* Skadden is an Equal Opportunity Employer (Disability/Vet/other protected categories). For more information, please visit Skadden.com/careers. The starting base salary for this position is expected to be within the range listed under Salary Details. Actual salary will be determined based on skills, experience (to the extent relevant) and other-job related factors, consistent with applicable law. Salary Details $125,000 -$140,000 EEO Statement Skadden is an Equal Opportunity Employer. It does not discriminate against applicants or employees based on any legally impermissible factor including, but not limited to, race, color, religion, creed, sex, national origin, ancestry, age, alienage or citizenship status, marital or familial status, domestic partnership status, caregiver status, sexual orientation, gender, gender identity or expression, change of sex or transgender status, genetic information, medical condition, pregnancy, childbirth or related medical conditions, sexual and reproductive health decisions, disability, any protected military or veteran status, or status as a victim of domestic or dating violence, sexual assault or offense, or stalking. Applicants who require an accommodation during the application process should contact Lara Bell at **************. Skadden Equal Employment Opportunity Policy Skadden Equal Employment Opportunity Policy Applicants Have Rights Under Federal Employment Law Applicants Have Rights Under Federal Employment Law In accordance with the Transparency in Coverage Rule, click here to review machine-readable files made available by UnitedHealthcare: Transparency in Coverage

RELOCATION ASSISTANCE: Relocation assistance may be available CLEARANCE TYPE: SecretTRAVEL: Yes, 10% of the TimeDescriptionAt Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work - and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they're making history. Northrop Grumman is seeking a Principal Industrial Security Analyst to: develop and administer security programs and procedures for classified or proprietary materials, documents, and equipment. Studies and implements federal security regulations that apply to company operations. Obtains rulings, interpretations, and acceptable deviations for compliance with regulations from government agencies. Prepares manuals outlining regulations, and establishes procedures for handling, storing, and keeping records, and for granting personnel and visitors access to restricted records and materials. Conducts security education classes and security audits. Investigate security violations and prepares reports specifying preventive action to be taken. This position will initially report to the NTS Division Security Director but will be transitioned to report to Rolling Meadows Restricted Program Security Manager. The successful candidate will support the Buffalo Site Security Lead and take day to day direction from him. Basic Qualifications: Bachelor's degree and a minimum of 5+ years of Industrial Security, ACPSO relevant experience or MS Degree and 3+ years of relevant experience. An additional four years of applicable work experience may be substituted for a bachelor's degree. Current Active Secret clearance with ability to meet enhanced security requirements and obtain/maintain SAP eligibility and access. In-scope investigation (T5, T5R, SSBI, SBPR, PPR) completed within last 6 years or current enrollment in Continuous Evaluation (CE) program. US Citizenship required. Excellent oral and written communication skills. Must be proficient in MS Office suite (Word, SharePoint, PowerPoint, Excel, Outlook, TEAMs). Preferred Qualifications: Top Secret clearance. Experience with DODM 5205.07 V1-4 and ICD 705 Tech Spec. Experience utilizing DISS or SIMS. Experience with customer high side networks ( CV2, CORE, JADE, etc) CDSE Industrial Security Training - FSO for Possessing Facilities, Intro to SAP, SAP Compliance, SAP Mid-level, etc. Industrial Security Professional Certifications - SPeD SFPC, NCMS ISP, etc. OPSEC and Program Protection (P2) experience. Classification review experience. Experience supporting classified solicitation activities (BAA, CAA, RFI, RFP, etc.) and generating tailored proposal responses and BOE's. Experience completing compliance self-inspections and supporting formal customer compliance inspections. Experience drafting and completing corrective action plans. Self-starter with minimal supervision. Excellent customer service and communication skills. Ability to maintain flexibility to deal with changing priorities and deadlines. Willing to work extended hours, in a fast paced, deadline driven environment, excellent communication skills speaking, writing skills and organized skills enabling effective communications. Strong working knowledge of basic office automation tool suites such as MS Office (Word, Excel, PowerPoint). Primary Level Salary Range: $82,900.00 - $124,300.00The above salary range represents a general guideline; however, Northrop Grumman considers a number of factors when determining base salary offers such as the scope and responsibilities of the position and the candidate's experience, education, skills and current market conditions.Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay. Annual bonuses are designed to reward individual contributions as well as allow employees to share in company results. Employees in Vice President or Director positions may be eligible for Long Term Incentives. In addition, Northrop Grumman provides a variety of benefits including health insurance coverage, life and disability insurance, savings plan, Company paid holidays and paid time off (PTO) for vacation and/or personal business.The application period for the job is estimated to be 20 days from the job posting date. However, this timeline may be shortened or extended depending on business needs and the availability of qualified candidates.Northrop Grumman is an Equal Opportunity Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO and pay transparency statement, please visit *********************************** U.S. Citizenship is required for all positions with a government clearance and certain other restricted positions.

Hours: 40 Pay Details: $95,000 - $164,000 USD TD is committed to providing fair and equitable compensation opportunities to all colleagues. Growth opportunities and skill development are defining features of the colleague experience at TD. Our compensation policies and practices have been designed to allow colleagues to progress through the salary range over time as they progress in their role. The base pay actually offered may vary based upon the candidate's skills and experience, job-related knowledge, geographic location, and other specific business and organizational needs. As a candidate, you are encouraged to ask compensation related questions and have an open dialogue with your recruiter who can provide you more specific details for this role. Line of Business: Technology Solutions Job Description: The Information Security Specialist defines, develops and/or implements Technology Controls / Information Security related policies, programs, tools and provides specialized expertise and guidance on assessing risks, identifying potential gaps and providing security solutions to mitigate risks and protect the Bank. Participates on projects of moderate to high complexity and provides complex reporting, analysis, and assessments at the functional, business line or enterprise level for own area. Depth & Scope: Participates on complex, comprehensive or large projects and initiatives Acts as a lead expert resource in technology controls / information security for project teams, the business / organization and/or outside vendors Has advanced knowledge of organization, technology controls / security/ risk issues Education & Experience: Bachelor's degree preferred Information security certification / accreditation an asset 7+ years of relevant experience Expert knowledge of IT security and risk disciplines and practices Preferred Qualifications CISSP & CISA, PMP Certifications Strong experience within Information Security Security Risk Assessments Physical Requirements: Never: 0%; Occasional: 1-33%; Frequent: 34-66%; Continuous: 67-100% Domestic Travel - Occasional International Travel - Never Performing sedentary work - Continuous Performing multiple tasks - Continuous Operating standard office equipment - Continuous Responding quickly to sounds - Occasional Sitting - Continuous Standing - Occasional Walking - Occasional Moving safely in confined spaces - Occasional Lifting/Carrying (under 25 lbs.) - Occasional Lifting/Carrying (over 25 lbs.) - Never Squatting - Occasional Bending - Occasional Kneeling - Never Crawling - Never Climbing - Never Reaching overhead - Never Reaching forward - Occasional Pushing - Never Pulling - Never Twisting - Never Concentrating for long periods of time - Continuous Applying common sense to deal with problems involving standardized situations - Continuous Reading, writing and comprehending instructions - Continuous Adding, subtracting, multiplying and dividing - Continuous The above statements are intended to describe the general nature and level of work being performed by people assigned to this job. They are not intended to be an exhaustive list of all responsibilities, duties and skills required. The listed or specified responsibilities & duties are considered essential functions for ADA purposes. Who We Are: TD is one of the world's leading global financial institutions and is the fifth largest bank in North America by branches/stores. Every day, we deliver legendary customer experiences to over 27 million households and businesses in Canada, the United States and around the world. More than 95,000 TD colleagues bring their skills, talent, and creativity to the Bank, those we serve, and the economies we support. We are guided by our vision to Be the Better Bank and our purpose to enrich the lives of our customers, communities and colleagues. TD is deeply committed to being a leader in customer experience, that is why we believe that all colleagues, no matter where they work, are customer facing. As we build our business and deliver on our strategy, we are innovating to enhance the customer experience and build capabilities to shape the future of banking. Whether you've got years of banking experience or are just starting your career in financial services, we can help you realize your potential. Through regular leadership and development conversations to mentorship and training programs, we're here to support you towards your goals. As an organization, we keep growing - and so will you. Our Total Rewards Package Our Total Rewards package reflects the investments we make in our colleagues to help them and their families achieve their financial, physical and mental well-being goals. Total Rewards at TD includes base salary and variable compensation/incentive awards (e.g., eligibility for cash and/or equity incentive awards, generally through participation in an incentive plan) and several other key plans such as health and well-being benefits, savings and retirement programs, paid time off (including Vacation PTO, Flex PTO, and Holiday PTO), banking benefits and discounts, career development, and reward and recognition. Learn more Additional Information: We're delighted that you're considering building a career with TD. Through regular development conversations, training programs, and a competitive benefits plan, we're committed to providing the support our colleagues need to thrive both at work and at home. Colleague Development If you're interested in a specific career path or are looking to build certain skills, we want to help you succeed. You'll have regular career, development, and performance conversations with your manager, as well as access to an online learning platform and a variety of mentoring programs to help you unlock future opportunities. Whether you have a passion for helping customers and want to expand your experience, or you want to coach and inspire your colleagues, there are many different career paths within our organization at TD - and we're committed to helping you identify opportunities that support your goals. Training & Onboarding We will provide training and onboarding sessions to ensure that you've got everything you need to succeed in your new role. Interview Process We'll reach out to candidates of interest to schedule an interview. We do our best to communicate outcomes to all applicants by email or phone call. Accommodation TD Bank is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, status as a protected veteran or any other characteristic protected under applicable federal, state, or local law. If you are an applicant with a disability and need accommodations to complete the application process, please email TD Bank US Workplace Accommodations Program at ***************. Include your full name, best way to reach you and the accommodation needed to assist you with the applicant process.

Information Security Specialist Job Responsibilities: Safeguards information system assets by identifying and solving potential and actual security problems. Protects system by defining access privileges, control structures, and resources. Recognizes problems by identifying abnormalities; reporting violations. Implements security improvements by assessing current situation; evaluating trends; anticipating requirements. Determines security violations and inefficiencies by conducting periodic audits. Upgrades system by implementing and maintaining security controls. Keeps users informed by preparing performance reports; communicating system status. Maintains quality service by following organization standards. Maintains technical knowledge by attending educational workshops; reviewing publications. Contributes to team effort by accomplishing related results as needed. Information Security Specialist Skills and Qualifications: System Administration, Network Security, Problem Solving, Information Security Policies, Informing Others, Process Improvement, On-Call, Network Troubleshooting, Firewall Administration, Network Protocols, Routers, Hubs, and Switches.

Principal Information Security Analyst (Tier 2) As a Principal Information Security Analyst within Gen Digital's global Security Operations Center (SOC), you will play a key role in strengthening threat detection and response across the organization. The role focuses on improving SOC monitoring and detection processes through technical expertise, continuous development, and close collaboration with other security teams. In this position, you will serve as a senior specialist, leading automation and detection engineering efforts, mentoring junior analysts and contributing to projects that enhance security visibility and overall SOC performance. Operating in a follow-the-sun model, the SOC ensures 24/7 global coverage, with regional teams working during their respective business hours and sharing on-call responsibilities for weekend. Key Responsibilities: * Monitor, analyze, and correlate security alerts and events across multiple platforms (SIEM, WAF, EDR, email, cloud, network, and threat intelligence tools) to identify and validate suspicious or malicious activity * Continuously develop and fine-tune detection rules, correlation searches, security policies, and dashboards to improve visibility, reduce false positives, and increase alert accuracy across security platforms * Support and mentor Tier 1 analysts in alert triage, escalation quality, and use of tools * Collaborate with security engineers on automation and enrichment initiatives to streamline operational workflows and improve detection efficiency * Maintain complete and up-to-date documentation for all detection use cases, workflows and process improvements * Participate in security projects and collaborate with internal stakeholders (e.g., Incident Response, Security Engineering, Application Security, and IT) to enhance detection coverage, visibility, and response capabilities * Support the execution of incident response playbooks Qualification and Work Experience: * 3-5 years of hands-on experience in SOC operations, cybersecurity monitoring, or related areas such as detection engineering or threat analysis * Solid understanding of networking concepts (TCP/IP, DNS, HTTP/S) and how they apply to security monitoring and threat analysis * Strong knowledge of cybersecurity principles, common attack techniques, and threat types (e.g., phishing, malware, brute force, web application attacks) * Proven experience working with security logs, alerts, and structured data across multiple platforms (SIEM, EDR, WAF, cloud, and network telemetry) * Hands-on experience with SIEM platforms - Splunk preferred - including detection content development, rule tuning, and dashboard creation * Familiarity with Web Application Firewall (WAF) technologies and the ability to analyze or tune related alerts and policies * Understanding of cloud security concepts and experience with monitoring tools for major providers (AWS, Azure, GCP) * Working knowledge of scripting or automation (e.g., Python, PowerShell, or API-based integrations) to support analysis and enrichment workflows * Experience using AI-based tools to support daily SOC operations, including data analysis, investigation, documentation, and collaboration * Strong analytical and problem-solving skills with attention to detail and curiosity for continuous learning * Effective communication and documentation skills in English, both written and verbal * Experience collaborating across teams (e.g., Security Engineering, Incident Response, Application Security) on detection improvements or automation projects * Prior experience in a Security Operations Center (SOC) or similar environment is highly preferred * Familiarity with the fintech environment or experience supporting financial services infrastructure is considered a strong advantage #LI-AS1 Gen is proud to be an equal-opportunity employer, committed to diversity and inclusivity. We base employment decisions on merit, experience, and business needs, without considering race, color, national origin, age, religion, sex, pregnancy, genetic information, disability, medical condition, marital status, sexual orientation, gender identity or expression, military or veteran status, or other unlawful factors. Gen prohibits discrimination based on these protected characteristics and recruits talented candidates from diverse backgrounds. We consider individuals with arrest and conviction records and do not discriminate against employees for discussing their own pay or that of other employees or applicants. Learn more about pay transparency. To conform to U.S. export control regulations, applicant should be eligible for any required authorizations from the U.S. Government.

At Customers Bank, we believe in working hard, working smart, working together to deliver memorable customer experiences and having fun. Our vision, mission, and values guide us along our path to achieve excellence. Passion, attitude, creativity, integrity, alignment, and execution are cornerstones of our behaviors. They define who we are as an organization and as individuals. Everyone is encouraged to have personal development plans. By doing so, our team members are on their way to achieve their highest potential and be successful in their personal and professional lives. This role is required to be ONSITE in Malvern, PA Monday through Thursday with Friday remote. Must be eligible to work in the U.S. without requiring sponsorship now or in the future. Who is Customers Bank? Founded in 2009, Customers Bank is a super-community bank with over $22 billion in assets. We believe in dedicated personal service for the businesses, professionals, individuals, and families we work with. We get you further, faster. Focused on you: We provide every customer with a single point of contact. A dedicated team member who's committed to meeting your needs today and tomorrow. On the leading edge: We're innovating with the latest tools and technology so we can react to market conditions quicker and help you get ahead. Proven reliability: We always ground our innovation in our deep experience and strong financial foundation, so we're a partner you can trust. What you'll do: * Control Testing & Evaluation: Assist in definition of and execute testing procedures to assess the design and effectiveness of key internal controls across business units, technology, and operational processes. * Risk & Compliance Alignment: Ensure testing activities are aligned with regulatory standards (SOX, FFIEC, FDIC, etc.) and internal policies. * Issue Identification & Reporting: Document test results, identify control deficiencies, and provide clear recommendations for remediation. * Collaboration: Work closely with business process owners, auditors, compliance, and risk teams to ensure timely resolution of identified issues. * Process Improvement: Recommend enhancements to testing methodologies, control design, and risk management practices to strengthen the bank's control environment. Maintain awareness of industry regulatory environment and threat landscape. * Documentation & Communication: Prepare executive-ready reports, dashboards, and presentations for senior management and regulators, and information technology peers. * Continuous Monitoring: Participate in ongoing monitoring and follow-up activities to confirm remediation effectiveness and sustainability. What do you need? * Must-Haves * 3+ years of experience in internal audit, compliance testing, risk management, or internal controls. * Strong knowledge of information security and IT risk control frameworks (e.g., COSO, COBIT, NIST). * Understanding of financial, operational, and IT control environments. * Strong analytical skills with attention to detail and accuracy. * Excellent written and verbal communication skills with the ability to present complex findings clearly. * Bachelor's degree in information systems, or related field. * Key Skills * Risk and control assessments in highly regulated environments * Understanding of information technology infrastructure (networking, Active Directory, backups, etc.) * Process analysis and documentation. * Strong interpersonal skills to work across departments. * Proficiency with Microsoft Office applications (Excel, Word, PowerPoint). * Develop and maintain working relationships with audit, GRC, and IT teams to promote continuous control awareness and improvements. * Nice-to-Haves * Professional certifications such as CIA, CISSP, CISA, Microsoft certifications, or CRMA. * Experience with GRC (Governance, Risk, and Compliance) tools. * Banking or financial services industry experience Customers Bank is an equal opportunity employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also provide "reasonable accommodations", upon request, to qualified individuals with disabilities, in accordance with the Americans with Disabilities Act and applicable state and local laws. Diversity Statement: At Customers Bank, we believe in working smart, working together, and having fun while delivering innovative solutions and memorable experiences for our customers. We are committed to the continual advancement of a culture which reflects the value we place on diversity, equity, and inclusion. We honor the diverse experiences, perspectives, and identities of our team members, and we recognize that it is their passion, creativity, and integrity that drives our success. Step into your future with us! Let's take on tomorrow.

Come work with us: Metropolitan Commercial Bank (the “Bank”) is a full-service commercial bank based in New York City. The Bank provides a broad range of business, commercial, and personal banking products and services to individuals, small businesses, private and public middle-market and corporate enterprises and institutions, municipalities, and local government entities. Metropolitan Commercial Bank was named one of Newsweek's Best Regional Banks and Credit Unions 2024. The Bank was ranked by Independent Community Bankers of America among the top ten successful loan producers for 2023 by loan category and asset size for commercial banks with more than $1 billion in assets. Kroll affirmed a BBB+ (investment grade) deposit rating on January 25, 2024. For the fourth time, MCB has earned a place in the Piper Sandler Bank Sm-All Stars Class of 2024. Metropolitan Commercial Bank operates banking centers and private client offices in Manhattan, Boro Park, Brooklyn and Great Neck on Long Island in New York State. The Bank is a New York State chartered commercial bank, a member of the Federal Reserve System and the Federal Deposit Insurance Corporation, and an equal housing lender. The parent company of Metropolitan Commercial Bank is Metropolitan Bank Holding Corp. (NYSE: MCB). Position Summary: We are seeking a highly motivated and analytical Information Security Analyst to join our Line 2 Information Security team. This position plays a critical role in supporting the Bank's IT Risk & Cyber Resilience functions, including IT risk assessments, user access reviews, business continuity, and operational resilience practices. The role reports to the VP of IT Risk & Cyber Resilience, under the broader direction of the Chief Information Security Officer (CISO). This position is ideal for professionals with 1-4 years of relevant experience in cybersecurity, risk management, audit or IT governance, and who hold or are pursuing an advanced degree. We have a flexible work schedule where employees can work from home one day a week. Essential duties and responsibilities: IT Risk Assessments: Assists in the planning, execution, and documentation of IT risk assessments against minimum security standards, for the entire IT asset inventory. Review control environments, identify control gaps, and work with first-line partners to ensure risk mitigation plans are in place Internal IT Controls Testing and Validation Execute validation testing of IT internal controls to ensure design and operating effectiveness across infrastructure, applications, databases, and systems. Apply risk analysis principles to determine testing scope, focus, objectives, and rationale. Develop testing strategies, including the selection of samples, sample sizes, and testing methodologies. Analyze testing results, identify exceptions, and recommend actionable steps to address control deficiencies and strengthen internal processes. Prepare thorough working papers and document control testing findings to ensure accuracy and alignment with standards. User Access review Governance: Coordinate and oversee the user access review process across business applications and infrastructure. Ensure alignment with access control policies and identity governance best practices. Business Continuity Planning (BCP): Support the development, maintenance, and testing of business continuity and resilience plans. Work with business units to ensure plan completeness and alignment with enterprise resilience strategies. Operational Outage Investigations: Assist in root cause analysis and risk review of IT outages and incidents and determine if BCPs need to be updated. Track remediation efforts and document lessons learning for reporting to senior leadership. Governance Reporting: Develop and maintain risk metrics, dashboards, and material for the IT and IS Steering Committee and Operational Risk Management Committee. Draft risk summaries and escalation reports for senior management, auditors, and regulators, where appropriate. Policy Framework Support: Support the development and refinement of policies, standards, and procedures related to IT and Cyber Risk Management, Business Continuity, and security governance. Required knowledge, skills and experience: Graduate degree in Information Technology, Information Security, Risk Management, Finance, or Accounting. Candidates with IT audit or IT controls and/or audit experience preferred. Experience and or education in IT controls testing, risk management, or IT audit. Strong knowledge of IT internal controls, infrastructure, and applications. Familiarity with IT risk frameworks such as NIST, COBIT, or ISO 27001. Ability to analyze and document control deficiencies, root causes, and remediation efforts. Proficiency in Microsoft Office Suite (Excel, Word, PowerPoint). Strong analytical, verbal, and written communication skills with attention to detail. Ability to interact effectively with IT teams, risk management partners, and stakeholders. Exposure to Third-Party Risk Management (TPRM) or vendor IT controls assessment. Preferred knowledge, skills and experience: Certifications (e.g., CISA, CRISC) are a plus. Potential Salary: $80,000 - $100,000 annually This salary range only reflects base wages and does not include benefits, bonus, or incentive pay. Salary bands are purposefully wide ranging to encompass the different factors considered in determining where a candidate falls in the range, including but not limited to, seniority, performance, experience, education, and any other legitimate, non-discriminatory factor permitted by law. Metropolitan Commercial Bank provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws. This applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.

A best-in-class city that attracts best-in-class talent, Philadelphia is an incredible place to build a career. From our thriving arts scene and rich history to our culture of passion and grit, there are countless reasons to love living and working here. With a workforce of over 30,000 people, and more than 1,000 different job categories, the City of Philadelphia offers boundless opportunities to make an impact. As an employer, the City of Philadelphia values inclusion, integrity, innovation, empowerment, and hard work above all else. We offer a vibrant work environment, comprehensive health care and benefits, and the experience you need to grow and excel. If you're interested in working with a passionate team of people who care about the future of Philadelphia, start here. What We Offer: • Impact - The work you do here matters to millions. • Growth - Philadelphia is growing, why not grow with it? • Diversity & Inclusion - Find a career in a place where everyone belongs. • Benefits - We care about your well-being. The Office of Innovation & Technology (OIT) is the central IT agency for the City of Philadelphia headed by the Chief Information Officer (CIO). OIT oversees all major information and communications technology initiatives for the City of Philadelphia - increasing the effectiveness of the information technology infrastructure, where the services provided are advanced, optimized, and responsive to the needs of the City of Philadelphia's businesses, residents, and visitors. OIT responsibilities include: identifying the most effective approach for implementing new information technology directions throughout city government; improving the value of the city's technology assets and the return on the city's technology investments; ensuring data security continuity; planning for continuing operations in the event of disruption of information technology or communications services; and supporting accountable, efficient and effective government across every city department, board, commission and agency. Job Description The Information Security Analyst - Security Operations Center (SOC) position will play a critical role in the City of Philadelphia's, Information Security Group's, monitoring, detecting, analyzing, and responding to cybersecurity threats in real time. This position is responsible for safeguarding the City's digital infrastructure by leveraging advanced security tools, threat intelligence, and incident response protocols. The ideal candidate will have hands-on experience in a SOC environment, a strong understanding of cyber threat landscapes, and the ability to collaborate across departments. Essential Functions Monitor and analyze security events using SIEM and other SOC tools. Detect, investigate, and respond to cybersecurity incidents. Conduct vulnerability assessments and penetration testing. Document and communicate risks, incidents, and remediation plans. Develop and maintain security monitoring procedures and incident response playbooks. Track and report on the effectiveness of security controls and technologies. Support compliance efforts with relevant regulatory frameworks (e.g., NIST, CJIS, HIPAA). Participate in security projects and continuous improvement initiatives. Perform other duties as assigned. Competencies, Knowledge, Skills and Abilities An Information Security Analyst plays a critical role in protecting the City's information systems and data from security breaches, cyber threats, and other vulnerabilities. Some core competencies required for this position include, but not limited to: Technical Proficiency Experience with SIEM, EDR, IDS/IPS, firewalls, and vulnerability management tools. (e.g, Splunk, Crowdstrike, Nessus, Rapid7, CloudFlare) Strong understanding of Windows, Linux, and network security principles. Familiarity with GRC platforms and forensic tools. Cybersecurity Expertise Knowledge of threat intelligence, attack vectors, and incident response. Understanding of regulatory frameworks (e.g, NIST, HIPAA, CJIS, PCI-DSS, OWASP, etc.). Ability to conduct ethical hacking and penetration testing using available tools is preferred but not required. Analytical & Communication Skills Strong critical thinking and problem-solving abilities. Ability to communicate technical issues to non-technical stakeholders. Skilled in writing clear, actionable reports and documentation. Professional Attributes High ethical standards and commitment to confidentiality. Adaptability to evolving threats and technologies. Collaborative mindset and ability to work across departments. Continuous learner and cybersecurity community contributor. Qualifications Minimum of 3 years of experience in a SOC or cybersecurity analyst role. Experience in government, higher education, or large enterprise environments preferred. Bachelor's degree in Computer Science, Information Security, or related field preferred. Relevant industry and/or vendor certifications (e.g., CompTIA Security+, CEH, GCIA, GCIH, CISSP) required. Must pass a CJIS background check. Must be a Philadelphia resident within six months of hire. Or an acceptable combination of the above acceptable to OIT. Additional Information Salary: $70k-$90k Important: To be considered, candidates must provide a cover letter and resume. All applications should include the following: • A one-page cover letter clarifying your interest and qualifications for the role. It really helps us understand why you're interested in this position. We read every single one! • Your resume or curriculum vitae. • Optionally, an online professional portfolio or public GitHub account. We won't accept or review incomplete applications. Work Setting: in-person (onsite) Discover the Perks of Being a City of Philadelphia Employee: • We offer Comprehensive health coverage for employees and their eligible dependents • Our wellness program offers eligibility into the discounted medical plan • Employees receive paid vacation, sick leave, and holidays • Generous retirement savings options are available • Pay off your student loans faster - As a qualifying employer, City of Philadelphia employees are eligible to participate in the Public Service Loan Forgiveness program. Join the ranks of hundreds of employees who have already benefited from this program and achieved student loan forgiveness. • Enjoy a Free Commute on SEPTA - Starting September 1, 2023, eligible City employees will no longer have to worry about paying for SEPTA public transportation. Whether you're a full-time, part-time, or provisional employee, you can seize the opportunity to sign up for the SEPTA Key Advantage Program and receive free Key cards for free rides on SEPTA buses, trains, trolleys, and regional rails. • Unlock Tuition Discounts and Scholarships - The City of Philadelphia has forged partnerships with over a dozen esteemed colleges and universities in the area, ensuring that our employees have access to a wide range of tuition discounts and scholarships. Experience savings of 10% to 40% on your educational expenses, extending not only to City employees but in some cases, spouse and dependents too! Join the City of Philadelphia team today and seize these incredible benefits designed to enhance your financial well-being and personal growth! *The successful candidate must be a city of Philadelphia resident within six months of hire Effective May 22, 2023, vaccinations are no longer required for new employees that work in non-medical, non-emergency or patient facing positions with the City of Philadelphia. As a result, only employees in positions providing services that are patient-facing medical care (ex: Nurses, doctors, emergency medical personnel), must be fully vaccinated. The City of Philadelphia is an Equal Opportunity employer and does not permit discrimination based on race, ethnicity, color, sex, sexual orientation, gender identity, religion, national origin, ancestry, age, disability, marital status, source of income, familial status, genetic information or domestic or sexual violence victim status. If you believe you were discriminated against, call the Philadelphia Commission on Human Relations at ************ or send an email to *****************.

Department Description At Disney, we're storytellers. We make the impossible, possible. The Walt Disney Company (TWDC) is a world-class entertainment and technological leader. Walt's passion was to continuously envision new ways to move audiences around the world-a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences - and we're constantly looking for new ways to enhance these exciting experiences. The Enterprise Technology mission is to deliver technological solutions that align to business strategies while enabling enterprise efficiency and promoting cross-company collaborative innovation. Our group drives competitive advantage by enhancing our consumer experiences, enabling business growth, and advancing operational excellence. The Global Information Security (GIS) organization strives to secure the magic by employing best-in-class services to assess, prevent, detect, and respond to cyber threats that present risk to The Walt Disney Company. We enable the business by integrating enterprise and business segment-specific supported services to create a robust, efficient, and adaptable cybersecurity program. Our key objectives are to: * Secure the Magic by protecting information systems and platforms. * Reduce Risk by proactively assessing, preventing, and detecting to prevent harm to the Company and our Guests. * Strengthen the business through optimizing execution, application, and technology used to protect the Company. * Innovate by investing in core capabilities to enhance operational efficiency. Team Description: Global Information Security (GIS) supports all of Disney's business segments, including Disney Entertainment & ESPN (DE&E). DE&E encompasses the operations of Disney's streaming services-Disney+, Hulu, ESPN+, Disney+ Hotstar, Star, and the upcoming Venu Sports streaming service-as well as Disney's broadcast and cable networks, including ABC, ESPN, FX, Disney Channels, and National Geographic. DE&E sits at the intersection of entertainment, sports, and technology, striving to connect viewers with beloved stories while advancing the streaming industry with consumer-first innovations. Security professionals supporting DE&E work with industry-leading technologies to deliver world-class, highly secure services to customers. What You'll Do: * Independent audit support for: * SOX 404 ITGCs * PII * PCI * ISPS * Collaborate with Enterprise Controls and Compliance (ECC) to scope systems and respective ITGCs. * Perform control health checks and remediation testing procedures to address issues identified via audit assessments, access control reviews, internal or external audits and/or other assessments. * Develop and lead the Control Assurance Programs (ISPS and SOX). * Lead Audit Readiness efforts to ensure proper system scoping and respective ITGCs, control validations and timely program onboarding. * Participate in audit walkthrough meetings to help establish internal testing procedures to gain operational comfort in the design of the Company's automated controls. * This includes control self-evaluations of new controls or processes that impact the effectiveness of an existing control. * Perform impact analysis and risk assessment on deficiency findings and documentation associated with the assessment. * Work with management and internal audit on maintaining the master Risk and Control Matrix over the systems material to Disney Entertainment and ESPN (Broadcast TV and Streaming - Hulu, Disney+, ESPN+, STAR+ products) * Ensure for timely management response of audit findings into our corporate SOCD/SAD. * Oversee ISPS Management Audit coordination and open action plans. * Provide consultancy to Development leads to identify and implement automation and efficiency opportunities to meet governance and compliance demands. * Management of GRC workflows around coordination of certifications and attestations. * Partner with leadership to support the PCI-DSS compliance program. * Develop training materials, coordinate training sessions, and monitor compliance with training requirements. * Oversee and manage a team of compliance analysts, ensuring day-to-day operations run smoothly and efficiently. * Assign tasks and projects to team members based on priorities, deadlines, and individual strengths. * Provide executive level updates on Compliance programs Must Haves (Years of Experience, languages, programs, tools, etc.): * Minimum of 8 years of related work experience, with 3 in management roles * IT SOX experience and proven experience in supporting IT audit/compliance functions * Experience in managing people * Thorough understanding of SOX ITGC and ICFR 404 standards and audit objectives * Interpersonal skills with the ability to work with teams cross-functionally * Strong verbal and written communication skills and ability to effectively communicate to technical and non-technical audiences, including developers and tech operators * Detail-oriented but able to understand the big picture. Highly organized and efficient * Ability to navigate through ambiguity, manage and coordinate multiple project assignments simultaneously in a fast-paced, deadline-driven environment, accepting ownership and accountability of the process and deliver on commitments * Experience with cloud-based services, specifically AWS Nice To Haves (see above): * Experience and knowledge of NIST framework, ISO 27001, K-ISMS, GDPR * Experience working with companies that have a heavy microservice architecture Education: Bachelor's degree in Computer Science, CPA license, Information Systems, Software, Electrical or Electronics Engineering, or comparable field of study, and/or equivalent work experience The hiring range for this position in Glendale, CA and Santa Monica, CA is $141,900 to $190,300 per year and in New York, NY is $148,700 to $199,400 per year. The base pay actually offered will take into account internal equity and also may vary depending on the candidate's geographic region, job-related knowledge, skills, and experience among other factors. A bonus and/or long-term incentive units may be provided as part of the compensation package, in addition to the full range of medical, financial, and/or other benefits, dependent on the level and position offered. About The Walt Disney Company (Corporate): At Disney Corporate you can see how the businesses behind the Company's powerful brands come together to create the most innovative, far-reaching and admired entertainment company in the world. As a member of a corporate team, you'll work with world-class leaders driving the strategies that keep The Walt Disney Company at the leading edge of entertainment. See and be seen by other innovative thinkers as you enable the greatest storytellers in the world to create memories for millions of families around the globe. About The Walt Disney Company: The Walt Disney Company, together with its subsidiaries and affiliates, is a leading diversified international family entertainment and media enterprise that includes three core business segments: Disney Entertainment, ESPN, and Disney Experiences. From humble beginnings as a cartoon studio in the 1920s to its preeminent name in the entertainment industry today, Disney proudly continues its legacy of creating world-class stories and experiences for every member of the family. Disney's stories, characters and experiences reach consumers and guests from every corner of the globe. With operations in more than 40 countries, our employees and cast members work together to create entertainment experiences that are both universally and locally cherished. This position is with Disney Worldwide Services, Inc., which is part of a business we call The Walt Disney Company (Corporate). Disney Worldwide Services, Inc. is an equal opportunity employer. Applicants will receive consideration for employment without regard to race, religion, color, sex, sexual orientation, gender, gender identity, gender expression, national origin, ancestry, age, marital status, military or veteran status, medical condition, genetic information or disability, or any other basis prohibited by federal, state or local law. Disney champions a business environment where ideas and decisions from all people help us grow, innovate, create the best stories and be relevant in a constantly evolving world. Apply Now Apply Later Current Employees Apply via My Disney Career Explore Location

Founded over 35 years ago, First Quality is a family-owned company that has grown from a small business in McElhattan, Pennsylvania into a group of companies, employing over 5,000 team members, while maintaining our family values and entrepreneurial spirit. With corporate offices in New York and Pennsylvania and 8 manufacturing campuses across the U.S. and Canada, the companies within the First Quality group produce high-quality personal care and household products for large retailers and healthcare organizations. Our personal care and household product portfolio includes baby diapers, wipes, feminine pads, paper towels, bath tissue, adult incontinence products, laundry detergents, fabric finishers, and dishwash solutions. In addition, we manufacture certain raw materials and components used in the manufacturing of these products, including flexible print and packaging solutions. Guided by our values of humility, unity, and integrity, we leverage advanced technology and innovation to drive growth and create new opportunities. At First Quality, you'll find a collaborative environment focused on continuous learning, professional development, and our mission to Make Things Better. We are actively seeking an experienced Cyber Security Analyst to join our Security Operations Center in Great Neck, New York, or work in a hybrid capacity from CT, GA, NY, NJ, PA, or SC. In this role, you will be responsible for incident detection, investigation and response, rules development tuning and improvement, defining and developing automations, and incorporating Threat Intelligence and Threat Hunting activities to enhance detection and mitigation strategies. Primary responsibilities include: * Incident Detection and Response - Monitor and analyze alerts generated by SIEM/SOAR platforms and user reports, investigate security incidents, and execute containment and eradication procedures to minimize impact and restore normal operations. * Tuning & Optimization - Continuously refine detection rules and SOC processes to reduce false positives, enhance detection accuracy, and improve overall operational efficiency. * Research & Development - Explore emerging threats and attack techniques to develop and implement new detection rules to expand visibility and strengthen the organization's security posture. * Threat Hunting - Proactively hunt for hidden threats by analyzing logs and identifying gaps missed by existing security tools and improve security posture. * Threat Intelligence - Review threat intelligence feeds, channels and articles to identify potential risks and proactively strengthen defenses. * Automation Development - Design, implement, and maintain automation solutions to streamline SOC workflows, reduce manual effort, and accelerate incident response times. * Reporting - Prepare and present comprehensive reports on key SOC activities, metrics, and security trends to stakeholders and management. * Penetration Testing - Participate in Red and Purple Team exercises to assess and improve the effectiveness of security controls and incident response capabilities. The ideal candidate should possess the following: * Bachelor's degree in Computer Security, Cybersecurity, Information Security, or a related field preferred. Additional relevant experience may be considered in lieu of a degree. * Experience with advanced SIEM content development, including custom correlation rules, dashboards, and reporting. * Minimum of 1 year of experience working in a Security Operations Center (SOC) environment, either in-house or with a Managed Security Service Provider (MSSP). * Proficiency in scripting languages such as Python, PowerShell, or Bash for automating security tasks and processes. * Direct involvement in end-to-end incident response, including root cause determination and post-incident reporting. * Experience monitoring and securing cloud environments (e.g., Microsoft Azure, AWS, Google Cloud Platform). * Hands-on experience working with SIEM (e.g. Splunk, Microsoft Sentinel, Qradar) * Familiarity with EDR solutions like CrowdStrike, SentinelOne, Microsoft Defender for Endpoint or Cortex XDR. * Understanding and familiarity with interpreting common log sources for monitoring and investigation (e.g. Firewall, Azure AD, Windows Security Log, Email, Proxy\URL Filtering etc.) * Solid grasp of prevalent attack types, including phishing, brute-force attacks, malware, and data exfiltration techniques. * Excellent verbal and written communication skills, with the ability to collaborate effectively with team members both within and outside the SOC. * High level of situational awareness and problem sensitivity, with the ability to proactively identify issues and escalate concerns as appropriate. * Demonstrated proactive mindset, strong sense of responsibility, and urgency in addressing security incidents and tasks. * Ability to work independently, manage multiple priorities, and succeed in a fast-paced, dynamic environment. * Strong motivation and willingness to continually learn and grow, adapting to new tools and evolving threat landscapes. What We Offer You We believe that by continuously improving the quality of our benefits, we can help to raise the quality of life for our team members and their families. At First Quality you will receive: * Competitive base salary and bonus opportunities * Paid time off (three-week minimum) * Medical, dental and vision starting day one * 401(k) with employer match * Paid parental leave * Child and family care assistance (dependent care FSA with employer match up to $2500) * Bundle of joy benefit (year's worth of free diapers to all team members with a new baby) * Tuition assistance * Wellness program with savings of up to $4,000 per year on insurance premiums * ...and more! The estimated annual base salary range for this position is $110,000 - $140,000. Base pay is only part of our total compensation package, which also includes an attractive annual discretionary bonus and robust suite of employee benefits for which you are eligible to participate in starting on your first day of employment. Base pay offered will be determined on an individualized basis and we will consider your location, experience, and other job-related factors. First Quality is committed to protecting information under the care of First Quality Enterprises commensurate with leading industry standards and applicable regulations. As such, First Quality provides at least annual training regarding data privacy and security to employees who, as a result of their role specifications, may come in to contact with sensitive data. First Quality is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, sexual orientation, gender identification, or protected Veteran status.

The Cloud Security Specialist is a senior technical and leadership position responsible for implementing, managing, and continuously improving cloud security across multi cloud environments including AWS, Azure, Google Cloud, and Oracle Cloud Infrastructure (OCI).This role combines hands on technical execution with team leadership. The successful candidate will lead a team of cloud security engineers, develop secure architectures, and manage enterprise grade cloud security solutions such as Cloud Security Posture Management (CSPM), Cloud Workload Protection (CWP), Container Security, API Security, and AI Security Posture Management (AISPM).The individual will partner with cloud service, DevOps, and application teams to design secure deployments, enforce policies, and integrate automation for vulnerability remediation, threat detection, and compliance. They will also implement secure private connectivity between cloud and on premise networks using technologies such as AWS PrivateLink and Azure ExpressRoute. Required Education/Experience * Master's Degree and with 3 years of relevant experience IT or Information security or * Bachelor's Degree and with 5 years of relevant experience IT or Information security or * Associate's Degree and with 6 years of relevant experience IT or Information security or * High School Diploma/GED and with 8 years of relevant experience IT or Information security. Preferred Education/Experience * Master's Degree in Cybersecurity, Computer Engineering, Computer Science, Information Systems Security, Information Technology. and 3 years in Information security, Cloud Security or Cloud Architect in a senior technical role. With certifications such as CCSP, AWS Certified Security, Azure Security Engineer Associate, or GCP Cloud Security Engineer. Experience in cloud security or cloud architecture. Experience with CSPM, CWP, AISPM, and API security implementations. Handson work with identity management, hybrid connectivity (PrivateLink, ExpressRoute). * Bachelor's Degree in Cybersecurity, Computer Engineering, Computer Science, Information Systems Security, Information Technology. and 5 years in Information security, Cloud Security or Cloud Architect in a senior technical role. With certifications such as CCSP, AWS Certified Security, Azure Security Engineer Associate, or GCP Cloud Security Engineer. Experience in cloud security or cloud architecture. Experience with CSPM, CWP, AISPM, and API security implementations. Handson work with identity management, hybrid connectivity (PrivateLink, ExpressRoute). Relevant Work Experience * Handson experience with at least two major cloud providers (AWS, Azure, GCP, or OCI), required. * Implementation and management experience with CSPM, CWP, AISPM, and API security platforms, required. * Knowledge of IAM, rolebased access control, and policy enforcement, required. * Experience integrating cloud telemetry and logs with SIEM tools, required. * Understanding of hybrid connectivity and private link technologies (PrivateLink, ExpressRoute), required. * Experience with scripting (Python, PowerShell, Bash) and automation, required. * Experience with WAF and cloud API gateway configurations, required. * Strong understanding of cloud network fundamentals and background in cloud network security, and secure architecture design, required. * Experience collaborating with cloud service teams for planning and remediation, required. * Experience implementing application security best practices and training engineering teams, required. * Familiarity with CDN operations, certificates, and brand monitoring preferred, required. * Experience with SIEM integration, telemetry collection, and event analysis, preferred. * Demonstrated experience leading technical teams or project groups, preferred. * Experience with Container Security, preferred. * Experience securing API endpoints and implementing advanced cloud application protections, preferred. * Knowledge of AI/ML data protection and secure model deployment practices, preferred. * Experience integrating security automation into DevSecOps workflows using Terraform or Ansible, preferred. * Experience developing and delivering cloud security training and awareness programs, preferred. Skills and Abilities * Effective leadership skills * Demonstrated problem solving skills * Demonstrated problem solving skills * Strong written and verbal communication skills * Ability to drive multiple projects to successful completion * Proactively approaches responsibilities Licenses and Certifications * Driver's License Required * Other: CISSP, CCNP Security, GSEC, GCIH, CEH, or equivalent certifications. Preferred * Other: CCSP, AWS Certified Security, Azure Security Engineer Associate, GCP Professional Cloud Security Engineer, or OCI Security Professional. Preferred Physical Demands * Ability to push, pull, and lift up to 25 pounds * Sit or stand to use a keyboard, mouse, and computer for the duration of the workday Additional Physical Demands * The selected candidate will be assigned a System Emergency Assignment (i.e., an emergency response role) and will be expected to work non-business hours during emergencies, which may include nights, weekends, and holidays. * The selected candidate will be assigned a System Emergency Assignment (i.e., an emergency response role) and will be expected to work non-business hours during emergencies, which may include nights, weekends, and holidays. Core Responsibilities * Lead and mentor a team of cloud security engineers, fostering technical excellence and professional growth. * Architect and maintain secure multi-cloud environments across AWS, Azure, GCP, and OCI in partnership with Enterprise Architecture. * Deploy and manage CSPM platforms to drive continuous visibility, compliance, and risk posture improvement. * Implement CWP solutions to protect cloud workloads, prevent threats, and manage vulnerabilities effectively. * Define and enforce IAM policies and least-privilege principles to strengthen identity security across all platforms. * Design and secure private and hybrid connectivity using technologies such as AWS PrivateLink, Azure ExpressRoute, and Google Cloud Interconnect. * Integrate cloud telemetry and security events with SIEM systems to enhance incident detection and response capabilities. * Automate provisioning, configuration, and remediation workflows using IaC tools like Terraform and Ansible, supported by Python or PowerShell scripting. * Implement and manage WAF policies and API gateways to safeguard cloud applications and services. * Partner with DevOps and engineering teams to embed security within CI/CD pipelines and promote secure development practices. * Collaborate with risk and architecture teams to assess emerging technologies and align them with enterprise security strategy. * Stay informed on evolving threats, regulatory frameworks, and AI security trends to continuously improve cloud security posture.

Opportunity Information Security Analyst to support cybersecurity initiatives across various network systems, focusing on protecting data integrity and system security. They will implement the Risk Management Framework, conduct audits, monitor for vulnerabilities, manage encryption, and respond to security breaches. The Information Security Analyst will also perform routine IT tasks with varying complexity to maintain overall system protection. Key Responsibilities Implement and manage the Risk Management Framework (RMF) to ensure compliance and secure system operations Provide ongoing cybersecurity support across a variety of network systems Conduct IT audits, develop and refine monitoring strategies, review access controls, identify system vulnerabilities, manage data encryption, and respond to security incidents Perform a range of routine and complex IT tasks to support daily operations and system integrity Safeguard the confidentiality, integrity, and availability of computer networks, systems, and data Qualifications Requirements Bachelor's Degree and 4+ years of experience OR, Associate's degree with 6+ years of experience OR, High School Degree and 10+ years of experience ISC2, CISSP, or similar certification with customer approval Active Top Secret or Q security clearance Preferred Qualifications Excellent customer support experience and soft skills to ensure end-user satisfaction Ability to lead small teams or projects through cross functional coordination/collaboration with other departments Assist key stakeholders in overall project execution and find solutions through creative problem solving Ability to demonstrate proven success with adaptability - willingness to evolve with technology while ensuring data accuracy standards Salary 100-130k About IMG Founded in 1987, IMG is a leading small business that exemplifies competence, integrity and follow-through. We consistently provide customer focused professional services, which ensures our company is recognized for continually exceeding expectations. We believe that at the core of our success stand our people. Our people have provided professional services in the Information Technology field for our customers with a commitment to customer satisfaction for over 35 years. IMG Benefits: Health, dental, vision, and life insurance Short term and long term disability insurance 401(k) with generous company match Health Savings Accounts (HSA) Personal leave plus paid federal holidays Professional development and training assistance IMG is an equal opportunity employer including disability and protected veterans or other characteristics protected by law.

Akkodis is seeking a Network Security Analyst for a Contract with a client in New York, NY. Candidates will develop and enforce network security strategies while managing firewalls, VPNs, and intrusion detection systems across enterprise environments. Rate Range: $53/hour to $68/hour; The rate may be negotiable based on experience, education, geographic location, and other factors. Network Security Analyst job responsibilities include: * Develop and enforce network security policies and procedures to ensure compliance with regulatory standards and organizational goals. * Deploy, manage, and monitor security technologies such as firewalls (Fortinet, Cisco, Palo Alto), intrusion detection systems, VPNs, and proxies. * Conduct risk assessments and vulnerability scans to identify, analyze, and mitigate potential threats across the network. * Lead incident response and recovery efforts, including troubleshooting high-severity security breaches and coordinating break-fix activities. * Collaborate with IT and business teams to integrate security into system designs and provide solutions aligned with current security trends. * Generate and maintain performance dashboards and reports to track security operations, drive improvements, and support governance. Required Qualifications: * Bachelor's degree in computer science, Information Security, or a related field (Master's preferred). * Minimum of 10 years in network security and IT security operations. * Proven expertise in managing enterprise firewall systems (Fortinet, Cisco, Palo Alto). * Strong communication skills and experience in project management and security governance. If you are interested in this role, then please click APPLY NOW. For other opportunities available at Akkodis, or any questions, feel free to contact me at **********************************. Pay Details: $53.00 to $68.00 per hour Benefit offerings available for our associates include medical, dental, vision, life insurance, short-term disability, additional voluntary benefits, EAP program, commuter benefits and a 401K plan. Our benefit offerings provide employees the flexibility to choose the type of coverage that meets their individual needs. In addition, our associates may be eligible for paid leave including Paid Sick Leave or any other paid leave required by Federal, State, or local law, as well as Holiday pay where applicable. Equal Opportunity Employer/Veterans/Disabled Military connected talent encouraged to apply To read our Candidate Privacy Information Statement, which explains how we will use your information, please navigate to ************************************************* The Company will consider qualified applicants with arrest and conviction records in accordance with federal, state, and local laws and/or security clearance requirements, including, as applicable: * The California Fair Chance Act * Los Angeles City Fair Chance Ordinance * Los Angeles County Fair Chance Ordinance for Employers * San Francisco Fair Chance Ordinance Massachusetts Candidates Only: It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.

New York, New York, United States of America **Hours:** 40 **Pay Details:** $95,000 - $164,000 USD TD is committed to providing fair and equitable compensation opportunities to all colleagues. Growth opportunities and skill development are defining features of the colleague experience at TD. Our compensation policies and practices have been designed to allow colleagues to progress through the salary range over time as they progress in their role. The base pay actually offered may vary based upon the candidate's skills and experience, job-related knowledge, geographic location, and other specific business and organizational needs. As a candidate, you are encouraged to ask compensation related questions and have an open dialogue with your recruiter who can provide you more specific details for this role. **Line of Business:** Technology Solutions **Job Description:** The Information Security Specialist defines, develops and/or implements Technology Controls / Information Security related policies, programs, tools and provides specialized expertise and guidance on assessing risks, identifying potential gaps and providing security solutions to mitigate risks and protect the Bank. Participates on projects of moderate to high complexity and provides complex reporting, analysis, and assessments at the functional, business line or enterprise level for own area. **Depth & Scope:** + Participates on complex, comprehensive or large projects and initiatives + Acts as a lead expert resource in technology controls / information security for project teams, the business / organization and/or outside vendors + Has advanced knowledge of organization, technology controls / security/ risk issues **Education & Experience:** + Bachelor's degree preferred + Information security certification / accreditation an asset + 7+ years of relevant experience + Expert knowledge of IT security and risk disciplines and practices **Preferred Qualifications** + CISSP & CISA, PMP Certifications + Strong experience within Information Security Security Risk Assessments **Physical Requirements:** Never: 0%; Occasional: 1-33%; Frequent: 34-66%; Continuous: 67-100% + Domestic Travel - Occasional + International Travel - Never + Performing sedentary work - Continuous + Performing multiple tasks - Continuous + Operating standard office equipment - Continuous + Responding quickly to sounds - Occasional + Sitting - Continuous + Standing - Occasional + Walking - Occasional + Moving safely in confined spaces - Occasional + Lifting/Carrying (under 25 lbs.) - Occasional + Lifting/Carrying (over 25 lbs.) - Never + Squatting - Occasional + Bending - Occasional + Kneeling - Never + Crawling - Never + Climbing - Never + Reaching overhead - Never + Reaching forward - Occasional + Pushing - Never + Pulling - Never + Twisting - Never + Concentrating for long periods of time - Continuous + Applying common sense to deal with problems involving standardized situations - Continuous + Reading, writing and comprehending instructions - Continuous + Adding, subtracting, multiplying and dividing - Continuous The above statements are intended to describe the general nature and level of work being performed by people assigned to this job. They are not intended to be an exhaustive list of all responsibilities, duties and skills required. The listed or specified responsibilities & duties are considered essential functions for ADA purposes. **Who We Are:** TD is one of the world's leading global financial institutions and is the fifth largest bank in North America by branches/stores. Every day, we deliver legendary customer experiences to over 27 million households and businesses in Canada, the United States and around the world. More than 95,000 TD colleagues bring their skills, talent, and creativity to the Bank, those we serve, and the economies we support. We are guided by our vision to Be the Better Bank and our purpose to enrich the lives of our customers, communities and colleagues. TD is deeply committed to being a leader in customer experience, that is why we believe that all colleagues, no matter where they work, are customer facing. As we build our business and deliver on our strategy, we are innovating to enhance the customer experience and build capabilities to shape the future of banking. Whether you've got years of banking experience or are just starting your career in financial services, we can help you realize your potential. Through regular leadership and development conversations to mentorship and training programs, we're here to support you towards your goals. As an organization, we keep growing - and so will you. **Our Total Rewards Package** Our Total Rewards package reflects the investments we make in our colleagues to help them and their families achieve their financial, physical and mental well-being goals. Total Rewards at TD includes base salary and variable compensation/incentive awards (e.g., eligibility for cash and/or equity incentive awards, generally through participation in an incentive plan) and several other key plans such as health and well-being benefits, savings and retirement programs, paid time off (including Vacation PTO, Flex PTO, and Holiday PTO), banking benefits and discounts, career development, and reward and recognition. Learn more (*************************************** **Additional Information:** We're delighted that you're considering building a career with TD. Through regular development conversations, training programs, and a competitive benefits plan, we're committed to providing the support our colleagues need to thrive both at work and at home. **Colleague Development** If you're interested in a specific career path or are looking to build certain skills, we want to help you succeed. You'll have regular career, development, and performance conversations with your manager, as well as access to an online learning platform and a variety of mentoring programs to help you unlock future opportunities. Whether you have a passion for helping customers and want to expand your experience, or you want to coach and inspire your colleagues, there are many different career paths within our organization at TD - and we're committed to helping you identify opportunities that support your goals. **Training & Onboarding** We will provide training and onboarding sessions to ensure that you've got everything you need to succeed in your new role. **Interview Process** We'll reach out to candidates of interest to schedule an interview. We do our best to communicate outcomes to all applicants by email or phone call. **Accommodation** TD Bank is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, status as a protected veteran or any other characteristic protected under applicable federal, state, or local law. If you are an applicant with a disability and need accommodations to complete the application process, please email TD Bank US Workplace Accommodations Program at *************** . Include your full name, best way to reach you and the accommodation needed to assist you with the applicant process. Federal law prohibits job discrimination based on race, color, sex, sexual orientation, gender identity, national origin, religion, age, equal pay, disability and genetic information.

The Director of Information Security & Assurance (ISA) is responsible for establishing and maintaining an enterprise-wide information security program to support the confidentiality, integrity and availability of Seneca Gaming Corporation's information assets. The Director of ISA collaborates and consults with IT management and business units to develop appropriate security controls. The Director leads the development of information security policies, procedures, and best practices and works with internal and external teams to implement and promote compliance with those procedures, best practices and/or regulatory compliance requirements. The Director of ISA is responsible for the development of an information security & assurance strategy within the context of a risk-based approach. This position is responsible for identifying, evaluating and reporting on information security risks in a manner that meets compliance and regulatory requirements. This position requires a visionary leader with strong leadership skills, business acumen and technology. The Director of ISA will work proactively with business units to implement practices that meet defined policies and standards for information security lead IT risk management activities. The Director will report directly to the CIO and provide guidance for all Information Technology Security and Assurance concerns. The Director will also have an indirect reporting relationship to the SGC Audit Committee for audit compliance services. ESSENTIAL FUNCTIONS AND RESPONSIBILITIES: 1. Works in close partnership with VP of Information Technology / CIO to ensure coordinated and effective information security operations across all systems and platforms. 2. Works closely and collaborates with Technical Services, Systems, Network, Operations, Applications and Support teams to ensure alignment between the information security and the enterprise information technology architecture, thus coordinating the strategic planning implicit in these architectures. 3. Leads and oversees the daily operations of the information security & assurance department and develops programs and best practices on information security domains such as access control, telecommunications and network security, risk analysis and security governance, security architecture, cryptography, operational security, application security, and business continuity/disaster recovery. 4. Together with the CIO, develops, implements, and monitors, a strategic, comprehensive enterprise information security and risk management program to ensure the integrity, confidentiality and availability of information owned, controlled or processed by the organization. 5. Manages the enterprise's security organization, consisting of direct reports and indirect reports and leads all hiring, training, staff development, performance management and annual compensation reviews. 6. Identifies legal, regulatory, organizational and other requirements and provides recommendations for managing the risk of non-compliance. Identifies gaps between current and desired risk levels. 7. Develops and communicates organizational information security policies and standards. 8. Leads the development of and provides management oversight for the information security operating and capital budgets and monitors for variances. 9. Creates and manages information assurance and risk management awareness training programs for all employees and approved system users. 10. Acts as the liaison between Internal Audit, Legal, Human Resources and Compliance Departments providing leadership and oversight for audit and information assurance activities. 11. Works directly with the business units to analyze information security risks and recommends appropriate risk treatment options to manage risk to acceptable levels. 12. Provides subject matter expertise to executive management on a broad range of information security standards and best practices, such as CIS, NIST, NIGC MICS, PCI DSS, COBIT, ITIL. 13. Provides strategic and tactical security guidance for all IT projects, including the evaluation and recommendation of technical controls. 14. Creates and facilitates the information assurance risk assessment process, including reporting and oversight of remediation efforts to address negative findings. 15. Collaborates on the development of a secure information technology infrastructure that provides reliable, resilient, responsive and secure enterprise information technology services. 16. Manages security incidents and events to protect corporate IT assets, including intellectual property, fixed assets and the company's reputation. 17. Coordinates the use of external resources involved in the information assurance program, including, but not limited to, interviewing, negotiating contracts and fees, and managing external resources. 18. Assists in the development of effective disaster recovery policies and procedures. 19. Develops business-relevant metrics to measure the efficiency and effectiveness of the program, facilitate appropriate resource allocation and increase the maturity of the security program. QUALIFICATIONS/REQUIREMENTS: Education/Experience: 1. Must be 18 years of age or older upon employment. 2. Bachelor's Degree in an Information Technology related field. 3. Minimum of ten (10) years of experience in an Information Technology management role with a combination of information technology and demonstrable information security and assurance responsibilities. 4. Minimum of five (5) years in Information Technology project management, systems design and integration and experience leading project teams using formal project management methodologies 5. A level of pertinent security/risk-focused certification, e.g. Security+, CISSP, CISM, CISA, CRISC. 6. An equivalent combination of education and/or experience may be substituted for the above requirements. 7. A deep understanding of and extensive experience with implementing network operating systems, systems design and enterprise architecture, systems development lifecycle (SDLC), project management methodology, asset management, access control systems, network communication protocols and topology, security engineering, public key infrastructure and identity and access management concepts. 8. Experience with security/risk-specific program/program component development, e.g. information security governance & continuous improvement, security awareness, vulnerability management, data protection, endpoint protection, identity & access management, cryptography & key management, business continuity/disaster recovery, incident response. 9. Direct experience with IT-based audit processes. 10. Excellent written and verbal communication skills; interpersonal and collaborative skills; and the ability to communicate security and risk-related concepts to technical and nontechnical audiences. 11. Must be a critical thinker with strong problem-solving skills. 12. Knowledge of technological trends and developments in the area of information assurance and risk management. 13. Ability to lead and motivate cross-functional, interdisciplinary teams to achieve tactical and strategic goals. 14. Knowledge of security and control frameworks, such as CIS, NIST, NIGC MICS, PCI DSS, COBIT, and ITIL. 15. Experience with contract and vendor negotiations. 16. High level of personal integrity and ethical standards and the ability to professionally handle confidential matters and exemplify the appropriate level of judgment and maturity. 17. High degree of initiative, dependability and ability to work with little supervision. 18. Must possess and maintain a valid driver's license and be able to substantiate a safe driving record within the parameters acceptable to our liability insurance carrier. Language Skills and Reasoning Ability: 1. Must possess excellent communication skills: listening, writing, speaking, and interpersonal skills. 2. Must have the ability to speak effectively to the public, employees, customers and vendors. 3. Must have the ability to deal effectively and interact well with the customers, vendors and employees. 4. Must have the ability to resolve problems/conflicts in a diplomatic and tactful manner. Physical Requirements and Work Environment: The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. The noise level in the work environment is usually moderately loud. When on the casino floor, the noise levels increase to loud. Must be able to work in an environment where smoking is permitted. 1. Must be able to stand, walk, and move through all areas of the casino. 2. Maintain physical stamina and proper mental attitude to work under pressure in a fast-paced, casino environment and effectively deal with customers, management, employees, and members of the business community in all situations. Salary Starting Rate:$143,936.95 Compensation is negotiable based on experience and education. Each position has varying minimum qualifications. In the absence of fully qualified candidates, some requirements may be waived.

Our award-winning client is seeking a IT Budget & Sourcing Analyst to join their team.Our client is looking for a talented IT Budget & Sourcing Analyst to join our dynamic team. In this role, you'll be a key player in optimizing IT spending, ensuring financial resources are aligned with strategic goals, and identifying cost-saving opportunities. You'll leverage your analytical skills to manage budgets, analyze financial data, and make informed recommendations. Responsibilities: Partnering with IT and business leaders to create and manage IT budgets, ensuring financial resources are aligned with strategic goals. Analyzing IT expenditures, identifying spending trends and variances, and providing valuable insights into the financial performance of IT initiatives. Identifying opportunities to save costs and improve efficiency within the IT department, including analyzing vendor contracts and proposing cost-effective solutions. Tracking IT software licenses, managing contract lifecycles, and assisting in negotiating contracts and pricing with IT vendors. Required Qualifications: A bachelor's degree in business, finance, accounting, MIS, or a related field. 4+ years of experience in a similar role. Strong analytical and problem-solving skills with a passion for data. Excellent communication and interpersonal skills, with the ability to explain complex financial concepts clearly and concisely. The ability to work independently in a dynamic environment and prioritize effectively. Bonus points if you have: Experience with financial modeling and data analysis tools. A strong customer service focus and a proactive approach.