Information security analyst jobs in Camarillo, CA - 186 jobs

at The Azoff Music Company LLC Information Security Analyst About the RoleWe are looking for an Information Security Ånalyst to operate and maintain our information security systems. As a mid-size entertainment company with global reach, we manage sensitive intellectual property and digital assets that demand the highest level of security. This role will be responsible for helping to design, implement, and maintain a robust information security program that aligns with business objectives and compliance requirements. Key Responsibilities Governance, Risk Management, and Compliance Establish and maintain security policies, standards, and procedures that comply with applicable regulations (e.g., GDPR, CCPA, SOC 2, ISO 27001, PCI-DSS). Oversee risk assessments and audits, ensuring remediation plans are executed effectively. Manage vendor security evaluations and third-party risk management programs. Operational Security Oversee incident detection, response, and recovery processes to ensure rapid containment and resolution of security events. Implement and monitor security controls across endpoints, networks, and cloud infrastructure. This may include selecting, implementing, and monitoring security software, reviewing network settings like firewall rules and access policies, inspecting hardware and software for vulnerabilities. Lead vulnerability management, penetration testing, and threat intelligence initiatives. Awareness and Culture Develop and deliver ongoing security training and awareness programs for all employees. Champion a culture of security across departments, ensuring staff understand their role in protecting company assets. Mentor junior technical staff on information security best practices, operations, and technology. Technology and Innovation Partner with IT and digital teams to integrate security into technology architecture and workflows. Evaluate and implement advanced security tools, automation, and analytics for proactive threat management. Stay current with emerging threats, trends, and technologies in cybersecurity and the entertainment industry. Qualifications Bachelor's degree in Computer Science, Information Security, or a related field. 5+ years of progressive experience in information security. Proven experience supporting enterprise security programs, preferably in media, entertainment, or technology environments. Strong knowledge of cloud security, identity and access management, and data loss prevention. Strong knowledge of Conditional Access Policies and Device Compliance in Microsoft Entra ID. Experience implementing and managing SSO and SCIM configurations. Familiarity managing PAM solutions like Microsoft Privileged Identity Management. Strong programming (Python) and/or scripting skills (PowerShell/Bash) Familiarity with common device management tools like Intune, Jamf, Mosyle, Addigy, etc. Professional certifications such as Security +, Network +, CISSP, CCSP or CASP, or similar highly desired. Excellent communication and stakeholder management skills - able to translate complex technical risks into clear business implications. We will not be able to support sponsorship or visas for this position at this time. The base salary range for this role is $120,000 - $150,000 depending upon experience.Our offices are located in Westwood Village, Los Angeles, CA. Employees work in the office Monday through Thursday and from home on Fridays. We offer a very competitive benefits package, annual bonus, and a creative and dynamic working environment. This position is based in California and is subject to California employment laws and workplace safety requirements, including the Company's Covid vaccination policy. Reasonable accommodations will be considered in accordance with applicable law. Successful candidates will be required to show proof of being vaccinated against COVID-19. This requires having a two-dose series and a booster, or a single dose series and a booster. Reasonable accommodations will be considered on a case-by-case basis for exemptions to this requirement in accordance with applicable law. Disclaimer: This job description only provides an overview of job responsibilities that are subject to change. We are an Equal Opportunity Employer

As an Analyst, Information Security (Compliance) you will be part of Team focusing adherence to Macau Cyber Security Law (MCSL), ISO27001 (latest) standard, regulatory requirements, and in-house policies. PRIMARY RESPONSIBILITIES: * Ensure Melco Information Security Policy is compliant with Macau Cyber Security Law (MCSL) and to carried out required activities accordingly. * Enforce Melco Information Security Policy based on industrial standards (e.g. ISO27001 latest) and best practices across all Melco properties and locations * Oversee security control systems to prevent or deal with violation of Information Security Policies and Standards * Review and revise Information Security policies, procedures, standards and checklists periodically to ensure compliance to the latest standards and best practices * Coordinate/support an information security awareness program to deliver risk communication, awareness and training for audiences, which may range from senior leaders to field staff * Coordinate/support internal/external audit activities; perform annual internal audit in conjunction with internal policy, regulation and governance. Ensure audit findings and corrective actions are closed out accordingly * Review change/service request tickets in ticketing system within agreed SLA * Remain informed on current standards, trends and issues in the information security industry * Ensure cloud product (e.g. AWS, Azure, Alibaba) compliance to an array of cyber-security industry frameworks * Support Information Security Operation Calendar activities * Produce required dashboard for management reviews (e. Compliance, Vulnerability reports) QUALIFICATIONS: Experience * 2+ years' working of experience in a related field. * Requires in depth experience and knowledge of enterprise IT concerns and technologies * Experience with managing a compliance and/or security organization, including planning and executing security policies and standards development * Experience in ISO 27001 latest standard * Experience in Macau Cyber Security Law is a plus * 1+ years in information security preferred to include management or administration in least 6 of the following disciplines: * Network Security and firewalls (CCSP/CCIE - Security, CCNA) * Relational Database Security * Remote Access/VPN solutions * Information Security Auditing * Intrusion Detection and Response * Anti-virus systems * Messaging Security * Security policy and procedure development * Windows and Active Directory security * Access management processes * Security benchmarking requirements (CIS) * Security compliance for Regulatory requirements (NERC/SOX/HIPPA/FISMA) * Security Strategic Planning and Risk Management * Web and application based security * Encryption (PKI/Kerberos/SSL) * Cloud Technologies Education * Bachelor's degree in Management Information System, Computer Science, or related disciplines * An information security or other similar technical certification such as Certified Information Systems Auditor (CISA) and Certified Information Systems Security Professional (CISSP) is highly desirable Skills / Competencies * Knowledge of security policies, standards, regulatory requirements such as ISO 27001, PCI-DSS, GDPR, MCSL * Fluent in of written and spoken English. Fluency in Cantonese and Mandarin will also be an advantage * Good knowledge of cloud platforms (e.g. AWS, Azure, Alibaba) a plus * Proven excellence in researching, organizing, writing, and presenting technical information via report writing and presentation (PowerPoint, Excel) * Capacity to work independently and in a team environment, with leadership ability and project management skills * Ability to multi-task and have solid project management skills. * Ability to understand the relationship between business processes, priorities, risk and their underlying * technologies and security risks * Ability to keep pace with a fast pace and growing company * Strong analytical and inter-personal skills to communicate technical information to non-technical background * users PERSONAL COMPETENCIES: * Displays a high commitment to delivering results * Leads others to achieve business objectives * Communicates effectively * Displays the highest level of integrity * Ability to maintain discretion * Self-motivated * Approachable

Job Description Forhyre is seeking a talented individual that will be able to provide security architecture support and interface across the program as needed. This support includes, but is not limited to, cybersecurity solutions, providing technical strategy for solutions, guidance, policy, and implementations. The successful candidate for this position is a highly motivated individual, with a strong IT security background who excels integrating, operating, and deploying security technology and solutions and interacts well with both internal teams and clients. Note: U.S. citizens and those authorized to work in the U.S. are encouraged to apply. We are unable to sponsor at this time. Responsibilities: Engineer, implement and monitor security measures for the protection of computer systems, networks and information Develop and implement security policies and controls to support the Cyber Security framework Manage the existing cyber security training program across global, multilingual business Assists in ensuring global Information security program meets all industry regulations, standards, and compliance requirements Drive adoption of infrastructure security best practices and work with Information Technology teams to ensure security standards are maintained Implement technology to proactively scan Information Technology environment for security breaches and suspicious activity Continuous improvement in the areas of Information Security technologies, techniques and processes Develops and maintains an effective system for the distribution of regular key performance indicator reports and dashboard Ability to interpret penetration test results and describe issues and fixes to non-security expert Responsible for leading an accurate & comprehensive status reporting to the executive steering committee Create and implement SOP/ process improvement initiatives to achieve outcomes that align or exceed the expectations of strategic roadmap Skills & Experience Bachelor's degree and 12+ years of experience; additional years of directly applicable experience may be accepted in lieu of a degree. Certified Information Systems Security Professional (CISSP) 8+ years hands-on experience designing or implementing security solutions, including all related documentation and artifacts Analytical ability, problem-solving skills, and ability to break down complex problems into actionable steps Extensive experience in design and development of enterprise security architectures. Experience must include a wide range of work in creating diagrams and documentation with all components that comprise IT systems including network topology. Strong knowledge and experience in secure enterprise architecture design, especially with regard to IAM, NDR, EDR, SIEM, AI/ML, and other cybersecurity tools and resultant applications Experience selecting effective methods, techniques, and evaluation criteria to achieve desired outcomes Previous experience developing architectures, strategies, strategic plans, roadmaps, and technical standards for the federal IT enterprise environment. Vulnerability Assessment testing and/or Penetration Testing (preferred) Robotic Process Automation/Intelligent Automation (preferred) Business case development supporting security technology solutions (preferred) Additional certifications demonstrating cybersecurity/technical mastery (preferred)

Job Description Mount Indie is seeking a highly skilled and experienced Cyber Accreditation Specialist with 5+ years of experience for Department of Defense (DoD) programs at the Naval Base Point Mugu located near Camarillo, CA. The Cyber Accreditation Specialist will be responsible for the development, coordination, and maintenance of cyber accreditation packages, primarily focusing on Risk Management Framework (RMF) artifacts, inheritance mapping, and Plan of Action & Milestones (POA&M) management supporting the Navy's Authority To Operate initiatives. This role ensures compliance with relevant DoD and federal cybersecurity guidelines and contributes to our organization's mission support objectives by securing critical Navy information systems. Responsibilities Cyber Accreditation Package Development: Develop and maintain RMF artifacts, including System Security Plans (SSP), generate & control implementation evidence, inheritance maps, and POA&Ms Coordination and Compliance: Coordinate with Authorizing Officials (AO) and Information System Security Managers (ISSM) to define an Authority to Operate (ATO) plan, develop an interim risk acceptance strategy, and manage control inheritance from enterprise services and range systems Reference Compliance: Ensure that all activities and documentation are compliant with the latest DoD and federal cybersecurity standards, such as: DoDI 8510.01 Risk Management Framework (RMF) NIST SP 800-53 Rev. 5 NIST SP 800-171 (CUI) DoD Zero Trust Reference Architecture DoD Cloud Security Requirements Guide (SRG) / FedRAMP baselines (aligned to IL5 unless otherwise directed) Qualifications 5+ years of experience in cybersecurity, specifically in the development and coordination of cyber accreditation packages BS or BA degree in Cybersecurity, Information Technology, or a related field. An additional 6 years of relevant work experience may be substituted for a bachelor's degree, or 4 additional years of work experience with a relevant associate degree. Active Secret Clearance Demonstrated experience with RMF, SSP development, and POA&M management Familiarity with DoD and federal cybersecurity guidelines, including DoDI 8510.01, NIST SP 800-53 Rev. 5, NIST SP 800-171, DoD Zero Trust Reference Architecture, and DoD Cloud SRG/FedRAMP baselines Strong analytical and problem-solving skills Ability to effectively coordinate and communicate with various stakeholders, including AO, ISSM, and other cybersecurity professionals Current Security+ Certificate IAM Level 2 as per DoD Directive 8570.01; and experience working with the DIACAP/Risk Management Framework processes Excellent communication and interpersonal skills-verbal, non-verbal, written, and listening-for staff, customer and organizational level communications, both formal and informal Ability to work independently, self-starter Working knowledge and use of Microsoft Office suite programs, MS Word, Excel, Access, and PowerPoint Preferred Qualifications: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or equivalent certification Experience with cloud security and FedRAMP compliance

Description & Requirements Maximus is seeking a qualified Sr. Technical/Security Analyst for multiple projects, current and upcoming. The qualified candidate will be involved in technical/security planning and assessment projects with potentially multiple state agencies. The position requires the candidate to produce/review security relevant documentation, such as system security plans, POA&Ms, assessment plans, etc., produce technical/security analyses, develop estimates, review and contribute to requirements for large systems-planning efforts in the Child Support, Child Welfare and/or Integrated Eligibility public-sector domains. The individual will report directly to a Senior Manager. Maximus is a matrix-managed organization, which means the individual will have secondary reporting relationships to one or more Project Managers, depending on which projects they are assigned. *This role is remote but requires working standard business hours in the US time zone of the client. This position is contingent upon award. * Essential Duties and Responsibilities: - Collaborate with project managers on various initiatives and projects to track progress and provide support as necessary. - Support leadership in ensuring that the project is delivered to specifications, is on time, and within budget. - Work closely with management and work groups to create and maintain work plan documents. - Track the status and due dates of projects. - Manage relationships with project staff responsible for projects. - Produce regular weekly and monthly status reports that could include; work plan status, target dates, budget, resource capacity, and other reports as needed. - Facilitate regular meetings and reviews. - Adhere to contract requirements and comply with all corporate policies and procedures. Job Specific Duties and Responsibilities: -Perform duties independently under the direction of their direct manager and/or Project Managers on specific projects. -Review project documentation and client materials and provide analysis of technical and security related topics. -Participate in client meetings and offer observations and insight on technical and security related topics. -Identify risk areas and potential problems that require proactive attention. -Review and author artifacts and other project documents and identify potential gaps, inconsistencies, or other issues that may put the project at risk. Such artifacts and documents may include but are not limited to: *System Security Plan *Plan of Action and Milestones (POA&M) *Security Assessment Plan *Risk Assessment reports *CMS ARC-AMPE forms and documentation *Data Conversion and Migration Management Plan *Deployment and/or roll-out plans -Perform security assessments, lead security audit and assessment activities, and provide direct security oversight support to assigned clients and projects. -Identify and escalate to the Senior Manager / Project Manager risks, alternatives, and potential quality issues. -Attend interviews, focus groups, or other meetings necessary to gather information for project deliverables in accordance with the project scope of work. -Attend project meetings with the client, subcontractors, project stakeholders, or other Maximus Team members, as requested by the Senior Manager / Project Manager. -Complete project work in compliance with Maximus standards and procedures. -Support team to complete assigned responsibilities as outlined in the Project schedule. -Support all other tasks assigned by Senior Manager / Project Manager. Minimum Requirements - Bachelor's degree in related field. - 7-10 years of relevant professional experience required. - Equivalent combination of education and experience considered in lieu of degree. Job Specific Requirements: -Be available to work during standard client business hours. Projects may involve clients from any US time zone, so it is possible that work outside of the individual's local business hours will be required. -Bachelor's degree from an accredited college or university, or equivalent work experience. -7+ years of experience in information security, with at least 3 years of security-compliance work in a regulated industry. -5+ years of experience working with HIPAA, NIST 800-53 and/or CMS MARS-E or ARC-AMPE security frameworks. -Familiar with operating systems: Windows, Linux/UNIX, OS/X. -Familiar with AI tools, capabilities. -Strong command of cloud computing topics. -Strong command of agile software development practices as well as waterfall development practices. -Strong desktop software skills: proficient in MS Office, Excel, Word, Project. -Ability to explain and communicate technical subjects to non-technical audiences. -Ability to develop advanced concepts, techniques, and standards requiring a high level of interpersonal and technical skills. -Ability to work independently. -Good organizational skills and the ability to manage multiple tasks and deadlines simultaneously. -Strong interpersonal and team building skills, as well as an understanding of client relationship building are essential. -Excellent verbal and writing skills and be comfortable working with customers. -Ability to multi-task with supervision. -Self-motivated fast learner. Preferred Skills: -Prefer a candidate with experience in the Health & Human Services industry, which may include working with programs such as Child Support, Child Welfare, or Integrated Eligibility (SNAP, TANF, and Medicaid). -Preference for security related certifications, such as the CISSP (Certified Information Systems Security Professional). EEO Statement Maximus is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, age, national origin, disability, veteran status, genetic information and other legally protected characteristics. Pay Transparency Maximus compensation is based on various factors including but not limited to job location, a candidate's education, training, experience, expected quality and quantity of work, required travel (if any), external market and internal value analysis including seniority and merit systems, as well as internal pay alignment. Annual salary is just one component of Maximus's total compensation package. Other rewards may include short- and long-term incentives as well as program-specific awards. Additionally, Maximus provides a variety of benefits to employees, including health insurance coverage, life and disability insurance, a retirement savings plan, paid holidays and paid time off. Compensation ranges may differ based on contract value but will be commensurate with job duties and relevant work experience. An applicant's salary history will not be used in determining compensation. Maximus will comply with regulatory minimum wage rates and exempt salary thresholds in all instances. Accommodations Maximus provides reasonable accommodations to individuals requiring assistance during any phase of the employment process due to a disability, medical condition, or physical or mental impairment. If you require assistance at any stage of the employment process-including accessing job postings, completing assessments, or participating in interviews,-please contact People Operations at **************************. Minimum Salary $ 120,000.00 Maximum Salary $ 140,000.00

Job Description About the Role: The Information Security Risk Specialist plays a critical role in safeguarding an organization's information assets by identifying, assessing, and mitigating security risks. This position involves developing and implementing risk management strategies that align with business objectives and regulatory requirements. The specialist will collaborate with cross-functional teams to ensure security controls are effective and that risk exposure is minimized.The ideal candidate must have an understanding of current and emerging technological trends and be able to implement appropriate security controls. Also requires an awareness of IT standards, regulations, and laws affecting financial institutions. They are responsible for examining applications from new customers, requesting supportive and missing data and information, and working with other departments to classify data. Understanding the way the Bank operates and the various internal and external factors that may affect its performance and information security is vital to this role. Strong communication skills are also necessary to communicate technological concepts and techniques in daily work. Analytical thinking skills are also crucial, as they must apply a high level of technical knowledge and skill while working in a fast-paced environment. This role also requires strong problem-solving skills and the ability to work independently to successfully perform the assigned tasks. Must learn effective methods to manage risk and have the ability to analyze complex data, interpret laws, and represent management views. Good understanding of all risk-related issues and procedures relating to bank products and services. Minimum Qualifications: Bachelor's degree in Information Security, Computer Science, or a related field. At least 3 years of experience in information security risk management or a similar role. Strong understanding of risk assessment methodologies and information security frameworks such as NIST, ISO 27001, or CIS Controls. Familiarity with regulatory requirements such as GDPR, HIPAA, or SOX. Excellent analytical, communication, and problem-solving skills. Preferred Qualifications: Professional certifications such as CISSP, CISM, CRISC, or equivalent. Experience with security governance, risk, and compliance (GRC) tools. Knowledge of cloud security risk management and emerging technologies. Experience working in a large enterprise or highly regulated industry. Advanced degree in cybersecurity, risk management, or business administration. Responsibilities: Conduct comprehensive risk assessments to identify potential threats to information systems and data. Develop, implement, and maintain risk management frameworks and policies in accordance with industry standards and regulations. Collaborate with IT, compliance, and business teams to design and enforce security controls that mitigate identified risks. Monitor and report on risk metrics, security incidents, and compliance status to senior management and stakeholders. Stay current with evolving cybersecurity threats, vulnerabilities, and regulatory changes to update risk strategies accordingly. Skills: The Information Security Risk Specialist uses analytical skills daily to evaluate complex security risks and develop effective mitigation strategies. Communication skills are essential for collaborating with diverse teams and conveying risk findings to both technical and non-technical stakeholders. Proficiency with risk management frameworks and tools enables the specialist to implement structured and repeatable processes for assessing and managing risks. Knowledge of regulatory environments ensures that risk strategies comply with legal and industry standards. Additionally, staying informed about emerging threats and technologies allows the specialist to adapt risk management approaches proactively, maintaining a strong security posture.

Country: United States of America Onsite U.S. Citizen, U.S. Person, or Immigration Status Requirements: Active and transferable U.S. government issued security clearance is required prior to start date. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance Security Clearance: DoD Clearance: Secret At Raytheon, the foundation of everything we do is rooted in our values and a higher calling - to help our nation and allies defend freedoms and deter aggression. We bring the strength of more than 100 years of experience and renowned engineering expertise to meet the needs of today's mission and stay ahead of tomorrow's threat. Our team solves tough, meaningful problems that create a safer, more secure world. Our Senior Security Analyst provides industrial security support within the following areas: clearance processing, visit certifications, document control, and physical security, including alarm response for Open Storage Areas. You will make critical security decisions concerning high value contracts and implement security procedures that will prevent unauthorized access to company and government facilities or information. What You Will Do Administrative duties of administering security clearance briefings to employees who are granted a security clearance Debriefing Personal upon notification of Retirement/Termination Continuously evaluates compliance of personnel security activities with security requirements Conduct security self-inspections, program security reviews, apply risk mitigation methodologies, support customer assessments, and implement security measures to meet requirements Administer day-to-day security programs, personnel processing, program reviews, document control system, audits & self-inspections, violation investigations & reports, receipt/dispatch/destruction/mail logs, visit certs, etc. Analyze security issues/problems and provide focused solutions Solve routine problems of limited scope and complexity Willing to work extended hours, in a fast paced, driven environment Must possess a valid driver's license Qualifications You Must Have Typically requires a Bachelor's degree and 2 years relevant experience OR in absence of a degree, 6 years relevant experience. Active and transferable U.S. government issued SECRET security clearance is required prior to start date. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance. Experience with any of the following: NISPOM, ICD 705, or experience working in a classified environment. Qualifications We Prefer Ability to solve routine problems of limited scope and complexity Self-starter with minimal supervision Willing to work extended hours, in a fast paced, driven environment Able to perform well in fast-paced, multi-task environment Great attention to detail Strong organizational and interpersonal skills Customer service oriented Team player What We Offer Our values drive our actions, behaviors, and performance with a vision for a safer, more connected world. At RTX we value: Trust, Respect, Accountability, Collaboration, and Innovation. Relocation Non-Eligible - Relocation assistance not available . Learn More & Apply Now! Please consider the following role type definition as you apply for this role. ‒ Onsite: Employees who are working in Onsite roles will work primarily onsite. This includes all production and maintenance employees, as they are essential to the development of our products. As part of our commitment to maintaining a secure hiring process, candidates may be asked to attend select steps of the interview process in-person at one of our office locations, regardless of whether the role is designated as on-site, hybrid or remote. The salary range for this role is 72,000 USD - 144,000 USD. The salary range provided is a good faith estimate representative of all experience levels. RTX considers several factors when extending an offer, including but not limited to, the role, function and associated responsibilities, a candidate's work experience, location, education/training, and key skills.Hired applicants may be eligible for benefits, including but not limited to, medical, dental, vision, life insurance, short-term disability, long-term disability, 401(k) match, flexible spending accounts, flexible work schedules, employee assistance program, Employee Scholar Program, parental leave, paid time off, and holidays. Specific benefits are dependent upon the specific business unit as well as whether or not the position is covered by a collective-bargaining agreement.Hired applicants may be eligible for annual short-term and/or long-term incentive compensation programs depending on the level of the position and whether or not it is covered by a collective-bargaining agreement. Payments under these annual programs are not guaranteed and are dependent upon a variety of factors including, but not limited to, individual performance, business unit performance, and/or the company's performance.This role is a U.S.-based role. If the successful candidate resides in a U.S. territory, the appropriate pay structure and benefits will apply.RTX anticipates the application window closing approximately 40 days from the date the notice was posted. However, factors such as candidate flow and business necessity may require RTX to shorten or extend the application window. RTX is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or veteran status, or any other applicable state or federal protected class. RTX provides affirmative action in employment for qualified Individuals with a Disability and Protected Veterans in compliance with Section 503 of the Rehabilitation Act and the Vietnam Era Veterans' Readjustment Assistance Act. Privacy Policy and Terms: Click on this link to read the Policy and Terms

**Country:** United States of America ** Onsite **U.S. Citizen, U.S. Person, or Immigration Status Requirements:** Active and transferable U.S. government issued security clearance is required prior to start date. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance **Security Clearance:** DoD Clearance: Secret At Raytheon, the foundation of everything we do is rooted in our values and a higher calling - to help our nation and allies defend freedoms and deter aggression. We bring the strength of more than 100 years of experience and renowned engineering expertise to meet the needs of today's mission and stay ahead of tomorrow's threat. Our team solves tough, meaningful problems that create a safer, more secure world. Our Senior Security Analyst provides industrial security support within the following areas: clearance processing, visit certifications, document control, and physical security, including alarm response for Open Storage Areas. You will make critical security decisions concerning high value contracts and implement security procedures that will prevent unauthorized access to company and government facilities or information. **What You Will Do** + Administrative duties of administering security clearance briefings to employees who are granted a security clearance + Debriefing Personal upon notification of Retirement/Termination + Continuously evaluates compliance of personnel security activities with security requirements + Conduct security self-inspections, program security reviews, apply risk mitigation methodologies, support customer assessments, and implement security measures to meet requirements + Administer day-to-day security programs, personnel processing, program reviews, document control system, audits & self-inspections, violation investigations & reports, receipt/dispatch/destruction/mail logs, visit certs, etc. + Analyze security issues/problems and provide focused solutions + Solve routine problems of limited scope and complexity + Willing to work extended hours, in a fast paced, driven environment + Must possess a valid driver's license **Qualifications You Must Have** + Typically requires a Bachelor's degree and 2 years relevant experience OR in absence of a degree, 6 years relevant experience. + Active and transferable U.S. government issued SECRET security clearance is required prior to start date. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance. + Experience with any of the following: NISPOM, ICD 705, or experience working in a classified environment. **Qualifications We Prefer** + Ability to solve routine problems of limited scope and complexity + Self-starter with minimal supervision + Willing to work extended hours, in a fast paced, driven environment + Able to perform well in fast-paced, multi-task environment + Great attention to detail + Strong organizational and interpersonal skills + Customer service oriented + Team player **What We Offer** + Our values drive our actions, behaviors, and performance with a vision for a safer, more connected world. At RTX we value: Trust, Respect, Accountability, Collaboration, and Innovation. + Relocation Non-Eligible - Relocation assistance not available . **Learn More & Apply Now!** + Please consider the following role type definition as you apply for this role. ‒ Onsite: Employees who are working in Onsite roles will work primarily onsite. This includes all production and maintenance employees, as they are essential to the development of our products. **_As part of our commitment to maintaining a secure hiring process, candidates may be asked to attend select steps of the interview process in-person at one of our office locations, regardless of whether the role is designated as on-site, hybrid or remote._** The salary range for this role is 72,000 USD - 144,000 USD. The salary range provided is a good faith estimate representative of all experience levels. RTX considers several factors when extending an offer, including but not limited to, the role, function and associated responsibilities, a candidate's work experience, location, education/training, and key skills. Hired applicants may be eligible for benefits, including but not limited to, medical, dental, vision, life insurance, short-term disability, long-term disability, 401(k) match, flexible spending accounts, flexible work schedules, employee assistance program, Employee Scholar Program, parental leave, paid time off, and holidays. Specific benefits are dependent upon the specific business unit as well as whether or not the position is covered by a collective-bargaining agreement. Hired applicants may be eligible for annual short-term and/or long-term incentive compensation programs depending on the level of the position and whether or not it is covered by a collective-bargaining agreement. Payments under these annual programs are not guaranteed and are dependent upon a variety of factors including, but not limited to, individual performance, business unit performance, and/or the company's performance. This role is a U.S.-based role. If the successful candidate resides in a U.S. territory, the appropriate pay structure and benefits will apply. RTX anticipates the application window closing approximately 40 days from the date the notice was posted. However, factors such as candidate flow and business necessity may require RTX to shorten or extend the application window. _RTX is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or veteran status, or any other applicable state or federal protected class. RTX provides affirmative action in employment for qualified Individuals with a Disability and Protected Veterans in compliance with Section 503 of the Rehabilitation Act and the Vietnam Era Veterans' Readjustment Assistance Act._ **Privacy Policy and Terms:** Click on this link (******************************************************** to read the Policy and Terms Raytheon Technologies is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.

The Information Security organization at Sony Pictures Entertainment is responsible for protecting our content, systems, and data from being stolen, damaged, or destroyed. To do so, we are continuously improving our tools, capabilities, and processes to stay ahead of evolving threats. The Manager, Information Security Productions is accountable for operationalizing the Information Security Productions program across all SPE U.S. productions. This includes driving consistent implementation of approved security standards, tools, and controls; ensuring data-driven visibility into production security risk; and supporting compliance and readiness reporting to leadership. Success in this role requires strong cross-functional collaboration across Information Security, IT, S3, and production teams to embed security into creative workflows without friction, while ensuring protection of SPE's most valuable assets-our stories and intellectual property. This role will also ensure program consistency with regional and global counterparts, contribute to automation and standardization of key controls, and support ongoing improvement of information security for productions practices across the production lifecycle. Key indicators of success in this role will be: + Business leaders have near real-time visibility into production information security risk using meaningful, actionable metrics that drive timely and effective decision-making. + Consistent application of approved tools, workflows, and controls across productions, ensuring compliance and readiness reporting aligns with studio KPIs. + Production teams trust SPE to provide a secure, highly available, and easy-to-use digital production environment that safeguards our content and data. + Information Security, Physical Security, and IT operate as unified partners to protect SPE productions from concept to archive. Within this organization, we value learning, agility, and collaboration. The Manager, Information Security Productions (CC, US) will be a key contributor to Sony Pictures Entertainment's goal of being the most trusted studio in the industry. Responsibilities Provide visibility and actionable insight into Information Security risk across active U.S. productions. + Monitor, analyze, and report on production security posture and key control performance metrics for each production. + Partner with global InfoSec, Risk, Threat Intelligence, Incident Response, Training, and Governance teams to align production needs with enterprise programs. + Prepare and present dashboards and reports on security trends, compliance status, and improvement opportunities. + Support the development of production-specific metrics and KPIs to measure control effectiveness. + With IT and Physical Security, maintain security controls in place for productions to most effectively meet our business goals. Operationalize the Production Information Security Program across U.S. productions. + Ensure consistent implementation of approved security tools, policies, and workflows within productions. + Coordinate adoption of automated controls with productions, such as provisioning, watermarking, and access telemetry. + Support the standardization and scalability of production security practices across production titles and business units. Ensure and track production security culture, awareness, and response readiness. + Amplify the reach of security training and awareness initiatives by coordinating rollout to productions, ensuring consistent messaging and participation tracking. + Gather feedback from productions to help refine information security for productions training and awareness efforts. + Partner with Incident Response to ensure clear communications, timely follow-up, and closure of corrective actions. + Track cultural and operational readiness indicators (e.g., onboarding rates, reporting engagement, post-incident improvements) to measure program maturity and continuous improvement. Qualifications + 5+ Years of experience in Information Security, Information Technology or a related field + 5+ Years of experience in an organization directly involved in movie, television and/or other entertainment production, or equivalent educational experience. + Bachelor's degree preferred + Strong understanding of the technologies, tools and processes used in production of movies and/or television. + Knowledge of Information Security frameworks, standards and best practices and their relevance to business success + Specific knowledge of processes, tools and practices used to maintain confidentiality in the context of movie and television productions. + Ability to develop and maintain meaningful metrics to track program and process effectiveness. + Strong planning and analytical skills + Strong communications skills Sony Pictures Entertainment is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, national origin, disability, veteran status, age, sexual orientation, gender identity, or other protected characteristics. To request an accommodation for purposes of participating in the hiring process, you may contact us at SPE_Accommodation_Assistance@spe.sony.com.

Department Description At Disney, we're storytellers. We make the impossible, possible. The Walt Disney Company (TWDC) is a world-class entertainment and technological leader. Walt's passion was to continuously envision new ways to move audiences around the world-a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences - and we're constantly looking for new ways to enhance these exciting experiences. The Enterprise Technology mission is to deliver technological solutions that align to business strategies while enabling enterprise efficiency and promoting cross-company collaborative innovation. Our group drives competitive advantage by enhancing our consumer experiences, enabling business growth, and advancing operational excellence. The Global Information Security (GIS) organization strives to secure the magic by employing best-in-class services to assess, prevent, detect, and respond to cyber threats that present risk to The Walt Disney Company. We enable the business by integrating enterprise and business segment-specific supported services to create a robust, efficient, and adaptable cybersecurity program. Our key objectives are to: * Secure the Magic by protecting information systems and platforms. * Reduce Risk by proactively assessing, preventing, and detecting to prevent harm to the Company and our Guests. * Strengthen the business through optimizing execution, application, and technology used to protect the Company. * Innovate by investing in core capabilities to enhance operational efficiency. Team Description: Global Information Security (GIS) supports all of Disney's business segments, including Disney Entertainment & ESPN (DE&E). DE&E encompasses the operations of Disney's streaming services-Disney+, Hulu, ESPN+, Disney+ Hotstar, Star, and the upcoming Venu Sports streaming service-as well as Disney's broadcast and cable networks, including ABC, ESPN, FX, Disney Channels, and National Geographic. DE&E sits at the intersection of entertainment, sports, and technology, striving to connect viewers with beloved stories while advancing the streaming industry with consumer-first innovations. Security professionals supporting DE&E work with industry-leading technologies to deliver world-class, highly secure services to customers. What You'll Do: * Independent audit support for: * SOX 404 ITGCs * PII * PCI * ISPS * Collaborate with Enterprise Controls and Compliance (ECC) to scope systems and respective ITGCs. * Perform control health checks and remediation testing procedures to address issues identified via audit assessments, access control reviews, internal or external audits and/or other assessments. * Develop and lead the Control Assurance Programs (ISPS and SOX). * Lead Audit Readiness efforts to ensure proper system scoping and respective ITGCs, control validations and timely program onboarding. * Participate in audit walkthrough meetings to help establish internal testing procedures to gain operational comfort in the design of the Company's automated controls. * This includes control self-evaluations of new controls or processes that impact the effectiveness of an existing control. * Perform impact analysis and risk assessment on deficiency findings and documentation associated with the assessment. * Work with management and internal audit on maintaining the master Risk and Control Matrix over the systems material to Disney Entertainment and ESPN (Broadcast TV and Streaming - Hulu, Disney+, ESPN+, STAR+ products) * Ensure for timely management response of audit findings into our corporate SOCD/SAD. * Oversee ISPS Management Audit coordination and open action plans. * Provide consultancy to Development leads to identify and implement automation and efficiency opportunities to meet governance and compliance demands. * Management of GRC workflows around coordination of certifications and attestations. * Partner with leadership to support the PCI-DSS compliance program. * Develop training materials, coordinate training sessions, and monitor compliance with training requirements. * Oversee and manage a team of compliance analysts, ensuring day-to-day operations run smoothly and efficiently. * Assign tasks and projects to team members based on priorities, deadlines, and individual strengths. * Provide executive level updates on Compliance programs Must Haves (Years of Experience, languages, programs, tools, etc.): * Minimum of 8 years of related work experience, with 3 in management roles * IT SOX experience and proven experience in supporting IT audit/compliance functions * Experience in managing people * Thorough understanding of SOX ITGC and ICFR 404 standards and audit objectives * Interpersonal skills with the ability to work with teams cross-functionally * Strong verbal and written communication skills and ability to effectively communicate to technical and non-technical audiences, including developers and tech operators * Detail-oriented but able to understand the big picture. Highly organized and efficient * Ability to navigate through ambiguity, manage and coordinate multiple project assignments simultaneously in a fast-paced, deadline-driven environment, accepting ownership and accountability of the process and deliver on commitments * Experience with cloud-based services, specifically AWS Nice To Haves (see above): * Experience and knowledge of NIST framework, ISO 27001, K-ISMS, GDPR * Experience working with companies that have a heavy microservice architecture Education: Bachelor's degree in Computer Science, CPA license, Information Systems, Software, Electrical or Electronics Engineering, or comparable field of study, and/or equivalent work experience The hiring range for this position in Glendale, CA and Santa Monica, CA is $141,900 to $190,300 per year and in New York, NY is $148,700 to $199,400 per year. The base pay actually offered will take into account internal equity and also may vary depending on the candidate's geographic region, job-related knowledge, skills, and experience among other factors. A bonus and/or long-term incentive units may be provided as part of the compensation package, in addition to the full range of medical, financial, and/or other benefits, dependent on the level and position offered. About The Walt Disney Company (Corporate): At Disney Corporate you can see how the businesses behind the Company's powerful brands come together to create the most innovative, far-reaching and admired entertainment company in the world. As a member of a corporate team, you'll work with world-class leaders driving the strategies that keep The Walt Disney Company at the leading edge of entertainment. See and be seen by other innovative thinkers as you enable the greatest storytellers in the world to create memories for millions of families around the globe. About The Walt Disney Company: The Walt Disney Company, together with its subsidiaries and affiliates, is a leading diversified international family entertainment and media enterprise that includes three core business segments: Disney Entertainment, ESPN, and Disney Experiences. From humble beginnings as a cartoon studio in the 1920s to its preeminent name in the entertainment industry today, Disney proudly continues its legacy of creating world-class stories and experiences for every member of the family. Disney's stories, characters and experiences reach consumers and guests from every corner of the globe. With operations in more than 40 countries, our employees and cast members work together to create entertainment experiences that are both universally and locally cherished. This position is with Disney Worldwide Services, Inc., which is part of a business we call The Walt Disney Company (Corporate). Disney Worldwide Services, Inc. is an equal opportunity employer. Applicants will receive consideration for employment without regard to race, religion, color, sex, sexual orientation, gender, gender identity, gender expression, national origin, ancestry, age, marital status, military or veteran status, medical condition, genetic information or disability, or any other basis prohibited by federal, state or local law. Disney champions a business environment where ideas and decisions from all people help us grow, innovate, create the best stories and be relevant in a constantly evolving world. Apply Now Apply Later Current Employees Apply via My Disney Career Explore Location

This sr‑level hire will serve as the organization's CISO, Facility Security Officer (FSO), and compliance authority. The role leads cybersecurity strategy, implements CMMC and GCC High controls, manages security programs, and ensures compliance for government contracts. Lead CMMC program implementation and ensure GCC High compliance for defense programs. Serve as CISO and FSO overseeing facility security, information security, cybersecurity policy, and regulatory compliance. Conduct enterprise risk assessments, vulnerability analysis, and incident response planning. Lead internal/external audits, gap assessments, and remediation plans. Interface directly with DoD, federal regulators, and auditors. Provide cybersecurity awareness training and guidance to staff. Track metrics, report on cyber posture, and advise executive leadership. Skills aerospace defense, CMMC, nist, DFARS, itar, gcc, Compliance, Audit, cissp, cism, cisa, FedRAMP Top Skills Details aerospace defense,CMMC,nist,DFARS,itar,gcc,Compliance,Audit Additional Skills & Qualifications sr level (7+ years cybersecurity/compliance; prior FSO experience required). Strong leadership and communication skills; able to influence executive decision‑making. Ability to interface with government regulators and defense customers. Experience creating policies, remediation plans, and cyber maturity tracking. US citizenship with ability to obtain/maintain required clearances (mandatory for FSO). Experience Level Expert Level Job Type & Location This is a Contract to Hire position based out of Chatsworth, CA. Pay and Benefits The pay range for this position is $48.00 - $70.00/hr. Eligibility requirements apply to some benefits and may depend on your job classification and length of employment. Benefits are subject to change and may be subject to specific elections, plan, or program terms. If eligible, the benefits available for this temporary role may include the following: • Medical, dental & vision • Critical Illness, Accident, and Hospital • 401(k) Retirement Plan - Pre-tax and Roth post-tax contributions available • Life Insurance (Voluntary Life & AD&D for the employee and dependents) • Short and long-term disability • Health Spending Account (HSA) • Transportation benefits • Employee Assistance Program • Time Off/Leave (PTO, Vacation or Sick Leave) Workplace Type This is a fully onsite position in Chatsworth,CA. Application Deadline This position is anticipated to close on Jan 28, 2026. About Actalent Actalent is a global leader in engineering and sciences services and talent solutions. We help visionary companies advance their engineering and science initiatives through access to specialized experts who drive scale, innovation and speed to market. With a network of almost 30,000 consultants and more than 4,500 clients across the U.S., Canada, Asia and Europe, Actalent serves many of the Fortune 500. The company is an equal opportunity employer and will consider all applications without regard to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law. If you would like to request a reasonable accommodation, such as the modification or adjustment of the job application process or interviewing due to a disability, please email actalentaccommodation@actalentservices.com for other accommodation options.

Job Title: Manager, Information Security & ComplianceReports to: Sr. Director of Technology Operations & Information Security Officer FLSA: ExemptEEO: ProfessionalManages others: YesLocation: Remote or HybridDepartment: Technology OperationsADP Job Code: 310-19 General Job Description The Manager, Information Security & Compliance leads all security engineering and compliance operations at WPS, ensuring the confidentiality, integrity, and availability of systems and data. This is a hands-on technical role that oversees vulnerability management, SIEM operations, incident response, identity security, secure configurations, cloud security architecture, and disaster recovery. The Manager leads the Compliance Engineer and oversees the company's compliance program, ensuring that security practices and technical controls align with SOC 2, HIPAA, GDPR, CCPA, customer requirements, and any future regulatory or industry frameworks required by WPS. This role sets security priorities, governs security standards, and ensures that all IT systems, including endpoints, identity, infrastructure, and cloud environments, operate securely and in compliance with regulatory and contractual obligations. This role also owns WPS's Disaster Recovery (DR) program, including planning, governance, testing, and continuous improvement of recovery capabilities across systems, infrastructure, and cloud environments. This role is both strategic and hands-on, requiring direct technical involvement in security engineering and incident response. This position is central to WPS's IT security strategy, risk management, and audit readiness and reports to the Sr. Director & Information Security Officer. Essential Responsibilities Security Engineering & Operations Own vulnerability management, SIEM tuning and monitoring, incident response, and threat investigation. Maintain secure baseline configurations (CIS, hardening standards). OverseeAWS security controls, including IAM governance, cloud logging, encryption standards, network security boundaries, and enforcement of cloud security guardrails. Design and approve security controls for new systems, infrastructure changes, and applications. Govern identity security, privileged access, MFA enforcement, and periodic access reviews. Provide security oversight for DevOps pipelines and cloud deployments. Security Governance & Policy Own all security policies, standards, procedures, and security awareness training. Lead annual risk assessments, security reviews, and third-party/vendor risk management. Ownthe Disaster Recovery (DR) governance program, including planning, documentation, tabletop exercises, and driving remediation, while partnering with Infrastructure on technical DR execution. Manage data protection and data classification practices. Track and reportsecurity KPIs, risks, and initiatives to the ISO. Run regular security governance meetings and guide cross-functional alignment. Compliance Program Oversight Leadthe Compliance Engineer and review all work for accuracy and completeness. Approve technical controls, evidence, and audit documentation. EnsureIT systems meet required technical controls across SOC 2, HIPAA, GDPR, CCPA, and other applicable regulatory or customer-driven frameworks. Act as the technical owner during internal/external audits. Define evidencerequiredfrom ITandnon-IT WPSteams. Manage corrective actions, POAMs, and remediation plans. Review customer security questionnaires with the Compliance Engineer. Collaboration With Infrastructure & DevOps Securitydefines security requirements and works closely with Infrastructure to implement the necessary configurations, remediations, and technical controls. Partner with the Infrastructureteamto ensure DR plans, runbooks, and technical recovery processes are implemented and tested effectively. Security reviews and approves changes thatimpactsecurity posture. Program Development & Future Maturity Advance detection engineering, automation, and threat visibility. Implement stronger security controls to support company and platform growth. Lay groundwork for future expansion of the security/compliance function. Position Requirements (Skills, Knowledge, Abilities) Education & Experience Bachelor's degree in Cybersecurity, Information Systems, Computer Science, or equivalent experience preferred. 5+ years of hands-on IT security engineering or cybersecurity engineering experience. Experience leading security or compliance functions. Strong technical experience in SIEM, AWS security, vulnerability management, identity security, incident response, and disaster recovery. Strongproficiencywith AWS security architecture, IAM, cloud logging, and security guardrails. Working knowledge of SOC 2, HIPAA, GDPR, and CCPA compliance frameworks. Skills & Competencies Strong understanding of security architecture, secure configurations, and cloud security. Excellent judgment and risk evaluation skills. Ability to translate regulatory requirements into executable technical controls. Strong communicationskills for cross-functional work and audit interactions. Ability to mentor and develop team members. Strong analytical and troubleshooting skills. WPS IS AN EQUAL OPPORTUNITY EMPLOYER AA M/F/V/D.We proudly hire U.S. Military Veterans, and those qualified are encouraged to apply. Equal Employment Opportunity is The Law. | Pay Transparency Nondiscrimination Provision At this time, WPS is unable to provide visa sponsorship.We use E-Verify and submit information from each new employee's Form I-9 to confirm work authorization.

Job Title: Manager, Information Security & ComplianceReports to: Sr. Director of Technology Operations & Information Security Officer FLSA: ExemptEEO: ProfessionalManages others: YesLocation: Remote or HybridDepartment: Technology OperationsADP Job Code: 310-19 General Job Description The Manager, Information Security & Compliance leads all security engineering and compliance operations at WPS, ensuring the confidentiality, integrity, and availability of systems and data. This is a hands-on technical role that oversees vulnerability management, SIEM operations, incident response, identity security, secure configurations, cloud security architecture, and disaster recovery. The Manager leads the Compliance Engineer and oversees the company's compliance program, ensuring that security practices and technical controls align with SOC 2, HIPAA, GDPR, CCPA, customer requirements, and any future regulatory or industry frameworks required by WPS. This role sets security priorities, governs security standards, and ensures that all IT systems, including endpoints, identity, infrastructure, and cloud environments, operate securely and in compliance with regulatory and contractual obligations. This role also owns WPS's Disaster Recovery (DR) program, including planning, governance, testing, and continuous improvement of recovery capabilities across systems, infrastructure, and cloud environments. This role is both strategic and hands-on, requiring direct technical involvement in security engineering and incident response. This position is central to WPS's IT security strategy, risk management, and audit readiness and reports to the Sr. Director & Information Security Officer. Essential Responsibilities Security Engineering & Operations Own vulnerability management, SIEM tuning and monitoring, incident response, and threat investigation. Maintain secure baseline configurations (CIS, hardening standards). OverseeAWS security controls, including IAM governance, cloud logging, encryption standards, network security boundaries, and enforcement of cloud security guardrails. Design and approve security controls for new systems, infrastructure changes, and applications. Govern identity security, privileged access, MFA enforcement, and periodic access reviews. Provide security oversight for DevOps pipelines and cloud deployments. Security Governance & Policy Own all security policies, standards, procedures, and security awareness training. Lead annual risk assessments, security reviews, and third-party/vendor risk management. Ownthe Disaster Recovery (DR) governance program, including planning, documentation, tabletop exercises, and driving remediation, while partnering with Infrastructure on technical DR execution. Manage data protection and data classification practices. Track and reportsecurity KPIs, risks, and initiatives to the ISO. Run regular security governance meetings and guide cross-functional alignment. Compliance Program Oversight Leadthe Compliance Engineer and review all work for accuracy and completeness. Approve technical controls, evidence, and audit documentation. EnsureIT systems meet required technical controls across SOC 2, HIPAA, GDPR, CCPA, and other applicable regulatory or customer-driven frameworks. Act as the technical owner during internal/external audits. Define evidencerequiredfrom ITandnon-IT WPSteams. Manage corrective actions, POAMs, and remediation plans. Review customer security questionnaires with the Compliance Engineer. Collaboration With Infrastructure & DevOps Securitydefines security requirements and works closely with Infrastructure to implement the necessary configurations, remediations, and technical controls. Partner with the Infrastructureteamto ensure DR plans, runbooks, and technical recovery processes are implemented and tested effectively. Security reviews and approves changes thatimpactsecurity posture. Program Development & Future Maturity Advance detection engineering, automation, and threat visibility. Implement stronger security controls to support company and platform growth. Lay groundwork for future expansion of the security/compliance function. Position Requirements (Skills, Knowledge, Abilities) Education & Experience Bachelor's degree in Cybersecurity, Information Systems, Computer Science, or equivalent experience preferred. 5+ years of hands-on IT security engineering or cybersecurity engineering experience. Experience leading security or compliance functions. Strong technical experience in SIEM, AWS security, vulnerability management, identity security, incident response, and disaster recovery. Strongproficiencywith AWS security architecture, IAM, cloud logging, and security guardrails. Working knowledge of SOC 2, HIPAA, GDPR, and CCPA compliance frameworks. Skills & Competencies Strong understanding of security architecture, secure configurations, and cloud security. Excellent judgment and risk evaluation skills. Ability to translate regulatory requirements into executable technical controls. Strong communicationskills for cross-functional work and audit interactions. Ability to mentor and develop team members. Strong analytical and troubleshooting skills. WPS IS AN EQUAL OPPORTUNITY EMPLOYER AA M/F/V/D.We proudly hire U.S. Military Veterans, and those qualified are encouraged to apply. Equal Employment Opportunity is The Law. | Pay Transparency Nondiscrimination Provision At this time, WPS is unable to provide visa sponsorship.We use E-Verify and submit information from each new employee's Form I-9 to confirm work authorization.

Loyola Marymount University (LMU) is seeking an experienced leader to serve as Director of Information Security & Compliance within our Information Technology Services (ITS) team. This role offers a strategic opportunity to shape and safeguard the university's digital environment, drive proactive risk management, and embed a culture of security across the organization. Reporting directly to the CIO/VP of IT, the Director will architect and manage a best-in-class information security and compliance program that supports LMU's mission of learning, holistic education, service, and justice. Under the general direction of the CIO/Vice President for Information Technology, the Director of Information Security and Compliance will serve as the University's Cybersecurity leader. The Director will create a modern and effective Information Security and Compliance Program that will drive the university's efforts to protect its information assets and ensure compliance with relevant regulations and standards. This role is pivotal in creating a secure and compliant digital environment that supports LMU's mission, values, and goals. The Director will leverage partnerships and collaboration to lead initiatives that result in measurable improvements in information security and compliance, fostering a culture of security awareness and proactive risk management. The Director will serve as the process owner of the appropriate second-line assurance activities not only related to confidentiality, integrity and availability, but also to the safety, privacy and recovery of information owned or processed by LMU in compliance with regulatory and university requirements. The Director will oversee the university's compliance with applicable laws, regulations, and policies related to information security and privacy. Position Specific Responsibilities/Accountabilities * Enhance Security Posture: Develop and implement a comprehensive cybersecurity program that significantly reduces risks and vulnerabilities across the university's digital landscape. * Ensure Regulatory Compliance: Achieve and maintain compliance with relevant regulations and standards, ensuring that LMU meets all legal and regulatory requirements. * Collaborative Protection: Work closely with various campus partners, external stakeholders, and community partners to ensure that information assets and associated technologies are protected, resulting in a cohesive, unified, and well understood approach to information security and compliance. * Risk Management: Conduct thorough risk assessments and implement effective mitigation strategies, leading to a demonstrable reduction in potential threats. * Incident Response: Oversee and improve incident response and recovery efforts, ensuring swift and effective investigation and resolution of security incidents. * Policy Development: Create and enforce robust policies and procedures that safeguard information assets, leading to a well-documented and easily accessible framework for cybersecurity. * Training and Awareness: Provide comprehensive training and guidance to staff on cybersecurity best practices, resulting in a well-informed and vigilant workforce. * Monitoring and Reporting: Continuously monitor and report on the effectiveness of the cybersecurity program, providing clear metrics and insights that demonstrate progress and areas for improvement. * Leadership and Strategy: Plan and manage the strategy, people, processes, tools, services, and resources necessary to effectively support the program and meet strategic goals. * Business Continuity and Disaster Recovery: Orchestrate a secure, robust, and highly reliable approach to providing ITS services, during and after a disaster or disruption, to minimize negative impacts to business operations and maintain essential services. * Data Governance: Oversee the university's data governance efforts, ensuring that data is managed securely and in compliance with university policies and legal requirements. * Perform other related duties. Loyola Marymount University Expectations Exhibit behavior that supports the mission, vision, and values of the university. Communicate and employ interpersonal actions that model high standards of professional, responsible, accountable, and ethical conduct. Demonstrate a commitment to outstanding customer service. Requisite Qualifications * Typically a Bachelor's Degree from an accredited four-year institution in Computer Science, Information Technology, or Cybersecurity. * Seven years of experience in information security, with at least three years in a management role. * Experience in developing and implementing technology policy, especially in a University environment is desirable. * Professional certifications such as CISSP, CISM, or CISA are highly desirable. * Experience in developing and implementing technology policy, preferably in a University environment.\ * Strong knowledge of frameworks, standards, and best practices relating to Information Security, Privacy, Data Governance, and Business Continuity and Disaster Recovery Experience with regulatory compliance requirements (e.g., i.e. FERPA, HIPAA, GDPR, CCPA, and PCI-DSS). * Demonstrated excellent verbal and written communication skills, as well as presentation skills. Writing samples may be required. * Excellent analytical, problem-solving, and decision-making skills. * Strong communication and interpersonal skills, with the ability to effectively collaborate with diverse stakeholders. * Demonstrated ability to lead and manage a team of security professionals. The above statements are intended to describe the general nature and level of work being performed. They are not intended to be construed as an exhaustive list of all responsibilities, duties and skills required of this position. #HERC# #HEJ# Staff Regular Salary range $146,800.00 - $205,500.00 Salary commensurate with education and experience. Please note that this position is not eligible for visa sponsorship now or in the future. Loyola Marymount University, a Carnegie classified R2 institution in the mainstream of American Catholic higher education, seeks outstanding applicants who value its mission and share its commitment to inclusive excellence, the education of the whole person, and the building of a just society. LMU is an equal opportunity employer committed to providing an environment free from discrimination and harassment as defined by federal, state and local law. We invite all persons in the full diversity of their being, life experience, and beliefs to apply. (Visit *********** for more information.)

About the Role: The Information Security Risk Specialist plays a critical role in safeguarding an organization's information assets by identifying, assessing, and mitigating security risks. This position involves developing and implementing risk management strategies that align with business objectives and regulatory requirements. The specialist will collaborate with cross-functional teams to ensure security controls are effective and that risk exposure is minimized.The ideal candidate must have an understanding of current and emerging technological trends and be able to implement appropriate security controls. Also requires an awareness of IT standards, regulations, and laws affecting financial institutions. They are responsible for examining applications from new customers, requesting supportive and missing data and information, and working with other departments to classify data. Understanding the way the Bank operates and the various internal and external factors that may affect its performance and information security is vital to this role. Strong communication skills are also necessary to communicate technological concepts and techniques in daily work. Analytical thinking skills are also crucial, as they must apply a high level of technical knowledge and skill while working in a fast-paced environment. This role also requires strong problem-solving skills and the ability to work independently to successfully perform the assigned tasks. Must learn effective methods to manage risk and have the ability to analyze complex data, interpret laws, and represent management views. Good understanding of all risk-related issues and procedures relating to bank products and services. Minimum Qualifications: Bachelor's degree in Information Security, Computer Science, or a related field. At least 3 years of experience in information security risk management or a similar role. Strong understanding of risk assessment methodologies and information security frameworks such as NIST, ISO 27001, or CIS Controls. Familiarity with regulatory requirements such as GDPR, HIPAA, or SOX. Excellent analytical, communication, and problem-solving skills. Preferred Qualifications: Professional certifications such as CISSP, CISM, CRISC, or equivalent. Experience with security governance, risk, and compliance (GRC) tools. Knowledge of cloud security risk management and emerging technologies. Experience working in a large enterprise or highly regulated industry. Advanced degree in cybersecurity, risk management, or business administration. Responsibilities: Conduct comprehensive risk assessments to identify potential threats to information systems and data. Develop, implement, and maintain risk management frameworks and policies in accordance with industry standards and regulations. Collaborate with IT, compliance, and business teams to design and enforce security controls that mitigate identified risks. Monitor and report on risk metrics, security incidents, and compliance status to senior management and stakeholders. Stay current with evolving cybersecurity threats, vulnerabilities, and regulatory changes to update risk strategies accordingly. Skills: The Information Security Risk Specialist uses analytical skills daily to evaluate complex security risks and develop effective mitigation strategies. Communication skills are essential for collaborating with diverse teams and conveying risk findings to both technical and non-technical stakeholders. Proficiency with risk management frameworks and tools enables the specialist to implement structured and repeatable processes for assessing and managing risks. Knowledge of regulatory environments ensures that risk strategies comply with legal and industry standards. Additionally, staying informed about emerging threats and technologies allows the specialist to adapt risk management approaches proactively, maintaining a strong security posture.

Department Description At Disney, we're storytellers. We make the impossible, possible. The Walt Disney Company (TWDC) is a world-class entertainment and technological leader. Walt's passion was to continuously envision new ways to move audiences around the world-a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences - and we're constantly looking for new ways to enhance these exciting experiences. The Enterprise Technology mission is to deliver technological solutions that align to business strategies while enabling enterprise efficiency and promoting cross-company collaborative innovation. Our group drives competitive advantage by enhancing our consumer experiences, enabling business growth, and advancing operational excellence. The Global Information Security (GIS) organization strives to secure the magic by employing best-in-class services to assess, prevent, detect, and respond to cyber threats that present risk to The Walt Disney Company. We enable the business by integrating enterprise and business segment-specific supported services to create a robust, efficient, and adaptable cybersecurity program. Our key objectives are to: Secure the Magic by protecting information systems and platforms. Reduce Risk by proactively assessing, preventing, and detecting to prevent harm to the Company and our Guests. Strengthen the business through optimizing execution, application, and technology used to protect the Company. Innovate by investing in core capabilities to enhance operational efficiency. Team Description: Global Information Security (GIS) supports all of Disney's business segments, including Disney Entertainment & ESPN (DE&E). DE&E encompasses the operations of Disney's streaming services-Disney+, Hulu, ESPN+, Disney+ Hotstar, Star, and the upcoming Venu Sports streaming service-as well as Disney's broadcast and cable networks, including ABC, ESPN, FX, Disney Channels, and National Geographic. DE&E sits at the intersection of entertainment, sports, and technology, striving to connect viewers with beloved stories while advancing the streaming industry with consumer-first innovations. Security professionals supporting DE&E work with industry-leading technologies to deliver world-class, highly secure services to customers. What You'll Do: Independent audit support for: SOX 404 ITGCs PII PCI ISPS Collaborate with Enterprise Controls and Compliance (ECC) to scope systems and respective ITGCs. Perform control health checks and remediation testing procedures to address issues identified via audit assessments, access control reviews, internal or external audits and/or other assessments. Develop and lead the Control Assurance Programs (ISPS and SOX). Lead Audit Readiness efforts to ensure proper system scoping and respective ITGCs, control validations and timely program onboarding. Participate in audit walkthrough meetings to help establish internal testing procedures to gain operational comfort in the design of the Company's automated controls. This includes control self-evaluations of new controls or processes that impact the effectiveness of an existing control. Perform impact analysis and risk assessment on deficiency findings and documentation associated with the assessment. Work with management and internal audit on maintaining the master Risk and Control Matrix over the systems material to Disney Entertainment and ESPN (Broadcast TV and Streaming - Hulu, Disney+, ESPN+, STAR+ products) Ensure for timely management response of audit findings into our corporate SOCD/SAD. Oversee ISPS Management Audit coordination and open action plans. Provide consultancy to Development leads to identify and implement automation and efficiency opportunities to meet governance and compliance demands. Management of GRC workflows around coordination of certifications and attestations. Partner with leadership to support the PCI-DSS compliance program. Develop training materials, coordinate training sessions, and monitor compliance with training requirements. Oversee and manage a team of compliance analysts, ensuring day-to-day operations run smoothly and efficiently. Assign tasks and projects to team members based on priorities, deadlines, and individual strengths. Provide executive level updates on Compliance programs Must Haves (Years of Experience, languages, programs, tools, etc.): Minimum of 8 years of related work experience, with 3 in management roles IT SOX experience and proven experience in supporting IT audit/compliance functions Experience in managing people Thorough understanding of SOX ITGC and ICFR 404 standards and audit objectives Interpersonal skills with the ability to work with teams cross-functionally Strong verbal and written communication skills and ability to effectively communicate to technical and non-technical audiences, including developers and tech operators Detail-oriented but able to understand the big picture. Highly organized and efficient Ability to navigate through ambiguity, manage and coordinate multiple project assignments simultaneously in a fast-paced, deadline-driven environment, accepting ownership and accountability of the process and deliver on commitments Experience with cloud-based services, specifically AWS Nice To Haves (see above): Experience and knowledge of NIST framework, ISO 27001, K-ISMS, GDPR Experience working with companies that have a heavy microservice architecture Education: Bachelor's degree in Computer Science, CPA license, Information Systems, Software, Electrical or Electronics Engineering, or comparable field of study, and/or equivalent work experience The hiring range for this position in Glendale, CA and Santa Monica, CA is $141,900 to $190,300 per year and in New York, NY is $148,700 to $199,400 per year. The base pay actually offered will take into account internal equity and also may vary depending on the candidate's geographic region, job-related knowledge, skills, and experience among other factors. A bonus and/or long-term incentive units may be provided as part of the compensation package, in addition to the full range of medical, financial, and/or other benefits, dependent on the level and position offered. Job Posting Segment: Enterprise Technology Job Posting Primary Business: Corporate Global Information Security Primary Job Posting Category: Security Governance Employment Type: Full time Primary City, State, Region, Postal Code: Glendale, CA, USA Alternate City, State, Region, Postal Code: USA - CA - 2450 Broadway, USA - NY - 7 Hudson Square Date Posted: 2025-11-21

The Information Security organization at Sony Pictures Entertainment is responsible for protecting our content, systems, and data from being stolen, damaged, or destroyed. To do so, we are continuously improving our tools, capabilities, and processes to stay ahead of evolving threats. The Manager, Information Security Productions is accountable for operationalizing the Information Security Productions program across all SPE U.S. productions. This includes driving consistent implementation of approved security standards, tools, and controls; ensuring data-driven visibility into production security risk; and supporting compliance and readiness reporting to leadership. Success in this role requires strong cross-functional collaboration across Information Security, IT, S3, and production teams to embed security into creative workflows without friction, while ensuring protection of SPE's most valuable assets-our stories and intellectual property. This role will also ensure program consistency with regional and global counterparts, contribute to automation and standardization of key controls, and support ongoing improvement of information security for productions practices across the production lifecycle. Key indicators of success in this role will be: Business leaders have near real-time visibility into production information security risk using meaningful, actionable metrics that drive timely and effective decision-making. Consistent application of approved tools, workflows, and controls across productions, ensuring compliance and readiness reporting aligns with studio KPIs. Production teams trust SPE to provide a secure, highly available, and easy-to-use digital production environment that safeguards our content and data. Information Security, Physical Security, and IT operate as unified partners to protect SPE productions from concept to archive. Within this organization, we value learning, agility, and collaboration. The Manager, Information Security Productions (CC, US) will be a key contributor to Sony Pictures Entertainment's goal of being the most trusted studio in the industry. Responsibilities Provide visibility and actionable insight into Information Security risk across active U.S. productions. Monitor, analyze, and report on production security posture and key control performance metrics for each production. Partner with global InfoSec, Risk, Threat Intelligence, Incident Response, Training, and Governance teams to align production needs with enterprise programs. Prepare and present dashboards and reports on security trends, compliance status, and improvement opportunities. Support the development of production-specific metrics and KPIs to measure control effectiveness. With IT and Physical Security, maintain security controls in place for productions to most effectively meet our business goals. Operationalize the Production Information Security Program across U.S. productions. Ensure consistent implementation of approved security tools, policies, and workflows within productions. Coordinate adoption of automated controls with productions, such as provisioning, watermarking, and access telemetry. Support the standardization and scalability of production security practices across production titles and business units. Ensure and track production security culture, awareness, and response readiness. Amplify the reach of security training and awareness initiatives by coordinating rollout to productions, ensuring consistent messaging and participation tracking. Gather feedback from productions to help refine information security for productions training and awareness efforts. Partner with Incident Response to ensure clear communications, timely follow-up, and closure of corrective actions. Track cultural and operational readiness indicators (e.g., onboarding rates, reporting engagement, post-incident improvements) to measure program maturity and continuous improvement. Qualifications 5+ Years of experience in Information Security, Information Technology or a related field 5+ Years of experience in an organization directly involved in movie, television and/or other entertainment production, or equivalent educational experience. Bachelor's degree preferred Strong understanding of the technologies, tools and processes used in production of movies and/or television. Knowledge of Information Security frameworks, standards and best practices and their relevance to business success Specific knowledge of processes, tools and practices used to maintain confidentiality in the context of movie and television productions. Ability to develop and maintain meaningful metrics to track program and process effectiveness. Strong planning and analytical skills Strong communications skills The anticipated base salary for this position is $115,000-$150,000. This role may also qualify for annual incentive and/or comprehensive benefits. The actual base salary offered will depend on a variety of factors, including without limitation, the qualifications of the individual applicant for the position, years of relevant experience, level of education attained, certifications or other professional licenses held, and if applicable, the location of the position. Sony Pictures Entertainment is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, national origin, disability, veteran status, age, sexual orientation, gender identity, or other protected characteristics. SPE will consider qualified applicants with arrest or conviction records in accordance with applicable law. To request an accommodation for purposes of participating in the hiring process, you may contact us at SPE_Accommodation_Assistance@spe.sony.com.

About the Role:

**Department Description** At Disney, we're storytellers. We make the impossible, possible. The Walt Disney Company (TWDC) is a world-class entertainment and technological leader. Walt's passion was to continuously envision new ways to move audiences around the world-a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences - and we're constantly looking for new ways to enhance these exciting experiences. The Enterprise Technology mission is to deliver technological solutions that align to business strategies while enabling enterprise efficiency and promoting cross-company collaborative innovation. Our group drives competitive advantage by enhancing our consumer experiences, enabling business growth, and advancing operational excellence. The Global Information Security (GIS) organization strives to secure the magic by employing best-in-class services to assess, prevent, detect, and respond to cyber threats that present risk to The Walt Disney Company. We enable the business by integrating enterprise and business segment-specific supported services to create a robust, efficient, and adaptable cybersecurity program. Our key objectives are to: + Secure the Magic by protecting information systems and platforms. + Reduce Risk by proactively assessing, preventing, and detecting to prevent harm to the Company and our Guests. + Strengthen the business through optimizing execution, application, and technology used to protect the Company. + Innovate by investing in core capabilities to enhance operational efficiency. **Team Description:** Global Information Security (GIS) supports all of Disney's business segments, including Disney Entertainment & ESPN (DE&E). DE&E encompasses the operations of Disney's streaming services-Disney+, Hulu, ESPN+, Disney+ Hotstar, Star, and the upcoming Venu Sports streaming service-as well as Disney's broadcast and cable networks, including ABC, ESPN, FX, Disney Channels, and National Geographic. DE&E sits at the intersection of entertainment, sports, and technology, striving to connect viewers with beloved stories while advancing the streaming industry with consumer-first innovations. Security professionals supporting DE&E work with industry-leading technologies to deliver world-class, highly secure services to customers. **What You'll Do:** + Independent audit support for: + SOX 404 ITGCs + PII + PCI + ISPS + Collaborate with Enterprise Controls and Compliance (ECC) to scope systems and respective ITGCs. + Perform control health checks and remediation testing procedures to address issues identified via audit assessments, access control reviews, internal or external audits and/or other assessments. + Develop and lead the Control Assurance Programs (ISPS and SOX). + Lead Audit Readiness efforts to ensure proper system scoping and respective ITGCs, control validations and timely program onboarding. + Participate in audit walkthrough meetings to help establish internal testing procedures to gain operational comfort in the design of the Company's automated controls. + This includes control self-evaluations of new controls or processes that impact the effectiveness of an existing control. + Perform impact analysis and risk assessment on deficiency findings and documentation associated with the assessment. + Work with management and internal audit on maintaining the master Risk and Control Matrix over the systems material to Disney Entertainment and ESPN (Broadcast TV and Streaming - Hulu, Disney+, ESPN+, STAR+ products) + Ensure for timely management response of audit findings into our corporate SOCD/SAD. + Oversee ISPS Management Audit coordination and open action plans. + Provide consultancy to Development leads to identify and implement automation and efficiency opportunities to meet governance and compliance demands. + Management of GRC workflows around coordination of certifications and attestations. + Partner with leadership to support the PCI-DSS compliance program. + Develop training materials, coordinate training sessions, and monitor compliance with training requirements. + Oversee and manage a team of compliance analysts, ensuring day-to-day operations run smoothly and efficiently. + Assign tasks and projects to team members based on priorities, deadlines, and individual strengths. + Provide executive level updates on Compliance programs **Must Haves (Years of Experience, languages, programs, tools, etc.):** + Minimum of 8 years of related work experience, with 3 in management roles + IT SOX experience and proven experience in supporting IT audit/compliance functions + Experience in managing people + Thorough understanding of SOX ITGC and ICFR 404 standards and audit objectives + Interpersonal skills with the ability to work with teams cross-functionally + Strong verbal and written communication skills and ability to effectively communicate to technical and non-technical audiences, including developers and tech operators + Detail-oriented but able to understand the big picture. Highly organized and efficient + Ability to navigate through ambiguity, manage and coordinate multiple project assignments simultaneously in a fast-paced, deadline-driven environment, accepting ownership and accountability of the process and deliver on commitments + Experience with cloud-based services, specifically AWS **Nice To Haves (see above):** + Experience and knowledge of NIST framework, ISO 27001, K-ISMS, GDPR + Experience working with companies that have a heavy microservice architecture **Education:** Bachelor's degree in Computer Science, CPA license, Information Systems, Software, Electrical or Electronics Engineering, or comparable field of study, and/or equivalent work experience The hiring range for this position in Glendale, CA and Santa Monica, CA is $141,900 to $190,300 per year and in New York, NY is $148,700 to $199,400 per year. The base pay actually offered will take into account internal equity and also may vary depending on the candidate's geographic region, job-related knowledge, skills, and experience among other factors. A bonus and/or long-term incentive units may be provided as part of the compensation package, in addition to the full range of medical, financial, and/or other benefits, dependent on the level and position offered. **Job ID:** 10135782 **Location:** Glendale,California **Job Posting Company:** The Walt Disney Company (Corporate) The Walt Disney Company and its Affiliated Companies are Equal Employment Opportunity employers and welcome all job seekers including individuals with disabilities and veterans with disabilities. If you have a disability and believe you need a reasonable accommodation in order to search for a job opening or apply for a position, email Candidate.Accommodations@Disney.com with your request. This email address is not for general employment inquiries or correspondence. We will only respond to those requests that are related to the accessibility of the online application system due to a disability.