Information security analyst jobs in Chula Vista, CA

RELOCATION ASSISTANCE: Relocation assistance may be available CLEARANCE TYPE: PolygraphTRAVEL: Yes, 10% of the TimeDescriptionAt Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work - and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they're making history. Northrop Grumman Mission Systems is seeking a Principal Industrial Security Analyst to support multiple programs under our Communication Solutions business unit as it relates to all applicable classified federal, contractual, customer and company requirements. The responsibilities include, but are not limited to the following: supporting a fast-paced environment; create, maintain and leverage working relationships with internal and external customers. Develops, and administers security programs and procedures for classified or proprietary materials, documents, and equipment. Experience in program security, with knowledge of implementing a multi-disciplined security program (access control, personnel security, physical security, OPSEC etc.). Studies and implements federal security regulations that apply to company operations. Obtains rulings, interpretations, and acceptable deviations for compliance with regulations from government agencies. Prepares manuals outlining regulations, and establishes procedures for handling, storing, and keeping records, and for granting personnel and visitor's access to restricted records and materials. Conducts security education classes and related briefings. Investigates security violations and prepares reports specifying preventive action to be taken. Working knowledge of DoD 5205.07 SAP Manuals volumes 1-4, ICD 705, ICDs, and/or NISPOM applicable sponsor procedures. Basic Qualifications: Current Active TS/SCI Poly clearance. In-scope investigation (T5, T5R, SSBI, SBPR, PPR) completed within last 6 years or current enrollment in Continuous Evaluation (CE) program +CI Poly Ability to meet enhanced security requirements and obtain/maintain SAP eligibility and access. US Citizenship Required. 5+ Years of CPSO, CSSO, or relevant experience with Bachelors; or 3+ Years CPSO, CSSO, or relevant experience with Masters; an additional 4 years of applicable work experience may be substituted for Bachelor's Degree. Preferred Qualifications: CDSE Industrial Security Training - FSO for Possessing Facilities, Intro to SAP, SAP Compliance, SAP Mid-Level, etc. Experience working in Classified Lab and Manufacturing environments is a PLUS Industrial Security Professional Certifications - SPeD SFPC, NCMS ISP, etc. Experience with customer high side networks to include CV2, CORE, CNET, JADE, ASCEND, SIC, etc. OPSEC and Program Protection (P2) experience. Classification review experience. Experience completing compliance self-inspections and supporting formal customer compliance inspections. Experience drafting and completing corrective action plans. Self-starter with minimal supervision. Excellent customer service and communication skills. Ability to work independently and follow projects through to completion. Ability to maintain flexibility to deal with changing priorities and deadlines. Strong working knowledge of basic office automation tool suites such as MS Office (Word, Excel, PowerPoint). Primary Level Salary Range: $91,200.00 - $136,800.00The above salary range represents a general guideline; however, Northrop Grumman considers a number of factors when determining base salary offers such as the scope and responsibilities of the position and the candidate's experience, education, skills and current market conditions.Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay. Annual bonuses are designed to reward individual contributions as well as allow employees to share in company results. Employees in Vice President or Director positions may be eligible for Long Term Incentives. In addition, Northrop Grumman provides a variety of benefits including health insurance coverage, life and disability insurance, savings plan, Company paid holidays and paid time off (PTO) for vacation and/or personal business.The application period for the job is estimated to be 20 days from the job posting date. However, this timeline may be shortened or extended depending on business needs and the availability of qualified candidates.Northrop Grumman is an Equal Opportunity Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO and pay transparency statement, please visit *********************************** U.S. Citizenship is required for all positions with a government clearance and certain other restricted positions.

What We're Doing: Lockheed Martin's, Rotary & Mission Systems (LM RMS), F-35 Cyber Security invites you to step up to one of today's most daunting challenges: the protection of exquisite government capabilities leading to warfighter supremacy against our peer and near peer adversaries. As a cybersecurity professional at Lockheed Martin, you'll safeguard the sensitive information and warfighting capabilities that our citizens and the world depend upon to protect U.S. and ally interests. Here, you'll work alongside other cybersecurity experts, related departments, and military members to support the military operational objectives by providing them with a safe and secure operating environment. In this fast-paced, real-world environment, you'll draw on all your education and experience as well as the resources of Lockheed Martin to keep these exquisite capabilities protected. The Work: This Information System Security Officer (ISSO) position will support the Information System Security Manager (ISSM) in developing, maintaining and overseeing the cybersecurity of assigned classified and/or unclassified F-35 systems at MCAS Miramar. Typical ISSO responsibilities include but are not limited to: Ensuring required cybersecurity controls are implemented and validated, to include continuous monitoring actions for assigned systems. Supporting the development and maintenance of cybersecurity related plans and procedures. Monitoring for non-compliance, anomalous activity (i.e., threats), and effectively reporting such activity and associated risks. Ensuring POA&Ms or remediation plans are in place for vulnerabilities identified during monitoring activity, audits, inspections, etc. and implementing, or overseeing, corrective actions. Creating, collecting and retaining data to meet reporting requirements. Monitoring and correlating data (i.e., events) from a variety of sources (e.g., Splunk, ELA, ePO, ACAS, etc.) to identify and mitigate threats, vulnerabilities and non-compliance. Investigating, analyzing and responding to cyber events, incidents and non-compliance, including trend analysis, creating detailed written reports and briefing the appropriate parties. Identifying, implementing and enforcing requirements for the proper handling and storage of Government data and electronic media. Conducting self-inspections and preparing for customer inspections. Interacting professionally during the enforcement of security policy and procedures. Assigned systems may vary in classification, capabilities and complexity. Mission requirements may require other than first-shift work and additional responsibilities as assigned. Who we are: Lockheed Martin is a Cyber Security pioneer, partner, innovator and builder. In support of our many customers, the amazing members of our team are responsible for providing all aspects of cybersecurity support in a complex environment. In a rapidly growing enterprise, this role offers the opportunity to grow and hone the unique skills and experiences required as a cybersecurity expert to create, design and build solutions to some of the world's hardest engineering problems. Why Join Us: Your Health, Your Wealth, Your Life With our employees as our top priority, we provide diverse career opportunities designed to propel development and boost agility. Our flexible schedules, competitive pay and comprehensive benefits enable our employees to live a healthy, fulfilling life at and outside of work. At Lockheed Martin, we place an emphasis on empowering our employees by fostering innovation. We believe that by applying the highest standards of business ethics and visionary thinking, everything is within our reach - and yours as a Lockheed Martin employee. Lockheed Martin values your skills, training and education. Come and experience your future! Final Transferable Secret security clearance; last Periodic Reinvestigation must be within the last five (5) years or enrollment in Continuous Vetting program. Ability to obtain and maintain Special Access Program (SAP) access. Possess a valid certification that meets or exceeds DoD 8570.01-M IAT II requirements. Meets: CCNA-Security, CySA+, GICSP, GSEC, Security+ CE, CND, SSCP Exceeds: CASP+ CE, CCNP Security, CISA, CISSP (or Assc), GCED, GCIH, CCSP Prior experience in a cyber workforce role, as categorized by the NICE or DoD workforce frameworks. Prior experience as an ISSO, ISSM or related DoD Cyber Workforce Role on one or more F-35 information systems. Prior experience ensuring compliance with applicable laws, regulations, guidance and policies as they relate to DoD cybersecurity and SAPs (e.g., DoDI 8510.01, JSIG, DoDM 5205.07, NIST SP 800 series). Prior experience with the system authorization process, associated artifacts and their requirements (e.g., SSP, SCTM, Security CONOPs, SOPs). Lockheed Martin is an equal opportunity employer. Qualified candidates will be considered without regard to legally protected characteristics. The application window will close in 90 days; applicants are encouraged to apply within 5 - 30 days of the requisition posting date in order to receive optimal consideration. * At Lockheed Martin, we use our passion for purposeful innovation to help keep people safe and solve the world's most complex challenges. Our people are some of the greatest minds in the industry and truly make Lockheed Martin a great place to work. With our employees as our priority, we provide diverse career opportunities designed to propel, develop, and boost agility. Our flexible schedules, competitive pay, and comprehensive benefits enable our employees to live a healthy, fulfilling life at and outside of work. We place an emphasis on empowering our employees by fostering an inclusive environment built upon integrity and corporate responsibility. If this sounds like a culture you connect with, you're invited to apply for this role. Or, if you are unsure whether your experience aligns with the requirements of this position, we encourage you to search on Lockheed Martin Jobs, and apply for roles that align with your qualifications. Other Important Information By applying to this job, you are expressing interest in this position and could be considered for other career opportunities where similar skills and requirements have been identified as a match. Should this match be identified you may be contacted for this and future openings. Ability to work remotely Onsite Full-time: The work associated with this position will be performed onsite at a designated Lockheed Martin facility. Work Schedule Information Lockheed Martin supports a variety of alternate work schedules that provide additional flexibility to our employees. Schedules range from standard 40 hours over a five day work week while others may be condensed. These condensed schedules provide employees with additional time away from the office and are in addition to our Paid Time off benefits. Security Clearance Information This position requires a government security clearance, you must be a US Citizen for consideration. Pay Rate: The annual base salary range for this position in California, Massachusetts, and New York (excluding most major metropolitan areas), Colorado, Hawaii, Illinois, Maryland, Minnesota, New Jersey, Vermont, Washington or Washington DC is $93,200 - $164,450. For states not referenced above, the salary range for this position will reflect the candidate's final work location. Please note that the salary information is a general guideline only. Lockheed Martin considers factors such as (but not limited to) scope and responsibilities of the position, candidate's work experience, education/ training, key skills as well as market and business considerations when extending an offer. Benefits offered: Medical, Dental, Vision, Life Insurance, Short-Term Disability, Long-Term Disability, 401(k) match, Flexible Spending Accounts, EAP, Education Assistance, Parental Leave, Paid time off, and Holidays. (Washington state applicants only) Non-represented full-time employees: accrue at least 10 hours per month of Paid Time Off (PTO) to be used for incidental absences and other reasons; receive at least 90 hours for holidays. Represented full time employees accrue 6.67 hours of Vacation per month; accrue up to 52 hours of sick leave annually; receive at least 96 hours for holidays. PTO, Vacation, sick leave, and holiday hours are prorated based on start date during the calendar year. This position is incentive plan eligible. Pay Rate: The annual base salary range for this position in most major metropolitan areas in California, Massachusetts, and New York is $107,300 - $185,840. For states not referenced above, the salary range for this position will reflect the candidate's final work location. Please note that the salary information is a general guideline only. Lockheed Martin considers factors such as (but not limited to) scope and responsibilities of the position, candidate's work experience, education/ training, key skills as well as market and business considerations when extending an offer. Benefits offered: Medical, Dental, Vision, Life Insurance, Short-Term Disability, Long-Term Disability, 401(k) match, Flexible Spending Accounts, EAP, Education Assistance, Parental Leave, Paid time off, and Holidays. This position is incentive plan eligible.

Information Security Specialist III Position Type: Full-time Salary Range: $145,000 - $170,000 requires active security clearance Years of Experience: 10+ years experience Roles and Responsibilities: This role is a senior cybersecurity professional responsible for ensuring the secure design, implementation, testing, and operation of advanced airborne communication systems used in military and defense applications. This role combines expertise in both tactical data links and comprehensive information security, typically within the DoD Risk Management Framework (RMF). Requirements Minimum ten (10) years' of demonstrated technical experience in Cybersecurity, Engineering, Test & Evaluation, of Assessment & Authorization (A&A) within the last fifteen (15) years including: Assist or develop system security policy and ensure compliance with change management and configuration control processes. Plan and coordinate IT security program and policies supporting command leadership mission and goals. All phases of Information Assurance (IA) evaluations involving Communications Security (COMSEC) and Cryptologic Material Systems (CMS) for ATDL systems and training for COMSEC ATDL military systems, including: Secure data unit design, integration, and test Modernized cryptographic policy administration and implementation Cryptographic keying materials and keys Security Verification Testing Platform Cybersecurity and TEMPEST testing Desired Skills/Qualifications: Ten (10) years of demonstrated technical experience to include: Management and issuance of keymat to operational, test, and allied communities; acting as the alternate Advanced Tactical Data Links Keymat Controlling Authority (CONAUTH). U.S. Naval Fleet technical data calls, working groups, and action items related to initial implementation of ATDL cryptographic components. Benefits Paid Vacation, Sick Time and Holidays Medical, Dental, Life and Disability Insurance 401K with Employer Contribution Matching Service Disabled Veteran Owned Business Equal Opportunity Employer ISO 9001:2015 Certified Company ***************

Software is often referred to as the "soul" of Apple's products. In this position you will play a critical role in ensuring the security of the systems and infrastructure used to manage, build, and distribute, Apple's software. You will be responsible for the rollout and operation of critical security services, development of new detections across our software stack, and assisting engineers implement changes to their software components that improve their security posture. You will need to think strategically, work cross-functionally, and help foster an environment of deep collaboration and accountability towards the success of Apple's software. We're looking for an exceptional candidate with a proven track record in making a difference in the projects under their purview. Deep experience in security operations, detection u0026 response, and strategic long-term risk assessment. The candidate must uphold Apple's values, instilling a sense of accountability across the team, and its 24x7 operation. Passion for security and operational excellency is required. In addition to solid technical skills, candidates must also have: - Strong interpersonal and communication skills - Be a self-starters with a strong sense of personal responsibility and ownership - Comfortable with unknowns and have a learning mindset - Ability to mentor engineers

Duties and Responsibilities Maintain and operate cybersecurity technology and and provide expertise in area of focus (e.g. Risk Assessments, Controls Engineering or Incident Response). Collaborates with the business to understand their needs in order to tailor security offerings unique to their environment. Uses working knowledge of IT system functionality, architecture and capabilities to effectively diagnose and troubleshoot issues with some assistance. Conducts competitive analyses on (in-use and alternative) cyber technologies and documents recommendations for our environment. Provides awareness and guidance within Sempra Infrastructure community on secure business processes, architecture design, and technical controls. Maintains awareness of evolving cybersecurity threats and best practices for mitigation. Develops procedures and guidelines for implementing information security systems and practices. Develops and aggregates metrics to measure, monitor and report on the effectiveness of information security controls and compliance with information security policies. Performs other duties as assigned (no more than 5% of duties). Education Bachelor's degree in Computer Science or other science or technology major or equivalent experience required. Experience Minimum of 2-5 years of direct experience within the information security field required. In-depth experience in at least one cybersecurity discipline required. Experience with projects of moderately sized security related initiatives to successful completion required. Demonstrated experience in vendor selection, testing, implementation, and operations of a broad array of security technologies required. Knowledge, Skills and Abilities Familiarization with Endpoint protection software such as Trellix and Microsoft Defender. Familiarization in deploying vulnerability management agents. Experience deploying logging agents and configurations. Knowledge of firewalls and security zone. Experience working in an Operation Technology (OT), ICS / SCADA environment. Experience with SCADA network protocols. Experience with OT network monitoring tools (such as but not limited to: Dragos, Cybervision, CyberX). Ability to take initiative and work independently when needed. Ability to maintain, upgrade and recommend operational cybersecurity tools. Ability to work with Cybersecurity OT Engineering to make recommendations for new tools and capabilities. Ability to work effectively on multiple projects within a team structure and excellent written and oral communication skills. Licenses and Certifications Certified Information Systems Security Professional (CISSP) certification, Global Information Security Professional (GISP) certification, Global Information Assurance Certification (GIAC), Certified Information Systems Auditor (CISA), or Certified Internal Auditor (CIA) certificate preferred. Targeted professional cybersecurity certifications (i.e. forensics and incident response) preferred. Other Qualifications Bilingual in English/Spanish preferred.

The Cyber Analyst team member is responsible for the analysis of all technology devices which may include Operational Technology (OT) and Industrial Control Systems (ICS) as well as on-premises and cloud enterprise networks. This includes analysis of device communication, forensic analysis of Windows or Linux systems and servers, timeline analysis of activity on these endpoints, user permission and authentication audits, log analysis, and malware identification/triage. An ideal candidate for this position will be a proactive self-starter who has experience with system administration, Windows and Linux operating systems (OS) mechanics including filesystem structures, disk and memory forensics, cyber aware Operational Technology or Control Systems operators, commonly used mechanisms for maintaining security persistence, privilege escalation, and lateral data movement, operating system log analysis, and triaging suspicious file artifacts for unusual behavior. This role requires a familiarity with what routine OS activities and common software/user behavior looks like in the context of forensic artifacts or timelines. Analysts should also be familiar with common categories and formats of host-based indicators of compromise (IOCs) and how/where they can be leveraged to identify known-bad files/activity on an endpoint. Candidate will utilize the Cyber Kill Chain and synthesize the entire attack life cycle along with creating detailed reports on how impacts may or have occurred. Responsibilities Support SOC team in operating and performing duties in a Security Operations Center (SOC) to provide a secure environment that facilitates monitoring, incident response, malware analysis, and threat hunting activities. Develop and utilize analytics on the security information and event management (SIEM) platform to monitor for security alerts and coordinate vulnerability assessments and artifact collection across servers and network devices. Asses Security Technical Implementation Guides (STIGs) compliance and completion. Utilize asset mapping tools to verify connected inventory. Handle Information Assurance Vulnerability Management (IVAM) notifications. Evaluate network structures and device configurations for security risks, offering recommendations based on best practices, and gather data to identify and respond to network intrusions. Analyze network traffic and system logs to identify malicious activities, vulnerabilities exploited, and methods used, and develop processes to enhance SOC response and efficiency. Conduct comprehensive technical analyses of computer evidence, research and integrate new security tools into the SOC, and synthesize findings into reports for both technical and non- technical audiences. Qualifications (Journeyman level) At least 3 years, (Junior level) applicable 1 to 2 years of experience in security operations, demonstrating analytical duties and preforming host or network security analysis. Proficient in analyzing cyber-attacks, with a deep understanding of attack classifications, stages, system/application vulnerabilities, and compliance with Department of Defense (DoD) policies and procedures. Applied knowledge of network topologies, protocols (e.g., TCP/IP, ICMP, HTTP/S, DNS, SSH, SMTP, SMB), and experience with tools like Palo Alto, Elastic SIEM, Cribl, Splunk, VMware, Security Center. Capable of attack reconstruction based on network traffic, integrating Threat Intelligence, and familiar with MITRE ATT&CK framework, with the ability to collaborate effectively across multiple locations. Desired Skill sets Knowledge of Operational Technology (OT) or Industrial Control Systems (ICS) Strong analytical and troubleshooting skills Able to provide expert content development in Splunk Enterprise Security using tstats and data models Understands how to utilize knowledge of latest threats and attack vectors to develop correlation rules for continuous monitoring on various security appliances Experience in other tools and protocols as applicable such as Nessus, Endgame, CrowdStrike, Gray Noise, Shodan, Bacnet, MODBus, SCADA systems, and PCAP Review logs to determine if relevant data is present to accelerate against data models to work with existing use cases Familiar with the operations and functions of Nessus or security center management Can assist and provide technical input to research, discover, implement hardware and software Understands importance and fundamentals of logistics and evidence handling Certified Ethical Hacker (CEH), GIAC Certified Incident Handler (GCIH), or relevant IT technology certification Examples of other certifications include: o Offensive Security Certified Professional (OSCP) o GIAC Response and Industrial Defense (GRID) o CERT Certified Computer Security Incident Handler o ECC CEH (Electronic Commerce Council Certified Ethical Hacker) o GCIH (GIAC Certified Incident Handler) o GISF (GIAC Information Security Fundamentals) o CISSP (Certified Information System Security Professional) Additional certifications at an equivalent may also be considered.

General Atomics (GA), and its affiliated companies, is one of the world's leading resources for high-technology systems development ranging from the nuclear fuel cycle to remotely piloted aircraft, airborne sensors, and advanced electric, electronic, wireless and laser technologies. We have an exciting opportunity for an Information Systems Security Manager to join our Classified Computing team located in Poway, CA. This position reports to the Director of Classified IT Systems. With general direction, this position is responsible for leading the design, development and implementation of information assurance programs and related procedures. DUTIES AND RESPONSIBILITIES: Leads the design, development, and implementation of information security programs, procedures and systems for classified enclaves. Ensures system compliance with the authoritative US Government requirements including (but not limited to): ICD503, JSIG, DISA STIGS, DD254, SCGs, etc. Maintain authorization of classified systems/circuits via the continuous monitoring process to keep it in good standing with governing authorities. Ensures vulnerability scanners and host-based security tools/suites are deployed and monitored in accordance with US Government regulations. Assesses and mitigates system security threats and risks. Oversees the patch management process. Oversees and executes the self-inspection process. Oversees audits of information technology systems; ensures periodic self-inspections are conducted. Plans, designs and develops strategic initiatives to ensure secure operation and requirements are met. Represents the organization as a primary contact with internal and external representatives. Develops information security curriculum and course contents and implements training. Functions in a leadership role by providing direction to support and professional staff. Responsible for observing all laws, regulations and other applicable obligations wherever and whenever business is conducted on behalf of the Company. Expected to work in a safe manner in accordance with established operating procedures and practices. Performs additional duties as assigned. We recognize and appreciate the value and contributions of individuals with diverse backgrounds and experiences and welcome all qualified individuals to apply. Typically requires a bachelor's degree in a related discipline, Information Assurance certification and five or more years of professional experience in information assurance or a related field. Equivalent professional experience may be substituted in lieu of education. Must possess an active IC/DoD Top Secret (TS) Clearance with the ability to obtain and maintain access to Sensitive Compartmented Information (SCI) and Special Access Information (SAP), and willingness to undergo CI polygraph. Must have a current (favorably adjudicated) polygraph examination or be willing to undergo a polygraph examination with favorable adjudication. Must demonstrate in-depth knowledge of NIST 800-53 (Risk Management Framework), JSIG, DAAPM, and other related information assurance principles, theories, concepts and techniques. Experience with Microsoft Active Directory, networking/routing principles, multi-factor authentication, host-based security systems, and Nessus. Experience with system assessment/hardening tools - DISA STIGs, SCAP, Nessus, etc. Must demonstrate a broad understanding of information assurance principles, theories, concepts and techniques. Must have experience organizing, planning, scheduling, conducting, and leading work assignments to meet project milestones or established completion dates. Must possess the ability to understand new concepts quickly and apply them in an evolving environment while contributing to the development of new processes. Must be customer focused and possess: The ability to identify issues, analyze data and develop solutions to a variety of highly complex technical and administrative problems. DoD 8570 IAM Level III certification required (e.g. CISSP, CISM or GSLC). Experience with Sensitive Compartmented Information is required. Experience with Special Access Programs is desired. Experience with multiple Government information security policies and regulations: e.g. Risk Management Framework (RMF), ICD-503, JSIG, and NIST 800 series special publications. Excellent analytical, verbal and written communication skills to accurately document, report, and present findings. Excellent interpersonal skills enabling an effective interface with other professionals. Ability to work independently or in a team environment is essential as is the ability to work extended hours as required.

Requirements Bachelor's degree in Cybersecurity, Computer Science, or related field. 3+ years of experience in information assurance or cybersecurity. DoD 8570 IAT Level II certification (Security+ CE, CySA+, or equivalent). Familiarity with NIST, DISA STIGs, and DoD RMF compliance. Must possess an active Secret Clearance - Required This contractor and subcontractor shall abide by the requirements of 41 CFR §§ 60-1.4(a), 60-300.5(a) and 60-741.5(a). These regulations prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities and prohibit discrimination against all individuals based on their race, color, religion, sex, sexual orientation, gender identity or national origin. Moreover, these regulations require that covered prime contractors and subcontractors take affirmative action to employ and advance in employment individuals without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status or disability. Salary Description $88,000-$102,000

About us One team. Global challenges. Infinite opportunities. At Viasat, we're on a mission to deliver connections with the capacity to change the world. For more than 35 years, Viasat has helped shape how consumers, businesses, governments and militaries around the globe communicate. We're looking for people who think big, act fearlessly, and create an inclusive environment that drives positive impact to join our team. What you'll do Keeping our systems, technology, and employees safe is a key priority for Viasat. As a member of the Information Assurance team, you will focus on the day-to-day information system security requirements, serve as a Subject Matter Expert (SME) in the Information Assurance realm, and provide innovative solutions to complex problems. The day-to-day * Work independently as well as with a team of Information Assurance Professionals. * Responsible for ensuring Information System Compliance with the potential to span multiple business areas or programs. * Assess, document, and recommend controls based on a thorough understanding of RMF, NISPOM and other NISP regulatory requirements, and determine which controls are applicable to the application, as well as document implementation in Security Controls Tractability Matrix (SCTM). * Document compliance actions within the approved automated compliance tracking system or develop a Plan of Actions and Milestones (POA&M) to address non-compliance. * Participate in internal/external security audits/inspections; performs risk assessments and continuous monitoring. * Ensure systems are operated, maintained, and disposed of in accordance with the governing authority approved authorization package and customer directives * Develop procedures and documentation to ensure compliance with Configuration Management (CM) for security relevant IS software, hardware, and firmware. * Ensure proper protection and / or corrective measures have been taken when an incident or vulnerability has been discovered. Follows-up to ensure completion and quality resolution. * Assesses and revises policies and procedures as needed to improve quality, timeliness, and efficiency of work. What you'll need * Bachelor's degree or equivalent experience * 3+ years as an Information System Security Officer (ISSO) in a DoD, IC, or other industrial security program and in-depth understanding of DoD 8500 series, NIST 800 series, and ICD 503, Joint Special Access Program Implementation Guide (JSIG) and overall understanding of DoD Risk Manage Framework (RMF) process. * Experience working with vulnerability and compliance scanning tools. (Nessus, SCAP, ACAS) * Familiarity with network technologies (LAN & WAN) and best practices within a classified environment to include crypto and key management * Working knowledge with Microsoft Windows operating systems (workstation & server), Linux, and system virtualization in a secure network environment. * Strong written communication and organizational skills * Interpersonal skills to deal courteously and effectively with a diverse group of individuals * Ability to work well under pressure, and possess advanced problem-solving skills * Possess a current DoD 8570.1/DoD 8140.01 Certification - Security+ CE a minimum * Active Top Secret Security Clearance with SCI eligibility * Ability to travel up to 10% What will help you on the job * 5+ years as an Information System Security Officer (ISSO) Salary range $93,500.00 - $148,000.00 / annually. For specific work locations within San Jose, the San Francisco Bay area and New York City metropolitan area, the base pay range for this role is $112,000.00- $168,000.00/ annually At Viasat, we consider many factors when it comes to compensation, including the scope of the position as well as your background and experience. Base pay may vary depending on job-related knowledge, skills, and experience. Additional cash or stock incentives may be provided as part of the compensation package, in addition to a range of medical, financial, and/or other benefits, dependent on the position offered. Learn more about Viasat's comprehensive benefit offerings that are focused on your holistic health and wellness at ************************************ EEO Statement Viasat is proud to be an equal opportunity employer, seeking to create a welcoming and diverse environment. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, ancestry, physical or mental disability, medical condition, marital status, genetics, age, or veteran status or any other applicable legally protected status or characteristic. If you would like to request an accommodation on the basis of disability for completing this on-line application, please click here. * Bachelor's degree or equivalent experience * 3+ years as an Information System Security Officer (ISSO) in a DoD, IC, or other industrial security program and in-depth understanding of DoD 8500 series, NIST 800 series, and ICD 503, Joint Special Access Program Implementation Guide (JSIG) and overall understanding of DoD Risk Manage Framework (RMF) process. * Experience working with vulnerability and compliance scanning tools. (Nessus, SCAP, ACAS) * Familiarity with network technologies (LAN & WAN) and best practices within a classified environment to include crypto and key management * Working knowledge with Microsoft Windows operating systems (workstation & server), Linux, and system virtualization in a secure network environment. * Strong written communication and organizational skills * Interpersonal skills to deal courteously and effectively with a diverse group of individuals * Ability to work well under pressure, and possess advanced problem-solving skills * Possess a current DoD 8570.1/DoD 8140.01 Certification - Security+ CE a minimum * Active Top Secret Security Clearance with SCI eligibility * Ability to travel up to 10% * Work independently as well as with a team of Information Assurance Professionals. * Responsible for ensuring Information System Compliance with the potential to span multiple business areas or programs. * Assess, document, and recommend controls based on a thorough understanding of RMF, NISPOM and other NISP regulatory requirements, and determine which controls are applicable to the application, as well as document implementation in Security Controls Tractability Matrix (SCTM). * Document compliance actions within the approved automated compliance tracking system or develop a Plan of Actions and Milestones (POA&M) to address non-compliance. * Participate in internal/external security audits/inspections; performs risk assessments and continuous monitoring. * Ensure systems are operated, maintained, and disposed of in accordance with the governing authority approved authorization package and customer directives * Develop procedures and documentation to ensure compliance with Configuration Management (CM) for security relevant IS software, hardware, and firmware. * Ensure proper protection and / or corrective measures have been taken when an incident or vulnerability has been discovered. Follows-up to ensure completion and quality resolution. * Assesses and revises policies and procedures as needed to improve quality, timeliness, and efficiency of work.

General information Requisition # R64222 Posting Date 11/14/2025 Security Clearance Required TS/SCI Remote Type Onsite Time Type Full time Description & Requirements Shape the future of defense with MANTECH! Join a team dedicated to safeguarding our nation through advanced tech and innovative solutions. Since 1968, we've been a trusted partner to the Department of Defense, delivering cutting-edge projects that make a real impact. Dive into exciting opportunities in Cybersecurity, IT, Data Analytics and more. Propel your career forward and be part of something extraordinary. Your journey starts now-protect and innovate with MANTECH! MANTECH seeks a motivated, career and customer-oriented Information Systems Security Officer with strengths in Information Systems Security to join our team at Marine Corps Base Camp Pendleton California. This position will assist Marine Corps Warfighting Laboratory (MCWL) prepare for and maintain the IT infrastructure, IT capabilities and Audio-Visual capabilities to support emerging ICD 705 Sensitive Compartmentalized Information Facilities (SCIFs) and Special Access Control Facilities (SAPFs) through planning, activation and operations. Responsibilities include but are not limited to: * Experience in network design, network monitoring, systems development, and knowledge of Information Assurance (IA) policies, directives, and best practices across DoD and Marine Corps. * Knowledge and experience with organizations within the Marine Corps responsible for facilitating network approvals and connections. * Work with various Marine Corps, Navy, Joint, and other services to coordinate installs supporting Initial Operating Capability (IOC) and Final Operating Capability (FOC). * Ability to communicate and provide effective staff coordination across government, Marine Corps, and contractor organizations. * Support the facility Site Security Manager (SSM)/Special Security Representative (SSR) and Information Systems Security Manager (ISSM) to oversee the secure installations and operations of systems across multiple security domains and in accordance with policies, directives, and best practices. * Establishes and satisfies complex system-wide information security requirements based upon the analysis of user, policy, regulatory, and resource demands. Supports Marine Corps and other customers at the highest levels in the development and implementation of doctrine and policies. Minimum Qualifications: * Bachelor's degree and at least 10 years' experience planning and/or operating IT infrastructure within ICD 705 facilities. * Experience with network security aspects of installations and operations. Preferred Qualifications: * Experience with MS Word, MS Power Point Clearance Requirements: * Candidate must have a current/active Top Secret clearance with the ability to obtain and maintain a TS/SCI clearance prior to starting this position. Physical Requirements: * Ability to maintain construction security oversight in outdoor environment; walk (with personal protective equipment) to inspect and document delivery of components and assembly/construction of structure. The projected compensation range for this position is $112,400.00-$186,500.00. There are differentiating factors that can impact a final salary/hourly rate, including, but not limited to, Contract Wage Determination, relevant work experience, skills and competencies that align to the specified role, geographic location (For Remote Opportunities), education and certifications as well as Federal Government Contract Labor categories. In addition, MANTECH invests in its employees beyond just compensation. MANTECH's benefits offerings include, dependent upon position, Health Insurance, Life Insurance, Paid Time Off, Holiday Pay, short-term and long-term Disability, Retirement and Savings, Learning and Development opportunities, wellness programs as well as other optional benefit elections. MANTECH International Corporation considers all qualified applicants for employment without regard to disability or veteran status or any other status protected under any federal, state, or local law or regulation. If you need a reasonable accommodation to apply for a position with MANTECH, please email us at ******************* and provide your name and contact information.

Are you looking to make an impactful difference in your work, yourself, and your community? Why settle for just a job when you can land a career? At ICW Group, we are hiring team members who are ready to use their skills, curiosity, and drive to be part of our journey as we strive to transform the insurance carrier space. We're proud to be in business for over 50 years, and its change agents like yourself that will help us continue to deliver our mission to create the best insurance experience possible. Headquartered in San Diego with regional offices located throughout the United States, ICW Group has been named for ten consecutive years as a Top 50 performing P&C organization offering the stability of a large, profitable and growing company combined with a focus on all things people. It's our team members who make us an employer of choice and the vibrant company we are today. We strive to make both our internal and external communities better everyday! Learn more about why you want to be here! PURPOSE OF THE JOB The purpose of this job is to design secure architectures and develop cybersecurity approaches and techniques to evaluate the security of a system or network. This position will assist with strategic initiatives for short and long-term plans to identify and reduce the attack surface across applications and systems. The position exists to monitor and defend ICW Group's technology against potential threats that jeopardize the financial growth and security goals of the Company. ESSENTIAL DUTIES AND RESPONSIBILITIES Monitors and protects information assets across hybrid environments. Monitors data flows and access events across AWS, on-prem, and SaaS platforms using DLP, CASB, SIEM, and AWS-native tools such as Macie, GuardDuty, CloudTrail, and Security Hub. Detects and investigates data breaches, insider threats, and exfiltration attempts; leads data-centric incident response through containment, analysis, and recovery. Implements and enforces data classification, labeling, and tagging frameworks integrated with AWS S3, RDS, and enterprise file systems. Designs and manages encryption and key management solutions using AWS KMS, CloudHSM, and on-premise HSMs to secure data at rest and in transit. Collaborates with development and DevOps teams to embed data protection into CI/CD pipelines and application code, ensuring secure data handling throughout SDLC. Conducts forensic reviews and produces actionable reports, metrics, and dashboards highlighting data risks and anomalies across hybrid systems. Leads complex data protection initiatives and resolves data security risks. Leads enterprise data security projects, including AWS DLP implementation, sensitive data discovery, structured/unstructured data protection, and automated alerting. Defines and enforces data governance standards for both AWS and on-prem environments, aligning to ICW's data lifecycle management and retention requirements. Partners with database, app dev, and analytics teams to integrate encryption, tokenization, and privacy-by-design principles into application workflows. Designs and maintains role-based and attribute-based access controls (RBAC/ABAC) across AWS Identity and Access Management (IAM), Active Directory, and application layers. Collaborates with Privacy, Legal, and Compliance to operationalize data protection impact assessments (DPIAs) and retention/deletion automation. Produces executive and board-level reports detailing data protection maturity, compliance metrics, and emerging risk areas. Serves as a technical escalation point for AWS data protection incidents, third-party integrations, and complex remediation efforts. Serves as ICW's senior data security SME and technical advisor. Provides expert consulting to architecture, engineering, and product teams on AWS-native security services and hybrid data protection models. Advises leadership on emerging cloud data security trends and recommends architectures that balance scalability with compliance and risk reduction. Conducts advanced data risk assessments, privacy impact analyses, and forensic reviews to guide remediation and control design. Defines AWS-aligned compliance strategies supporting NIST CSF, NYDFS 500, GLBA, and state privacy laws. Evaluates and integrates modern data security solutions such as SASE/CASB platforms, insider risk analytics, and automated data classification tools. Mentors junior engineers and fosters a data-first security mindset across ICW's engineering organization. Partners with project management and internal teams to mature hybrid data security. Implements technical and process controls to continuously improve data protection maturity in AWS and on-prem applications. Partners with cloud engineering and on-prem development teams to design secure data pipelines, storage, and access control mechanisms. Contributes to automation and orchestration of data protection activities using AWS Lambda, EventBridge, and native integration APIs. Leads knowledge sharing on emerging AWS capabilities while ensuring backward compatibility with existing on-prem data flows. Coaches development and data engineering teams to identify and mitigate data leakage risks during application and infrastructure design. SUPERVISORY RESPONSIBILITIES This position has no supervisory responsibility but may mentor and train junior engineers. EDUCATION AND EXPERIENCE Bachelor's Degree from four-year college or university required with major or emphasis Engineering, Cybersecurity, Networking, or Computer Science related discipline. Minimum 8 years of experience working in a security engineering related role designing secure networks, systems and application architectures or equivalent combination of education and experience required. Minimum 3-5 years of experience in AWS Cloud Security services preferred. Direct experience using advanced technologies such as Intrusion Detection & Prevention Systems (IDS/IPS), Firewalls, SIEM, Antivirus software, Network Packet Analyzers, content filtering, Malware analysis and forensics tools to detect intrusions. Experience in cyber security role requiring knowledge of data analysis, risk assessment, risk mitigation, investigation methods, incident management concepts and practices, and policy and procedure development. Experience with AWS Services such as AWS Identity & Access Management, AWS Organizations, AWS Security HuB, Guard Duty, CloudTrail, AWS CloudTrail. CERTIFICATES, LICENSES, REGISTRATIONS Certification in GSEC, CISSP, and/or Security+. AWS Certified Security - Specialty, preferred KNOWLEDGE AND SKILLS Knowledge of risk assessment tools, technologies, and methodologies. Knowledge of disaster recovery, computer forensic tools, technologies, and methods. Knowledge of enterprise security platforms. Ability to communicate network security issues to peers and management. Ability to read and use the results of mobile code, malicious code, and anti-virus software. Strong understanding of endpoint security solutions to include File Integrity Monitoring and Data Loss Prevention. Demonstrated experience as a lead engineer in the design, implementation and support in an enterprise IT environment. Ability to work with mathematical concepts such as probability and statistical inference. Ability to apply principles of logical or scientific thinking to a wide range of intellectual and practical problems. Ability to combine disparate skills and thinking to craft solutions and solve complex operational problems. Ability to hypothesize on root cause of inefficiencies and then test out probable solutions against those hypotheses. Ability to read, analyze, and interpret technical journals, financial reports, security analysis reports and other IT related documents. Ability to respond to common inquiries or complaints from customers, regulatory agencies, or members of the business community. Must be able to read, write and speak English effectively. Ability to effectively communicate/present technical information to a non-technical audience. Ability to cross train and share information with team members. PHYSICAL REQUIREMENTS Office environment - no specific or unusual physical or environmental demands and employees are regularly required to sit, walk, stand, talk, and hear. Employees are required to reach with hands and arms; stoop, kneel, crouch, or crawl. Employees must occasionally lift and/or move up to 30 pounds. Employees are required to have visual acuity and be capable of operating and viewing computers and other electronic devices for extended periods of time. WORK ENVIRONMENT This position operates in an office environment and requires the frequent use of a computer, telephone, copier, and other standard office equipment. We are currently not offering employment sponsorship for this opportunity. #LI-TM1 #LI-HYBRID The current range for this position is $121,624.81 - $217,710.99 This range is exclusive of fringe benefits and potential bonuses. If hired at ICW Group, your final base salary compensation will be determined by factors unique to each candidate, including experience, education and the location of the role and considers employees performing substantially similar work. WHY JOIN ICW GROUP? • Challenging work and the ability to make a difference • You will have a voice and feel a sense of belonging • We offer a competitive benefits package, with generous medical, dental, and vision plans as well as 401K retirement plans and company match • Bonus potential for all positions • Paid Time Off with an accrual rate of 5.23 hours per pay period (equal to 17 days per year) • 11 paid holidays throughout the calendar year • Want to continue learning? We'll support you 100% ICW Group is committed to creating a diverse environment and is proud to be an Equal Opportunity Employer. ICW Group will not discriminate against an applicant or employee on the basis of race, color, religion, national origin, ancestry, sex/gender, age, physical or mental disability, military or veteran status, genetic information, sexual orientation, gender identity, gender expression, marital status, or any other characteristic protected by applicable federal, state or local law. ___________________ Job Category IT

Job DescriptionDescriptionCybersecurity Lead/Information Systems Security Officer (ISSO) Support WHO WE ARE: STAHL Companies provides the Program Management for its Channel of Commercial Technology companies in Government that consist of Small Businesses and New Technology start-ups. STAHL advocates for policies that can improve government services and maintain our government's competitive advantage, by bringing more technology into government programs. STAHL Companies advocates on behalf of our nation's innovative, new technology and small businesses looking to work with the U.S. government. We do this by aligning the voice of our small business members with advocacy for change in federal policy that will make the government market more accessible to small businesses and the commercial technology ecosystem. The Channel's founding Technical Board Members include former government leaders and IT executives passionate about bringing best-of-breed technology to the government. We are seeking a skilled and experienced Cybersecurity Lead/Information Systems Security Officer (ISSO) Support to join our team! Responsibilities: · Serve as the primary cybersecurity authority and Information Systems Security Officer (ISSO) in support of Navy and Department of Defense (DoD) program objectives.· Oversee implementation and sustainment of Risk Management Framework (RMF) processes in alignment with DoD 8500 Series, NIST SP 800 Series, and related cybersecurity directives.· Lead the development, review, and approval of cybersecurity documentation, including System Security Plans (SSPs), Security Assessment Reports (SARs), and Continuous Monitoring strategies.· Provide subject matter expertise in Information Assurance (IA) and cybersecurity policy, ensuring compliance with DFARS Clause ************ and other applicable regulations.· Coordinate and engage with the Navy Cross Domain Solutions Office (NCDSO) to facilitate approval, certification, and integration of secure cross-domain solutions.· Manage and conduct vulnerability assessments, security audits, penetration testing, and risk analysis to safeguard Navy C4I/IT systems, including MILSATCOM, Commercial SATCOM, Tactical Communications, and GPS-enabled platforms.· Support Certification & Accreditation (C&A) and Authority to Operate (ATO) activities, ensuring timely approval and secure system deployment.· Interface with NSA and other accreditation authorities to navigate the certification process for secure communications systems.· Provide senior-level guidance and oversight on cybersecurity architecture, system hardening, encryption standards, and secure configuration baselines.· Deliver executive-level briefings, reports, and recommendations to program leadership, senior DoD stakeholders, and government oversight entities.· Mentor and train technical staff, promoting compliance, cybersecurity awareness, and professional growth across the program team.· Ensure all cybersecurity measures align with TS/SCI security requirements to protect classified information and maintain mission readiness. Qualifications:· Master's degree from an accredited college or university (Master's in computer science, or information systems management desired).· Minimum 10 years of Navy or DoD experience in Information Assurance and Cybersecurity which includes experience in all aspects of CS TA requirements and the DoD 8500 Series and NIST SP 800 Series, including RMF. Experience must be within the last five years.· Experience working with the Navy Cross Domain Solutions Office (NCDSO) within the last five years.· Demonstrated knowledge of military C4I/IT products; with specific Navy Communications (SATCOM-both MILSATCOM and Commercial), Tactical Communications and GPS knowledge.· High familiarity with NSA certification process· Training and Certification in accordance with DFARS Clause ************, Information Assurance Contractor Training and Certification· TS/SCI *Position is contingent upon award. Work Location: San Diego, CA To know more about the company, visit Stahl Companies (stahlusa.us) Key Responsibilities· Serve as the primary cybersecurity authority and Information Systems Security Officer (ISSO) in support of Navy and Department of Defense (DoD) program objectives.· Oversee implementation and sustainment of Risk Management Framework (RMF) processes in alignment with DoD 8500 Series, NIST SP 800 Series, and related cybersecurity directives.· Lead the development, review, and approval of cybersecurity documentation, including System Security Plans (SSPs), Security Assessment Reports (SARs), and Continuous Monitoring strategies.· Provide subject matter expertise in Information Assurance (IA) and cybersecurity policy, ensuring compliance with DFARS Clause ************ and other applicable regulations.· Coordinate and engage with the Navy Cross Domain Solutions Office (NCDSO) to facilitate approval, certification, and integration of secure cross-domain solutions.· Manage and conduct vulnerability assessments, security audits, penetration testing, and risk analysis to safeguard Navy C4I/IT systems, including MILSATCOM, Commercial SATCOM, Tactical Communications, and GPS-enabled platforms.· Support Certification & Accreditation (C&A) and Authority to Operate (ATO) activities, ensuring timely approval and secure system deployment.· Interface with NSA and other accreditation authorities to navigate the certification process for secure communications systems.· Provide senior-level guidance and oversight on cybersecurity architecture, system hardening, encryption standards, and secure configuration baselines.· Deliver executive-level briefings, reports, and recommendations to program leadership, senior DoD stakeholders, and government oversight entities.· Mentor and train technical staff, promoting compliance, cybersecurity awareness, and professional growth across the program team.· Ensure all cybersecurity measures align with TS/SCI security requirements to protect classified information and maintain mission readiness.

Why choose between doing meaningful work and having a fulfilling life? At MITRE, you can have both. That's because MITRE people are committed to tackling our nation's toughest challenges-and we're committed to the long-term well-being of our employees. MITRE is different from most technology companies. We are a not-for-profit corporation chartered to work for the public interest, with no commercial conflicts to influence what we do. The R&D centers we operate for the government create lasting impact in fields as diverse as cybersecurity, healthcare, aviation, defense, and enterprise transformation. We're making a difference every day-working for a safer, healthier, and more secure nation and world. Our workplace reflects our values. We offer competitive benefits, exceptional professional development opportunities for career growth, and a culture of innovation that embraces adaptability, collaboration, technical excellence, and people in partnership. If this sounds like the choice you want to make, then choose MITRE - and make a difference with us. Department Summary: Start your career with MITRE's Cyber New Professionals (CNP) Program, where you can solve complex cybersecurity problems while gaining a broad set of experiences, developing diverse skills, and building your professional network along world-class cyber experts. This program has developed many cybersecurity experts and leaders throughout MITRE, government sponsors, and private industry. Our program alumni have a proven track record of providing impact on our nation's most critical cybersecurity challenges. All CNP members benefit from the program's: * Carefully designed onboarding program * Corpus of challenging and enriching rotational experiences * Curated training opportunities to develop new skills or enhance existing skills * Access to mentors who are world-class cybersecurity experts * Vibrant cohort of fellow participants who help to enrich the experience for one another CNP Onboarding The CNP onboarding program supports program members when starting their careers at MITRE or while starting new rotational opportunities. Members learn about MITRE, its culture, and its organizational units. We provide resources to transition members into the corporation and we provide the support system to enrich your career experience. When starting new rotations, the program provides the tools, best practices, and lessons learned to set you up for success. CNP Project Rotations CNP staff have the opportunity to work on a number of projects that provide a breadth of experiences to develop into well-rounded cybersecurity professionals and opportunities to work alongside subject matter experts to develop depth of knowledge in identified areas of interest. Projects enable members to: * Combine hands-on operational experience with best practices to develop intelligence-enabled solutions (MITRE ATT&CK, MITRE Engage, and CALDERA) that counter advanced adversaries. * Enhance the security, safety, and resiliency of critical cyber systems and infrastructure by applying threat-informed cybersecurity principles. * Protect critical infrastructure from malicious cyber or non-kinetic attack or disruption. CNP Training Opportunities Through their projects and CNP, staff are provided opportunities to participate in classroom-style and cohort-based training to learn new technical or professional skills or to further develop existing ones. Roles & Responsibilities: CNP Work Opportunities Apply cybersecurity skills and expertise to the following areas: * Autonomous Cyber * Cloud Security * Cross Domain Solutions * Critical Infrastructure Resiliency and Safety * Crypto and Trust * Cyber Adversary Emulation * Cyber Analytics and Malware * Cyber Assessments * Cyber Deception and Adversary Engagement * Cyber Effects and Reverse Engineering * Cyber Forensics * Cyber Resiliency * Cyber Safety * Cyber Strategy and Governance * Cyber Supply Chain * Cyber Threat Intelligence * Defensive Cyber Operations * Enterprise Security Architecture * Identity, Credentialing, and Access Management * Internet of Things (IoT) Systems Security * Operational Technology (OT)/Internet of Things (IoT) Device Security * Operational Technology Engineering and Response * Critical Infrastructure Modeling and Simulation * Operational Technology Adversary Emulation * Countermeasures for Operational Technologies (OT) * Privacy * Security Automation and Management * Software Assurance Work will include: * Conceive of and advance novel technical ideas * Provide deep analyses whose results drive decision-making by our sponsors * Build proof-of-concept systems that leverage new technology and concepts * Engage with the vendor community, academia, and our sponsors to raise the bar on cyber security throughout the industry Basic Qualifications: * Bachelor or Graduate Degree in a domain-relevant field * Requires 0-2 years of related experience * Experience applying learning outside of the classroom through relevant research or intern/co-op work * Applied knowledge of cybersecurity principles, tools, and devices * Ability to obtain a US government Top Secret (TS) security clearance Preferred Qualifications: * Proficiency with scripting and software development language(s) (Python, Java, C/C++, JavaScript, etc.) * Knowledge of security across multiple platforms working on a variety of operating systems, computer systems, mobile devices, cloud networks, and wireless networks * Preference will be given to qualified candidates with ACTIVE Security Clearances * Experience with cyber security tools and frameworks (Nmap, Metasploit, MITRE ATT&CK, MITRE Caldera, etc.) * Knowledge of advanced cyber threats and adversary methodologies * Demonstrated ability to work both independently and collaboratively * Ability to demonstrate excellent communication skills (e.g., writing and presenting) * Ability to be proactive and take initiative when addressing novel, complex, or ambiguous problems * Excellent organizational skills, including attention to detail and a demonstrated ability to manage multiple project components simultaneously This requisition requires the candidate to have a minimum of the following clearance(s): This requisition requires the hired candidate to have or obtain, within one year from the date of hire, the following clearance(s): Salary compensation range and midpoint: $83,000 - $104,000 - $125,000 Annual Work Location Type: Hybrid It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability. Commitment to Non-Discrimination All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, local or international law. MITRE intends to maintain a website that is fully accessible to all individuals. If you are unable to search or apply for jobs and would like to request a reasonable accommodation for any part of MITRE's employment process, please email ************************ for general support and *************************** for intern positions. This service is for individuals requiring reasonable accommodation requests. Please note that vendor solicitations will not receive a reply. Benefits information may be found here. Copyright 1997-2025, The MITRE Corporation. All rights reserved. MITRE is a registered trademark of The MITRE Corporation. Material on this site may be copied and distributed with permission only.

At EY, we're all in to shape your future with confidence. We'll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world. **Manager - Security Architect** **The opportunity** We're hiring an experienced Security Architect that is an expert in the modern security threat and mitigation environment. Knowledge of the use of security in the development of applications (threat model development) best practices for security in the design architecture of applications. The use of AI in SEIM/MDR/MXDR and/or the analysis of behavioral threats. The successful candidate should have experience in the emerging area of AI based attack vectors and be able to devise successful mitigation. The candidate should thrive in fast-paced environments and are passionate about enabling scalable AI solutions. **Your key responsibilities** + Develop effective security designs for implementation into enterprise applications and internal EY platforms. + Support security tool selection and verification. + Develop best practices for security design patterns in AI native applications. + Execute security assessments based on experience and select AI and conventional code analysis tools. + Assess new proposed projects to insure they are leveraging best security practices architecture design and implementation. + Collaborate with other architectural experts in AI, Data and Infrastructure to insure balanced and practical outcomes. + Support strategic business development activities for emerging technology. **Skills and attributes for success** + Strong analytical and troubleshooting skills. + Ability to lead security architectural product functions and mentor junior engineers. + Comfortable working across cross-functional teams and managing competing priorities. + Build and manage strong internal and external partnerships by fostering trust, empathy, and mutual value. + Leverage emotional agility and hybrid collaboration to navigate diverse stakeholder needs and drive long-term engagement. + Use critical thinking and creative reasoning to address complex problems and exceed expectations. + Align cross-functional teams around shared goals, ensuring accountability and progress. Use emotional intelligence and hybrid collaboration to motivate others and deliver high-impact results. **T** **o qualify you must have** + 5-10+ years of experience in security engineering and architecture for products. + Understand security and safety in an AI environment (Guardrails, Adversarial attacks, output validation etc..) + Use of security tooling for application verification in Github Advance Security, Checkmarx JFrog, DAST, etc.. + Understand threat model development and verified implementation. + Familiarity with security certifications and appropriate use for best practices development OWASP etc.... + Expertise in the assessment of security best practices of agile development process + Expertise in the development and adoption of security first best practices. **Ideally, you'll also have** + Experience with large-scale cross functional software development projects. + Excellent communication and leadership abilities. **What we offer you** At EY, we'll develop you with future-focused skills and equip you with world-class experiences. We'll empower you in a flexible environment, and fuel you and your extraordinary talents in a diverse and inclusive culture of globally connected teams. Learn more . + We offer a comprehensive compensation and benefits package where you'll be rewarded based on your performance and recognized for the value you bring to the business. The base salary range for this job in all geographic locations in the US is $125,500 to $230,200. The base salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is $150,700 to $261,600. Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options. + Join us in our team-led and leader-enabled hybrid model. Our expectation is for most people in external, client serving roles to work together in person 40-60% of the time over the course of an engagement, project or year. + Under our flexible vacation policy, you'll decide how much vacation time you need based on your own personal circumstances. You'll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being. **Are you ready to shape your future with confidence? Apply today.** EY accepts applications for this position on an on-going basis. For those living in California, please click here for additional information. EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. **EY | Building a better working world** EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets. Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow. EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories. EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status, or any other legally protected basis, including arrest and conviction records, in accordance with applicable law. EY is committed to providing reasonable accommodation to qualified individuals with disabilities including veterans with disabilities. If you have a disability and either need assistance applying online or need to request an accommodation during any part of the application process, please call 1-800-EY-HELP3, select Option 2 for candidate related inquiries, then select Option 1 for candidate queries and finally select Option 2 for candidates with an inquiry which will route you to EY's Talent Shared Services Team (TSS) or email the TSS at ************************** .

Job DescriptionSaronic Technologies is a leader in revolutionizing defense autonomy at sea, dedicated to developing state-of-the-art solutions that enhance maritime operations for the Department of Defense (DoD) through autonomous and intelligent platforms. Saronic is seeking a Security Analyst to monitor, investigate, and respond to security threats across hybrid environments. This role supports incident response, threat hunting, and continuous improvement of detection, response, and operational effectiveness.Responsibilities: Monitor, triage, and investigate security alerts and incidents across hybrid environments. Correlate and assess security, identity, and behavioral data to detect high-risk activity and support insider threat and external threat investigations. Conduct proactive threat hunts leveraging current intelligence, MITRE ATT&CK techniques, and establishing baselines to identify undetected threats or weaknesses. Contribute to operational runbooks, detection playbooks, and case documentation. Participate in an on-call rotation responding to security events and supporting incident response investigations. Collaborate with internal teams to enhance detection logic, improve workflows and automations. Stay current with evolving threat landscape and maintain situational awareness across organizational assets and environments. Required Qualifications: 3+ years of hands-on experience in a security operations center or part of a cybersecurity incident response team. Proficient with SOC and incident response platforms, including SIEM, EDR, threat intelligence, and SOAR solutions, with experience in endpoint and network forensics, root-cause analysis, and incident reporting. Demonstrated ability to use scripting and automation languages for data analysis and investigation, and familiarity with infrastructure-as-code frameworks used in production environments. This role requires the ability to obtain and maintain a security clearance Preferred Qualifications: Familiarity with Department of Defense (DoD) or military industry events. Industry recognized certifications (GCIH, GCIA, GNFA, GREM, CEH, etc.). Physical Demands: Prolonged periods of sitting at a desk and working on a computer. Occasional standing and walking within the office. Manual dexterity to operate a computer keyboard, mouse, and other office equipment. Visual acuity to read screens, documents, and reports. Occasional reaching, bending, or stooping to access file drawers, cabinets, or office supplies. Lifting and carrying items up to 20 pounds occasionally (e.g., office supplies, packages). Benefits:Medical Insurance: Comprehensive health insurance plans covering a range of services Saronic pays 100% of the premium for employees and 80% for dependents Dental and Vision Insurance: Coverage for routine dental check-ups, orthodontics, and vision care Saronic pays 100% of the premium under the basic plan for employees and 80% for dependents Time Off: Generous PTO and HolidaysParental Leave: Paid maternity and paternity leave to support new parents Competitive Salary: Industry-standard salaries with opportunities for performance-based bonuses Retirement Plan: 401(k) plan Stock Options: Equity options to give employees a stake in the company's success Life and Disability Insurance: Basic life insurance and short- and long-term disability coverage Pet Insurance: Discounted pet insurance options including 24/7 Telehealth helpline Additional Perks: Free lunch benefit and unlimited free drinks and snacks in the office This role requires access to export-controlled information or items that require “U.S. Person” status. As defined by U.S. law, individuals who are any one of the following are considered to be a “U.S. Person”: (1) U.S. citizens, (2) legal permanent residents (a.k.a. green card holders), and (3) certain protected classes of asylees and refugees, as defined in 8 U.S.C. 1324b(a)(3) . Saronic does not discriminate on the basis of race, sex, color, religion, age, national origin, marital status, disability, veteran status, genetic information, sexual orientation, gender identity or any other reason prohibited by law in provision of employment opportunities and benefits.

Company: Qualcomm Incorporated Job Area: Information Technology Group, Information Technology Group > Cyber Security Engineering The Qualcomm AI Cybersecurity Team is dedicated to protecting the company's use of Artificial Intelligence (AI), defending against AI-driven attacks, and augmenting security capabilities with AI-powered innovation. We strive to foster a culture of responsible AI innovation, ensuring the integrity and accountability of AI models and their applications. The Information Security & Risk Management (ISRM) organization is looking for a strong team player with extensive experience in AI Security. As the Principal AI Security Engineer, you will be responsible for leading the design, implementation, and governance of security measures across the organization's AI ecosystem. This role sits at the intersection of cybersecurity and artificial intelligence, ensuring that AI models, platforms, and applications are secure, resilient, and compliant with evolving regulatory and ethical standards. This role requires full-time onsite work in San Diego, CA (5 days per week). Minimum Qualifications: * Bachelor's degree in Engineering, Information Systems, Computer Science, or related field and 7+ years of cybersecurity-relevant work experience. OR High school diploma or equivalent and 8+ years of cybersecurity-relevant work experience. Physical Requirements: * Frequently transports and installs equipment up to 40 lbs. We are a collaborative team We are always learning, sharing, and researching. You will work with engineers and business stakeholders across the company to secure complex infrastructure and applications. You will need communication, analytical, and interpersonal skills, and the ability to learn and grow in a rapidly evolving environment. We welcome candidates who are passionate about cybersecurity and eager to learn and grow as engineers on our team. At Qualcomm, we are committed to fostering a culture of innovation. We value collaboration, creativity, and the power of diverging viewpoints. A significant part of our success as a company comes from our ability to collaborate effectively, analyze complex problems, identify potential solutions, and ultimately converge on a winning strategy. This collective buy-in fosters incredible teamwork and drives our achievements. Join us and be part of a team dedicated to pushing the boundaries of technology and making a positive impact on the world. We are looking for motivated people We are looking for those who have experience in the areas listed, but even more importantly a strong desire to learn and grow as an AI Cybersecurity engineer and team player. At this level, we are committed to help provide training opportunities to acclimate new employees to how Qualcomm's cybersecurity team operates. Key Responsibilities * AI Threat Intelligence: Stay ahead of emerging threats targeting AI systems, including model inversion, data poisoning, prompt injection, and agentic AI misuse * AI Firewall & Gateway Oversight: Contribute to the design and implementation of AI Gateway controls to monitor and protect internal and external AI usage * Metrics & Compliance: Define and track AI security KPIs (e.g., model robustness, architecture review completion, policy adherence) and support compliance to standards * Cross-Functional Collaboration: Partner with data scientists, platform engineers, legal, and compliance teams to embed security into AI innovation workflows * Mentorship & Leadership: Serve as a technical mentor and thought leader across ISRM and engineering teams, helping to shape the AI security strategy * Design, develop and implement AI-powered security solutions. * Troubleshoot and resolve AI security issues, collaborating with cross-functional teams as needed. * Implement adversarial training techniques during AI application and agent development. * Evaluate AI model, application, and agent robustness against common attacks. * Conduct regular adversarial penetration tests on AI-powered solutions through AI/automation to build a scalable, repeatable process Preferred Qualifications Qualcomm values people from all walks of life and backgrounds. We understand not everyone will meet all the qualifications below on day one. That's okay! If you're passionate about technology and want to grow your skills, if you cover even some of these preferences - we encourage you to apply. * 10+ years of experience in cybersecurity, with 3+ years in AI/ML security. * Deep understanding of AI/ML technologies (e.g., LLMs, transformers, agentic AI) and associated security risks. * Experience with secure ML pipelines, adversarial machine learning, and AI model evaluation. * Familiarity with AI governance frameworks, regulatory trends (e.g., EU AI Act, NIST AI RMF), and ethical AI principles. * Strong communication and leadership skills; ability to influence across technical and executive audiences. * Advanced degree (MS/PhD) in Computer Science, Cybersecurity, AI/ML, or related field preferred. Principal Duties and Responsibilities: * Applies expert knowledge in one or more security-related areas (e.g., cryptography, hacker exploits, reverse engineering, etc.) to act as a technical lead on large projects/programs and ensures they are driven to completion. * Leads a team to ensure that complex security risks and vulnerabilities are identified, understood, and prioritized; works with other teams to resolve issues and execute mitigation strategy. * Stays up-to-date on latest trends to prevent potential attacks and gains buy-in from other areas to promote the adoption of new technologies and methods. * Leverages expertise when conducting root cause analyses to find the cause of highly complex security issues in products that may involve multiple groups or processes. Presents findings to critical senior leaders and cross-functional stakeholders. * Proactively identifies security risks to existing systems and infrastructure, and discusses risks with senior leadership outside of project team to construct solutions. * Reviews technical documentation for large projects before publication and provides feedback as needed. Presents complicated technical information to senior leadership (e.g., Sr. Director and above). * Considers all aspects as lead of a design by determining which teams should get involved and which tests need to be conducted, reviewing risk areas and impact, and highlighting the right set of issues to share with senior leadership and the entire team. * Collaborates with other Engineers to prioritize and address escalations that impact a large number of customers/stakeholders in order to create and carry out solutions that meet security requirements, updates senior leadership about critical security issues, and addresses and communicates about highly complex, security-related issues. * Meets with high-priority and/or high-profile project teams and business stakeholders to identify security requirements as an industry expert, and makes recommendations based on the configurations, systems, and devices impacted by proposed enhancements or upgrades. * Engages with business partners cross-functionally (e.g., testing group, product group, customers) to develop and execute a plan and system design for a large initiative. * Leads high-risk security architecture reviews with cross-functional project members and business stakeholders to discuss security risks and identify additional changes to security architecture diagrams. Level of Responsibility: * Working independently with no supervision. * Taking responsibility for own work and making decisions with more significant in their impact, influencing overall program or project success, finances, and/or the ability to meet objectives; errors are not readily apparent due to the complexity of work process/product or time between decisions and results; errors typically result in significant expenditure of time, resources, and funds to correct. * Using verbal and written communication skills to convey complex and/or detailed information to multiple individuals/audiences with differing knowledge levels. Role may require strong negotiation and influence, communication to large groups or high-level constituents. * Having a great degree of influence over key organizational decisions (e.g., is making or directly making key decisions that have substantial impact on the organization). * Using deductive and inductive problem solving is required; multiple approaches may be taken/necessary to solve the problem; often information is missing or conflicting; advanced data analysis and interpretation skills are required. * Exercising exceptional creativity is needed to innovate new ideas and develop innovative products/ processes without established objectives or known parameters. * Occasionally participates in strategic planning within own area affecting immediate operations. Qualcomm is an equal opportunity employer. If you are an individual with a disability and need an accommodation during the application/hiring process, rest assured that Qualcomm is committed to providing an accessible process. You may e-mail disability-accomodations@qualcomm.com or call Qualcomm's toll-free number found here. Upon request, Qualcomm will provide reasonable accommodations to support individuals with disabilities to be able participate in the hiring process. Qualcomm is also committed to making our workplace accessible for individuals with disabilities. (Keep in mind that this email address is used to provide reasonable accommodations for individuals with disabilities. We will not respond here to requests for updates on applications or resume inquiries). To all Staffing and Recruiting Agencies: Our Careers Site is only for individuals seeking a job at Qualcomm. Staffing and recruiting agencies and individuals being represented by an agency are not authorized to use this site or to submit profiles, applications or resumes, and any such submissions will be considered unsolicited. Qualcomm does not accept unsolicited resumes or applications from agencies. Please do not forward resumes to our jobs alias, Qualcomm employees or any other company location. Qualcomm is not responsible for any fees related to unsolicited resumes/applications. EEO Employer: Qualcomm is an equal opportunity employer; all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, Veteran status, or any other protected classification. Qualcomm expects its employees to abide by all applicable policies and procedures, including but not limited to security and other requirements regarding protection of Company confidential information and other confidential and/or proprietary information, to the extent those requirements are permissible under applicable law. Pay range and Other Compensation & Benefits: $184,500.00 - $276,700.00 The above pay scale reflects the broad, minimum to maximum, pay scale for this job code for the location for which it has been posted. Even more importantly, please note that salary is only one component of total compensation at Qualcomm. We also offer a competitive annual discretionary bonus program and opportunity for annual RSU grants (employees on sales-incentive plans are not eligible for our annual bonus). In addition, our highly competitive benefits package is designed to support your success at work, at home, and at play. Your recruiter will be happy to discuss all that Qualcomm has to offer - and you can review more details about our US benefits at this link. If you would like more information about this role, please contact Qualcomm Careers.

KPMG Advisory practice is currently our fastest growing practice. We are seeing tremendous client demand, and looking forward we do not anticipate that slowing down. In this ever-changing market environment, our professionals must be adaptable and thrive in a collaborative, team-driven culture. At KPMG, our people are our number one priority. With a wealth of learning and career development opportunities, a world-class training facility and leading market tools, we make sure our people continue to grow both professionally and personally. If you're looking for a firm with a strong team connection where you can be your whole self, have an impact, advance your skills, deepen your experiences, and have the flexibility and access to constantly find new areas of inspiration and expand your capabilities, then consider a career in Advisory. KPMG is currently seeking a Specialist Director, MAST Application Penetration Testing Lead to join our Managed Services practice. Responsibilities: * Lead the strategic delivery of Managed Application Security Testing (MAST) services, ensuring alignment with client objectives and industry best practices * Execute go-to-market (GTM) strategies for MAST offerings, collaborating with cross-functional teams to drive market penetration and revenue growth * Oversee the design and implementation of scalable security testing frameworks across diverse application environments, including cloud-native and hybrid architectures * Provide subject matter expertise in application security, guiding clients through risk assessments, remediation planning, and secure development lifecycle integration * Build and maintain strong client relationships, serving as a trusted advisor and ensuring high levels of satisfaction and retention * Mentor and lead a team of security professionals, fostering a culture of innovation, accountability, and continuous improvement * Act with integrity, professionalism, and personal responsibility to uphold KPMG's respectful and courteous work environment Qualifications: * Minimum eight years of recent experience in application security, penetration testing, or related cybersecurity domains, with at least three years in a leadership or director-level role * Master's degree from an accredited college or university in cybersecurity, computer science, or related field is preferred; Bachelor's degree from an accredited college or university is required * Deep understanding of application security testing methodologies, tools (for example, DAST, SAST, IAST), and secure SDLC practices * Proven experience developing and executing GTM strategies for security services or technology solutions * Strong client-facing skills with the ability to communicate complex technical concepts to non-technical stakeholders * Excellent verbal/written communication, presentation, and analytical skills * Ability to travel as required * Applicants must be authorized to work in the U.S. without the need for employment-based visa sponsorship now or in the future; KPMG LLP will not sponsor applicants for U.S. work visa status for this opportunity (no sponsorship is available for H-1B, L-1, TN, O-1, E-3, H-1B1, F-1, J-1, OPT, CPT or any other employment-based visa) KPMG LLP and its affiliates and subsidiaries ("KPMG") complies with all local/state regulations regarding displaying salary ranges. If required, the ranges displayed below or via the URL below are specifically for those potential hires who will work in the location(s) listed. Any offered salary is determined based on relevant factors such as applicant's skills, job responsibilities, prior relevant experience, certain degrees and certifications and market considerations. In addition, KPMG is proud to offer a comprehensive, competitive benefits package, with options designed to help you make the best decisions for yourself, your family, and your lifestyle. Available benefits are based on eligibility. Our Total Rewards package includes a variety of medical and dental plans, vision coverage, disability and life insurance, 401(k) plans, and a robust suite of personal well-being benefits to support your mental health. Depending on job classification, standard work hours, and years of service, KPMG provides Personal Time Off per fiscal year. Additionally, each year KPMG publishes a calendar of holidays to be observed during the year and provides eligible employees two breaks each year where employees will not be required to use Personal Time Off; one is at year end and the other is around the July 4th holiday. Additional details about our benefits can be found towards the bottom of our KPMG US Careers site at Benefits & How We Work. Follow this link to obtain salary ranges by city outside of CA: ********************************************************************** California Salary Range: $153700 - $319000 KPMG offers a comprehensive compensation and benefits package. KPMG is an equal opportunity employer. KPMG complies with all applicable federal, state and local laws regarding recruitment and hiring. All qualified applicants are considered for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, citizenship status, disability, protected veteran status, or any other category protected by applicable federal, state or local laws. The attached link contains further information regarding KPMG's compliance with federal, state and local recruitment and hiring laws. No phone calls or agencies please. KPMG recruits on a rolling basis. Candidates are considered as they apply, until the opportunity is filled. Candidates are encouraged to apply expeditiously to any role(s) for which they are qualified that is also of interest to them. Los Angeles County applicants: Material job duties for this position are listed above. Criminal history may have a direct, adverse, and negative relationship with some of the material job duties of this position. These include the duties and responsibilities listed above, as well as the abilities to adhere to company policies, exercise sound judgment, effectively manage stress and work safely and respectfully with others, exhibit trustworthiness, and safeguard business operations and company reputation. Pursuant to the California Fair Chance Act, Los Angeles County Fair Chance Ordinance for Employers, Fair Chance Initiative for Hiring Ordinance, and San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.

We are seeking a talented Detection Engineer to join our Security Incident Response Team (SIRT) and help us protect our organization from cyber threats. The ideal candidate will have a deep understanding of security detection techniques and be able to design, implement, and maintain detection controls that detect and respond to security incidents. As a member of our SIRT, you will work closely with other engineers to identify and mitigate threats, shape detection strategy, and provide guidance on the design and implementation of security controls. **Responsibilities** + Develop and maintain detection controls to monitor and detect security events that threaten the confidentiality, integrity, and availability of our organization's data and systems + Analyze telemetry data from diverse sources to detect known and unknown security incidents using various security tools, such as SIEM (Splunk), EDR (Crowdstrike Falcon), CSPM (Wiz) and network traffic analysis + Engage with threat hunting, event analysis and incident response squads to identify threats and vulnerabilities seen internally + Build and implement security automation workflows using SOAR tools to streamline and enhance SIRT analysis and incident resolution. + Proactively research, identify, and understand the latest security threats and emerging trends, including their potential impact on our organization + Collaborate with other engineers to design, implement, and maintain security controls based on security standards, best practices, policies, and regulatory requirements + Provide guidance to enhance the creation, documentation, implementation, and adherence of security policies and procedures + Participate in security incident response activities and help develop mitigation and remediation strategies + Communicate security results and findings to technical audiences and management stakeholders through detailed analysis, briefings, and reports _Intuit provides a competitive compensation package with a strong pay for performance rewards approach. The expected base pay range for this position is:_ Bay Area California $206,000 - $278,500 San Diego Area California $187,000 - $252,500 _This position will be eligible for a cash bonus, equity rewards and benefits, in accordance with our applicable plans and programs (see more about our compensation and benefits at Intuit : Careers | Benefits (************************************************************** _)._ _Pay offered is based on factors such as job-related knowledge, skills, experience, and work location. To drive ongoing pay equity for employees, Intuit conducts regular comparisons across categories of ethnicity and gender._ **Qualifications** + BS/MS in Computer Science or related field or equivalent relevant experience. Experience in Cybersecurity and/or Identity and Access Management is strongly desired. + 7+ years of professional experience on/leading policy or analytics teams in a compliance, security, risk, or financial fraud environment + Developer experience in Python or comparable language preferred + Expert in producing user-friendly data visualizations and adept at communicating with data + Demonstrated project management skills for planning/driving tasks across organizations while keeping initiatives on track to achieve desired outcomes + Ability to understand and demonstrate empathy for opposing points of view on highly complex issues + Excellent written and verbal communication skills; ability to succinctly communicate technical and business requirements, business cases and other findings across organizational levels + Proven ability to use productivity/collaboration tools such as MS Office, Google Suite, and Slack If you have a passion for cybersecurity and a proven track record in security detection and incident response, we invite you to apply for this role. Join our SIRT team and help us protect our organization and customers from cyber threats. Intuit provides a competitive compensation package with a strong pay for performance rewards approach. This position will be eligible for a cash bonus, equity rewards and benefits, in accordance with our applicable plans and programs (see more about our compensation and benefits at Intuit : Careers | Benefits (************************************************************* ). Pay offered is based on factors such as job-related knowledge, skills, experience, and work location. To drive ongoing fair pay for employees, Intuit conducts regular comparisons across categories of ethnicity and gender. The expected base pay range for this position is: Bay Area California $ 206,000- 278,500 Southern California $ 187,000- 252,500 EOE AA M/F/Vet/Disability. Intuit will consider for employment qualified applicants with criminal histories in a manner consistent with requirements of local law.

Minimum qualifications: Bachelor's degree in Electrical Engineering, Computer Engineering, Computer Science, a related field, or equivalent practical experience. 10 years of experience in security certification (FIPS, Common Criteria, SESIP, EMVco, GP). Experience with hardware and software architecture. Experience in Technical Program Management. Experience with development and product life-cycle. Experience in embedded security and cryptography. Preferred qualifications: Common Criteria certification for a Secure IC, smartcard or similar devices. FIPS140-3 certification for a crypto module (CMVP). Experience with government and regulatory policies related to security. Knowledge of PP0084, CAVP and CMPV requirements. Familiarity with the SOGIS Application of Attack Potential to Smartcard. Familiarity with JIL Minimum Site Security Requirements (MSSR). About the job Be part of a team that pushes boundaries, developing custom silicon solutions that power the future of Google's direct-to-consumer products. You'll contribute to the innovation behind products loved by millions worldwide. Your expertise will shape the next generation of hardware experiences, delivering unparalleled performance, efficiency, and integration. In this role, you will identify the primary drivers (e.g., business, regulatory,) for certification and manage security certification programs (Common Criteria, FIPS) from start to finish. You will be the direct interface with the evaluation laboratory and the Certification Body. You will be responsible for providing on time all the evidence and material required for the certification. You will work directly with all the stakeholders internally (engineering and corporate teams) to convey the requirement and ensure they are met. You will drive internal improvements and take decisions as needed to achieve success. Within the Security Assurance team you will have the support from security experts and a red team to help you achieve your objectives. Google's mission is to organize the world's information and make it universally accessible and useful. Our team combines the best of Google AI, Software, and Hardware to create radically helpful experiences. We research, design, and develop new technologies and hardware to make computing faster, seamless, and more powerful. We aim to make people's lives better through technology. The US base salary range for this full-time position is $183,000-$271,000 + bonus + equity + benefits. Our salary ranges are determined by role, level, and location. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training. Your recruiter can share more about the specific salary range for your preferred location during the hiring process. Please note that the compensation details listed in US role postings reflect the base salary only, and do not include bonus, equity, or benefits. Learn more about benefits at Google. Responsibilities Assess engineering problems, understand the interplay between certification requirements and functional requirements, and contribute to shaping technical directions. Organize and manage security certification activities. Monitor and communicate progress, risks, and mitigation. Identify stakeholders (internal and external) and work with them to strategize, plan, and prioritize objectives, estimate task duration, and ensure schedules and dependencies are aligned and support those objectives. Leverage a variety of methodologies (e.g., Agile, Waterfall) to make teams most effective. Establish systems to identify improvements and drive future needs around security certification. Discern when a change is appropriate and to drive change across the organization, working closely with partner teams to manage and communicate changes, introducing them in the minimal disruptive manner. Put systems and mechanisms in place to facilitate future changes.