Information security analyst jobs in Fall River, MA - 259 jobs

A leading data technology provider in Boston is seeking a Senior Security Engineer. In this key role, you will enhance the security of data platforms while collaborating with cross-functional teams. Responsibilities include designing secure architectures, analyzing vulnerabilities, and mentoring staff. A Bachelor's in a technical discipline and substantial experience in security engineering are required. This role offers a competitive salary range of $112,000 - $160,000 USD and substantial benefits including health insurance and 401(k) contributions. #J-18808-Ljbffr

A state governmental agency in Chelsea, Massachusetts is seeking an Accounts Management Analyst II to manage employee provisioning and deprovisioning, ensure timely completion of requests, and support end-users with IT issues. The ideal candidate should have extensive experience in technical support, strong knowledge in Windows, Azure, and service management tools like ServiceNow, along with excellent problem-solving and communication skills. This full-time role offers a salary range between $77,290 and $116,401 annually. #J-18808-Ljbffr

Information Security Data Analyst Large Banking Client Duration: 6+ month contract; Strong potential for extension / full time hire Our client in the banking industry is seeking a Data Analyst to join the Information Security & Risk team. This role will focus on data protection, compliance, and security analytics, ensuring sensitive information is safeguarded across systems and processes. The position offers an opportunity to contribute to risk mitigation, regulatory adherence, and the development of robust data security controls in a dynamic financial services environment. Responsibilities * Monitor, analyze, and report on data security events and potential data loss incidents * Collect, validate, and analyze data from multiple sources to ensure accuracy and integrity * Develop and maintain dashboards for security metrics using Power BI and AWS QuickSight * Execute queries to identify anomalies, trends, and potential vulnerabilities in data flows * Implement and enforce Data Loss Prevention (DLP) rules and policies across systems * Conduct testing and validation of DLP rules to ensure accuracy and effectiveness * Manage website whitelisting processes to support secure business operations * Support compliance with regulatory standards and internal security frameworks * Collaborate with security, risk, and IT teams to design and optimize data protection strategies * Communicate findings and actionable recommendations to leadership and stakeholders Required Experience * Minimum 3+ years of experience in data analytics with a focus on security or compliance * Strong understanding of data protection principles, DLP tools, and regulatory frameworks * Hands-on experience implementing and testing DLP rules and security controls * Proficiency in SQL Server for query writing and data validation * Dashboarding experience with Power BI and AWS QuickSight * Working knowledge of Python for automation and data analysis * Familiarity with security monitoring tools and incident response processes * Prior experience in financial services, preferably banking or fintech Desired Experience * Exposure to DLP solutions (e.g., Purview, Netskope) * Experience with identity and access management concepts * Understanding of data classification and encryption standards Soft Skills * Strong communication skills to engage leadership and cross-functional teams * Detail-oriented with a proactive approach to risk identification * Ability to work in a fast-paced, compliance-driven environment * Apex Benefits Overview * Apex offers a range of supplemental benefits, including medical, dental, vision, life, disability, and other insurance plans that offer an optional layer of financial protection. We offer an ESPP (employee stock purchase program) and a retirement plan (401k or local country equivalent) program. Apex also offers a HSA (Health Savings Account on the HDHP plan), a SupportLinc Employee Assistance Program (EAP) with up to 8 free counseling sessions, a corporate discount savings program and other discounts. In terms of professional development, Apex hosts an on-demand training program, provides access to certification prep and a library of technical and leadership courses/books/seminars once you have 6+ months of tenure, and certification discounts and other perks to associations that include CompTIA and IIBA. Apex has a dedicated customer service team for our consultants that can address questions around benefits and other resources, as well as a certified Career Coach. You can access a full list of our benefits, programs, support teams and resources within our 'Welcome Packet' as well, which an Apex team member can provide. * · EEO Employer * Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at [email protected] or ************. Apex Systems is a world-class IT services company that serves thousands of clients across the globe. When you join Apex, you become part of a team that values innovation, collaboration, and continuous learning. We offer quality career resources, training, certifications, development opportunities, and a comprehensive benefits package. Our commitment to excellence is reflected in many awards, including ClearlyRated's Best of Staffing in Talent Satisfaction in the United States and Great Place to Work in the United Kingdom and Mexico. Apex uses a virtual recruiter as part of the application process. Click here for more details. Apex Benefits Overview: Apex offers a range of supplemental benefits, including medical, dental, vision, life, disability, and other insurance plans that offer an optional layer of financial protection. We offer an ESPP (employee stock purchase program) and a 401K program which allows you to contribute typically within 30 days of starting, with a company match after 12 months of tenure. Apex also offers a HSA (Health Savings Account on the HDHP plan), a SupportLinc Employee Assistance Program (EAP) with up to 8 free counseling sessions, a corporate discount savings program and other discounts. In terms of professional development, Apex hosts an on-demand training program, provides access to certification prep and a library of technical and leadership courses/books/seminars once you have 6+ months of tenure, and certification discounts and other perks to associations that include CompTIA and IIBA. Apex has a dedicated customer service team for our Consultants that can address questions around benefits and other resources, as well as a certified Career Coach. You can access a full list of our benefits, programs, support teams and resources within our 'Welcome Packet' as well, which an Apex team member can provide. Employee Type: Contract Remote: Yes Location: Boston, MA, US Job Type: Date Posted: November 18, 2025 Pay Range: $45 - $60 per hour Similar Jobs * Information Security Analyst - IAM / CyberArk * Information Security - Information Security Engineer 4 - Contingent * Information Systems Analyst * Network Security Analyst III * Senior Cyber Security Analyst

Join our global Cyber team as a Wordings Analyst supporting the Global Cyber Wordings Manager in the strategic development and governance of our Cyber and Tech policy suite, including Liberty Cyber Resolution and Liberty Tech Resolution. This role is a hands-on business enabler: you will help translate complex legal and regulatory requirements into clear, market-ready wordings, maintain our global clause library, support manuscript negotiations, and produce practical tools that empower underwriters and strengthen broker confidence. It's an excellent opportunity for an early-career insurance wordings or legal professional to build expertise in a fast-moving, global specialty line and make a visible impact on growth, innovation, and client experience. Key responsibilities: Wording library and drafting support Maintain and expand the global wording library centered on Liberty Cyber Resolution and Liberty Tech Resolution, including endorsements, exclusions, and guidance notes. Redline and prepare first drafts of standard clauses and endorsements; ensure consistency with definitions, coverage intent, and plain-language standards. Track version control, change logs, approvals, and archiving; Assist with localization for different jurisdictions, coordinating translations and filing documentation with Legal/Compliance. Commercial enablement Build practical tools (playbooks, FAQs, objection-handling guides, coverage summaries) to help regional teams position our products and close deals efficiently. Prepare broker/client comparison decks and battlecards; support pitches, RFP/RFI responses, and manuscript negotiations with clause comparisons and recommended alternatives. Triage wording queries from regions; track SLAs and referral approvals per the global governance framework. Partner closely with Underwriting, Product, Global Cyber Engagement, Claims, Legal/Compliance, and regional leaders to deliver accurate, timely support and uphold governance standards. Regulatory and legal stewardship Monitor and synthesize global regulatory and market developments (e.g., Lloyd's cyber war/systemic guidance, GDPR, DORA, NIS2, sanctions) into succinct briefs and recommended wording actions. Maintain audit-ready documentation; assist with regulatory filings or attestations where required. Claims partnership and feedback loop Collaborate with Claims to capture lessons from disputes and litigation trends; draft guidance notes and propose clarifications to improve coverage certainty. Support coverage position letters and documentation packs with research, citations, and clause histories. Innovation and product development support Help draft prototype wordings for new propositions Check alignment between underlying policy wordings and reinsurance treaty/facultative clauses. Administer wording management tools, ensuring robust version control, approval workflows, and usage analytics. Build dashboards and trackers for adoption of standard forms, deviation rates, SLA performance, disputes, and audit findings; provide monthly reporting to stakeholders. Qualifications Bachelor's degree in business, economics, or other quantitative field. Minimum 3 years, typically 4 years or more of relevant work experience. 2 - 5 years of experience in insurance wordings, legal/paralegal support, underwriting support, or product documentation; cyber specialty experience preferred. Strong drafting, redlining, and proofreading skills with a plain-language mindset and exceptional attention to detail. Working knowledge of insurance policy structures, endorsements, exclusions, and coverage interpretation; familiarity with cyber war/systemic language, sanctions, and privacy regulations is advantageous. Research and synthesis skills to translate complex regulatory/legal topics into practical guidance and actionable updates. Proficiency with MS Word (advanced track changes/redlining), Excel (trackers and dashboards), PowerPoint (training/pitch materials), and document/enablement tools. Collaborative, service-oriented approach; comfortable operating in a global matrix and meeting defined SLAs. Curiosity about cybersecurity risks and the incident response ecosystem; willingness to learn common threat scenarios to inform practical drafting. About Us Pay Philosophy: The typical starting salary range for this role is determined by a number of factors including skills, experience, education, certifications and location. The full salary range for this role reflects the competitive labor market value for all employees in these positions across the national market and provides an opportunity to progress as employees grow and develop within the role. Some roles at Liberty Mutual have a corresponding compensation plan which may include commission and/or bonus earnings at rates that vary based on multiple factors set forth in the compensation plan for the role. At Liberty Mutual, our goal is to create a workplace where everyone feels valued, supported, and can thrive. We build an environment that welcomes a wide range of perspectives and experiences, with inclusion embedded in every aspect of our culture and reflected in everyday interactions. This comes to life through comprehensive benefits, workplace flexibility, professional development opportunities, and a host of opportunities provided through our Employee Resource Groups. Each employee plays a role in creating our inclusive culture, which supports every individual to do their best work. Together, we cultivate a community where everyone can make a meaningful impact for our business, our customers, and the communities we serve. We value your hard work, integrity and commitment to make things better, and we put people first by offering you benefits that support your life and well-being. To learn more about our benefit offerings please visit: *********************** Liberty Mutual is an equal opportunity employer. We will not tolerate discrimination on the basis of race, color, national origin, sex, sexual orientation, gender identity, religion, age, disability, veteran's status, pregnancy, genetic information or on any basis prohibited by federal, state or local law. Fair Chance Notices California Los Angeles Incorporated Los Angeles Unincorporated Philadelphia San Francisco We can recommend jobs specifically for you! Click here to get started.

Basic Qualifications Requires a Bachelor's degree in Systems Engineering, or a related Science, Engineering, Technology or Mathematics field. Also requires 5+ years of job-related experience, or a Master's degree plus 3 years of job-related experience. Agile experience preferred. CLEARANCE REQUIREMENTS: Department of Defense Secret security clearance is required at time of hire. Applicants selected will be subject to a U.S. Government security investigation and must meet eligibility requirements for access to classified information. Due to the nature of work performed within our facilities, U.S. citizenship is required. Responsibilities for this Position We are seeking a Systems Security Engineer who has experience in the design and development of NSA-certified Cybersecurity devices. Key Responsibilities: Design and develop specifications for mission-critical NSA-certified Cybersecurity devices Collaborate with software and validation engineering teams to deliver high-speed data solutions Develop real-time multi-threaded Embedded System architecture using Model-based Systems Engineering (MBSE) tools and techniques Analyze and maintain system security requirements throughout product development lifecycle Conduct trade studies, perform functional analysis, and design system security. Preferred Skills and Experiences: NSA approved Cryptography/Encryption Security requirements analysis Real-Time multi-threaded Embedded System architecture and development Model-based Systems Engineering (MBSE) CISSP certification or similar INCOSE ASEP, CSEP, or ESEP certification We value candidates who possess: Drive to expand knowledge and experience in designing complex systems Ability to define project scope, schedule, and expected results Initiative to complete assignments and ability to engage in technical direction and leadership Our Commitment to You: An exciting career path with opportunities for continuous learning and development Research-oriented work with award-winning teams Competitive benefits package ***Please note you will be onsite 100%. Salary Note This estimate represents the typical salary range for this position based on experience and other factors (geographic location, etc.). Actual pay may vary. This job posting will remain open until the position is filled. Combined Salary Range USD $112,924.00 - USD $125,275.00 /Yr. Company Overview General Dynamics Mission Systems (GDMS) engineers a diverse portfolio of high technology solutions, products and services that enable customers to successfully execute missions across all domains of operation. With a global team of 12,000+ top professionals, we partner with the best in industry to expand the bounds of innovation in the defense and scientific arenas. Given the nature of our work and who we are, we value trust, honesty, alignment and transparency. We offer highly competitive benefits and pride ourselves in being a great place to work with a shared sense of purpose. You will also enjoy a flexible work environment where contributions are recognized and rewarded. If who we are and what we do resonates with you, we invite you to join our high-performance team! Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans

Senior Cyber Security Analyst is an experienced cyber security individual who maintains the security of an organization's technical environment. They study existing security hardware and software, evaluate new security options and makes recommendations for improvement. Senior Cyber Security Analyst also identifies weak spots in a cyber security system that may be breached and creates procedures to manage threats. Senior Cyber Security Analyst monitors networks for suspicious activity and potential cyber threats. They keep up on threat intelligence, install and maintain security software and encryption. They are responsible for aiding in the planning of security systems, implementing policy and identifying business processes that may violate intended and acceptable use policies. They monitor and remediate vulnerabilities. Senior Cyber Security Analyst works on advanced, complex technical projects or business issues requiring state of the art technical or industry knowledge. Duties and Responsibilities Responsibilities include, but are not limited to the following: Assist in developing, operating, and evolving Cloud Access Security solutions and capabilities Performs system security administration on designated technology platforms, including operating systems, applications and network security devices, in accordance with the defined policies, standards and procedures of the organization, as well as with industry best practices and vendor guidelines Performs installation and configuration management of security systems and applications, including policy assessment and compliance tools, network security appliances and host-based security systems Performs threat and vulnerability assessments, followed by appropriate remedial action, to ensure that systems are protected from known and potential threats and are free from known vulnerabilities Research, recommend, and implement streamlined automation processes Develops and maintains documentation for security systems and procedures Conducts network monitoring and intrusion detection analysis using various computer network defense tools, such as intrusion detection/prevention systems, firewalls and host-based security systems Provide support to one or more projects simultaneously. Delivers projects on schedule Deploys cloud-centric detection to detect threats related to cloud environments and services used by the organization Assists and trains junior team members in the use of security tools, the preparation of security reports and the resolution of security issues Applies patches where appropriate and, removes or otherwise mitigates known control weaknesses, such as unnecessary services or applications or redundant user accounts, as a means of hardening systems in accordance with security policies and standards Correlates activity across assets (endpoint, network, apps) and environments (on-premises, cloud) to identify patterns of anomalous activity Using threat intelligence information research emerging threats and vulnerabilities to aid in the identification of incidents Job Knowledge - Remains up-to-date in assigned area of responsibility: possesses skills and knowledge to perform job effectively; efficiently and safely; acquires, understands, and applies technical and professional information and skills; understands and adheres to policies and procedures Supports the creation of security incident response, business continuity/disaster recovery plans, including conducting tests, publishing test results and making changes necessary to address deficiencies Analyzes problems and alternative solutions and takes appropriate timely action to achieve desired business results. Seeks unique and novel solutions to problems and considers impact of final resolution Perform security standards testing against computers before implementation to ensure security Provide Key Performance Metrics to our Risk Management team to help coordinate risk tracking. Educate internal teams on information security best practices. Assist in technical audits of IT Systems and controls. Other duties as assigned. Corporate Compliance Responsibility - As an essential function, responsible for complying with Neighborhood's Corporate Compliance Program, Standards of Business Conduct, applicable contracts, laws, rules and regulations, policies and procedures as it applies to individual job duties, the department, and the Company. This position must exercise due diligence to prevent, detect and report unlawful and/or unethical conduct by fellow co-workers, professional affiliates and/or agents Qualifications Qualifications Required: Bachelor's degree in Computer Science or a related area and/or sufficient experience in IT Security to equate to the degree. Minimum 10 years' experience Information Systems Minimum 5 years' of Information Security Experience, working with vulnerability management tools (Application/Code vulnerability scanners). Minimum 5 years' experience working with DNS, routing, authentication, VPN, proxies, IDS/IPS, and DDOS mitigation technologies Strong analytical and problem-solving skills to enable effective security incident and problem resolution Strong knowledge of threats and common vulnerabilities associated with exploitation techniques. Hands on experience with Patch Management, and Encryption algorithms Proven ability to work under stress in emergencies, with the flexibility to handle multiple high-pressure situations simultaneously Strong team-oriented interpersonal skills, with the ability to interface effectively with a broad range of people and roles, including vendors and IT-business personnel Knowledge of Microsoft Windows AD group policy management and WSUS integration Hands on experience with SIEM monitoring, Patch Management, and Encryption algorithms. Familiar with NIST, HiTrust, and CIS Critical Security Controls Demonstrated experience implementing or operation of security hardware or software. Demonstrated Knowledge of Azure AD and Office 365 Ability to articulate technical risk issues in business terms Ability to work well under minimal supervision Security Certification (CISSP, CCSP, GIAC, CISM) Experience scripting and automating (PowerShell, python) Demonstrated experience with strategic thinking and risk based decision making Preferred Knowledge of network infrastructure including routers, switches, firewalls, wireless, and associated protocols Knowledge of SCCM, Nutanix, VMware, Linux, Web and email content filtering, Signal Sciences, Rapid 7, CrowdSrike, CyberArk Strong understanding of TLS, HTTPS, SFTP, SSH, IPSec Neighborhood Health Plan of Rhode Island is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status.

Job Description At OneStudyTeam (a Reify Health company), we specialize in speeding up clinical trials and increasing the chance of new therapies being approved with the ultimate goal of improving patient outcomes. Our cloud-based platform, StudyTeam, brings research site workflows online and enables sites, sponsors, and other key stakeholders to work together more effectively. StudyTeam is trusted by the largest global biopharmaceutical companies, used in over 6,000 research sites, and is available in over 100 countries. Join us in our mission to advance clinical research and improve patient care. One mission. One team. That's OneStudyTeam. We are seeking a Senior Security Compliance Analyst with expertise in Governance, Risk, and Compliance (GRC) to support and enhance our security and compliance programs within the healthcare industry. This role is critical in ensuring adherence to industry regulations, responding to customer audits, and maintaining compliance with ISO 27001, HIPAA, and other security frameworks. The ideal candidate will be a detail-oriented compliance expert who can navigate complex regulatory environments, assist with internal/external audits, and drive continuous improvement in security governance. The ideal candidate must be able to operate independently while delivering on the following duties. What You'll Be Working On: Lead and support customer security audits, responding to security questionnaires and demonstrating compliance with security frameworks. Prepare, coordinate, and manage ISO 27001 audits, including evidence collection, control implementation, and auditor engagement. Ensure ongoing compliance with HIPAA, NIST CSF, and other regulatory requirements applicable to healthcare data security. Develop and maintain policies, procedures, and security documentation to meet regulatory and contractual obligations. Perform gap analyses and risk assessments to identify and remediate compliance risks. Manage and improve security governance frameworks, ensuring alignment with industry best practices and business objectives. Conduct third-party vendor risk assessments, ensuring compliance with security policies and contractual obligations. Monitor security controls, ensuring effectiveness and continuous improvement in alignment with security frameworks. Support security awareness training initiatives, ensuring employees understand compliance responsibilities. Stay current on ISO 27001, HIPAA, NIST 800-53, and other relevant standards, translating them into actionable security controls. Assist in defining security metrics and reporting on compliance status and risk posture to leadership. Work closely with legal, security, IT, and business teams to align compliance requirements with security operations. What You'll Bring to OneStudyTeam: Bachelor's degree in Information Security, Computer Science, Risk Management, or related field (or equivalent experience). 8+ years of progressive experience in GRC, compliance, or security audit roles. Experience in healthcare or regulated industries strongly preferred. Certifications strongly preferred: ISO 27001 Lead Auditor/Implementer, CISSP, CISM, CISA, HITRUST CCSFP, CRISC. Experience leading ISO 27001, SOC2, or HITRUST audits, including ISMS implementation and external audit coordination. Strong understanding of NIST CSF, SOC 2, GDPR, and other security frameworks. Hands-on experience with customer security audits, including responding to security questionnaires and managing security assessments. Ability to perform risk assessments, policy reviews, and compliance gap analyses. Strong written and verbal communication skills, with the ability to explain technical concepts to non-technical stakeholders. Detail-oriented with excellent organizational and project management skills. Ability to work independently and collaboratively in a remote environment. Familiarity with GRC tools (e.g., OneTrust, LogicGate, Archer, Vanta, Drata) is a plus. We value diversity and believe the unique contributions each of us brings drives our success. We do not discriminate on the basis of race, sex, religion, color, national origin, gender identity, age, marital status, veteran status, or disability status. Note: OneStudyTeam is unable to sponsor work visas at this time. If you are a non-U.S. resident applicant, please note that OneStudyTeam works with a Professional Employer Organization. As a condition of employment, you will abide by all organizational security and privacy policies. This organization participates in E-Verify (E-Verify's Right to Work guidance can be found here).

We are seeking a detail-oriented and highly skilled Security Analyst to join our team in Boston and shape the future of Cybersecurity. As a Security Analyst at 7AI, you will leverage your expertise of the security landscape to review and analyze AI Agent investigations, ensuring accuracy and completeness, ultimately helping to build our multi-agent platform. You will be integral in building and maintaining the reliability of our AI Agents, working in tandem with Engineering and Product to inform our roadmap as we build. If you want to build the next generation of Cybersecurity and put AI in the hands of defenders, please apply below. Key Responsibilities: Review and validate alerts and investigations completed by the AI Agents for accuracy and completeness. Collaborate with the Engineering and Product teams to provide feedback and assist in optimizing the AI platform. Develop internal playbooks, standard operating procedures and tools that will guide the AI Agents to perform quality investigations. Stay current with emerging cybersecurity trends, vulnerabilities, and new attack techniques, especially the field of AI-driven attacks. Investigate flagged security incidents, analyzing potential threats and confirming the findings generated by AI. Recommend mitigation strategies and remediation steps to train the AI to reduce the threat surface. Correlate findings from multiple sources, including network logs, endpoint data, and threat intelligence, to validate AI-generated reports. Assist with ongoing threat monitoring, triage, and prioritization of security incidents. Required Qualifications: 4+ years of experience in a Security Analyst or similar role within the cybersecurity field. Hands-on experience with incident response for Cloud and Identity alerts, and at least two of Email, EDR, Threat Intel and Networking alerts. Strong understanding of security monitoring tools and techniques (SIEM, IDS/IPS, IDP, etc.). Experience analyzing and investigating security alerts from multiple sources, including intrusion detection systems, network monitoring tools, and endpoint protection platforms. Familiarity with the latest cybersecurity threats, attack vectors, and vulnerabilities. Strong analytical and problem-solving skills, with the ability to verify AI-driven analysis and make independent security decisions. Scripting experience with languages such as Python Data querying experience with SIEM technologies (SPL, KQL, FQL, SQL, etc).

Analysis Group is one of the largest international economics consulting firms, with more than 1,500 professionals across 15 offices in North America, Europe, and Asia. Since 1981, we have provided expertise in economics, finance, health care analytics, and strategy to top law firms, Fortune Global 500 companies, and government agencies worldwide. Our internal experts, together with our network of affiliated experts from academia, industry, and government, offer our clients exceptional breadth and depth of expertise. The Manager, Information Security Compliance and Risk is responsible for leading the firm's Governance, Risk, and Compliance (GRC) program, including regulatory compliance, enterprise risk management, and assurance activities that support client requirements and regulatory obligations. This role also serves as the primary owner of Information Security AI governance, ensuring that the firm's use of AI and machine learning technologies aligns with security, privacy, regulatory, and client expectations. The role manages a team of three Information Security Analysts and owns SOC 2 and ISO 27001 certification programs, while partnering closely with Legal, Compliance, Privacy, IT, and Security Engineering and Operations to ensure effective control design, evidence collection, risk management, and continuous improvement. Responsibilities: Governance and Compliance Leadership * Own and maintain the firm's information security governance framework, including policies, standards, and procedures. * Lead annual SOC 2 and ISO 27001 audit cycles, including audit readiness, evidence coordination, and remediation tracking. * Ensure ongoing compliance with client, regulatory, and contractual information security requirements. * Manage policy exceptions, risk acceptances, and documentation of compensating controls. Regulatory Authorization and Assurance * Lead the renewal and ongoing maintenance of government and client security authorizations, attestations, and approvals required for regulated engagements. * Coordinate cross-functional evidence collection and control validation to support authorization renewals and periodic reassessments. * Track authorization requirements, renewal timelines, and control changes to ensure continuous eligibility for regulated work. AI Security Governance * Lead the Information Security AI governance program, ensuring secure, responsible, and compliant use of AI technologies across the firm. * Partner with Legal, Privacy, Compliance, and business stakeholders to define and maintain AI security requirements, risk assessments, and usage standards. * Establish and maintain security controls for AI-enabled tools, including data handling, access controls, model usage restrictions, and third-party AI risk. * Support client and regulatory inquiries related to AI security posture and governance practices. * Track emerging AI-related regulatory and security requirements and assess their impact on firm policies and controls. Risk Management * Maintain and mature the enterprise information security risk register. * Facilitate periodic risk assessments, including risks associated with AI usage, data processing, and third-party technologies. * Develop and report meaningful risk metrics and dashboards for leadership review. * Translate technical and operational risks into clear business-impact language. Third-Party and Emerging Risk Governance * Oversee third-party security risk management in partnership with Legal. * Lead structured reviews of vendor security posture, including AI and SaaS providers. * Track remediation plans and ongoing monitoring of third-party and AI-related risks. Audit and Assurance Coordination * Serve as the primary liaison for internal and external audits related to information security. * Coordinate evidence collection across IT, Security Engineering, Privacy, and business stakeholders. * Track findings, corrective actions, and continuous improvement initiatives. Team Leadership * Directly manage three Information Security Analysts. * Set priorities, provide mentorship, and support professional development. * Establish consistent processes, documentation standards, and performance expectations across the GRC function. Cross-Functional Collaboration * Partner closely with Security Engineering and Operations to align governance requirements with technical controls. * Work with Legal, Compliance, Privacy, and Data Science teams on regulatory interpretation and AI governance requirements. * Support client security inquiries, assessments, and due diligence requests. Expected Outcomes * Sustained audit readiness for SOC 2 and ISO 27001 with minimal disruption. * Clear, measurable visibility into information security and AI-related risk posture. * Consistent, scalable governance processes supporting firm growth and responsible AI adoption. * Strong alignment between governance requirements and operational security controls. Qualifications & Skills * Bachelor's degree required; degree in information security, risk management, or a related field preferred. * 7 to 10 years of experience in information security, GRC, audit, or risk management required. * Prior experience managing SOC 2 and or ISO 27001 programs required. * Demonstrated people management or team leadership experience. * Professional certifications such as CISSP, CISM, CRISC, CGRC, or ISO 27001 Lead Implementer or Auditor. * Experience with GRC platforms and risk management tooling. * Experience supporting AI governance, data governance, or emerging technology risk programs. * Experience supporting client-driven security assessments in a professional services environment. * An inclusive and growth-oriented mindset, strong interpersonal skills, and an ability to work across differences. * To the extent permitted by applicable law, eligible candidates must be authorized to work in the United States without sponsorship or restriction, now and in the future. Analysis Group embraces equal opportunity. We are committed to building teams that bring a variety of backgrounds, perspectives, and skills, as we believe that a strong and inclusive workforce directly supports our goal of providing the highest-quality work. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or any other class protected under applicable federal, state, or local law, and we encourage candidates of all backgrounds to apply. Analysis Group offers competitive compensation and a comprehensive benefits package. The estimated salary range for this position is $175,000-$200,000. Compensation offered will be based on a number of factors including work experience, education, and skill level. This role is eligible for a discretionary annual bonus that is determined in large part by individual performance. To learn more about our benefit offerings, click here. #LI-Hybrid Privacy Notice For information about Analysis Group's privacy practices, please refer to the applicable Analysis Group privacy policy. * Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities. * Please view the EEOC's "Know Your Rights" poster here.

Analysis Group is one of the largest international economics consulting firms, with more than 1,500 professionals across 15 offices in North America, Europe, and Asia. Since 1981, we have provided expertise in economics, finance, health care analytics, and strategy to top law firms, Fortune Global 500 companies, and government agencies worldwide. Our internal experts, together with our network of affiliated experts from academia, industry, and government, offer our clients exceptional breadth and depth of expertise. The Manager, Information Security Compliance and Risk is responsible for leading the firm's Governance, Risk, and Compliance (GRC) program, including regulatory compliance, enterprise risk management, and assurance activities that support client requirements and regulatory obligations. This role also serves as the primary owner of Information Security AI governance, ensuring that the firm's use of AI and machine learning technologies aligns with security, privacy, regulatory, and client expectations. The role manages a team of three Information Security Analysts and owns SOC 2 and ISO 27001 certification programs, while partnering closely with Legal, Compliance, Privacy, IT, and Security Engineering and Operations to ensure effective control design, evidence collection, risk management, and continuous improvement. Responsibilities: Governance and Compliance Leadership Own and maintain the firm's information security governance framework, including policies, standards, and procedures. Lead annual SOC 2 and ISO 27001 audit cycles, including audit readiness, evidence coordination, and remediation tracking. Ensure ongoing compliance with client, regulatory, and contractual information security requirements. Manage policy exceptions, risk acceptances, and documentation of compensating controls. Regulatory Authorization and Assurance Lead the renewal and ongoing maintenance of government and client security authorizations, attestations, and approvals required for regulated engagements. Coordinate cross-functional evidence collection and control validation to support authorization renewals and periodic reassessments. Track authorization requirements, renewal timelines, and control changes to ensure continuous eligibility for regulated work. AI Security Governance Lead the Information Security AI governance program, ensuring secure, responsible, and compliant use of AI technologies across the firm. Partner with Legal, Privacy, Compliance, and business stakeholders to define and maintain AI security requirements, risk assessments, and usage standards. Establish and maintain security controls for AI-enabled tools, including data handling, access controls, model usage restrictions, and third-party AI risk. Support client and regulatory inquiries related to AI security posture and governance practices. Track emerging AI-related regulatory and security requirements and assess their impact on firm policies and controls. Risk Management Maintain and mature the enterprise information security risk register. Facilitate periodic risk assessments, including risks associated with AI usage, data processing, and third-party technologies. Develop and report meaningful risk metrics and dashboards for leadership review. Translate technical and operational risks into clear business-impact language. Third-Party and Emerging Risk Governance Oversee third-party security risk management in partnership with Legal. Lead structured reviews of vendor security posture, including AI and SaaS providers. Track remediation plans and ongoing monitoring of third-party and AI-related risks. Audit and Assurance Coordination Serve as the primary liaison for internal and external audits related to information security. Coordinate evidence collection across IT, Security Engineering, Privacy, and business stakeholders. Track findings, corrective actions, and continuous improvement initiatives. Team Leadership Directly manage three Information Security Analysts. Set priorities, provide mentorship, and support professional development. Establish consistent processes, documentation standards, and performance expectations across the GRC function. Cross-Functional Collaboration Partner closely with Security Engineering and Operations to align governance requirements with technical controls. Work with Legal, Compliance, Privacy, and Data Science teams on regulatory interpretation and AI governance requirements. Support client security inquiries, assessments, and due diligence requests. Expected Outcomes Sustained audit readiness for SOC 2 and ISO 27001 with minimal disruption. Clear, measurable visibility into information security and AI-related risk posture. Consistent, scalable governance processes supporting firm growth and responsible AI adoption. Strong alignment between governance requirements and operational security controls. Qualifications & Skills Bachelor's degree required; degree in information security, risk management, or a related field preferred. 7 to 10 years of experience in information security, GRC, audit, or risk management required. Prior experience managing SOC 2 and or ISO 27001 programs required. Demonstrated people management or team leadership experience. Professional certifications such as CISSP, CISM, CRISC, CGRC, or ISO 27001 Lead Implementer or Auditor. Experience with GRC platforms and risk management tooling. Experience supporting AI governance, data governance, or emerging technology risk programs. Experience supporting client-driven security assessments in a professional services environment. An inclusive and growth-oriented mindset, strong interpersonal skills, and an ability to work across differences. To the extent permitted by applicable law, eligible candidates must be authorized to work in the United States without sponsorship or restriction, now and in the future. Analysis Group embraces equal opportunity. We are committed to building teams that bring a variety of backgrounds, perspectives, and skills, as we believe that a strong and inclusive workforce directly supports our goal of providing the highest-quality work. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or any other class protected under applicable federal, state, or local law, and we encourage candidates of all backgrounds to apply. Analysis Group offers competitive compensation and a comprehensive benefits package. The estimated salary range for this position is $175,000-$200,000. Compensation offered will be based on a number of factors including work experience, education, and skill level. This role is eligible for a discretionary annual bonus that is determined in large part by individual performance. To learn more about our benefit offerings, click here. #LI-Hybrid Privacy Notice For information about Analysis Group's privacy practices, please refer to the applicable Analysis Group privacy policy. Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities. Please view the EEOC's “Know Your Rights” poster here.

At WHOOP, we're on a mission to unlock human performance. WHOOP empowers members to perform at a higher level through a deeper understanding of their bodies and daily lives. WHOOP is seeking a Senior Information Security Engineer to serve as a technical leader in our Security team reporting to our Information Security Manager. In this role, you will drive the deployment and continuous enhancement of controls that protect millions of users' biometric and health data, build scalable defenses across our infrastructure and applications, and lead incident response efforts with visibility across the business. This is an opportunity to have direct impact at scale, working alongside engineers, product teams, and executives to drive forward-looking security strategies. RESPONSIBILITIES: Implement and enhance security controls by leading the deployment, integration, and tuning of solutions such as CNAPP, SIEM, CASB, EDR, DLP, and MDM to maximize effectiveness. Support security design decisions by providing subject matter expertise on cloud and SaaS security best practices while influencing architecture led by the Security Architect role. Lead incident response and investigations by guiding containment, remediation, root cause analysis, and post-incident improvements. Strengthen application security by overseeing secure development practices and managing SAST, SCA, and DAST tooling. Advance identity and access management by supporting IAM policy enforcement, SSO, MFA, SCIM, RBAC, and user lifecycle governance. Secure AI systems and integrations by assessing and protecting embedded APIs and organizational AI tool usage to ensure resilience, privacy, and compliance. Collaborate cross-functionally by working with Engineering, IT, and GRC teams to embed security into systems and workflows. Mentor and influence by providing technical guidance, reviewing work, and promoting security-first thinking across the organization. Stay ahead of threats and regulations by tracking emerging risks, technologies, and compliance requirements to inform forward-looking strategies. Participate in and help improve the on-call rotation by providing guidance, escalation support, and driving improvements in response processes. QUALIFICATIONS: Bachelor's degree in Computer Science, Information Security, or a related technical field and/or advanced certifications (CISSP, CISM, AWS Security Specialty, SANS, etc.). 8+ years of hands-on experience in Information Security, IT Security, or a related role, including at least 2 years in a senior or lead capacity. Proven track record implementing and managing advanced security technologies (e.g., CASB, CNAPP, CSPM, SIEM, SOAR, DLP, SWG). Experience securing AI/ML systems or APIs, including governance of third-party AI integrations and organizational use of AI tools. Strong understanding of modern cloud security architecture (AWS, Azure, GCP) and experience performing threat modeling and risk assessments on cloud-based systems. Hands-on experience with application security tooling (SAST, SCA, DAST) and embedding secure development practices. Demonstrated leadership in security incident response, investigations, and root cause analysis. Effective communicator with the ability to influence stakeholders and explain security concepts to technical and non-technical audiences. Strong project management skills and the ability to drive initiatives to completion in a fast-paced environment. Experience mentoring engineers and setting operational standards. Familiarity with compliance and risk frameworks relevant to health and AI (SOC 2, ISO 27001, PCI, GDPR, FTC guidance, HIPAA-adjacent state laws) is a plus. Interested in the role, but don't meet every qualification? We encourage you to still apply! At WHOOP, we believe there is much more to a candidate than what is written on paper, and we value character as much as experience. As we continue to build a diverse and inclusive environment, we encourage anyone who is interested in this role to apply. WHOOP is an Equal Opportunity Employer and participates in E-verify to determine employment eligibility. It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability. The WHOOP compensation philosophy is designed to attract, motivate, and retain exceptional talent by offering competitive base salaries, meaningful equity, and consistent pay practices that reflect our mission and core values. At WHOOP, we view total compensation as the combination of base salary, equity, and benefits, with equity serving as a key differentiator that aligns our employees with the long-term success of the company and allows every member of our corporate team to own part of WHOOP and share in the company's long-term growth and success. The U.S. base salary range for this full-time position is $150,000 - $190,000. Salary ranges are determined by role, level, and location. Within each range, individual pay is based on factors such as job-related skills, experience, performance, and relevant education or training. In addition to the base salary, the successful candidate will also receive benefits and a generous equity package. These ranges may be modified in the future to reflect evolving market conditions and organizational needs. While most offers will typically fall toward the starting point of the range, total compensation will depend on the candidate's specific qualifications, expertise, and alignment with the role's requirements. Learn more about WHOOP.

Country: United States of America Onsite U.S. Citizen, U.S. Person, or Immigration Status Requirements: Active and transferable U.S. government issued security clearance is required prior to start date. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance Security Clearance Type: DoD Clearance: Secret Security Clearance Status: Active and existing security clearance required on day 1 At Raytheon, the foundation of everything we do is rooted in our values and a higher calling - to help our nation and allies defend freedoms and deter aggression. We bring the strength of more than 100 years of experience and renowned engineering expertise to meet the needs of today's mission and stay ahead of tomorrow's threat. Our team solves tough, meaningful problems that create a safer, more secure world. Our cybersecurity team is seeking a Senior Information Systems Security Officer (ISSO) to support our team 100% onsite at our facility in Marlborough, Massachusetts. The successful candidate will interface with the Information Systems Security Manager (ISSM) to ensure adherence with NIST Special Publications, customer directives, and company policies as applicable all NISPOM Chapter 8, DAAPM, JSIG policies. What You Will Do Assessing and monitoring system compliance, auditing, security plan development and delivering information systems security education and awareness. Investigating information system security violations and help prepare reports specifying corrective and preventative actions. Reviewing and approving (within authority) configuration management requests. Conducting technical and administrative assessments. Integrating new cybersecurity processes, procedures, and tools. Support the creation, review and update of cybersecurity documentation and other technical writing. Qualifications You Must Have Typically requires a University Degree or equivalent experience and minimum 5 years prior relevant experience, or an Advanced Degree in a related field and minimum 3 years' experience. Current IAM Level I certification (Security+ or other). Relevant Experience Considered in any combination: Cybersecurity, systems security or hardening Information Technology Compliance-based auditing using the Risk Management Framework (RMF), DCSA Assessment and Authorization Process Manual (DAAPM), Joint SAP Implementation Guide (JSIG), National Industrial Security Program Operating Manual (NISPOM), and/or non-defense regulations such as FAA, Payment Card Industry (PCI), ISO 9001 Quality Management standards, or HIPPA Experience working with and/or supporting computer technologies (such as: databases, operating systems, computer network hardware, software programs, hardware troubleshooting or electronics) Physical security/security, policework/criminal justice, investigations, or Border Patrol Project or program management, office management, senior administration, or account management Qualifications We Prefer Experience working in DoD classified operating and/or laboratory environments. Experience with various information system security tools that address vulnerability analysis and mitigation. These may include Splunk, Forcepoint, Ivanti, Tenable, ACAS, HBSS, etc. Familiarity with implementation of Government directives and policies derived from NIST, CNSSI, DoD, or other Government Regulatory compliance standards within a professional industry. Experience in the execution of the Assessment & Authorization processes, as defined within the Risk Managed Framework (RMF). Experience providing technical security consultation for complex, cross-domain, heterogeneous classified networked environments in collaboration with internal/external Customers, Information Technology (IT). Familiarity with large multi-facility networks including various complex components, including Windows and Linux environments. Experience interpreting, implementing, and assessing DISA STIGs. Familiarity with the execution and management of cyber incident response; preservation, containment, and eradication. What We Offer Our values drive our actions, behaviors, and performance with a vision for a safer, more connected world. At RTX we value: Trust, Respect, Accountability, Collaboration, and Innovation. Relocation Non-Eligible - Relocation assistance not available Learn More & Apply Now! Please consider the following role type definition as you apply for this role: Onsite: Employees who are working in Onsite roles will work primarily onsite. This includes all production and maintenance employees, as they are essential to the development of our products We are RTX #LI-Onsite As part of our commitment to maintaining a secure hiring process, candidates may be asked to attend select steps of the interview process in-person at one of our office locations, regardless of whether the role is designated as on-site, hybrid or remote. The salary range for this role is 86,800 USD - 165,200 USD. The salary range provided is a good faith estimate representative of all experience levels. RTX considers several factors when extending an offer, including but not limited to, the role, function and associated responsibilities, a candidate's work experience, location, education/training, and key skills.Hired applicants may be eligible for benefits, including but not limited to, medical, dental, vision, life insurance, short-term disability, long-term disability, 401(k) match, flexible spending accounts, flexible work schedules, employee assistance program, Employee Scholar Program, parental leave, paid time off, and holidays. Specific benefits are dependent upon the specific business unit as well as whether or not the position is covered by a collective-bargaining agreement.Hired applicants may be eligible for annual short-term and/or long-term incentive compensation programs depending on the level of the position and whether or not it is covered by a collective-bargaining agreement. Payments under these annual programs are not guaranteed and are dependent upon a variety of factors including, but not limited to, individual performance, business unit performance, and/or the company's performance.This role is a U.S.-based role. If the successful candidate resides in a U.S. territory, the appropriate pay structure and benefits will apply.RTX anticipates the application window closing approximately 40 days from the date the notice was posted. However, factors such as candidate flow and business necessity may require RTX to shorten or extend the application window. RTX is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or veteran status, or any other applicable state or federal protected class. RTX provides affirmative action in employment for qualified Individuals with a Disability and Protected Veterans in compliance with Section 503 of the Rehabilitation Act and the Vietnam Era Veterans' Readjustment Assistance Act. Privacy Policy and Terms: Click on this link to read the Policy and Terms

ISSOEmployment Type: Full-Time, Experienced Department: Information Technology CGS is seeking an Information Systems Security Officer (ISSO) with DIACAP and/or RMF experience who has deep expertise in security assessment documentation to support Dept. of Commerce systems and efforts to achieve their Authorization to Operate (ATO). This position is located at the client site in the Herbert Hoover building in Washington, DC. The scope of this position includes full life-cycle Assessment and Authorization (A&A) management through all 6 Steps of the RMF process in support of the Government ISSM.In this role, you'll conduct security assessment, and information system security oversight activities in accordance with NIST 800.53 that support systems from the perspective RMF requirements. CGS brings motivated, highly skilled, and creative people together to solve the government's most dynamic problems with cutting-edge technology. To carry out our mission, we are seeking candidates who are excited to contribute to government innovation, appreciate collaboration, and can anticipate the needs of others. Here at CGS, we offer an environment in which our employees feel supported, and we encourage professional growth through various learning opportunities. Skills and attributes for success:- Review systems to identify potential security weaknesses and recommend improvements to amend vulnerabilities, implement changes, and document upgrades. - Maintain responsibility for managing cybersecurity risk from an organizational perspective. - Identify organizational risks, prioritize those risks, and maintain a risk registry for escalating and presenting those risks to senior leadership.- Provide security guidance and IS validation using the National Institute of Standards and Technology (NIST) RMF, DoC, and local security policies.- Providing configuration management (CM) recommendations for information system security software, hardware, and firmware and coordinating changes and modifications with the ISSM, Security Control Assessor (SCA), and Authorizing Official (AO).- Maintain vulnerability scanning tool compliance, such as HBSS or ACAS, and patch management, such as IAVM to ensure IT staff pushes patches to all systems in an effort to maintain compliance with all applicable directives, manage system changes, and assess the security impact of those changes.- Support security authorization activities, including transitioning from the legacy Information Assurance Certification and Accreditation Process (DIACAP) to compliance with the DoC RMF.- Provide subject matter expertise for cyber security and trusted system technology. - Apply advanced technical knowledge and analysis of specialized functional areas in task requirements to develop solutions to complex problems.- Research, write, review, disposition feedback, and finalize recommendations regarding cyber security policy, assessment and authorization assessments (A&As), security test and evaluation reports, and security engineering practices and processes. - Conduct research and write risk assessment reports to include risk thresholds, evaluation, and scoring.- Support analysis of the findings and provide expert technical guidance for mitigation strategies, including implementation advice on the cyber security risk findings, and other complex problems. Qualifications:- Bachelor's Degree.- A minimum of five (5) years experience as an Information Assurance (IA) Analyst, ISSE, ISSO, or similar role in ATO package development, including generating security documentation for requirements, security control assessment, STIG and IAVA compliance, Standard Operating Procedures, test results, etc.- eMASS experience.- Professional security certification such as: CCNA Security, CySA+, GICSP, GSEC, CompTIA Security+ CE, SSCP, or higher.- Strong desktop publishing skills using Microsoft Word and Excel.- Experience with industry writing styles such as grammar, sentence form, and structure.- Ability to multi-task in a deadline-oriented environment. Ideally, you will also have:- CISSP, CASP, or a similar certificate is preferred.- Master's Degree in Cybersecurity or related field.- Strong initiative, detail orientation, organizational skills, and aptitude for analytical thinking.- Demonstrated ability to work well independently and as a part of a team.- Excellent work ethic and a high commitment to quality. Our Commitment:Contact Government Services (CGS) strives to simplify and enhance government bureaucracy through the optimization of human, technical, and financial resources. We combine cutting-edge technology with world-class personnel to deliver customized solutions that fit our client's specific needs. We are committed to solving the most challenging and dynamic problems. For the past seven years, we've been growing our government contracting portfolio, and along the way, we've created valuable partnerships by demonstrating a commitment to honesty, professionalism, and quality work. Here at CGS we value honesty through hard work and self-awareness, professionalism in all we do, and to deliver the best quality to our consumers mending those relations for years to come. We care about our employees. Therefore, we offer a comprehensive benefits package.Health, Dental, and VisionLife Insurance 401k Flexible Spending Account (Health, Dependent Care, and Commuter) Paid Time Off and Observance of State/Federal Holidays Contact Government Services, LLC is an Equal Opportunity Employer. Applicants will be considered without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Join our team and become part of government innovation!Explore additional job opportunities with CGS on our Job Board:**************************************** more information about CGS please visit: ************************** or contact:Email: ******************* #CJ

A career that's the whole package! At Conga, we've built a community where our colleagues can thrive. Here you'll find opportunities to innovate and support growth through individual and team development, all within an environment where every voice is heard. Conga accelerates the customer's journey to becoming a more connected and intelligent business. The Conga Advantage Platform is recognized worldwide for enhancing this journey, bringing together Configure, Price, Quote, Contract Lifecycle Management, and Document Automation capabilities on a single open platform. It integrates seamlessly with any ERP, CRM, and Cloud. Powered by a unified data model and purpose-built AI, Conga helps companies achieve a unique advantage-one built on seamless connection, actionable intelligence, and scalable growth. Our approach is grounded in the Conga Way, a framework that reflects our values and drives everything from hiring to decision-making, as well as key programs including recognition. Created with direct input from our colleagues, the Conga Way forms the foundation of our vibrant culture. Job Title: Information Security Analyst Location: Boston or Houston area Hybrid: minimum 2 days per week in the office Reports To: Director, Compliance and Information Security A quick snapshot….. Conga is seeking an Information Security Analyst to help shape and maintain a robust information security program. In this role, you'll work closely with stakeholders across the company to identify and remediate security issues, promote awareness, and ensure compliance with legal, regulatory, and customer requirements. You'll be part of the Security & Compliance Team, but also operate independently, managing alerts, vulnerabilities, incident response, and risk assessments. Your day-to-day will involve hands-on security operations, cross-functional collaboration, and continuous improvement of security practices. Why it's a big deal….. This role is critical to protecting Conga's information assets and maintaining trust with customers and partners. By proactively managing threats, vulnerabilities, and compliance, you'll help safeguard the company's reputation and ensure business continuity. Your work directly supports Conga's strategic goals by enabling secure innovation, enhancing customer confidence, and fostering a culture of security awareness across the organization. Required experience. Bachelor's Degree in Computer Science, Cybersecurity, Engineering, or other relevant subject areas OR equivalent experience. 3-4 years of experience in information security, preferably with a focus on IT and product security. Foundational knowledge of cloud security principles (AWS, Azure, GCP), DevSecOps practices, and secure software development lifecycle (SDLC). Hands-on experience with application security and vulnerability management practices. Foundational knowledge of at least one or more security/compliance frameworks such as ISO 27001, ISO 27701, SOC, PCI, HIPAA, etc. Understanding of privacy frameworks such as GDPR, CCPA, CPRA, etc. Strong communication and interpersonal skills. You're not just comfortable engaging in collaborative discussions, but initiating them, too, communicating clearly and concisely while leveraging strong listening skills to gather accurate information and resolve issues efficiently. Cross-Functional Collaboration. You know how to build strong relationships across Cloud Ops, Engineering and IT teams. teams. You communicate priorities and goals clearly, helping both technical and non-technical stakeholders stay aligned and moving in the same direction. Detail oriented. Consistently ensures accuracy in security assessments, documentation, and incident response processes, minimizing risk and maintaining high standards of compliance. Self‑starter. You take a proactive approach, independently identifying and addressing work‑related tasks to ensure continuous progress and timely delivery. Here's what will give you an edge…… SaaS industry experience CISSP or other security certifications #LI-AM1 In the spirit of the Conga Way, we strive to design easy-to-understand compensation programs that are fair and free from any type of discrimination. In keeping with this approach, we are committed to delivering competitive compensation and benefits packages to our colleagues worldwide and communicating transparently about the structure of our compensation programs. Listed below is the U.S. base salary range for this full-time position. Within the range, individual pay is determined by job-related skills, experience, and relevant education, or training. In addition to base salary, Conganeers receive a variable incentive pay component, perks such as flexible work options, and a full range of benefits including medical and dental insurance. The posted salary ranges are for the expectations outlined in the . We are often open to a wide variety of profiles and sometimes have flexibility within our organizational structure to adjust the role responsibilities up or down should we select a candidate that is less or more experienced than the posted job requirements. In these occasional cases, we will communicate the revised salary range to the candidate during the selection process. U.S base salary range:$107,000-$125,000 USD Did we pique your interest? If this sounds like the kind of job you would love in the kind of environment where you would thrive, please click apply. We'd love to hear from you! Preferred Resume Format We accept resumes in any format, we suggest using PDF or plain text. These formats help ensure that your resume's formatting remains intact, making it easier for our recruiters to review your application promptly. Don't meet every requirement for the role? Studies have shown that women and members of ethnic minorities are less likely to apply to jobs unless they meet every single qualification. At Conga we are dedicated to building a diverse, inclusive, and authentic workplace, so if you're excited about this role but your experience doesn't align perfectly with every qualification in the job description, we encourage you to apply anyway. You just might be the right candidate for this or other roles. Additional Information Conga is proud to be an Equal Opportunity Employer and provides equal employment opportunities to all employees and applicants regardless of race, color, religion, gender, gender identity, age, national origin, disability, parental or pregnancy status, marriage and civil partnership, sexual orientation, veteran status, or any other characteristic protected by law. We understand interviewing can be stressful for those with disabilities. If reasonable accommodation is needed to allow you to show us your best self, please let your recruiter know as soon as possible. All your information will be kept confidential according to EEO guidelines. Conga is not open to third party solicitation or resumes for our posted FTE positions. Resumes received from third party agencies that are unsolicited will be considered complimentary. Conga's Applicant Privacy Statement The information you provide during the application process will be used in accordance with Conga's Applicant Privacy Statement (*********************************************** By submitting your application, you acknowledge and agree to the terms outlined in this privacy statement.

Woods Hole Oceanographic Institution is searching for a highly skilled and cleared Information System Security Officer (ISSO) / Classified Systems Information Assurance Analyst to join our team, focusing exclusively on the security of classified information systems and networks. This critical role is responsible for ensuring the confidentiality, integrity, and availability of sensitive government information in accordance with stringent U.S. government (USG) security directives. The ISSO will be instrumental in the authorization and accreditation(A&A) process, continuous monitoring, incident response, and the implementation of robust security controls for classified environments. The ideal candidate will possess a deep understanding of relevant security frameworks, policies, and a proven track record of maintaining secure classified systems. This is a regular, full-time, exempt position, and is eligible for full benefits. ESSENTIAL FUNCTIONS Authorization & Accreditation (A&A) / Risk Management Framework (RMF): Lead or support the development, review, and submission of comprehensive security authorization packages (e.g., System Security Plans (SSPs), Risk Assessment Reports, Contingency Plans, Plan of Action and Milestones (POA&Ms)) for classified systems. Ensure all classified systems maintain an Authority to Operate (ATO), Interim Authority to Test (IATT), or Authority to Connect (ATC) in accordance with RMF or legacy A&A processes (e.g., DIACAP). Interpret and apply USG security policies, regulations, and guidelines, including but not limited to: NISPOM, DoD Instruction 8500.01, NIST SP 800-53, DCID 6/3, ICD 503, JSIG, and DISA STIGs. Security Control Implementation & Enforcement: Design, implement, and maintain security controls specific to classified systems, including secure configurations, access controls, auditing, media control, and classified spillage prevention/response. Configure and manage specialized security tools relevant to classified environments (e.g., Assured Compliance Assessment Solution (ACAS), Host Based Security System (HBSS), Data Loss Prevention (DLP) solutions). Perform rigorous hardening of operating systems (Windows, Linux), applications, and network devices based on DISA Security Technical Implementation Guides (STIGs) and Security Requirements Guides (SRGs). Vulnerability Management & Continuous Monitoring: Conduct vulnerability scans, analyze results, and work with system administrators to remediate security weaknesses on classified systems. Oversee and perform continuous monitoring activities, including reviewing audit logs, security events, and system alerts for anomalous behavior. Track and ensure compliance with Information Assurance Vulnerability Management (IAVM) directives. Incident Response & Classified Spillage: Act as a primary point of contact and lead for security incidents and classified spillage events on assigned systems. Execute incident response procedures, including containment, eradication, recovery, and detailed reporting to relevant government authorities. Participate in forensic investigations as required for classified incidents. Compliance & Audit Support: Maintain meticulous documentation of all security artifacts, configurations, policies, and procedures for classified systems. Support internal and external security inspections, audits, and assessments by government agencies (e.g., DCSA, DSS, NSA). Develop and implement standard operating procedures (SOPs) for the secure operation of classified systems. User Training & Guidance: Provide guidance and training to users on proper handling, marking, and safeguarding of classified information and operation of classified systems. Ensure all personnel accessing classified systems meet training requirements (e.g., security awareness, insider threat). Configuration Management: Manage and control changes to the hardware, software, and firmware of classified systems to maintain their security posture and accreditation. MINIMUM QUALIFICATIONS Security Clearance: Active U.S. Government Security Clearance required at the SECRET level or above. Education: Bachelor's degree in Computer Science, Information Security, Cybersecurity, or equivalent experience. Experience: 5 years of dedicated experience in Information Assurance/Cybersecurity within classified government or defense environments. Demonstrable expertise in the Risk Management Framework (RMF) or equivalent A&A processes (e.g., DIACAP). Hands-on experience with security tools and technologies used in classified environments (e.g., ACAS, HBSS, SIEM, dedicated firewalls). Proven experience with DISA STIGs and their application to various operating systems and applications. Technical Skills: Strong understanding of network protocols, operating systems (Windows, Linux/Unix), and virtualized environments in a classified context. Experience with encryption technologies and COMSEC devices. Knowledge of scripting languages (e.g., PowerShell, Python, Bash) for automation and auditing is a plus. Desired Certifications: CISSP (Certified Information Systems Security Professional) DoD 8570.01-M IAT Level II (e.g., CompTIA Security+, CySA+, CCNA Security, SSCP) or higher (IAM Level I, II, or III). GIAC Certifications relevant to incident handling, forensics, or security auditing (e.g., GCIH, GCFA, GCCC, GSNA) Additional Job Requirements Salary Range: $114,000 to $148,000 USD The salary range provided for this position reflects the expected minimum and maximum base pay for new hires. Actual compensation will be determined based on factors such as relevant skills, experience, and qualifications, as well as internal equity and market conditions. In addition to base salary, eligible employees also receive a comprehensive benefits package. WHOI accepts applications on a rolling basis - applications will be reviewed as they are received, and we encourage you to submit your application as soon as possible to ensure full consideration. While we will continue to review applications until the position is filled, and early applicants may have an advantage in the selection process. EEO Statement Woods Hole Oceanographic Institution (WHOI) provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.

**Country:** United States of America ** Onsite **U.S. Citizen, U.S. Person, or Immigration Status Requirements:** Active and transferable U.S. government issued security clearance is required prior to start date. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance **Security Clearance Type:** Secret - Current **Security Clearance Status:** Active and existing security clearance required on day 1 At Raytheon, the foundation of everything we do is rooted in our values and a higher calling - to help our nation and allies defend freedoms and deter aggression. We bring the strength of more than 100 years of experience and renowned engineering expertise to meet the needs of today's mission and stay ahead of tomorrow's threat. Our team solves tough, meaningful problems that create a safer, more secure world. Raytheon is seeking a well-qualified **Systems Security Engineer II (P2)** to join our elite Systems Security Engineering (SSE) team for the Systems Directorate in developing solutions to protect the Warfighter's technology advantage. Systems Security Engineering creates holistic security solutions leveraging Cyber Security, Software Assurance and Supply Chain Risk Management to support Program Protection Implementation on embedded weapons systems. Join our highly visible team and perform technically challenging assignments, which will directly contribute to protecting our nation and our Warfighters. This is an onsite position at Raytheon in Portsmouth, RI. **What You Will Do** + Support the development of cybersecurity requirements, design and architecture artifacts, plans, and policies. + Support security development and test efforts implementation of security controls of networking devices, databases, operating systems, and hardware and software component + Implement proper cybersecurity controls + Integrate cybersecurity development activities **Qualifications You Must Have** + Typically requires a Bachelor's Degree in Science, Technology, Engineering or Mathematics (STEM) and 2 years of prior relevant experience + Active and transferable U.S. government issued Secret security clearance is required prior to start date. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance + Experience working in the Naval industry **Qualifications We Prefer** + Experience in Cybersecurity Engineering + Usage of information security toolsets including anti-virus, Vulnerability Assessment, HIDS/ NIDS. host-based or endpoint security solutions, Multi-Factor Authentication (MFA), and Security Incident and Event Management (SIEM) and centralized auditing tools familiarity with splunk is preferred + Linux Bash scripting or Python scripting experience + Experience with National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) + DoDI 8570.01-M IAT Level-II Compliant Certification (e.g. Security+, CISSP, or equivalent) + Security systems engineering involving various computer hardware and software S/W operating system and application solutions in both a stand-alone and in LAN/WAN configurations + Experience with IT and/or network and system security administration, including operating system security configuration and account management best practices for UNIX, MS Windows, Red Hat Enterprise Linux, and CISCO systems **What We Offer** + Our values drive our actions, behaviors, and performance with a vision for a safer, more connected world. At RTX we value: Trust, Respect, Accountability, Collaboration, and Innovation + Relocation Eligible - Relocation assistance is available **_As part of our commitment to maintaining a secure hiring process, candidates may be asked to attend select steps of the interview process in-person at one of our office locations, regardless of whether the role is designated as on-site, hybrid or remote._** The salary range for this role is 68,900 USD - 131,100 USD. The salary range provided is a good faith estimate representative of all experience levels. RTX considers several factors when extending an offer, including but not limited to, the role, function and associated responsibilities, a candidate's work experience, location, education/training, and key skills. Hired applicants may be eligible for benefits, including but not limited to, medical, dental, vision, life insurance, short-term disability, long-term disability, 401(k) match, flexible spending accounts, flexible work schedules, employee assistance program, Employee Scholar Program, parental leave, paid time off, and holidays. Specific benefits are dependent upon the specific business unit as well as whether or not the position is covered by a collective-bargaining agreement. Hired applicants may be eligible for annual short-term and/or long-term incentive compensation programs depending on the level of the position and whether or not it is covered by a collective-bargaining agreement. Payments under these annual programs are not guaranteed and are dependent upon a variety of factors including, but not limited to, individual performance, business unit performance, and/or the company's performance. This role is a U.S.-based role. If the successful candidate resides in a U.S. territory, the appropriate pay structure and benefits will apply. RTX anticipates the application window closing approximately 40 days from the date the notice was posted. However, factors such as candidate flow and business necessity may require RTX to shorten or extend the application window. _RTX is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or veteran status, or any other applicable state or federal protected class. RTX provides affirmative action in employment for qualified Individuals with a Disability and Protected Veterans in compliance with Section 503 of the Rehabilitation Act and the Vietnam Era Veterans' Readjustment Assistance Act._ **Privacy Policy and Terms:** Click on this link (******************************************************** to read the Policy and Terms Raytheon Technologies is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.

Boston, Massachusetts;Washington, District of Columbia **To proceed with your application, you must be at least 18 years of age.** Acknowledge Refer a friend **To proceed with your application, you must be at least 18 years of age.** Acknowledge (******************************************************************************************************************************************************************* **Job Description:** At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day. Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being an inclusive workplace, attracting and developing exceptional talent, supporting our teammates' physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve. Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations. At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us! **LOB Overview:** + Global Information Security (GIS) is responsible for protecting bank information systems, confidential and proprietary data, and customer information. GIS develops the bank's Information Security strategy and policy, manages the Information Security program, identifies, and addresses vulnerabilities and operates global security operations centers that monitor, detect, and respond to cybersecurity incidents. Within GIS, Identity and Access Management (IAM) is a security discipline that enables the right individuals to access the right resources at the right times and in the right context. IAM addresses the mission-critical need to ensure appropriate access to the resources across increasingly heterogeneous technology environments, and to meet increasingly rigorous compliance requirements. **Role Description:** + We are seeking a highly experienced and technically proficient **Senior Identity and Access Management (IAM) Specialist** to lead access provisioning initiatives across a complex enterprise environment. This role is critical to ensuring secure, compliant, and efficient access to systems and data, with a strong emphasis on enforcing **least privileged access** principles that eliminate excessive permissioning. + The ideal candidate will bring deep expertise in IAM technologies and platforms-including **Active Directory** , **Microsoft Azure, Amazon Web Services (AWS),** and **Mainframe** , **Oracle** , **SQL** , and various file and storage collaboration systems, password secure controls including keys and tokens -and will be responsible for designing and implementing scalable access provisioning solutions to integrate IAM processes across cloud services. This is a hands-on technical leadership role that requires strategic thinking, cross-functional collaboration, and a commitment to continuous improvements in identity governance and access platforms and controls. **Responsibilities:** + Lead the design, implementation, and ongoing management of **access provisioning solutions** across enterprise platforms, ensuring alignment with security policies and regulatory requirements. + Serve as the subject matter expert for **Active Directory** , **Microsoft Azure, Amazon Web Services (AWS),** and **Mainframe** , **Oracle and SQL databases** , **file systems** , and **enterprise storage** , with a focus on enforcing **least privileged access** . + Develop and maintain **access control policies** , **group structures** , and **role-based access models** to support scalable and secure provisioning. + Collaborate with application owners, infrastructure teams, and business stakeholders to define and implement **access requirements** for new and existing systems. + Drive automation initiatives to streamline **provisioning and de-provisioning workflows** , integrating with identity governance platforms and HR systems and IAM controls. + Conduct periodic **access reviews** , **entitlement audits** , and **certification campaigns** to ensure compliance and identify access anomalies. + Investigate and remediate access-related incidents, working closely with cybersecurity and risk teams to address vulnerabilities and improve controls. + Provide technical leadership and mentorship to junior IAM team members, fostering a culture of security-first thinking and operational excellence. + Stay current with emerging IAM technologies, regulatory changes, and industry best practices to continuously enhance the access provisioning program. + Prepare and present metrics, reports, and recommendations to senior leadership and audit teams regarding access provisioning effectiveness and risk posture. **Required Qualifications:** + **10+ years of progressive experience** in Identity and Access Management, with a strong focus on access provisioning across enterprise environments. + Deep technical expertise in **Active Directory** , **Microsoft Azure AWS, Mainframe** , **Oracle Database** , **SQL Server** , **Windows and Unix file systems** , and **enterprise storage platforms** . + Proven ability to design, implement, and manage access provisioning solutions that enforce **least privileged access** and align with regulatory and internal compliance requirements. + Strong understanding of **IAM governance frameworks** , platforms ( **e.g., SailPoint, Saviynt** ) **role-based access control (RBAC)** , **group policy management** , and **privileged access management (PAM)** tools, **CyberArk, Hashi Corp and Beyond Trust.** + Experience with **automated provisioning/de-provisioning workflows** , including integration with HR systems to demonstrated proficiency in scripting and automation (e.g., PowerShell, Python) to support scalable access provisioning and audit processes. + Familiarity with **cloud infrastructure security** and access controls in hybrid environments, particularly within **Microsoft Azure AWS** and **Oracle Cloud** . + Ability to conduct **access reviews** , **entitlement audits** , and **risk assessments** to identify and remediate access-related vulnerabilities. + Excellent analytical, problem-solving, and communication skills, with the ability to collaborate across technical and business teams. **Shift:** 1st shift (United States of America) **Hours Per Week:** 40 Bank of America and its affiliates consider for employment and hire qualified candidates without regard to race, religious creed, religion, color, sex, sexual orientation, genetic information, gender, gender identity, gender expression, age, national origin, ancestry, citizenship, protected veteran or disability status or any factor prohibited by law, and as such affirms in policy and practice to support and promote the concept of equal employment opportunity, in accordance with all applicable federal, state, provincial and municipal laws. The company also prohibits discrimination on other bases such as medical condition, marital status or any other factor that is irrelevant to the performance of our teammates. View your **"Know your Rights (************************************************************************************** "** poster. **View the LA County Fair Chance Ordinance (************************************************************************************************** .** Bank of America aims to create a workplace free from the dangers and resulting consequences of illegal and illicit drug use and alcohol abuse. Our Drug-Free Workplace and Alcohol Policy ("Policy") establishes requirements to prevent the presence or use of illegal or illicit drugs or unauthorized alcohol on Bank of America premises and to provide a safe work environment. Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations. Should you be offered a role with Bank of America, your hiring manager will provide you with information on the in-office expectations associated with your role. These expectations are subject to change at any time and at the sole discretion of the Company. To the extent you have a disability or sincerely held religious belief for which you believe you need a reasonable accommodation from this requirement, you must seek an accommodation through the Bank's required accommodation request process before your first day of work. This communication provides information about certain Bank of America benefits. Receipt of this document does not automatically entitle you to benefits offered by Bank of America. Every effort has been made to ensure the accuracy of this communication. However, if there are discrepancies between this communication and the official plan documents, the plan documents will always govern. Bank of America retains the discretion to interpret the terms or language used in any of its communications according to the provisions contained in the plan documents. Bank of America also reserves the right to amend or terminate any benefit plan in its sole discretion at any time for any reason.

A leading automotive service company in Downtown Boston seeks a dedicated Senior Security Engineer to safeguard its web and mobile applications, manage various security incidents, and ensure compliance with safety standards. This role requires collaboration across teams to implement defense strategies and educate staff on security practices. Self-starters with expertise in threat management and a solid understanding of compliance frameworks will thrive in this vibrant environment. Join the mission to revolutionize car ownership and enjoy competitive pay and exceptional benefits. #J-18808-Ljbffr

Basic Qualifications RRequires a Bachelor's degree in Systems Engineering, or a related Science, Engineering, Technology or Mathematics field. Also requires 5+ years of job-related experience, or a Master's degree plus 3 years of job-related experience. Agile experience preferred. CLEARANCE REQUIREMENTS: Department of Defense Secret security clearance is required at time of hire. Applicants selected will be subject to a U.S. Government security investigation and must meet eligibilityrequirements for access to classified information. Due to the nature of work performed within our facilities, U.S.citizenship is required. Responsibilities for this Position We are seeking a Systems Security Engineer who has experience in the design and development of NSA-certified Cybersecurity devices. Key Responsibilities: Design and develop specifications for mission-critical NSA-certified Cybersecurity devices Collaborate with software and validation engineering teams to deliver high-speed data solutions Develop real-time multi-threaded Embedded System architecture using Model-based Systems Engineering (MBSE) tools and techniques Analyze and maintain system security requirements throughout product development lifecycle Conduct trade studies, perform functional analysis, and design system security. Preferred Skills and Experiences: NSA approved Cryptography/Encryption Security requirements analysis Real-Time multi-threaded Embedded System architecture and development Model-based Systems Engineering (MBSE) CISSP certification or similar INCOSE ASEP, CSEP, or ESEP certification We value candidates who possess: Drive to expand knowledge and experience in designing complex systems Ability to define project scope, schedule, and expected results Initiative to complete assignments and ability to engage in technical direction and leadership Our Commitment to You: An exciting career path with opportunities for continuous learning and development Research-oriented work with award-winning teams Competitive benefits package #CJ3 Salary Note This estimate represents the typical salary range for this position based on experience and other factors (geographic location, etc.). Actual pay may vary. This job posting will remain open until the position is filled. Combined Salary Range USD $124,397.00 - USD $138,003.00 /Yr. Company Overview General Dynamics Mission Systems (GDMS) engineers a diverse portfolio of high technology solutions, products and services that enable customers to successfully execute missions across all domains of operation. With a global team of 12,000+ top professionals, we partner with the best in industry to expand the bounds of innovation in the defense and scientific arenas. Given the nature of our work and who we are, we value trust, honesty, alignment and transparency. We offer highly competitive benefits and pride ourselves in being a great place to work with a shared sense of purpose. You will also enjoy a flexible work environment where contributions are recognized and rewarded. If who we are and what we do resonates with you, we invite you to join our high-performance team! Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans