Information Security Engineer
Information Security Analyst Job 25 miles from Holtsville
Our client is a Commercial Real Estate Firm with a national presence, that offers an outstanding work environment. They promote from within and have extremely low turnover. Due to recent acquisitions the organization is looking to add to their Information Security and Technology Teams. Compensation includes base, annual bonus, cash equity bonus. and outstanding benefits.
The Cybersecurity Engineer will play a crucial role in our organization's defense against cyber threats and will be responsible for securing systems, networks, and platforms, and protecting data from potential threats. This role will be instrumental in safeguarding organization's reputation. The ideal candidate is analytical, detail-oriented, and passionate about building secure systems.
****THIS IS A DIRECT HIRE, HYBRID (2 DAYS ONSITE) POSITION.*****
****NO C2C. NO SPONSORSHIP****
***NO RELOCATION AVAILABLE***
Responsibilities
Design, implement, and maintain security systems and protocols.
Regularly perform penetration testing, vulnerability scanning, and risk assessments to identify potential weaknesses in our systems and networks. Develop and implement mitigation strategies to address these vulnerabilities and reduce risk.
Continuously monitor our security systems for unusual activity using a variety of tools and technologies. Analyze and respond to all security alerts and incidents in a timely and effective manner.
Create comprehensive reports on security incidents.
Collaborate closely with IT and software development teams to ensure that security is integrated into all aspects of the technological infrastructure.
Stay updated on the latest industry trends, threats, and best practices.
Develop and maintain engineering playbooks and participate in cybersecurity incident response activities. Develop and deliver training programs to educate all staff members about information security, data privacy, and cyber threats.
Qualifications
Bachelor's degree in computer science, cybersecurity, or a related field, or equivalent relevant work experience
Proven work experience as a Cybersecurity Engineer or similar role
Extensive knowledge of various security frameworks (NIST, ISO27001, etc.), risk assessment techniques, and security systems
Strong understanding of network infrastructure and network hardware
Proficient in programming languages such as Python, Java, or C++ Relevant professional certifications such as CISSP, CISM, CEH, or CompTIA Security+ are preferred
Excellent problem-solving skills, with the ability to analyze complex data to make strategic decisions
Strong communication skills, with the ability to educate non-technical colleagues about security protocols and potential risks
****THIS IS A DIRECT HIRE, HYBRID (2 DAYS ONSITE) POSITION.*****
****NO C2C. NO SPONSORSHIP****
***NO RELOCATION AVAILABLE***
Information Security Manager
Information Security Analyst Job 9 miles from Holtsville
Summary: The Information Security Manager (“ISM”) is primarily responsible for assisting the Senior Information Security Manager (“SISM”) to fulfill Dime's security monitoring oversight functions in support of Dime's information security program. This includes operational and tactical responsibilities that ensure standard operating procedures are maintained within Dime's control environment to effectively protect Dime's information assets.
Salary commensurate with experience, ranging from $100,000 to $120,000 annually. The exact compensation may vary based on relevant experience, skills, education, training, licensure and certifications, and location.
All applicants must attach a recent resume. This is NOT a remote role. Dime does not provide relocation assistance or visa sponsorship (now or in the future).
Responsibilities:
Overall, the ISM's job is to work with Dime's IT and Risk Management departments and various business units to plan, coordinate and develop recommendations for all aspects of information security policies and procedures for Dime in order to:
Oversee that system monitoring activities of the IT NSOC (Network Security Operations Center), comply with Dime's information security policies.
Oversee log and entitlement reviews of critical systems to protect Dime's information assets from internal and external threats.
Oversee regular vulnerability testing/assessment, social engineering testing, and security evaluations are performed to evaluate the effectiveness of existing controls, including periodic penetration testing of critical information systems.
Use metrics to measure, monitor and report on effectiveness and efficiency of information security controls and compliance with information security policies, in order to support the annual information security risk assessment.
Assist in development, maintenance, and testing of policies, standards, processes, and procedures to assess, monitor, report, escalate and remediate information security risks and related compliance issues.
Work with Dime's business units, Internal Audit, vendors, and other systems professionals to ensure policies and procedures are being complied with and to develop recommendations for improvements, ensure that compliance issues and other variances are resolved in a timely manner, and actively apply innovative solutions to advance Dime's information security goals.
Participate and help coordinate the implementation and roll-out of Information Security systems and software within Dime to verify that Dime's systems are in compliance with Information Security Policies.
Qualifications:
Bachelor's degree from four-year college or university and minimum three years' related experience and/or training; or equivalent combination of education and experience.
Knowledge of banking operations and bank policy and procedure development.
Knowledge of financial services regulatory requirements (FFIEC, GLBA, NYSDFS), and industry standards (NIST, ISO 27001/2).
CISSP (or comparable certification) preferred or expected within one year of hire.
Hands-on experience with DLP Prevention tools such as enterprise security tools (i.e., SIEM, vulnerability scanners, firewalls)
Hands-on experience with enterprise DLP tools (i.e., Varonis, O365 Defender) desirable.
Experience with Palo Alto, FortiNet EDR, and Darktrace technologies desirable.
Proficiency with industry standard information security testing and evaluation techniques. Use of Vulnerability Management and Penetration testing tools, (e.g., Rapid 7, Nessus, NMAP, Kali Linux,) desirable.
Excellent oral and written communication skills.
Ability to work outside of normal business hours on occasion.
Superior knowledge of Microsoft Office and database management software.
Knowledge of computer programs, databases, and systems used in the banking/financial services sectors.
Dime is an Equal Opportunity Employer. We provide a full competitive benefits package.
Senior Cloud Security Engineer
Information Security Analyst Job 34 miles from Holtsville
Job Description
!
This is a hybrid role (three days in the office/two days remote).
Interactive Brokers Group has been consistently at the forefront of trading innovation, starting with the invention of the first floor-based handheld computer in 1983. We pride ourselves on being primarily a technology company and challenging the status quo. We push boundaries to offer our clients the best trading platform with the most sophisticated features at the lowest cost. Software development is the lifeblood of our firm, and it shows in our stellar brokerage platform. Interactive Brokers is regularly recognized as a leader in the financial services industry.
About your Team:
As IBKR Cloud Security Engineer, you will be responsible for designing, deploying, and operating a secure cloud infrastructure while supporting operational innovation, workflow automation, and elevation of IBKR's security posture within a cloud computing infrastructure. You will possess advanced troubleshooting skills and be knowledgeable about architecture, engineering, and design principles. They will consistently assess the threat landscape and adapt quickly to protect the business from identified threats. You will work closely with cloud infrastructure and application development teams to review their outputs for security risks and provide guidance on appropriate security practices.
What will be your responsibilities within IBKR:
Develop and maintain secure, resilient enterprise-grade cloud security infrastructure and processes in collaboration with system architects, infrastructure engineers, and application developers.
Conduct rigorous oversight of security systems and security configuration administration to reduce risk to enterprise systems and accounts.
Develop and deploy strong identity and access management (IAM) controls across applications and computing environments.
Advise on developing and utilizing scripts (e.g., Python, Ruby, Perl, etc.) to support custom Extract, Transform and Load (ETL) tools with a security focus on data flow.
Actively monitor, assess and recommend tactical and strategic initiatives based on new and emerging threats to cloud computing environments.
Manage and track remediation efforts triggered by security assessments related to cloud computing environments.
Formulate, document, and implement security improvements that balance risks with business operations efficiency and the need for innovation.
Which skills are required:
Must have five years of experience in cybersecurity with at least two years of exposure to cloud-based technologies and operations, preferably Amazon Web Services (AWS) or Microsoft Azure.
Detailed technical understanding of how cloud environments operate "under the hood" (in addition to familiarity with best practices related to how cloud services should be utilized)
Good understanding of security concepts and technologies
Experience with network and host-based monitoring, logging, alerting, and response frameworks.
Experience in scripting languages like Python, PowerShell, Javascript, Ruby, Perl, Unix Shell (bash/ksh), etc.
Experience with Continuous Integration & Continuous Deployment (CI/CD) technologies, such as Jenkins, CodeBuild, Puppet, etc.
What would be nice to have:
Experience creating and deploying Indications of Compromise (IoC), gathering system metrics, and responding to triggered alerts.
Operational experience in maintaining and administrating the security posture of large-scale deployments
Familiarity with common security frameworks and standards, such as NIST CSF, ISO/IEC 27001:27013, CIS CSC, PCI DSS, etc.
To be successful in this position, you will have the following:
Self-motivated and able to handle tasks with minimal supervision.
Superb analytical and problem-solving skills.
Excellent collaboration and communication (Verbal and written) skills
Outstanding organizational and time management skills
Company Benefits & Perks
Competitive salary, annual performance-based bonus and stock grant
Retirement plan 401(k) with a competitive company match
Excellent health and wellness benefits, including medical, dental, and vision benefits and a company-paid medical healthcare premium
Wellness screenings and assessments, health coaches and counseling services through an Employee Assistance Program (EAP)
Paid time off and a generous parental leave policy
Daily company lunch allowance provided, and a fully stocked kitchen with healthy options for breakfast and snack
Corporate events, including team outings, dinners, volunteer activities and company sports teams
Education reimbursement and learning opportunities
Modern offices with multi-monitor setups
Company Overview
Interactive Brokers Group, Inc. (Nasdaq: IBKR) is a global financial services company headquartered in Greenwich, CT, USA, with offices in over 15 countries. We have been at the forefront of financial innovation for over four decades, known for our cutting-edge technology and client commitment.
IBKR affiliates provide global electronic brokerage services around the clock on stocks, options, futures, currencies, bonds, and funds to clients in over 200 countries and territories. We serve individual investors and institutions, including financial advisors, hedge funds and introducing brokers. Our advanced technology, competitive pricing, and global market help our clients to make the most of their investments.
Barron's has recognized Interactive Brokers as the #1 online broker for six consecutive years. Join our dynamic, multi-national team and be a part of a company that simplifies and enhances financial opportunities using state-of-the-art technology.
Senior IAM Security Engineer
Information Security Analyst Job 23 miles from Holtsville
A Senior SailPoint Security Engineer is required for our global Identity & Access Management team to support our SailPoint IDM system activities. In this role you will be responsible for the infrastructure, vulnerability management and IIQ functional support working in partnership with development teams and operational teams to make sure the new system functionalities be transitioned and supported accordingly as per business requirements. You will need to be able to support the creation of system operational metrics, highlight system gaps, improvement, and work in conjunction with development and application teams to mitigate any gap as well tracking and implementing the identified improvement activities, in addition you will need to:
Serve as an experienced support engineer within the SailPoint IIQ space.
Partner with internal teams to ensure support activities are align with the application designs.
Act as functional technical contact to support & drive a strong engineering culture while fixing or supporting production issues.
Perform critical analysis to identify and resolve conflicts, and break down high-level information into actionable work plans
Stablish and implement a robust application monitoring processes to make sure we have 24x7 alerting in place.
Assist technical team members with the system/technical portion of their deliverables (e.g., test plans, implement monitoring activities, etc.).
Collaborate with internal infrastructure teams to resolve incident and alerts accordingly based on establish incident response timelines.
Responsible to review and provide observation on technical documentation, KBA’s for our team and other IAM functions
Recommend adjustments to the technical requirements and adjust with agility to the business needs.
Support the development of IAM processes (joiners/movers/leavers) access reviews, and Privileged Access Management.
Qualifications
5+ years of professional Identity Management (IDM) experience, with demonstrated understanding of modern IDM concepts and best practices.
4+ years' experience providing SailPoint application support into high availability environments
Solid knowledge of identity data flows, engineering workflows, security roles, certification / attestation, entitlement management, SOD and access governance in SailPoint IIQ
Experience with integrating SailPoint IIQ with various technologies, including ServiceNow, SAP, Azure AD, Office 365, RACF, LDAP directories.
Hands on experience on Database Administration and support (Oracle, MSSQL, MySQL)
Experience with various APIs including SCIM, REST, and SOAP
Familiarity with programming and web technologies such as Java / Bean Shell, JavaScript, SPML / SOAP, JSF.
Strong analytical, problem-solving skills, able to provide rigorous and detailed descriptions of problems and features to product developers and managers,
Self-driven and able to clearly communicate to technical and non-technical audiences
Strong analytical, problem solving, and decision-making skills.
Please Note the Following:
Approximately 5% Travel required
NERC CIP position, requires NERC CIP background investigation prior to start
Preference will be given to New York State residents. Veterans are encouraged to apply.
About 8 Consulting:
8 Consulting is a Cybersecurity and Systems Engineering organization dedicated to supporting Public Sector clients in developing and securing their operating environments. Our employees enjoy a work culture that promotes employee growth and employee direction in work selection.
8 Consulting benefits include Health Insurance, 401(k) match, 401(k) profit sharing, life insurance, PTO, eleven Federal holidays, 1 floating holiday per quarter and a flexible work environment. Employees can also take advantage of casual corporate site dress code, free parking, corporate discounts, and support in establishing a safe and effective remote work environment.
8 Consulting is an Equal Opportunity employer and does not discriminate against any employee or applicant for employment because of race, creed, color, sex, national origin, age, disability, marital status, sexual orientation, genetic predisposition or carrier status.
Powered by JazzHR
6uHjX0k1Gj
Abstract Enterprises Security Systems Inc.
Information Security Analyst Job 5 miles from Holtsville
Abstract Enterprises Security Systems is a leading provider of comprehensive security solutions in Suffolk County, NY. We specialize in state-of-the-art CCTV cameras and surveillance systems and offer expert installation, programming, and repair services for residential and commercial clients.
Our products include top-of-the-line security cameras, SimpliSafe outdoor camera home security systems, and advanced commercial surveillance systems. We pride ourselves on delivering cutting-edge technology and professional installation services to protect your property 24/7.
As experienced CCTV installers, we offer:
Installation of security camera systems for homes and businesses
Security camera repair and maintenance
Surveillance camera system installation and setup
Video surveillance system design and implementation
CCTV repair and troubleshooting
In addition to our camera services, we also provide:
Smoke, burglar, and fire alarm installation
Door access control systems
Integration of security cameras with existing alarm systems
Our team of skilled technicians is equipped to handle all aspects of your security needs, from initial consultation and system design to professional installation and ongoing support. We stay up-to-date with the latest advancements in security technology to offer you the most effective solutions.
Whether you need a single security camera installed or a complete surveillance security camera system for your business, Abstract Enterprises Security Systems is your trusted partner in Suffolk County, NY. We are committed to enhancing your safety and peace of mind through our expert services and top-quality products.
Contact us today to learn how we can customize a security solution for your home or business. Protect what matters most with Abstract Enterprises Security Systems - your local security camera installation and surveillance systems experts.
Visit: *************************************************************************************
This digital marketplace network is currently home to over 4.65 million self-placed or self-serve business and local information listings. The Localzz Marketplaces set goal 7.5 million total listings in 2025. The Localzz market is over 33+ million businesses. The Localzz sees an opportunity to help advertise over 95+% of the businesses out there. A business could place 1 to 100+ listings on each of the currently 100 launched Localzz owned and operated branded marketplaces.
Localzz exists to create digital advertising opportunities to businesses by creating information listing options across a network of branded digital marketplaces to build a brand, get more leads, get more customers, get more clients, get more traffic to your website, and ultimately help you get more business. The Localzz vision is to be the destination local and national information network for finding and placing business and local information. Localzz makes it easy to post an information listing to a digital local, national, and global market.
**Business and local related placed information listings could be much more than just a business listing!**
A typical business listing is - Business name, addresses, telephone numbers, location, contact information, type of service or products the business provides, the served region, website address, and maybe more.
Abstract Enterprises Security Systems Inc.
Information Security Analyst Job 5 miles from Holtsville
Abstract Enterprises Security Systems is a leading provider of comprehensive security solutions in Suffolk County, NY. We specialize in state-of-the-art CCTV cameras and surveillance systems and offer expert installation, programming, and repair services for residential and commercial clients.
Our products include top-of-the-line security cameras, SimpliSafe outdoor camera home security systems, and advanced commercial surveillance systems. We pride ourselves on delivering cutting-edge technology and professional installation services to protect your property 24/7.
As experienced CCTV installers, we offer:
Installation of security camera systems for homes and businesses
Security camera repair and maintenance
Surveillance camera system installation and setup
Video surveillance system design and implementation
CCTV repair and troubleshooting
In addition to our camera services, we also provide:
Smoke, burglar, and fire alarm installation
Door access control systems
Integration of security cameras with existing alarm systems
Our team of skilled technicians is equipped to handle all aspects of your security needs, from initial consultation and system design to professional installation and ongoing support. We stay up-to-date with the latest advancements in security technology to offer you the most effective solutions.
Whether you need a single security camera installed or a complete surveillance security camera system for your business, Abstract Enterprises Security Systems is your trusted partner in Suffolk County, NY. We are committed to enhancing your safety and peace of mind through our expert services and top-quality products.
Contact us today to learn how we can customize a security solution for your home or business. Protect what matters most with Abstract Enterprises Security Systems - your local security camera installation and surveillance systems experts.
Visit: *************************************************************************************
This digital marketplace network is currently home to over 4.65 million self-placed or self-serve business and local information listings. The Localzz Marketplaces set goal 7.5 million total listings in 2025. The Localzz market is over 33+ million businesses. The Localzz sees an opportunity to help advertise over 95+% of the businesses out there. A business could place 1 to 100+ listings on each of the currently 100 launched Localzz owned and operated branded marketplaces.
Localzz exists to create digital advertising opportunities to businesses by creating information listing options across a network of branded digital marketplaces to build a brand, get more leads, get more customers, get more clients, get more traffic to your website, and ultimately help you get more business. The Localzz vision is to be the destination local and national information network for finding and placing business and local information. Localzz makes it easy to post an information listing to a digital local, national, and global market.
**Business and local related placed information listings could be much more than just a business listing!**
A typical business listing is - Business name, addresses, telephone numbers, location, contact information, type of service or products the business provides, the served region, website address, and maybe more.
CyberArk Cyber Security Analyst CyberArk
Information Security Analyst Job 23 miles from Holtsville
External Description:
Company: PSEG
PSEG Company: PSEG Services Corp.
Salary Range: $ 88,400 - $ 140,000
Incentive: PIP 10%
Work Location Category: Remote Local
PSEG operates under a Flexible Work Model where flexible work is offered when job requirements allow. In support of this model, roles have been categorized into one of four work location categories: onsite roles, hybrid roles that are a blend of onsite and remote work, remote local roles that are primarily home-based but require some level of purpose-driven in-person interaction and living within a commutable distance, and remote non-local roles that can be effectively performed remotely with the ability to work in approved states.
We want you to be healthy, balanced, and feel secure. That's why you'll enjoy a comprehensive range of benefits, with a focus on supporting your whole health. Starting on day one of your employment, you'll be offered several health-related benefits including medical, vision, dental, and well-being and behavioral health programs. We also offer 401(k) with company match, company paid life insurance, tuition reimbursement and a minimum of 18 days of paid time off per year.
PSEG offers a unique experience to our more than 12,000 employees - we provide the resources and opportunities for career development that come with being a Fortune 500 company, as well as the attention, camaraderie and care for one another you might typically associate with a small business. Our focus on combatting climate change through clean energy technology, our new net zero climate vision for 2030 and enhanced commitment to diversity, equity and inclusion; and supporting the communities we serve make this a particularly exciting time to join PSEG.
Job Summary
This position is an experienced, senior level, hands-on technical lead, performing privileged access management (PAM) security functions and PAM maintaining systems, while providing technical guidance to the team. Manages PAM technologies, as well as PAM security policies and procedures, and incident response as needed. Provides technical expertise and support IT management and staff in cybersecurity threat risk assessments, development, testing and the implementation and operation of appropriate information security plans, procedures, and control techniques designed to prevent, minimize or quickly recover from cyber-attacks or other serious events.
Job Responsibilities
Responsibilities include:
• Leads and manages PAM technologies
• Provides technical expertise in threat/risk assessments related to privileged access
• Defines, designs, and implements strategies to protect against emerging threats using PAM tools
• Responds to security incidents as needed
• Performs security reviews on new PAM technologies and changes to existing technologies
• Manages information privileged access management technologies.
Job Specific Qualifications
Required:
• Bachelor's degree in Computer Science, Information Systems, Cyber Security, Math or Engineering and a minimum of 4 years of experience in Information Security; In lieu of a degree, 8 years of experience in Information Security.
• Experience providing technical PAM expertise IT management and staff in cybersecurity threat risk assessments, development, testing and the implementation and operation of appropriate information security plans, procedures, and control techniques designed to prevent, minimize or quickly recover from cyber-attacks or other serious events.
• Must have strong Identity and Access Management (IAM) and PAM experience.
• Must be proficient in defining processes and procedures for PAM.
• Ability to follow cyber security news and alerts, understands complex attack vectors and risks, and identifies and evaluates emergent cyber security threats and vulnerabilities.
• Demonstrated ability to recommend appropriate corrective actions for information security incidents and provides risk mitigation recommendations to management and team.
• Experience with designing process flows to be implemented in security automation tools to automatically respond to threats quickly and effectively.
• Experience with reviewing complex IAM architecture design diagrams and documents for new technologies and changes to existing technologies to determine risks and provide recommendations and mitigations.
• Must be able to work independently with little or no supervision.
• Must demonstrate strong verbal and written communication skills.
• Must demonstrate strong leadership, technical teamwork, and interpersonal skills.
• Ability and willingness to work in strong team environment, constantly teaching and learning from other team members.
• Ability to foster working relationships with the team, IT Management and Client departments.
• Ability to explain technical concepts to the business users in the context of business requirements.
• Must demonstrate technical experience including: information / data / network / computer security design, administration and/or assessment.
• Must demonstrate broad knowledge of information systems including Windows security, network security, systems development, communication networks, security software/hardware and operating systems.
• Experience with key information security technologies such as SIEM, firewalls, intrusion detection/prevention systems, vulnerability assessment, encryption, identity and access control systems, anti-malware, and security event analysis.
• Must demonstrate strong organizational, managerial, and financial management skills.
• Must demonstrate the ability to communicate effectively with both technical and non-technical individuals.• Must have strong planning skills and be results oriented.
• Must demonstrate a solid working knowledge of Information Security principles and practices.
Desired:
• ISC2 Certified Information Systems Security Professional (CISSP) or equivalent
• Programming Experience in Python
NOTE:
• Approximately 5% Travel required
• Please note if NERC CIP position, requires NERC CIP background investigation prior to start
Minimum Years of Experience Data Needed 4 years of experience Education Bachelors Certifications None Noted Disclaimer
Certain positions at the Company may require you to have access to Part 810-Controlled Information. Under the law, the Company is limited in who it can share this information with and in certain circumstances it is necessary to obtain specific authorization before the Company can share this information. Accordingly, if the position does require access to this information, you must complete a 10 CFR Part 810 Export Control Compliance Nationality Request Form, a copy of which will be provided to you by Talent Acquisition if an offer is made. If there is a need for specific authorization, due to the time it takes to obtain authorization from the government, we will likely not be able to further proceed with an offer.
PSEG is an equal opportunity employer, dedicated to a policy of non-discrimination in employment, including the hiring process, based on any legally protected characteristic. Legally protected characteristics include race, color, religion, national origin, sex, age, marital status, sexual orientation, disability or veteran status or any other characteristic protected by federal, state, or local law in locations where PSEG employs individuals.
As an employee of PSEG you should be aware that during storm restoration efforts, you may be required to perform functions outside of your routine duties and on a schedule that may be different from normal operations.
For all roles, PSEG's drug and alcohol testing program includes pre-employment testing, testing for cause, and post-incident/accident testing. For employees in federally regulated roles (including positions covered by USDOT, PHMSA, or NRC regulations), this also includes random testing. Although numerous states throughout the country have legalized marijuana/cannabis products recreationally and/or medically, it is prohibited for employees in federally regulated roles. Employees who are hired or transfer into a federally regulated role are subject to drug and alcohol testing, inclusive of marijuana. Please note that the use of CBD products may result in a positive drug test for THC/Marijuana and such use is not a legitimate medical explanation for such a positive result.
PSEG employees must apply for jobs internally through em Power which can be accessed through sharepoint.pseg.com by clicking on the em Power icon, then selecting careers. This site (PSEG Careers and Job Openings) is strictly for candidates who are not currently PSEG employees, with the exception of PSEG employees who do not have company email addresses.
PSEG is committed to providing reasonable accommodations to individuals with disabilities. If you have a disability and need assistance applying for a position, please call ************ or email accommodations@pseg.com.
If you need to request a reasonable accommodation to perform the essential functions of the job, email accommodations@pseg.com. Any information provided regarding a disability will be kept strictly confidential and will not be shared with anyone involved in making a hiring decision.
ADDITIONAL EEO/AA INFORMATION
(Click link below)
Know your Rights: Workplace Discrimination is Illegal
Pay Transparency Nondiscrimination Provision
Nearest Major Market: Newark
Nearest Secondary Market: New York City
Job Segment: Testing, Sharepoint, Developer, Recruiting, Information Security, Technology, Human Resources
Job Number: 78509
Community / Marketing Title: CyberArk Cyber Security Analyst CyberArk
Location_formattedLocationLong: Bethpage, New York US
Information Security Analyst III
Information Security Analyst Job 27 miles from Holtsville
To be part of our organization, every employee should understand and share in the YNHHS Vision, support our Mission, and live our Values. These values - integrity, patient-centered, respect, accountability, and compassion - must guide what we do, as individuals and professionals, every day.
The Security Analyst III functions as the primary support contact for HIPAA monitoring and legal issues. They work under the appropriate direction to manage security inquiries and requests. They coordinate all issues that arise during the project for their area. Primary responsibilities include conducting HIPAA privacy auditing, key legal contact for the information security group, and managing security over data flows. Attention to detail is a critical skill for this position. High communication skills as the role will interact with outside departments, e.g. Compliance, Legal, HR.
EEO/AA/Disability/Veteran
Responsibilities
1. Teamwork
1.1 Creates and maintains regular status reports to immediate manager.
1.2 Attends weekly team meetings to discuss team and project related activities, issues, change, communications, and updates.
1.3 Completes specific task activities as documented in project plan and/or assigned by manager.
1.4 Works with training team to develop application specific training curriculums and materials . 2 .5 Supports all project team members with application and information systems knowledge.
1.6 Promotes a team atmosphere that is conducive to the overall accomplishment of goals, schedules, and deadlines.
1.7 Openly shares information with all team members
1.8 Willingness to subordinate individual goals for team goals.
1.9 Proactively recommends solutions to security issues.
2. Conducts HIPAA auditing and monitoring.
2.1 Key information security contact for legal requests, legal holds, chain of custody.
2.2 Conducts security reviews for data flows, registries, applications.
Qualifications
EDUCATION
Bachelors degree preferred or equivalent experience required.
EXPERIENCE
3-5 Years IT Security Experience
LICENSURE
CISA preferred
SPECIAL SKILLS
Ability to work independently and meet deadlines with minimal supervision and ability to deal with simultaneous tasks, communicate effectively, problem solve, and develop creative solutions to complex problems required. Strong organizational. problem solving and listening skills, attention to detail, innovative thinking and ability to inspire others required. Must possess a high level of customer service skills and participate as strong, collaborative team player . Capable of taking leadership role in managing end user relationships. Working knowledge of Microsoft Office tools required. Familiarity and/or certification in Epic is preferred.
ACCOUNTABILITY
Ability to work independently remote and onsite in a hybrid function. Responsible for providing detailed project status on a periodic basis.
COMPLEXITY
In personal and job-related decisions and actions, consistently demonstrates the values of integrity (doing the right thing), patient-centered (putting patients and families first), respect (valuing all people and embracing all differences), accountability (being responsible and taking action), and compassion (being empathetic). Responsible for independently meeting deadlines and providing timely solutions to complex health system wide projects
Additional Information
SPECIAL WORKING CONDITIONS AND PHYSICAL DEMAND
Hybrid function
YNHHS Requisition ID
124907
Sr Security Operations Analyst
Information Security Analyst Job 23 miles from Holtsville
PSEG Company: PSEG Long Island
Salary Range: $ 90,800 - $ 149,800
Incentive: PIP 15%
PSEG operates under a Flexible Work Model where flexible work is offered when job requirements allow. In support of this model, roles have been categorized into one of four work location categories: onsite roles, hybrid roles that are a blend of onsite and remote work, remote local roles that are primarily home-based but require some level of purpose-driven in-person interaction and living within a commutable distance, and remote non-local roles that can be effectively performed remotely with the ability to work in approved states.
PSEG offers a unique experience to our more than 12,000 employees - we provide the resources and opportunities for career development that come with being a Fortune 500 company, as well as the attention, camaraderie and care for one another you might typically associate with a small business. Our focus on combatting climate change through clean energy technology, our new net zero climate vision for 2030 and enhanced commitment to diversity, equity and inclusion; and supporting the communities we serve make this a particularly exciting time to join PSEG.
Job Summary
This position is an experienced, senior level, hands-on technical lead, performing IT security functions and maintaining systems, while providing technical guidance to the team. Manages information security capabilities such as Security Monitoring, Detection, Sec Ops Tools & Automation, Cyber Threat Monitoring, Incident Response, Cyber Resiliency, Threat Intel, & Cyber Hunting, as well as security policies and procedures, and incident response. Provides technical expertise and support to clients, IT management and staff in cybersecurity threat risk assessments, development, testing and the implementation and operation of appropriate information security plans, procedures, and control techniques designed to prevent, minimize or quickly recover from cyber-attacks or other serious events.
Job Responsibilities
Responsibilities include:
• Leads and manages Security Monitoring, Detection, Sec Ops Tools & Automation, Cyber Threat Monitoring, Incident Response, Cyber Resiliency, Threat Intel, & Cyber Hunting security technologies
• Provides technical expertise in threat/risk assessments
• Defines, designs, and implements strategies to protect against emerging threats using Security Operations and Incident response security tools
• Responds to security incidents
• Performs security reviews on security operations and incident response new technologies and changes to existing technologies
• Hands-on technical lead performing IT security functions and maintaining systems, while providing technical guidance to the team.
o Manages information security capabilities such as Security Monitoring, Detection, Sec Ops Tools & Automation, Cyber Threat Monitoring, Incident Response, Cyber Resiliency, Threat Intel, & Cyber Hunting.
o Provides technical expertise and support IT management and staff in cybersecurity threat risk assessments, development, testing and the implementation and operation of appropriate information security plans, procedures, and control techniques designed to prevent, minimize or quickly recover from cyber-attacks or other serious events.
Job Specific Qualifications
• Bachelor's degree in Computer Science or Information Systems or Cyber Security or Engineering or related technical field and 6 or more years of experience in information security or related Security Operations and incident response experience
In lieu of a Bachelor's degree, 10 more years of experience in information security or related Security Operations and incident response experience
• Must be able to perform as a hands-on technical lead performing IT security functions and maintaining systems, while providing technical guidance to the team.
• Must have strong incident response and threat analysis experience, including SIEM technology.
• Must be proficient in defining processes and procedures for incident response.
• Must have experience following cyber security news and alerts, understands complex attack vectors and risks, and identifies and evaluates emergent cyber security threats and vulnerabilities. Recommends appropriate corrective actions for information security incidents and provides risk mitigation recommendations to management and team.
• Must have familiarity with cloud computing and can implement strong security to protect cloud first environment.
• Must be able to work independently with little or no supervision.
• Must demonstrate excellent verbal and written communication skills.
• Must demonstrate strong leadership, technical teamwork, and interpersonal skills.
• Must be ability and willingness to work in strong team environment, constantly teaching and learning from other team members.
• Ability to foster working relationships with the team, IT Management and Client departments.
• Must demonstrate the ability to explain technical concepts to the business users in the context of business requirements.
• Must have technical experience including: information / data / network / computer security design, administration and/or assessment.
• Must have broad knowledge of information systems including Windows security, network security, systems development, communication networks, security software/hardware and operating systems.
• Must have experience with key information security technologies such as SIEM, firewalls, intrusion detection/prevention systems, vulnerability assessment, encryption, identity and access control systems, anti-malware, and security event analysis.
• Must have strong Leadership, planning and organizing skills and be results oriented
• Must demonstrate strong interpersonal, organizational, managerial, financial management and leadership skills.
Desired:
• Security certifications in incident response, cyber investigation, forensics, or threat hunting.
• Programming Experience in Python
Please Note the Following:
• Approximately 5% Travel required
• NERC CIP position, requires NERC CIP background investigation prior to start
Minimum Years of Experience 6 years of experience Education Certifications None NotedDisclaimer
Certain positions at the Company may require you to have access to Part 810-Controlled Information. Under the law, the Company is limited in who it can share this information with and in certain circumstances it is necessary to obtain specific authorization before the Company can share this information. Accordingly, if the position does require access to this information, you must complete a 10 CFR Part 810 Export Control Compliance Nationality Request Form, a copy of which will be provided to you by Talent Acquisition if an offer is made. If there is a need for specific authorization, due to the time it takes to obtain authorization from the government, we will likely not be able to further proceed with an offer.
Candidates must foster an inclusive work environment and respect all aspects of diversity. Successful candidates must demonstrate and value differences in others' strengths, perspectives, approaches, and personal choices.
As an employee of PSE&G or PSEG LI, you should be aware that during storm restoration efforts, you may be required to perform functions outside of your routine duties and on a schedule that may be different from normal operations.
Certain positions at the Company may require you to have access to 10 CFR Part 810 controlled information. If the position does require access to this information, the Talent Acquisition representative will provide further details upon making an offer.
PSEG is an equal opportunity employer, dedicated to a policy of non-discrimination in employment, including the hiring process, based on any legally protected characteristic. Legally protected characteristics include race, color, religion, national origin, sex, age, marital status, sexual orientation, disability or veteran status or any other characteristic protected by federal, state, or local law in locations where PSEG employs individuals.
Business needs may cause PSEG to cancel or delay filling position at any time during the selection process.
This site (******************** is strictly for candidates who are not currently PSEG employees. PSEG employees must apply for jobs internally through em Power which can be accessed through sharepoint.pseg.com by clicking on the em Power icon, then selecting careers.
PEOPLE WITH DISABILITIES:
PSEG is committed to providing reasonable accommodations to individuals with disabilities. If you have a disability and need assistance applying for a position, please call ************ or email accommodations@pseg.com. If you need to request a reasonable accommodation to perform the essential functions of the job, email accommodations@pseg.com. Any information provided regarding a disability will be kept strictly confidential and will not be shared with anyone involved in making a hiring decision.
ADDITIONAL EEO/AA INFORMATION
(Click link below)
Know your Rights: Workplace Discrimination is Illegal
Pay Transparency Nondiscrimination Provision
Senior Security Ops Analyst - Incident Response
Information Security Analyst Job 34 miles from Holtsville
We are seeking a Senior Security DevOps Engineer who will be responsible for a variety of objectives resulting in risk mitigation and remediation of internal & external security threats. This role performs advanced threat analysis, threat intelligence gathering & reporting, incident response activities, improves accuracy of security systems, improves existing processes, and works on Cybersecurity focused projects.
Contract to hire
Onsite 2 days a week located in New York
Cybersecurity - Cyber Intelligence & Incident Response
Responds to and remediates email, endpoint, threat intelligence, and network-based threats; provides forensic investigation and support.
Provides after-hours support as needed for response activities.
Integration experience.
Collaborates with cross divisional and Cybersecurity teams to continuously improve security capabilities and response to threats in the most efficient and effective manner.
Assists with projects to implement advanced technologies to prevent & identify malicious behavior within cloud environments, networks, endpoints, and email technologies.
Operates products such as SIEM, SOAR, threat intelligence platforms, advanced email protection, EDR, cloud security products, IDS/IPS, Zero Trust tooling, and other security technologies.
Scripting experience.
Implements and performs threat analysis utilizing industry standard frameworks (kill chain/diamond model) and techniques.
Proposes and helps review security plans and policies to improve environmental security.
Maintains and produces metrics, operational playbooks, process diagrams and documentation for the Cybersecurity program.
AWS and/or Azure knowledge.
Produces and distributes operational and tactical threat intelligence reports.
Other duties may be assigned as needed to address new security threats facing the enterprise.
Ability to:
Demonstrate great teamwork and partnership with internal teams for resolution of security-based issues.
Python programming tasks and understand of programming in general.
Perform security event correlation, triage, and analysis.
Apply security Threat Intelligence while responding to and investigating security events or Incidents.
Identify when an application, network, system, or user has been compromised by an internal or external threat.
Work on multiple projects to improve security capabilities.
Exercise strong understanding of defense-in-depth security best practices.
Apply security engineering and architecture concepts to best understand how to employ the most effective security monitoring, response, and threat reporting.
Demonstrate effective communication of security issues and topics to management and others.
Work well under pressure and within a high paced environment.
Maintain operational guidelines and standards for Cybersecurity.
Senior Security Analyst (Network & Cloud)
Information Security Analyst Job 40 miles from Holtsville
Join Ivy Rehab's dedicated team where you're not just an employee, but a valued teammate! Together, we provide world-class care in physical therapy, occupational therapy, speech therapy, and applied behavior analysis (ABA) services. Our culture promotes authenticity, inclusion, growth, community, and a passion for exceptional care for every patient.
Job Description:
We are an equal opportunity employer, committed to diversity and inclusion in all aspects of the recruiting and employment process. Actual salaries depend on a variety of factors, including experience, specialty, education, and organizational need. Any listed salary range or contractual rate does not include bonuses/incentive, differential pay, or other forms of compensation or benefits.
ivyrehab.com
Sr Security Analyst
Information Security Analyst Job 32 miles from Holtsville
Job Description
WHO WE’RE LOOKING FOR
We build our culture one hire at a time. Our tireless pursuit of providing our partners with world-class management solutions starts with talking to you. Our goal is simple. We want to build great teams that can help our partners focus on delivering exceptional eye care: the kind of teams people want to be a part of, and the kind of teams our patients can’t live without.
We want to learn more about you and the kind of team culture you can help us create. We’re interested in your relevant skills and what you can do. We’re even more interested in your positive attitude and flexible mindset.
THE OPPORTUNITY AT HAND
The Senior Security Engineer will work within Spectrum Vision’s Information Technology organization to ensure the ongoing protection of the applications, systems, network, physical assets, and data of the company and that they are operated under continued alignment with Information Risk and Security policies, standards, and compliance requirements. This will be achieved by ensuring the security tools and processes designed to protect the company’s data, systems, and network are working effectively together. This role is a technical engineering and operations position requiring superior technical design and process-building skills with the ability to advocate and influence positive transformation within the broader IT organization.
OUR EXPECTATIONS OF YOU
Must be able to identify and spotlight vulnerabilities on on-premises and remote networks (including cloud operating environments), correct problems, and prevent security breaches
Develop systems and processes for information risk and security leading practices throughout the company
requirements and select security technology through RFP / RFI processes
technical security standards aligned to Information Security policy and client requirements
Key Risk Indicators and Key Performance Indicators for Security Operations services; monitors for effectiveness and develops performance improvements when necessary.
and Maintain Security Incident Response capabilities and plans and Business Continuity plans
systems for potential vulnerabilities
of penetration testing, network security, and the techniques used to expose and correct security flaws
for proper management of patches to defray business impact while keeping security protocols up-to-date
computer networks and systems for threats and security breaches
security incident response and prepare reports on security incidents
maintains, and implements vendor security assessment plans and conducts vendor security reviews to ensure COMPANY security policies, standards, and external compliance requirements are being met
draft and development of vendor security related policies, standards, guidelines, procedures, and requirements
with other security organization members on cross-business / cross-functional opportunities
WHAT YOU'LL NEED TO SUCCEED
Bachelor’s degree in related field
Must have a broad understanding of security technologies including but not limited to firewalls, vulnerability and compliance management solutions, logging and security incident and event management (SIEM) , secure access service edge (SASE) endpoint security, and cloud posture management, and cloud security
think creatively and innovatively about the information risk and security solutions that can keep data safe while still allowing a business to successful
have experience in working with regulations and compliance requirements including HIPAA, HITRUST, NIST CSF, ISO 2700x, SSAE-16 (SOC 1, SOC2, SOC3), EU Data Privacy and Security, Privacy Shield, and others
have experience in developing, executing, and maintaining Security audit plans, audit standards, and vendor security reviews
have experience in identifying cultural and educational requirements for a diverse population and effectively able communicate audit and technical concepts to them
are an excellent written and verbal communicator
proficient with Microsoft Office Suite (Word, Excel, Power Point)
highly collaborative with the ability to properly handle confidential information
work well independently and in a team environment, and work well in a matrix environment
able to multi-task, prioritize and meet deadlines
handle stress well and are comfortable in a high volume environment
have flexibility and willingness to participate in the work processes of an international organization, including conference calls scheduled to accommodate global time zones
Industry Certifications (Must be able to obtain one or more within 18 months if not currently certified):
Information Systems Auditor (CISA)
Information Systems Security Professional (CISSP)
in Risk and Information Systems Controls (CRISC)
Information Security Manager (CISM)
WHO WE ARE
We’re a leading management services organization proudly serving ophthalmology practices and ambulatory surgery centers throughout the Mid-Atlantic and New England regions. We work tirelessly to provide our partners with access to world-class management solutions—including human resources, marketing and patient retention services, finance and accounting services, payroll management, and information technology—so our partners can focus on delivering exceptional eye care.
Our leadership team is composed of some of the most experienced individuals in the eye care business. Our senior management team has a combined 200 years of eye industry experience collaborating with some of the most recognized practices in the nation.
With nearly 1,400 employees, we support over 50 clinic locations, five state-licensed ambulatory surgery centers, and over 110 surgeons, doctors and other medical professionals. Our brands include OCLI Vision, Ophthalmic Consultants of Connecticut, Island Eye Surgicenter, New Vision Cataract Center and others.
At Spectrum Vision Partners we know that cultivating diversity and fostering an inclusive work environment is critical to our impact and success. We create an environment where no individual is advantaged or disadvantaged because of their background. We offer equal opportunity employment regardless of race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability status, age, marital status, or protected veteran status. With a commitment to maintaining a bias-free environment in which harassment is prohibited, we respect cultural diversity and comply with the laws of the places in which we operate. We expect our business partners, suppliers, clients, and all of our team members to uphold these commitments.
Senior Cyber Security Ops Center Analyst
Information Security Analyst Job 35 miles from Holtsville
We are conducting a search for a Senior Security Operations Center (SOC) Analyst. The Sr. SOC Analyst will be responsible for the identification, quantification and reporting of cyber threats to the organization.
Responsibilities (including but not limited to):
Establish a baseline risk posture, identify current and future threats and recommend remedial actions
Provide day to day management of SOC analyst and associated activity.
Work as part of a 24/7/365 team delivering real time proactive monitoring and maintenance of supported security tools and associated rules and signatures. Tools include but are not limited to, SIEM, NIDS/NIPS, HIDS/HIPS, Endpoint protection suites, DLP.
Maintain and grow the value of current and future partner relationships.
Produce and maintain operational processes and procedures for use by all shift personnel.
Carry out Triage on Security events, raise incidents and support the Incident Management process.
Create and maintain SIEM correlation rules, signature creation for supported NIDS/NIPS, HIDS/ HIPS and Endpoint Protection products.
Work within current change management processes to apply patches, provide 1
st
line support for supported Security tools.
Remain up to date with current attack methods and characteristics to identify threats and advice on prevention, mitigation and remediation.
Knowledge & Experience Required:
Demonstrate experience of risk identification and remediation within a global SOC environment.
In depth knowledge of two or more of the following: SIEM, NIDS/NIPS, Endpoint Security toolsets, DLP, Network security technologies.
SCADA /ICS environments.
Demonstrate in depth knowledge of desktop and server operating systems and associated log analysis.
Demonstrate in depth knowledge of network packet analysis Experience of Security Incident Management processes.
Demonstrate ability to formulate formal processes and procedures to support SOC operations.
Experience of developing SIEM correlation rules and snort signatures.
Degree level or demonstrable equivalent experience.
GIAC/CEH
Information Security Manager
Information Security Analyst Job 9 miles from Holtsville
Summary: The Information Security Manager (“ISM”) is primarily responsible for assisting the Senior Information Security Manager (“SISM”) to fulfill Dime's security monitoring oversight functions in support of Dime's information security program. This includes operational and tactical responsibilities that ensure standard operating procedures are maintained within Dime's control environment to effectively protect Dime's information assets.
Salary commensurate with experience, ranging from $100,000 to $120,000 annually. The exact compensation may vary based on relevant experience, skills, education, training, licensure and certifications, and location.
All applicants must attach a recent resume. This is NOT a remote role. Dime does not provide relocation assistance or visa sponsorship (now or in the future).
Responsibilities: Overall, the ISM's job is to work with Dime's IT and Risk Management departments and various business units to plan, coordinate and develop recommendations for all aspects of information security policies and procedures for Dime in order to:
Oversee that system monitoring activities of the IT NSOC (Network Security Operations Center), comply with Dime's information security policies.
Oversee log and entitlement reviews of critical systems to protect Dime's information assets from internal and external threats.
Oversee regular vulnerability testing/assessment, social engineering testing, and security evaluations are performed to evaluate the effectiveness of existing controls, including periodic penetration testing of critical information systems.
Use metrics to measure, monitor and report on effectiveness and efficiency of information security controls and compliance with information security policies, in order to support the annual information security risk assessment.
Assist in development, maintenance, and testing of policies, standards, processes, and procedures to assess, monitor, report, escalate and remediate information security risks and related compliance issues.
Work with Dime's business units, Internal Audit, vendors, and other systems professionals to ensure policies and procedures are being complied with and to develop recommendations for improvements, ensure that compliance issues and other variances are resolved in a timely manner, and actively apply innovative solutions to advance Dime's information security goals.
Participate and help coordinate the implementation and roll-out of Information Security systems and software within Dime to verify that Dime's systems are in compliance with Information Security Policies.
Qualifications:
Bachelor's degree from four-year college or university and minimum three years' related experience and/or training; or equivalent combination of education and experience.
Knowledge of banking operations and bank policy and procedure development.
Knowledge of financial services regulatory requirements (FFIEC, GLBA, NYSDFS), and industry standards (NIST, ISO 27001/2).
CISSP (or comparable certification) preferred or expected within one year of hire.
Hands-on experience with DLP Prevention tools such as enterprise security tools (i.e., SIEM, vulnerability scanners, firewalls)
Hands-on experience with enterprise DLP tools (i.e., Varonis, O365 Defender) a plus.
Experience with Palo Alto, FortiNet EDR, and Darktrace technologies a plus.
Proficiency with industry standard information security testing and evaluation techniques. Use of Vulnerability Management and Penetration testing tools, (e.g., Rapid 7, Nessus, NMAP, Kali Linux,) a plus.
Excellent oral and written communication skills.
Ability to work outside of normal business hours on occasion.
Superior knowledge of Microsoft Office and database management software.
Knowledge of computer programs, databases, and systems used in the banking/financial services sectors.
Senior Information Security Analyst **Onsite Only - Will Not Be Remote**
Information Security Analyst Job 35 miles from Holtsville
Current Saint Francis Employees - Please click HERE to login and apply. Full Time 8:00a - 4:30p PLEASE NOTE: This position will be onsite only and will not be remote. Qualified candidates must be willing to relocate or live in the greater Tulsa, OK area.
Schedule: Monday - Friday | 8:00am - 5:00pm
Job Summary: As a member of the Information Security team, responsibilities include manages and mitigates information security risk by identifying, evaluating, assessing, designing, monitoring, administering, reporting and implementing systems, policies and processes. Provides information security risk insight and guides management on information security risk issues and serves as advisor to peers, team members and management.
Minimum Education: Bachelor's degree in Computer Science, MIS, Computer Engineering, Cyber Security or related discipline.
Licensure, Registration and/or Certification: None. One or more of the following certifications are preferred: Certified Information Systems Security Professional (CISSP), or Certified in Risk and Information Systems Control (CRISC) or Certified Information Systems Auditor (CISA).
Work Experience: 3 - 4 years related experience inclusive of two years working directly in an Information Services department and previous experience with HIPAA/PHI compliance programs, policies, procedures, risk assessments and audits.
Knowledge, Skills and Abilities: In-depth knowledge of cyber security methodology and security practices. Knowledge of HIPAA, PCI, SOX, ISO and NIST cybersecurity frameworks. Knowledge of intrusion detection and intrusion prevention systems, penetration and vulnerability testing. Knowledge of data loss prevention, anti-virus and anti-malware software tools. Knowledge of computer networking, TCP/IP, routing and switching, network protocols and packet analysis tools. Knowledge of Windows, UNIX and Linux operating systems. Excellent problem solving and analytical skills. Excellent written and oral communication skills. Excellent organizational and interpersonal skills. Ability to work independently as well as in a team setting.
Essential Functions and Responsibilities: Define, implement, and enforce information security policies, strategies, and procedures that align with healthcare laws and regulations, such as HIPAA. Conduct and/or support targeted risk assessment. Determine significant risk points and exercise process for risk assessment and risk acceptance. Review assessment results for vulnerabilities, gaps, control deficiencies, and work with key stakeholders to establish plans for sustainable resolution. Maintain an effective information security awareness program and educate internal teams on best practices. Ensures that business and clinical software applications include adequate information and security controls. Establish and maintain metrics based on the information security framework used at SFHS.
Decision Making: Independent judgment in making decisions from many diversified alternatives that are subject to general review in final stages only.
Working Relationships: Works directly with patients and/or customers. Works with internal customers via telephone or face to face interaction. Works with external customers via telephone or face to face interaction. Works with other healthcare professionals and staff. Works frequently with individuals at Director level or above.
Special Job Dimensions: None.
Supplemental Information: This document generally describes the essential functions of the job and the physical demands required to perform the job. This compilation of essential functions and physical demands is not all inclusive nor does it prohibit the assignment of additional duties.
Information Technology - Information Security - Yale Campus
Location:
Tulsa, Oklahoma 74136
EOE Protected Veterans/Disability
IT Security Manager
Information Security Analyst Job 24 miles from Holtsville
Pavion and our family of companies are seeking a talented and motivated IT Security Manager to join our corporate team. We are seeking an experienced IT Security Audit & Compliance Manager to join our team. This individual will oversee IT security audits, respond to cybersecurity questionnaires, and maintain compliance documentation. Additionally, they will manage the entire ISO 27001 certification process and ensure ongoing compliance with industry standards. The role requires close collaboration with internal teams and third-party vendors to maintain and enhance our cybersecurity measures.
Primary Responsibilities:
Lead and manage IT security audits and assessments across the organization
Prepare and respond to security questionnaires from clients and stakeholders
Track cybersecurity regulatory forms, compliance deadlines, and monitor industry-related updates
Manage ISO 27001 certification, including audits, corrective actions, and continuous updates
Collaborate with internal teams and external vendors to ensure security protocols are maintained and up to date
Stay informed on the latest cybersecurity protocols, software, and solutions
Provide regular compliance updates to management and identify potential risks
Assist in developing and maintaining security policies, procedures, and supporting documentation
Basic Qualifications:
Bachelor's degree in Cybersecurity, Information Technology, or a related field (or equivalent experience)
Strong understanding of ISO 27001 and its implementation processes
Familiarity with popular cybersecurity protocols, software, and solutions (e.g., SIEM, IDS/IPS, firewalls, encryption standards)
Proven experience conducting IT security audits and assessments
Excellent organizational skills to handle compliance documentation and regulatory forms
Strong communication skills with the ability to work in a collaborative team environment
Experience managing third-party vendor relationships related to security
Preferred Qualifications:
Certifications such as CISA, CISSP, CISM, or ISO 27001 Lead Auditor
Knowledge of other cybersecurity frameworks such as NIST, SOC 2, or GDPR
Familiarity with incident response processes and risk management
Salary Range: $100,00-$130,000
Disclaimer: This should not be construed to imply that these requirements are the exclusive standards of the position. Incumbents will follow any other instructions, and perform any other related duties, as may be required. The employer has the right to revise this at any time. The job description is not be construed as a contract for employment.
Pavion is an equal opportunity/affirmative action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected veteran status, age, or any other characteristic protected by law.
Security Engineer
Information Security Analyst Job 40 miles from Holtsville
WHO WE ARE Veterinary Emergency Group (VEG) is a rapidly growing emergency company with hospital locations across the United States. Our mission is helping people and their pets when they need it most. We are revolutionizing emergency medicine with a "customer first" mentality and a true, employee-centric work environment.
TALENT + CULTURE AT VEG
At VEG, we want people and their pets to feel safe, secure, and valued; we want our employees to feel the same way. What we're aiming to achieve on the customer side is equivalent in nature to what we want for our employees: to have the best experience possible. With the highest NPS score in our industry, we're ready to ensure that VEG remains the place where the best and brightest in the emergency world not only want to work, but stay and grow. For our customers and their pets, we strive to find a way to say, "yes." We do the same and more for our teams. In fact, VEG is one of this year's nominees for INC Magazine's Best Places to Work!
WHAT WE'RE LOOKING FOR
We are looking for someone that understands offensive and defensive engineering. Someone with a good understanding of security in AWS Cloud and SaaS applications, have a good engineering mind and love working with technology . You're happy to pitch in where needed in other security functions. .
RESPONSIBILITIES:
* Assist in managing security tools like NetSkope, Proofpoint, CrowdStrike
* manage proofpoint
* Create and maintain inventory of assets
* Test application, network and system security
* Assist in threat hunting, threat modeling
* implement technical controls selected by the GRC team
* Collaborate with cross-functional teams
* Adaptable and able to prioritize ever-evolving risks.
WHO YOU ARE
* Bachelor's degree
* Experience with NetSkope, Meraki, CrowdStrike
* Experience with Splunk
* Knowledge of JAMF, Okta
* Security experience with MacOS
* Ethical hacking certification is preferable.
* 2+ years of experience
BENEFITS
* Pay Range: 80K - 100K
* Medical, Dental and Vision benefits beginning day 1 of employment!
* 401K with company match.
* 10 weeks of parental leave with 100% pay.
* Unlimited PTO.
* Company laptop and a monthly cell phone reimbursement.
* Casual office attire, dog friendly, and a kitchen full of snacks and beverages!
* Opportunity to grow and so much more!
VEG celebrates diversity and is committed to creating an inclusive workplace that represents a variety of backgrounds, perspectives, and skills. You've found the equal-opportunity employer you are looking for. We can't wait to meet you!
Firewall Security Engineer
Information Security Analyst Job 32 miles from Holtsville
Duration: 6+ Months
Experienced Firewall administrator for operational implementation, maintenance and configuration of firewalls.
Key Responsibilities:
Performs maintenance and changes in firewalls as required.
Implementation of new firewalls as required
Assists with troubleshooting network connectivity as it relates to firewalls
Utilizes change management, request, and ticketing systems, documents status updates and problem resolutions
Complete All assignments in a timely manner with an acceptable level of quality
Maintains documentation related to work area
Completes network change requests
Follows documented processes, procedures and policies
Performs customer service duties and responds to customer and project requests as defined by management
Other related duties assigned as needed.
Qualifications/Requirements:
Bachelor's degree and with 3 to 4 years of operational experience administering Firewalls
4 or more years networking/firewall background
Must have networking TCP/IP routing protocol experience
Desired Characteristics:
In-depth experience in security aspects of multiple platforms, operating systems, software, communications and network protocols is desired
Competency in verbal, written, and presentation communications and interpersonal understanding
Ability to understand customer's business needs.
Leadership of work teams/groups
Ability to work with all levels of employees
Highly motivated and able to work effectively under minimal supervision in a fast-paced environment
Team-oriented, placing priority on quality and the successful completion of team goals
Organization and planning skills that include: time management, project coordination and management, and the ability to handle multiple deadlines and associated pressures.
Competency in developing effective solutions to business problems
Ability to analyze problems and to make decisions
REQUIRED SKILLS
YEARS OF EXPERIENCE
WHEN THE SKILL WAS LAST USED
Expert knowledge of Cisco Security products, ASA and Firepower
Expert knowledge of NSX
Expert knowledge of Palo Alto systems
Security Certifications a Plus
Must have networking TCP/IP routing protocol experience
Networking/firewall background
Operational experience administering Firewalls
Additional Information
All your information will be kept confidential according to EEO guidelines.
Information Technology - Senior Security Engineer
Information Security Analyst Job 28 miles from Holtsville
As the second-largest independent Catholic university in New England, and one of the fastest-growing private doctoral institutions in the U.S., Sacred Heart University is a national leader in shaping higher education for the 21st century. SHU offers nearly 90 undergraduate, graduate, doctoral and certificate programs on its Fairfield, Conn., campus. Sacred Heart also has a campus in Dingle, Ireland, and offers online programs. More than 10,000 students attend the University's eight colleges and schools: Arts & Sciences; Communication, Media & the Arts; Social Work; Computer Science & Engineering; Health Professions; the Isabelle Farrington College of Education & Human Development; the Jack Welch College of Business & Technology; and the Dr. Susan L. Davis, R.N., & Richard J. Henley College of Nursing. Sacred Heart stands out from other Catholic institutions as it was established and led by laity.
Sacred Heart University is a contemporary Catholic university rooted in the rich Catholic intellectual tradition and the liberal arts that cultivates students to be forward thinkers who enact change-in their own lives, professions and in their communities. SHU upholds a universal perspective, welcoming and valuing diverse faith traditions, including those from religious and nonreligious backgrounds. This catholicity, which is the basis of inclusivity, enriches dialogue, deepens understanding and strengthens our commitment to creating a more compassionate and just world.
The Princeton Review includes SHU in its Best 388 Colleges-2023 Edition, and Best Business Schools-2023 Edition. Sacred Heart is home to the award-winning, NPR-affiliated radio station, WSHU, a Division I athletics program and an impressive performing arts program that includes choir, band, dance and theatre. *******************
To apply
Only applications submitted through the official Careers at SHU site will be accepted for employment consideration. If you are viewing this job advertisement through a different site, please visit Careers at SHU to submit a formal application.
Qualified candidates are invited to submit a complete application and resume via our online application system. A cover letter or statement of interest is also preferred for all staff positions.
Sacred Heart University complies with all federal and state employment laws and regulations. Applicants must be lawfully authorized to work for any employer in the United States. We are unable to sponsor or take over sponsorship of an employment Visa for this position.
Position Summary
This role's primary purpose is to ensure the effective planning, management, and successful execution of cybersecurity initiatives.
Principal Duties & Responsibilities
* Assist in the design and implementation of all University information security programs and initiatives.
* Implement, configure, and maintain the University's authentication and authorization systems.
* Implement, configure, and maintain information security devices and software applications.
* Assist IT Level 1 and 2 support in all matters concerning security.
* Help coordinate implementation and administration of security policies, practices, standards, and programs.
* Perform security tests of all campus computing hardware (laptops, desktops, servers, network infrastructure, etc.) and software applications/databases.
* Perform risk analysis of new technologies.
* Work with other IT Networking and Systems staff to provide guidance and monitoring of all new projects and major upgrades involving security systems and personal identifiable information.
* Provide the IT department with reports on patch levels of systems and recommendations for immediate patching needs.
* Disseminate security information and keep IT staff abreast of developing/emerging threats where appropriate.
* Attend conferences and training as required to maintain proficiency.
* Other duties as assigned
Knowledge, Skills, Abilities & Other Attributes
* Bachelor's degree in computer science or equivalent degree or equivalent experience is required. An advanced degree in Computer Science is preferred. Five years of computing and information systems experience with at least three years of experience in computing and information systems security.
* Excellent troubleshooting and monitoring skills are required.
* Professional certification (CEH, GIAC, Security+, or other equivalent) is preferred but not required.
* Strong understanding of security issues, problems, utilities, techniques, and solutions.
* Demonstrated ability to communicate effectively, both verbally and written, is required.
* Knowledge of account lifecycle management systems such as Microsoft Entra ID and Okta.
* Knowledge of Splunk or other related SIEM technology.
* Knowledge of security infrastructure systems such as Palo Alto, Knowbe4, Varonis, Qualys, and Microsoft Purview
* Knowledge of Certificate management systems such as Sectigo and InCommon
* Working knowledge of and experience in the policy and regulatory environment of information security, especially in higher education, is desirable.
* Experience in the specific technical areas of systems programming and administration, applications development, database administration, network operations, user support, decision support, data center operations, and job control is highly desirable.
* High level of integrity and excellent judgment concerning privacy issues.
* Demonstrates strong communication skills by effectively collaborating with team members while maintaining the ability to work independently on tasks with minimal supervision.
* Thrives in both team-oriented environments and independent settings, actively utilizing problem-solving skills to overcome challenges and drive success in group collaborations as well as independent projects
Unusual Working Conditions
Must be available to work evenings and weekends at various times throughout the year and be responsive to off-hours calls pertaining thereto.
This job posting provides an overview of the role's general nature and expected tasks. It is not meant to be a comprehensive list of all duties performed. The university reserves the right to modify or reassign job responsibilities at any time. This posting description does not constitute an employment contract, either explicit or implied.
Sacred Heart University is a space that respects and embraces differences, recognizes the unique contributions that individuals can make, and creates a community that maximizes the potential of all faculty and staff. As an equal opportunity employer, we encourage applications from qualified candidates who reflect the wider world in which we live.
Other details
* Job Family Staff
* Job Function Information Technology
* Pay Type Salary
* Required Education Bachelor's Degree
Apply Now
* 3135 Easton Turnpike, Fairfield, Connecticut, United States of America
Director of Information Security
Information Security Analyst Job 32 miles from Holtsville
Qualifications Bachelor's degree required. Minimum five years of full-time professional experience in information technology, including evidence of successful and progressively responsible roles in information security or related area (including growth in levels of responsibility, complexity of work, numbers, and sophistication of employees) related to the essential responsibilities listed. Demonstrated fluency in written and spoken English with the sophistication necessary to effectively communicate technical details to both technical and non-technical individuals. Demonstrated willingness and ability to carry out the essential responsibilities listed with humility, grace, and optimism. Demonstrated understanding of, sensitivity to, and respect for the academic, cultural, and social diversity in the Hofstra University community.
Preferred Qualifications
Advanced degree in computer science, computer engineering, information security, or related field strongly preferred. One or more relevant professional certifications (e.g., CISSP , CISM /A, etc.) strongly preferred. Experience with state and federal information security regulatory requirements ( GLBA , FERPA , HIPAA , etc.) and other compliance requirements ( PCI , etc.). Knowledge of and experience applying industry-standard IT security frameworks ( NIST , IHECF , etc.). Significant experience in computing and information security, network security issues, and security incident response and recovery in a higher education environment. Significant experience in communicating information security principles and concepts to non-technical stakeholders, and success in improving cybersecurity awareness in a higher education environment. Working knowledge of the information security policy and regulatory environment of information security, particularly in higher education. Demonstrated experience and success in advising and collaborating with key stakeholders relevant to the essential responsibilities listed, including senior leadership, Internal Audit, outside auditors, and consultants. Professional experience in a leadership role in a higher education institution.