Information Security Analyst jobs in Kent, WA

At Boeing, we innovate and collaborate to make the world a better place. We're committed to fostering an environment for every teammate that's welcoming, respectful and inclusive, with great opportunity for professional growth. Find your future with us. The Boeing Company is looking for a highly experienced and detail-oriented Senior Cloud Security Architect to join the team in Arlington, VA; Auburn, WA; Berkeley, MO; Chicago, IL; Colorado Springs, CO; El Segundo, CA; Englewood, CO; Hazelwood, MO; Houston, TX; Huntington Beach, CA; Huntsville, AL; Jacksonville, FL; Kennedy Space Center, FL; Kent, WA; Long Beach, CA; Mesa, AZ; Miami, FL; North Charleston, SC; Ogden, UT; Oklahoma City, OK; Plano, TX; Portland, OR; Renton, WA; Ridley Park, PA; Saint Charles, MO; San Antonio, TX; Seal Beach, CA; or Tukwila, WA. As a Cloud Security Architect at Boeing, you will be a key member of Cloud Security function, responsible for designing and implementing robust security architecture standards and solutions for our cloud infrastructure and applications. You will collaborate closely with cross-functional teams to ensure that our cloud environments adhere to the highest security standards and best practices. Your expertise will be instrumental in safeguarding our sensitive data and ensuring the availability, confidentiality, and integrity of our cloud-based services. Position Responsibilities: Collaborate with stakeholders, software architects, and DevOps teams to design and implement security solutions for cloud-based systems across multiple cloud platforms (AWS, Azure, GCP) Develop and maintain a comprehensive understanding of the organization's cloud infrastructure, applications, and data flows Design, develop and implement secure patterns to aid the transformation of our estate to cloud first Partner with our policy as code team to define and enforce cloud security policies, standards, and best practices to ensure compliance with industry regulations and internal security requirements. Lead threat modelling and risk assessments to identify potential security threats and vulnerabilities. Develop and execute strategies to mitigate and address these risks Evaluate and recommend security tools, technologies, and services that enhance our cloud security posture Collaborate with development teams to ensure secure coding practices, vulnerability assessments, and regular security testing Lead security awareness training and education initiatives to ensure developers and application teams are familiar and competent in secure-by-design methodologies Stay up to date with emerging cloud security threats, vulnerabilities, and best practices, and apply this knowledge to continuously enhance our security strategies Basic Qualifications (Required Skills/Experience): 5+ years of experience with Information Security work Experience in cloud security architecture and design, with a focus on major cloud platforms (e.g., AWS, Azure, GCP) Experience designing and implementing security solutions for cloud-based systems, including IAM, network security, data protection, and compliance Experience in vulnerability management, risk assessment, and/or security analytics Experience in Infrastructure as Code (IaC) and CI/CD environments Preferred Qualifications (Desired Skills/Experience): Certified Cloud Security Professional (CCSP), Certified Information Systems Security Professional (CISSP), or cloud platform-specific certifications Experience in an Aerospace domain Drug Free Workplace: Boeing is a Drug Free Workplace where post offer applicants and employees are subject to testing for marijuana, cocaine, opioids, amphetamines, PCP, and alcohol when criteria is met as outlined in our policies . Pay & Benefits: At Boeing, we strive to deliver a Total Rewards package that will attract, engage and retain the top talent. Elements of the Total Rewards package include competitive base pay and variable compensation opportunities. The Boeing Company also provides eligible employees with an opportunity to enroll in a variety of benefit programs, generally including health insurance, flexible spending accounts, health savings accounts, retirement savings plans, life and disability insurance programs, and a number of programs that provide for both paid and unpaid time away from work. The specific programs and options available to any given employee may vary depending on eligibility factors such as geographic location, date of hire, and the applicability of collective bargaining agreements. Pay is based upon candidate experience and qualifications, as well as market and business considerations. Summary pay range: $117,300 - $181,700 Applications for this position will be accepted until Jul. 21, 2025 Export Control Requirements: This is not an Export Control position. Relocation Relocation assistance is not a negotiable benefit for this position. Visa Sponsorship Employer will not sponsor applicants for employment visa status. Shift This position is for 1st shift Equal Opportunity Employer: Boeing is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, genetic factors, military/veteran status or other characteristics protected by law.

Get to know Okta Okta is The World's Identity Company. We free everyone to safely use any technology, anywhere, on any device or app. Our flexible and neutral products, Okta Platform and Auth0 Platform, provide secure access, authentication, and automation, placing identity at the core of business security and growth. At Okta, we celebrate a variety of perspectives and experiences. We are not looking for someone who checks every single box - we're looking for lifelong learners and people who can make us better with their unique experiences. Join our team! We're building a world where Identity belongs to you. Role Summary: We seek an experienced and detail-oriented Staff Data Security Analyst to contribute to our strategic Data Classification and Governance Program. In this role, you will be instrumental in the operational execution of our data governance strategy. You will work hands-on with data discovery and classification tools, apply data protection policies, and collaborate extensively with cross-functional teams, including Business Technology (BT), Legal, Data & Insights (D&I), and other Security teams. Your focus will be on implementing and maintaining the data classification framework, supporting the rollout of technical controls, and ensuring that our data handling practices align with our security and compliance objectives. Key Responsibilities: Data Classification & Labeling: Actively participate in data discovery initiatives to identify and inventory sensitive data (PII, SPI, financial, IP, AI training data) across key enterprise systems (e.g., Google Workspace, Salesforce, Workday, NetSuite, Snowflake). Assist in executing pilot programs for data classification on high-priority systems and contribute to refining classification processes. Policy Operationalization & Control Support: Assist data Stewards and system owners in implementing the data classification policy and data handling standards to support their operationalization. Collaborate with BT and Security engineering teams to test and validate the implementation of technical controls (e.g., DLP rules, CASB configurations) based on data classification. Help define and test controls related to sensitive data input into enabled AI tools. Tooling & Process Support: Become proficient in using selected data discovery, classification, and governance tools (potential tools include Varonis, native Google/Snowflake capabilities). Assist with the configuration, including helping to set up scans and reviewing results. Contribute to developing and maintaining documentation for classification procedures and tool usage. Collaboration & Stakeholder Engagement: Work closely with Data Stewards (from D&I and business units) to understand data context, validate classification results, and ensure alignment with business needs. Partner with BT application owners to facilitate classification efforts and implement necessary data handling changes. Support Security GRC by providing data and insights for risk assessments and compliance reporting related to data classification. Monitoring, Reporting & Continuous Improvement: Assist in establishing and tracking key metrics for data classification coverage, accuracy, and the effectiveness of associated controls. Contribute to developing dashboards and reports for program stakeholders and the Data Governance Council. Required Qualifications & Skills: Bachelor's degree in Information Security, Computer Science, Information Systems, or a related field, or equivalent practical experience. 10+ years of experience in data security, governance, IT risk management, or a similar analytical role focusing on data protection. Strong, demonstrable understanding of data classification principles, methodologies, data lifecycle management, and data handling best practices. Hands-on experience with data discovery and/or data classification tools and technologies. Solid understanding of data protection concepts and technologies (e.g., DLP, data masking, tokenization, encryption, IAM). Knowledge of key data privacy regulations (e.g., CCPA, GDPR) and their impact on data handling. Excellent analytical, problem-solving, and critical-thinking skills with meticulous attention to detail. Proven ability to work effectively in a cross-functional team environment and manage multiple tasks. Strong written and verbal communication skills, with the ability to articulate technical concepts to varied audiences. Preferred Qualifications: Experience with specific data governance or classification platforms (e.g., Varonis, OneTrust, Google Cloud DLP, Snowflake Data Classification). Experience implementing or operating data security controls in SaaS environments (e.g., Salesforce, Workday, Google Workspace, M365) and cloud platforms (AWS, Azure, GCP). Familiarity with security considerations for AI/ML systems and data inputs, including knowledge of AI-native solutions for data labeling and classification. Hands-on experience with AI governance principles and frameworks, including implementing controls for responsible AI use. Experience in developing and delivering training or awareness materials. Relevant industry certifications (e.g., CISM, CISSP, CIPP, CDMP, or tool-specific certifications). #LI-BF1 #LI-Hybrid The annual base salary range for this position for candidates located in the San Francisco Bay area is between: $170,000—$254,000 USD Below is the annual base salary range for candidates located in California, Colorado, New York and Washington. Your actual base salary will depend on factors such as your skills, qualifications, experience, and work location. In addition, Okta offers equity (where applicable), bonus, and benefits, including health, dental and vision insurance, 401(k), flexible spending account, and paid leave (including PTO and parental leave) in accordance with our applicable plans and policies. To learn more about our Total Rewards program please visit: **************************** The annual base salary range for this position for candidates located in California (excluding San Francisco Bay Area), Colorado, New York, and Washington is between:$151,000—$227,000 USD What you can look forward to as a Full-Time Okta employee! Amazing Benefits Making Social Impact Developing Talent and Fostering Connection + Community at Okta Okta cultivates a dynamic work environment, providing the best tools, technology and benefits to empower our employees to work productively in a setting that best and uniquely suits their needs. Each organization is unique in the degree of flexibility and mobility in which they work so that all employees are enabled to be their most creative and successful versions of themselves, regardless of where they live. Find your place at Okta today! ************************************** Some roles may require travel to one of our office locations for in-person onboarding. Okta is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, ancestry, marital status, age, physical or mental disability, or status as a protected veteran. We also consider for employment qualified applicants with arrest and convictions records, consistent with applicable laws. If reasonable accommodation is needed to complete any part of the job application, interview process, or onboarding please use this Form to request an accommodation. Okta is committed to complying with applicable data privacy and security laws and regulations. For more information, please see our Privacy Policy at *************************************

Aditi Staffing is an MBE certified, IT Staffing firm in the US offering contract, contract-to-hire & direct hire career opportunities with Fortune Firms. Recently recognized as one of the fastest growing staffing firms and top diversity firm by the Staffing Industry Analysts, Aditi Staffing has been a partner of choice for candidates and clients. Visit our website: http://www.aditistaffing.com/ Job Description Role: Information Security Analyst Location: Information Security Analyst 6-8 years of experience in information security / technology or related field. Advanced verbal and communication skills with diverse cross functioning groups. Strong background and experience in policy development, program administration. In depth knowledge and experience in incident response activities and compliance. Ability to plan, organize and prioritize tasks to complete independently and within time frame established. While technical knowledge of information technology and security issues is highly desirable, technical expertise and resources will be available from units such as Security Operations to support the information security and privacy program. Strong technical writing abilities. Very good understanding of security controls, control systems, and business drivers that impact security controls. Knowledge of SEC, FFC, Sarbanes-Oxley (SOX) and or Gramm-Leach Bliley Act regulatory policies & guidelines. Strong background in security authentication, security applications development methodologies, security architecture and operational procedures, organization, business continuity skills, disaster recovery skills, identity management skills and hands on experience implementing products / solutions e.g. NetIQ, Entrust, Netegrity, Oblix, PKI, and some director service, RSA, strong understanding of the development and maintenance of RBAC s (Role Based Access Controls). Ability to work collaboratively with a broad range of constituencies essential. A demonstrated ability to work with diverse cross functional groups of people is required. Good to Have: Knowledge of the following technologies a plus: Intrusion Detection / Prevention Systems for networks and hosts Security Event Management Systems Vulnerability Assessment Systems Secure transfer protocols such as SSH, SCP and Connect Direct Secure Plus Diagnostic tools such as packet capture/decode and WAN probes IP Networking Windows Systems administration and security tools Experience with remote access, terminal servers, etc a plus Experience in the administration of UNIX Solaris, HP/UX, or Linux and Windows operating systems a plus Experience in developing and administering an information security program desirable Working knowledge of and experience in the policy and regulatory environment of information security, especially in higher education is desirable Additional Information Regards, Arun Kumar R arunkr(AT)aditistaffing.com D: 425-457-7916

The Company You'll Join Carta connects founders, investors, and limited partners through world-class software, purpose-built for everyone in venture capital, private equity and private credit. Carta's fund administration platform supports nearly 7,000 funds and SPVs, representing $150B in assets under administration in venture capital and private equity. Trusted by more than 40,000 companies, Carta also helps private businesses in over 160 countries manage their cap tables, valuations, taxes, equity programs, compensation, and more. Together, Carta is creating the end-to-end ERP platform for private markets. Traditional ERP solutions don't work for Private Funds. Private capital markets need a comprehensive software solution to replace outdated spreadsheets and fragmented service providers. Carta's software for the Office of the Fund CFO does just that - it's a new category of software to make private markets look more like public markets - a connected ERP for private capital. For more information about our offices and culture, check out our Carta careers page. The Problems You'll Solve At Carta, our employees set out on a mission to unlock the power of equity ownership for more people in more places. We believe that the problems we solve today unlock the opportunities of tomorrow. As a Director of Information Security, you'll work to mature our operational security capabilities, evolve our threat detection and response program, and drive strategic improvements to our identity architecture and governance. Here are some of the problems you'll help us solve: * Own, lead, and continuously improve our incident response program, including playbook development, cross-functional readiness, and post-incident reviews, ensuring rapid, effective, and transparent handling of security events. * Oversee the architecture and continuous improvement of our Zero Trust security strategy, guiding cross-functional implementation across users, devices, and applications. * Evolve our identity lifecycle and access governance model, ensuring the right access for the right users across cloud infrastructure and business applications. * Build and operationalize a threat intelligence and threat modeling program that continually assesses our attack surface, informs key security investments, and proactively mitigates future risks. * Cultivate and evangelize a culture of security across Carta through training, internal communications, and stakeholder engagement, making security a shared responsibility at every level. * Serve as a strategic partner to Engineering, IT, Legal, and Finance to drive cross-functional security initiatives, reduce technical debt, and implement pragmatic, risk-based and scalable solutions. The Team You'll Work With You will be part of a security-minded team that believes in progress over perfection and where both security culture and mindset are key. Our team is rethinking how security operations can be accomplished in innovative ways. We focus on solving business problems while minimizing and managing risk exposure for Carta. About You You will act as a technical leader on security operations to help and empower the team in making technical decisions. You will work closely with IT, Legal, Compliance, and Engineering to protect Carta. If you are excited by the idea of developing a scalable, efficient, and business-enabling security program, come join us! We are looking for candidates who have: * Proven experience in developing and deploying Zero Trust architectures, including technologies and processes around identity, device trust, access control, and segmentation. * Strong understanding of modern cloud and network security principles, especially in AWS. * Experience with enterprise IAM capabilities such as SSO, MFA, privileged access management, and access reviews. * Operational knowledge of SIEM/SOAR, endpoint protection and management, and threat intelligence platforms. * Demonstrated ability to lead technical teams, scale processes, and influence change across complex technical environments. * Excellent communication skills, with the ability to translate risk to non-technical stakeholders and align security initiatives with business objectives. * 10+ years of experience in information security with deep expertise in security operations. Salary Carta's compensation package includes a market competitive salary, equity for all full time roles, exceptional benefits, and, for applicable roles, commissions plans. Our minimum cash compensation (salary + commission if applicable) range for this role is: * $237,000 - $316,000 in San Francisco, CA; Santa Clara, CA * $225,150 - $300,200 in Seattle, WA Final offers may vary from the amount listed based on geography, candidate experience and expertise, and other factors. Disclosures: * We are an equal opportunity employer and are committed to providing a positive interview experience for every candidate. If accommodations due to a disability or medical condition are needed, please connect with the talent partner via email. * Carta uses E-Verify in the United States for employment authorization. See the E-Verify and Department of Justice websites for more details. * For information on our data privacy policies, see Privacy, CA Candidate Privacy, and Brazil Transparency Report. * Please note that all official communications from us will come from an @carta.com or @carta-external.com domain. Report any contact from unapproved domains to ******************.

Who We Are: SEIU 775 Benefits Group's mission is to improve the skills, health and stability of the caregiver workforce through innovation and high-quality benefits and programs. We partner with workers, employers and industry stakeholders to collectively solve workforce problems through innovation, creativity and an evidence-based approach. Together, we deliver high-quality benefits and services to support a growing caregiver workforce. We are a nonprofit - passionate about revolutionizing the future of in-home care, and are looking for others to join our smart, collaborative and kind team. The Details: Location: Hybrid work Headquartered in Downtown Seattle, remote work possible from AZ, CA, CO, ID, IL, FL, OR, TN, VA, WA. Work Schedule: Our typical business hours are 8:30-5:00 PT Monday-Friday. Travel Requirements: Up to 10% Category: Full-Time, FLSA Exempt, Regular, Union Physical Requirements: Must be able to sit and stand for long periods of the day. About the Position: Reporting to the Director of Information Security, the Information Security Program Analyst will play a critical role in safeguarding the organization's HRIS, Finance and Legal systems by supporting the design, implementation, and maintenance of the Information Security Management System (ISMS). This role involves working with cross departmental leaders to monitoring security risks, developing policies and procedures, and ensuring compliance with industry regulations and standards. The Analyst's scope will include certain high-sensitivity functions such as, participating in the data collection for labor negotiation strategies and undertake investigatory tasks concerning disciplinary matters involving represented staff. The Analyst will handle sensitive data across various departments, requiring a high level of discretion while protecting critical business operations, including financial, HR and legal information. This role also works closely with decision-makers to ensure security strategies align with organizational goals and enforce proper security protocols. You Will: Conduct regular security risk assessments to identify vulnerabilities in critical systems, including HRIS, Legal, Financial, Budgeting platforms, and sensitive health data storage systems; Recommend mitigation strategies and review possible disciplinable actions of staff to departmental leaders to enhance the overall security posture and ensure regulatory compliance; Be a key player in the development and maintenance of the organization's risk management program, ensuring it covers crucial business systems such as HRIS, Legal and Financial platforms, and integrates with broader enterprise risk management efforts. Collaborate with departmental leaders to develop, update and enforce information security policies, procedures and standards; Ensure compliance with industry regulations (e.g., GDPR, HIPAA, PCI-DSS) and internal security policies; Assist in preparing for and conducting internal and external audits related to information security; Work with Learning and Development to create and deliver security awareness training programs, tailored to departments handling sensitive data, such as HR, Legal, Finance, and healthcare, to promote a culture of security and regulatory compliance; Stay current on emerging threats and best practices and communicate relevant information to the organization; Assist in the development and execution of incident response plans and procedures; Participate in investigations of security incidents and breaches, including root cause analysis and remediation, specifically involving HRIS, Legal, Financial Budgeting systems and sensitive health data storage platforms; Ensure compliance with data protection regulations (e.g., GDPR, HIPAA) while maintaining the integrity and security of critical business systems, such as HRIS, legal, financial and health data platforms; Maintain documentation of security incidents and follow up on corrective actions; Support the management and continuous improvement of the Information Security Management System (ISMS); Track and report on key performance indicators (KPIs) related to information security; Assist in coordinating security initiatives and projects across the organization; Collaborate with IT, Legal, Compliance, HR and Finance departments to ensure security initiatives align with legal and regulatory requirements (e.g., GDPR, HIPAA, PCI-DSS) ensuring their information systems are secure and compliant with both internal policies and external mandates; Communicate complex security concepts to non-technical stakeholders in a clear and concise manner; Participate in cross-functional teams to address security-related projects and initiatives; From time-to-time, perform other duties commensurate with the level of this position. You Will Need to Have: Bachelor's degree in Information Security, Cybersecurity, Computer Science, a related field or equivalent work experience in lieu of education; 3-5+ years of experience in information security, cybersecurity, or a related field; Understanding of information security principles and practices, including risk management, compliance, and incident response; Familiarity with industry standards and frameworks such as ISO 27001, NIST, and CIS Controls; Certified in or willing to obtain Security Plus within 6 months and AWS/Microsoft within 12 months; Proven analytical and problem-solving skills; Excellent verbal and written communication skills; Ability to work independently and as part of a team. It Will Be Great if You Have: Experience in Non-Profits; Experience working with Healthcare information security; Relevant certifications (e.g., CISSP, CISM, CRISC). Salary Range: $90,367.43 to $117,909.00 Benefits: Fully Paid Medical, Dental and Vision; 18 days PTO, 15 Sick days, 10 holidays, 1 floating holiday, 2 personal days; End of the year Winter Break; mid- year summer break and earned longevity breaks; Defined Benefit Pension Plan and 401(k) options; Fitness, cell phone, internet and furniture stipends. Statement of Affirmative Action SEIU 775 Benefits Group is proud to be an equal opportunity workplace and is an Affirmative Action employer. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, or Veteran status.

Department Description At Disney, we're storytellers. We make the impossible, possible. The Walt Disney Company is a world-class entertainment and technological leader. Walt's passion was to continuously envision new ways to move audiences around the world-a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences - and we're constantly looking for new ways to enhance these exciting experiences. The Enterprise Technology mission is to deliver technology solutions that align to business strategies while enabling enterprise efficiency and promoting cross-company collaborative innovation. Our group drives competitive advantage by enhancing our consumer experiences, enabling business growth, and advancing operational excellence. Team Description: The Identity and Access Management organization within Enterprise Technology supports all enterprise-level IAM services end-to-end. This includes IAM service management, governance, security, compliance, operations, engineering, architecture, organization change management, demand management, and release management. This organization is accountable and instrumental in reducing identity-related risks, mitigating threats, and advancing IAM mature services. Its mission is to enable secure, appropriate access for any identity from any device, any location, to any service, for the right business outcome. The IAM team provides positive user experiences through platform modernization, and security and operational excellence for workforce identities across The Walt Disney Company (TWDC). Responsibilities of Role: As the IAM Security & Governance Sr. Specialist, you will play a critical role in ensuring the compliance and audit readiness of our Identity & Access Management (IAM) services. You will be responsible for interpreting and coordinating responses to internal policies, regulatory requirements (e.g., SOX, PCI, BaFin), and audit activities impacting IAM. You will work cross-functionally with IAM Governance Leads, IAM Engineering Teams, IAM Service Leads, Compliance Teams and Internal and External Audit teams to define and track remediation plans, support audit cycles, and promote consistent adherence to security and regulatory standards. IAM Compliance Oversight * Identify relevant internal and regulatory compliance requirements (SOX, PCI, GDPR, etc.) for IAM services. * Monitor executive-level compliance metrics (e.g., Security Scorecard) to proactively identify and drive remediation of IAM-related compliance risks. * Define and coordinate the implementation of solutions to address identified compliance gaps. * Monitor ongoing compliance status and maintain accurate documentation for audits and governance reviews. Audit & Evidence Management * Drive and coordinate internal and external audits, partnering with control owners to ensure timely and complete evidence collection and response. * Maintain a centralized repository of audit artifacts to support consistent and efficient audit readiness. * Support audit remediation efforts by ensuring IAM risks, and control gaps are documented and addressed in collaboration with stakeholders. * Serve as a subject matter liaison for IAM systems during audits, ensuring alignment with applicable standards. * Assist with third-party audit support and SOC-related collection efforts. Security Assessments & Risk Activities * Enroll IAM systems in Risk Assessments, Information Security Attestations (ISAs), Technical Security Assessments, Third Party Assessments and other risk reviews. * Track and coordinate the remediation of findings from assessments and audits, ensuring timely resolution. * Maintain and update Archer for IAM-related risks and escalate risks as needed. Policy & Controls Coordination * Support the development and ongoing maintenance of IAM compliance procedures and control documentation. * Identify opportunities to implement or improve automated compliance controls and continuous monitoring capabilities. Collaboration & Stakeholder Engagement * Work closely with IAM Governance Leads, IAM Engineering Teams, Service Leads, Legal/Compliance stakeholders, Internal Audit, and Information Security Officers (ISOs). * Communicate audit findings, risk themes, and control updates across stakeholder groups clearly and consistently. Awareness & Reporting * Assist in training and awareness efforts to educate IAM teams on compliance requirements and best practices. * Prepare status reports, dashboards, and summaries of audit/compliance activities for leadership and stakeholders. * Monitor and report on compliance trends, risks, and opportunities for IAM process improvement. * Escalate unresolved risks, critical gaps, or delays in remediation to IAM and organizational leadership when necessary to drive accountability and progress. Must Haves: * Minimum of 5 years of experience in IAM compliance, audit coordination, or risk management in enterprise environments. * Solid understanding of IAM technologies (e.g., Active Directory, Okta, SailPoint), public/private cloud environments, middleware platforms, and IAM-related controls. * Experience supporting SOX, PCI, SOC, or other regulatory frameworks. * Proven ability to coordinate across engineering, audit, and compliance teams to drive issue resolution. * Strong organizational, documentation, and communication skills. Nice To Have: * Familiarity with cloud security and hybrid infrastructure environments. * Experience using risk management or GRC platforms (e.g., Archer). * Knowledge of audit and risk frameworks such as NIST CSF, ISO 27001, COBIT. * Relevant certifications (e.g., CISA, CISM, CRISC, or similar) are a plus. Education: Bachelor's degree in Computer Science, Information Systems, Software, Electrical or Electronics Engineering, or comparable field of study, and/or equivalent work experience #DISNEYTECH The hiring range for this position in Burbank, CA is $114,900 - $154,100 per year and in Seattle, WA is $120,300 - $161,300 per year. The base pay actually offered will take into account internal equity and also may vary depending on the candidate's geographic region, job-related knowledge, skills, and experience among other factors. A bonus and/or long-term incentive units may be provided as part of the compensation package, in addition to the full range of medical, financial, and/or other benefits, dependent on the level and position offered. About The Walt Disney Company (Corporate): At Disney Corporate you can see how the businesses behind the Company's powerful brands come together to create the most innovative, far-reaching and admired entertainment company in the world. As a member of a corporate team, you'll work with world-class leaders driving the strategies that keep The Walt Disney Company at the leading edge of entertainment. See and be seen by other innovative thinkers as you enable the greatest storytellers in the world to create memories for millions of families around the globe. About The Walt Disney Company: The Walt Disney Company, together with its subsidiaries and affiliates, is a leading diversified international family entertainment and media enterprise that includes three core business segments: Disney Entertainment, ESPN, and Disney Experiences. From humble beginnings as a cartoon studio in the 1920s to its preeminent name in the entertainment industry today, Disney proudly continues its legacy of creating world-class stories and experiences for every member of the family. Disney's stories, characters and experiences reach consumers and guests from every corner of the globe. With operations in more than 40 countries, our employees and cast members work together to create entertainment experiences that are both universally and locally cherished. This position is with Disney Worldwide Services, Inc., which is part of a business we call The Walt Disney Company (Corporate). Disney Worldwide Services, Inc. is an equal opportunity employer. Applicants will receive consideration for employment without regard to race, religion, color, sex, sexual orientation, gender, gender identity, gender expression, national origin, ancestry, age, marital status, military or veteran status, medical condition, genetic information or disability, or any other basis prohibited by federal, state or local law. Disney champions a business environment where ideas and decisions from all people help us grow, innovate, create the best stories and be relevant in a constantly evolving world. Apply Now Apply Later Current Employees Apply via My Disney Career Explore Location

We are looking for a highly experienced and motivated Senior Security Analyst who is passionate about advanced security monitoring, detection engineering, and threat hunting. As a Senior Security Analyst at DigitalOcean, you will lead and own critical aspects of our security monitoring program, shaping how we detect, respond to, and prevent threats. You will leverage deep expertise to engineer sophisticated detection capabilities, develop comprehensive metrics to measure program effectiveness, and drive continuous improvement across alerting and response functions. You will be a trusted member of Infrastructure Security and will collaborate closely with other cross-functional teams to close detection gaps and elevate the organization's overall security posture. What You'll Be Doing: Lead real-time monitoring, triage, and analysis of complex security events, providing verifiable assessments of threats and incident severity. Engineer advanced detection use cases, leveraging deep knowledge of adversary TTPs to design and implement scalable alerting solutions. Develop, track, and report on key metrics for security monitoring effectiveness and incident response performance, using data to drive improvements. Own and evolve the security monitoring program strategy, ensuring alignment with evolving threat landscapes and business priorities. Perform proactive threat hunting and hypothesis-driven investigations to uncover hidden or emerging threats within DigitalOcean's environments. Mentor and guide lower level analysts, reviewing escalated incidents and providing technical leadership during incident response. Coordinate threat analysis using historical data and architecture diagrams to identify attack vectors. Collaborate with Security and engineering teams to close monitoring gaps and improve overall security. Optimize security tools and processes to reduce false positives, improve detection fidelity, and automate response workflows where appropriate. Lead the creation and maintenance of detailed playbooks, runbooks, and documentation to standardize detection and response efforts. What We'll Expect From You: 5+ years of hands-on experience with SIEM platforms and endpoint detection tools, with proven impact on security monitoring programs. Demonstrated expertise in engineering and tuning complex detection rules and alerting logic across diverse environments. Deep understanding of network and endpoint security, attack methodologies, threat actor tactics, and mitigation strategies. Experience in proactive threat hunting, vulnerability management, and coordinating with red teams or penetration testers. Proven leadership in driving security program initiatives, setting metrics, and influencing cross-team security strategy. Excellent communication skills for technical documentation, incident reporting, and mentoring less experienced analysts. Proven experience with scripting and query languages (Python, Bash, SQL) to automate detection and response workflows. Demonstrated proficiency with operating systems like Linux, Windows, and mac OS. Why You'll Like Working for DigitalOcean: We innovate with purpose. You'll be a part of a cutting-edge technology company with an upward trajectory, who are proud to simplify cloud and AI so builders can spend more time creating software that changes the world. As a member of the team, you will be a Shark who thinks big, bold, and scrappy, like an owner with a bias for action and a powerful sense of responsibility for customers, products, employees, and decisions. We prioritize career development. At DO, you'll do the best work of your career. You will work with some of the smartest and most interesting people in the industry. We are a high-performance organization that will always challenge you to think big. Our organizational development team will provide you with resources to ensure you keep growing. We provide employees with reimbursement for relevant conferences, training, and education. All employees have access to LinkedIn Learning's 10,000+ courses to support their continued growth and development. We care about your well-being. Regardless of your location, we will provide you with a competitive array of benefits to support you from our Employee Assistance Program to Local Employee Meetups to flexible time off policy, to name a few. While the philosophy around our benefits is the same worldwide, specific benefits may vary based on local regulations and preferences. We reward our employees. The salary range for this position is $90,000 - $125,000 based on market data, relevant years of experience, and skills. You may qualify for a bonus in addition to base salary; bonus amounts are determined based on company and individual performance. We also provide equity compensation to eligible employees, including equity grants upon hire and the option to participate in our Employee Stock Purchase Program. We value diversity and inclusion. We are an equal-opportunity employer, and recognize that diversity of thought and background builds stronger teams and products to serve our customers. We approach diversity and inclusion seriously and thoughtfully. We do not discriminate on the basis of race, religion, color, ancestry, national origin, caste, sex, sexual orientation, gender, gender identity or expression, age, disability, medical condition, pregnancy, genetic makeup, marital status, or military service. *This is a remote role. #LI-Remote #LI-SK1

Are you skilled at helping customers to address their program requirements? Do you want to learn the very latest in cloud web services technologies and securely apply them to some of the most interesting computing workloads in the world? Responsibilities At AWS, we are hiring a Communications Security (COMSEC) Custodian/Officer to help manage and continue to develop the COMSEC Program. This will entail managing/dealing with multiple mission partners and COMSEC accounts found around the United States. It will also require continuous engagement with mission partners and vendors as we continue to scale the program to meet customer needs and requirements. Responsibilities will include: Reviewing proposed new programs requiring COMSEC to ensure the security of the program. Advising management and mission partners on the current and planned COMSEC postures for all AWS locations. Maintaining liaison with Government customers and COMSEC vendors to provide advice, guidance, and exchange information with regards to COMSEC standards and policies. Serve as a COMSEC subject matter experts on Government inter-agency working groups, committees, and task forces. Maintain 100% accountability of all accountable COMSEC items. Provide support and oversight over multiple COMSEC accounts and subaccounts across multiple sites. Develop and update operating procedures based on site, equipment and mission partners. Develop and update Emergency Action Plans (EAP) based on site, equipment and mission partners. Conduct semi-annual COMSEC training and EAP training per site for all AWS custodians. Perform all necessary backups, system upgrades, reconciliations, and inventories of COMSEC material. Support the semi-annual COMSEC training of all COMSEC custodians. Support the semi-annual EAP training of all COMSEC custodians. Maintain all COMSEC account and subaccount file plans as instructed per mission partner. Use and maintain common fill devices (KIK, SKL, SDS). Prepare and ship COMSEC material as instructed by mission partner policies as needed Coordinate with internal and external customers/stakeholders to support information security programs This position requires that the candidate selected be a US Citizen and must currently possess and maintain an active TS/SCI security clearance with polygraph. Key job responsibilities Establish and maintain all COMSEC accounts regionally, to include on-site troubleshooting, network deployment, regular keying and inventorying of devices, and administrative tasks associated with account compliance. Appoint and train partner teams to support ad-hoc requirements. Update AWS policy doctrine to ensure compliance with overarching customer requirements. Vigorously audit individuals accounts. About The Team Our team is dedicated to supporting new team members. Our team has a broad mix of experience levels and Amazon tenures, and we're building an environment that celebrates knowledge sharing and mentorship. Here at AWS, we embrace our differences. We are committed to furthering our culture of inclusion. We have ten employee-led affinity groups, reaching 40,000 employees in over 190 chapters globally. We have innovative benefit offerings, and we host annual and ongoing learning experiences, including our Conversations on Race and Ethnicity (CORE) and AmazeCon (gender diversity) conferences. Amazon's culture of inclusion is reinforced within our 16 Leadership Principles, which remind team members to seek diverse perspectives, learn and be curious, and earn trust. Our team also puts a high value on work-life balance. Striking a healthy balance between your personal and professional life is crucial to your happiness and success here, which is why we aren't focused on how many hours you spend at work or online. Instead, we're happy to offer a flexible schedule so you can have a more productive and well-balanced life-both in and outside of work. Basic Qualifications 2+ years COMSEC experience as a Primary or Alternate COMSEC Custodian. Experience with various Type 1 Cryptographic devices, keys and loaders 5+ years of industry experience using Project Management principles Current, active US Government Security Clearance of TS/SCI with Polygraph Preferred Qualifications Developing and interpreting policies, procedures, and strategies governing the planning and delivery and execution of COMSEC programs. Experience in making recommendations for resolving COMSEC problems and requirements for multiple mission partners that utilize Type-1 encryptors to secure their networks. Providing technical advice, guidance, and recommendations to high level management officials and technical staff on critical COMSEC security issues. Experience in developing SOPs for all types of COMSEC actions. (E.g. Annual Rekey, Encryptor Upgrades, STE Use) Effective written and oral communication with multiple levels of leadership involving both business and technical sides of the business Experience with Amazon Web Services Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit ***************************************** Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $91,800/year in our lowest geographic market up to $196,300/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit ******************************************************** This position will remain posted until filled. Applicants should apply via our internal or external career site. Company - Amazon Web Services, Inc. Job ID: A2790844

Job Description Summary/Scope of Work Provide simulation and training support to the Joint Base Lewis-McChord Mission Training Complex and other distributed training and exercise locations as directed. This offer is available contingent upon contract award. Duties and Responsibilities: Ensuring the appropriate operational security posture is maintained and documented for MTC information systems Defining & implementing standard operating procedures, implementing DoD, Army, & MTC policies, and creating & implementing plans of action and milestones (POA&M) in response to vulnerabilities identified during risk assessments, audits, & inspections Assure successful implementation and functionality of security requirements and appropriate IT policies and procedures that are consistent with the organization's mission and goals. Minimum Requirements: US Citizenship Associate's degree in a related field Have 4+ years of experience and application of NIST, DoD, & Army Cybersecurity Risk Management Framework policies, directives, instructions, manuals, and best business practices. Have experience and hold the required certifications on the Information System that they are assigned per the applicable System Security Plans (SSP). Must meet DoD 8750.01-M IAT II requirements Possess a Secret clearance Required Education High School Diploma Disclaimer The above statements are intended to describe the general nature and level of work being performed by people assigned to this classification. They are not to be construed as an exhaustive list of all responsibilities, duties, and skills required of personnel so classified. All personnel may be required to perform duties outside of their normal responsibilities from time to time, as needed, and perform special projects as assigned. OT Training Solutions, LLC is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity or expression, national origin, age, protected veteran status, disability status, genetic information or any other characteristic protected by law.

Job Description Akira Technologies is seeking a Cyber Analyst team member who is responsible for the analysis of all technology devices which may include Operational Technology (OT) and Industrial Control Systems (ICS) as well as on-premises and cloud enterprise networks. This includes analysis of device communication, forensic analysis of Windows or Linux systems and servers, timeline analysis of activity on these endpoints, user permission and authentication audits, log analysis, and malware identification/triage. This role supports a government client in the following locations five days a week: Port Hueneme, CA, Bremerton, WA, and Honolulu, HI. Active Secret clearance or higher is also required for this role. An ideal candidate for this position will be a proactive self-starter who has experience with system administration, Windows and Linux operating systems (OS) mechanics including filesystem structures, disk and memory forensics, cyber aware Operational Technology or Control Systems operators, commonly used mechanisms for maintaining security persistence, privilege escalation, and lateral data movement, operating system log analysis, and triaging suspicious file artifacts for unusual behavior. This role requires a familiarity with what routine OS activities and common software/user behavior looks like in the context of forensic artifacts or timelines. Analysts should also be familiar with common categories and formats of host-based indicators of compromise (IOCs) and how/where they can be leveraged to identify known-bad files/activity on an endpoint. Candidate will utilize the Cyber Kill Chain and synthesize the entire attack life cycle along with creating detailed reports on how impacts may or have occurred. Job Responsibilities Support SOC team in operating and performing duties in a Security Operations Center (SOC) to provide a secure environment that facilitates monitoring, incident response, malware analysis, and threat hunting activities. Develop and utilize analytics on the security information and event management (SIEM) platform to monitor for security alerts and coordinate vulnerability assessments and artifact collection across servers and network devices. Asses Security Technical Implementation Guides (STIGs) compliance and completion. Utilize asset mapping tools to verify connected inventory. Handle Information Assurance Vulnerability Management (IVAM) notifications. Evaluate network structures and device configurations for security risks, offering recommendations based on best practices, and gather data to identify and respond to network intrusions. Analyze network traffic and system logs to identify malicious activities, vulnerabilities exploited, and methods used, and develop processes to enhance SOC response and efficiency. Conduct comprehensive technical analyses of computer evidence, research and integrate new security tools into the SOC, and synthesize findings into reports for both technical and non-technical audiences. Job Qualifications Active Secret security clearance or higher. At least 3 years, (Journeyman), or applicable 1 to 2 years (Junior) of experience in security operations, demonstrating analytical duties and preforming host or network security analysis. Proficient in analyzing cyber-attacks, with a deep understanding of attack classifications, stages, system/application vulnerabilities, and compliance with Department of Defense (DoD) policies and procedures. Applied knowledge of network topologies, protocols (e.g., TCP/IP, ICMP, HTTP/S, DNS, SSH, SMTP, SMB), and experience with tools like Palo Alto, Elastic SIEM, Cribl, Splunk, VMware, Security Center. Capable of attack reconstruction based on network traffic, integrating Threat Intelligence, and familiar with MITRE ATT&CK framework, with the ability to collaborate effectively across multiple locations. Preferred Skill Sets Knowledge of Operational Technology (OT) or Industrial Control Systems (ICS) Strong analytical and troubleshooting skills Able to provide expert content development in Splunk Enterprise Security using tstats and data models Understands how to utilize knowledge of latest threats and attack vectors to develop correlation rules for continuous monitoring on various security appliances Experience in other tools and protocols as applicable such as Nessus, Endgame, CrowdStrike, Gray Noise, Shodan, Bacnet, MODBus, SCADA systems, and PCAP Review logs to determine if relevant data is present to accelerate against data models to work with existing use cases Familiar with the operations and functions of Nessus or security center management Can assist and provide technical input to research, discover, implement hardware and software Understands importance and fundamentals of logistics and evidence handling Certified Ethical Hacker (CEH), GIAC Certified Incident Handler (GCIH), or relevant IT technology certification Salary Range: $80,000 to $100,000 Akira’s pay range for this position considers various factors including skills, years of experience, training, licenses, certifications, alignment with market data, and internal equity in the organization. This pay range estimate is a general guideline only and not a guarantee of compensation or salary, which Akira believes to be done in good faith in compliance with local laws. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. It is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. General Description of Benefits Akira offers its employees multiple options for medical plans (some with Health Savings Account), dental plans, and vision coverage, and a 401(k) plan with employer match. To promote work/life balance, Akira offers paid time off, including vacation and sick time, holidays, paid parental leave, military leave, bereavement leave, and jury duty leave. We also offer short and long-term disability benefits to protect employee income in the event of sickness or injury, life insurance, accidental death and dismemberment insurance, and critical illness insurance. Akira also offers tuition, training, and certification reimbursement for professional development and career advancement. Akira regularly reviews our total rewards package to ensure our offerings remain competitive and reflect the values and needs expressed by our employees. About Akira Technologies Akira strives to meet and exceed the mission and objectives of US federal agencies. As a leading small business cloud modernization and data analytics services provider, we deliver trusted and highly differentiated solutions and technologies that serve the needs of our customers and citizens. Akira serves as a valued partner to essential government agencies across the intelligence, cyber, defense, civilian, and health markets. Every day, our employees deliver transformational outcomes, solving the most daunting challenges facing our customers. Akira is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.

Bellevue Telecommunications Services Exp 10-15 years Deg Bachelors Relo Bonus Job Description The Information Security Manager, working with in Corporate Information Security Team will be responsible for liaising with assigned business units on behalf of Corporate Information Security (CIS). These responsibilities will include understanding business-driven projects that involve network and information security, applications, networking and web based technologies. They will be responsible for understanding the Business Unit's processes and priorities and working with them to manage business impact and threats, through a risk based methodology. Ensures through positive engagement that business goals are met in a secure and compliant manner, according to industry standard regulations Qualifications Ideal Candidate will have: Candidate must have strong technical, influential and organizational skills. Prefer six years' experience in information security related discipline, in addition to several years' relevant systems and/or network administration experience. Expert relationship building and partnering skills, including persuasion, negotiation and consensus building. Experience translating emerging IT and business trends into meaningful risk reduction opportunities. Demonstrated ability to work effectively in a complex matrixed environment. Outstanding verbal and written communication skills. Ability to interpret business strategy and align to appropriate security enhancements to achieve business enablement. Ability to translate security requirements into business risks and impacts. Experience with high level design Architecture, Firewall, Internet, LAN Router, Network, Protocols, Web Services and SOA. Strong understanding of encryption, obfuscation and/or tokenization technologies or compensating controls. Appropriate industry certifications, such as CISSP, CISA or CCIE. Preferred skill: Bachelor degree in Computer Science, Information Security, Information Management, or other related discipline. Telecommunications industry expertise, Six Sigma Training, Audit, Compliance & Network experience preferred. Skills and Qualifications: A broad, enterprise-wide view of the wireless (or similar) business and understanding of strategy, processes and capabilities, enabling technologies, and governance. Experience in telecommunications, internet service provider, or application service providers a plus. The ability to apply Information Security principles to business solutions. Extensive experience planning and deploying both business and technology security initiatives. Exceptional communication skills and the ability to convey results in a summarily and persuasive manner to business owners. This includes written and verbal communications as well as visualizations. The ability to act as liaison conveying information needs of the business to technology teams and technology constraints to the business. Team player able to work effectively at all levels of an organization with the ability to influence others to move toward consensus. Knowledge of federal & compliance regulations e.g. SOX, PCI & CPNI. Good understanding & experience applying CoBIT, ISO, ITIL, NIST frameworks. Understanding of Local (Wired & Wireless), Wide area, and mobile networks. A good understanding of Network Security, Firewalls, Intrusion Detection and Prevention, AVS, VLANS. Strong background and experience in IP Networking and Routing Protocols. Fluency in the use of all MS Office applications, including SharePoint services. Qualifications · Preferred: Any of the following CISSP, CISA, CISM, C-RISC, CCNA, CCIE, Six Sigma Yellow/Green/Black Belt Education Minimum Required High School Diploma/GED Education/Vocational Training/Experience Preferred Bachelor's degree in Computer Science, Information Technology or related field from an accredited 4-year college or university 10 years of system, network, and application design and architecture experience. Preferably in the wireless communications space CISSP and or CISM Certification (required; experience may be substituted for Cert requirements (4 years minimum) CISA Certification (preferred but not required; experience may be substituted for Cert requirements (4 years minimum) Responsibilities What you will do: Make proactive assessments of threat information in and outside the public domain, understanding the threat as it relates to its customers, and implementing measures to combat the threat. Understand the operations of the business and comprehend how these create value and risk for the organization. Collaborate with team members, peers and the business unit management team to determine technical information security requirements, planned remediation, and advocate for the program to gain resources to implement appropriate protection technologies and processes. Implement and monitor controls necessary to ensure operational processes are performed and are effective to protect the environment from all forms of malicious cyber activity. Assist the Governance group in the development and refinement of technical security standards, key performance indicators and other necessary processes to maintain effective operational security, as it relates to the business. Make risk-based decisions on a daily basis that has the potential to impact our ability to operate and communicate. Ensure the information and network security controls for us are appropriate and operating as intended; includes solutions that are directly controlled as well as security solutions that are operated by other internal and external groups. Provide status reports on a weekly, monthly and quarterly basis to business managers and other management activities that demonstrate the health of the program. Interact with internal audit, third party auditors, and appropriate regulatory bodies. Support the Information Security policy lifecycle throughout, including all aspects of intake, creation, review, approval, implementation, publishing, communication and maintenance. Liaise with and assist outsourced security service providers with vulnerability assessments of business applications, systems and architectures. Additional Information All your information will be kept confidential according to EEO guidelines. Direct Staffing Inc

360 IT Professionals is a Software Development Company based in Fremont, California that offers complete technology services in Mobile development, Web development, Cloud computing and IT staffing. Merging Information Technology skills in all its services and operations, the company caters to its globally positioned clients by providing dynamic feasible IT solutions. 360 IT Professionals work along with its clients to deliver high-performance results, based exclusively on the one of a kind requirement. Our services are vast and we produce software and web products. We specialize in Mobile development, i.e. iPhone and Android apps. We use Objective-C and Swift programming languages to create native applications for iPhone, whereas we use Android Code to develop native applications for Android devices. To create applications that work on cross-platforms, we use a number of frameworks such as Titanium, PhoneGap and Jquery mobile. Furthermore, we build web products and offer services such as web designing, layouts, responsive designing, graphic designing, web application development using frameworks based on model view controller architecture and content management system. Our services also extend to the domain of Cloud Computing, where we provide Salesforce CRM to effectively manage one's business and ease out all the operations by giving an easy platform. Apart from this, we also provide IT Staffing services that can help your organization to a great extent as you can hire highly skilled personnel's through us. We make sure that we deliver performance-driven products that are optimally developed as per your organization's needs. Take a shot at us for your IT requirements and experience a radical change. Job Description • Participate in security planning and analyst activities. • Performs security assessments and security attestations. • Participates in security investigations and compliance reviews as requested. • Make security analysis reports for security vulnerabilities and recommends feasible and appropriate options. • Hands-on experience of Mobile Applications and Device security tools. • Should have sound understanding of secure coding practices which are in conformance with OWASP Top 10, SANS and WASC. • Understanding of various Application Security Threat Models and their applicability to existing and upcoming applications. • Perform Vulnerability Analysis of applications based on the industry wide Application Security Threat Models like ASF, STRIDE and Risk Assessment model like DREAD. • Prepare technical solutions to mitigate the vulnerabilities identified during threat modelling and vulnerability analysis. • Hands-on experience of various Data Security Tools for Data Discovery, Governance, DLP, etc. • Evaluate all design documentations and perform design assessments to ensure appropriate security controls are implemented within designs. • Prepare strategies to mitigate vulnerabilities emanating from Vulnerability Assessments and Penetration Tests of Applications both at production level and source code level, i.e. DAST and SAST. • Assist audit team in developing audit reports; present audit reports to top management, as needed and execute and properly document the audit process on a variety of cyber security environments. • Possess strong analytical and problem solving abilities • Worked on different security tools w.r.t. around VA, PC, DAST, SAST, PT. Additional Information Thanks and Regards, Ankur Bhatia

Apply early! This recruitment will stay open until filled with an initial screening date of July 1st, 2025. To be considered for initial screening, please submit an application on or before June 30th, 2025. AGRICULTURE - A Cornerstone of Washington's Economy The Washington State Department of Agriculture has been serving the state for more than 100 years. Through service, regulation, and advocacy, we keep agriculture viable and vital in Washington State, while protecting consumers, public health, and the environment. We work extensively with farmers and ranchers, but our responsibilities - from ensuring food safety to environmental protection - touch the lives of millions of people locally, nationally, and abroad. The agency includes 780 employees approximately and grows close to 1,000 employees at the peak of seasonal work. To learn more and view additional openings, please visit our Employment Page. The Opportunity The Information Technology Program mission is to continually enhance our services to agency divisions, WSDA employees and ultimately the stakeholders of Washington while providing core IT services, network connectivity and software solutions in the most efficient and effective manner possible. We achieve our mission by identifying and resolving business challenges through the deployment of efficient software solutions, a secure and reliable network, and a Centralized Service Desk focusing on always delivering excellent customer service. The Chief Information Security Officer (CISO) oversees the Agency's Information Technology security and risk management functions for new, existing, and enhanced services critical to the agency. Using an in-depth understanding of industry trends and available technologies, the CISO partners with peers, internal and external stakeholders to recommend and develop solutions to support the agency mission. The role will provide leadership, direction, and oversight to implement and maintain a comprehensive agency-wide IT plan that aligns with business strategy. WSDA is recruiting for a full-time permanent Chief Information Security Officer position within the Administrative Services Division. This position is eligible for a flexible/hybrid schedule and will need to report to the WSDA Headquarter Office located in Olympia, Washington. This position is non-represented. Some of what you'll do includes: Security Risk and Prevention * Develop and implement an ongoing risk management program targeting information security and privacy matters. * Lead the information technology security assessments to identify agency risk due to changes or modifications to the WSDA computing environment. * Direct the agency security assessments/audits to identify vulnerabilities in security program and policies. * Control testing of security procedures, mechanisms, and measures. * Collaborate with Federal and State auditors, Agency managers, and subject matter experts for satisfactory completion of compliance and program audits of the WSDA information security program. Security lncident and Authoritative Contact * Act as the lncident Commander as defined by the National lncident Management Framework. * Responsible for all aspects of cybersecurity emergency response. * Agency designated manager of security incident reporting and official responses to security incidents (breaches), respond to potential policy violations, or complaints from external parties. * Work with Federal and State incident responders in relation to cybersecurity issues. * Agency designated manager of security incident reporting and official responses to security incidents (breaches), respond to potential policy violations, or complaints from external parties. * Initiate, facilitate. and promote activities to create information security awareness and training throughout the organization. Supervision and Mentoring * Supervise and mentor technical level staff. * Set strategic goals and objectives, develops strategies to implement and develop performance measurements and standards for the purpose of ensuring individual and program performance objectives are met. * Develop the Performance Development Plan (PDP) for each assigned direct report; Create or update position descriptions, monitor and document employee performance, provide on-going feedback regarding levels of performance, and conduct timely and meaningful employee performance evaluations. Who should apply? Professionals with: * Bachelor's Degree in computer science OR Five (5) years related experience and/or training OR Equivalent combination of education and experience. * Six (6) or more years of recent experience (within the last Six (6) years) with cybersecurity risk assessment methodologies (NlST, HITECH, RMF). * Six (6) or more years of recent lT experience (within the last Five (5) years) including vulnerability scanning, risk assessments, and incident response. * Working knowledge of prevailing industry security standards and Common Body of Knowledge gained via a CISSP, SANS, and/or CISA Certification(s). * Demonstrated experience with the National lnstitute of Standards and Technology (NIST) Risk Management Framework (RMF), or other NIST standards. * CISSP (Certified lnformation Systems Security Professional) or the ability to obtain within 6 months of hire date. Desired Qualifications: * Experience working in cloud-based environments such as AWS and Azure. * Experience operating and analyzing logging and monitoring systems, antivirus solutions, and security configurations. * Working knowledge of Washington State Security Standards and Policies. Employee Benefits * A healthy work/life balance, which may include flexible work schedules, and teleworking. * WSDA provides an excellent benefits package beyond traditional benefits. State employment offers Dependent Care Assistance, Flexible Spending Accounts, Public Service Loan Forgiveness, Tuition Waiver, Deferred Compensation, Employee Recognition Leave; click here for more information. * 12 paid Holidays & Vacation and Leave Accruals. * All Personal Protective Equipment (PPE) required will be provided by the agency. * Commute Trip Reduction Program. For more information about the Washington State Department of Agriculture, visit us at *************** How to apply: You must complete your careers.wa.gov profile and answer the supplemental questions. In addition to completing the online application, and supplemental questions applicants must attach the following documents to their profile to be considered for this position: * Current resume detailing experience and education * A cover letter describing how you meet the specific qualifications for this position * Three professional references By submitting these materials, you are indicating that all information is true and correct. The state may verify information. Any untruthful or misleading information is cause for removal from the applicant pool or dismissal if employed. Applications with comments "see attachments" will be considered incomplete. If you are having technical difficulties creating, accessing, or completing your application, please call NEOGOV toll-free at ************** or email ******************. The initial screening will be solely based on the contents and completeness of your application and the materials submitted. All information may be verified, and documentation may be required. Applications received via e-mail will not be accepted in lieu of applying through the state's on-line recruitment system. WSDA uses a I-9 form(Download PDF reader) to determine Employment Eligibility and Verification, once hired. This document is the authorization of an individual's ability to be hired for employment within the United States. Applicants must be eligible to work in the United States. Equity at WSDA The Department of Agriculture recognizes, appreciates, supports, embraces, and respects all cultural identities and backgrounds while we collaborate in authentic ways. We hire amazing people that share in the commitment to our Pro-Equity Anti-Racist (PEAR) strategic plan, our Healthy Environment for All (HEAL) Act implementation plan, and our unique needs and desires for belonging, respect, and inclusion. We value the growth and development of our team members by providing equitable access to resources and opportunities for continuous learning, improvement, and advancement. We strive to hire, cultivate, and retain a productive and dedicated workforce that reflects the communities we serve while we are committed to a workplace that celebrates our differences and supports equal opportunity employment and inclusion regardless of race, creed, color, national origin, citizenship or immigration status, marital status, families with children (including pregnancy, childbirth, or related medical conditions), sex, sexual orientation, gender identity diversity, age, status as a protected veteran, honorably discharged veteran or military status, status as an individual with the presence of any sensory, mental, or physical disability or the use of a trained dog guide or service animal by a person with disabilities or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state, and local laws. Contact Us Should you have any questions regarding this position or the online application, contact the Human Resource Office at **********************. Prior to a new appointment into the Department of Agriculture, a background check including criminal record history will be conducted. Information from the background check will not necessarily preclude employment but will be considered in determining the applicant's suitability and competence to perform in the position. The Human Resources Division may use referrals from this recruitment to help fill future similar vacancies for up to six months. Veteran's Preference: Applicants who meet the minimum qualifications and wish to claim Veteran's Preference MUST attach a copy of their DD214, or other verification of military service. Please blackout any personally identifiable data such as social security numbers. For additional information on Veteran's Preference and guidance on how to determine if you are eligible, click here. Persons with a disability, who need assistance with their application or need this announcement in an alternative format, may call 664-1960 or toll free **************. TTY users should first call 711 to access the Washington Relay Service. For more information about the Washington State Department of Agriculture, visit us at ***************

Job Description Join the Kitsap Bank Family as an Enterprise Security Analyst I or II We have the greatest employees in the world. We truly care about each other, our customers, and the communities around us. We only hire the best people, who believe that the customer comes first. As a local, family-owned company, we embrace our family culture, and we recognize our responsibility to supporting others. Summary: The primary responsibility of the Enterprise Security Analyst I is to support the Enterprise Security and Imaging Departments with functions relating to application/system reviews and analysis. This position ensures the functionality, accuracy and timeliness of all department operational functions. Compensation Structure: Grade: 17 Range: $25.52 - $38.32 18 Range: $27.41 - $41.11 Essential Functions: • Review daily IBS security reports • Assist with completing monthly, quarterly and annual security audits. • Monitor various department email inboxes and ensure appropriate responses are provided. • Perform daily updates in systems such as KnowBe4 and Tandem. • Complete daily logging for FIS Bulletins and other security systems. • Assist with support of the internal Homeport intranet. • Assist with creating/updating procedures for department functions. • Assist with vendor management updates • Assist with business continuity planning updates • Assist with security awareness, training and educational activities. This includes making training phone calls to staff when needed. • Assist with supporting the Imaging Specialist functions. • Assist with projects relating to security and related systems. • Assist with preparation for operational, compliance and regulatory exams Additional Responsibilities: • Contributes to team effort by accomplishing other duties as assigned. Required Education, Experience, and Skills: • High school diploma or GED required. Associates degree or training in security related fields preferred. • A minimum of three years’ experience working in a security and/or related environment (such as Audit or Risk Management) is preferred. Equivalent combinations of education and experience may be considered. • Banking or financial services industry experience required with a good knowledge of overall banking concepts, functions, products and services. Previous experience working with FIS core banking systems also preferable. • Absolutely trustworthy with high standards of personal integrity. Ability to work independently, make sound decisions and maintain confidentiality of sensitive data/information. • Excellent customer service skills and verbal (telephone) communication skills. • Detail oriented, analytical and able to troubleshoot issues and prioritize needs. • Strong computer skills and knowledge, with extensive experience using Microsoft Office products, internet browsers, e-mail programs and general Internet features. Ability to create and maintain complex Excel spreadsheets, work with Word, Adobe Acrobat and other software applications as needed. • Excellent technical writing skills required with proven ability to create procedures, instructions and/or operator manuals. • Ability to operate standard office equipment such as a multi-purpose copy/fax machine and telephone. • Must be a team player with a positive attitude. Physical/Mental Requirements: • Ability to speak, hear, stand, walk, and use repetitive motion of the hands/wrists. • Requires use of close and distance vision. • Ability to read, write, speak and understand English and effectively communicate with Bank staff and vendors. • Ability to discern information and formulate appropriate action. • Travel may be required to attend meetings, conferences and/or community events. • Ability to lift up to 20 pounds. Benefits Provided: Medical Dental Vision Flexible Spending Accounts and Health Spending Accounts Lifestyle Spending Accounts Health Reimbursement Accounts Employee Assistance Program Company Sponsored Life/AD&D and Long-Term Disability Voluntary Plans (Accident, Hospital Indemnity, Critical Illness, Short-Term Disability, Cancer Riders, and Life/AD&D Insurance) Pet Insurance Retirement: 401k (match 4%) and Profit Sharing Time Off: 10 Vacation Days (prorated for first year) 2 Personal Days 1 Volunteer Time Off Day 11 Holidays 1 Sick Day per Month

Full-time Description Information Security is a central focus of KP. The Information Security Engineer II supports this critical priority by maintaining and implementing the tools and processes used to protect our systems. In addition, the Information Security Engineer II responds to Security Events or Incidents, and under the direction of the CISO oversees our data governance program. Through these activities this position plays a vital role in keeping KP safe while enabling KP's overall success. Essential Duties and Responsibilities: Design and implement data protection solutions in a high-volume environment. Work with IT Teams to integrate data security into existing data pipelines and flows. Provide assistance in the selection, implementation and maintenance of security equipment and software. Provide recommendations and guidance to technology development and leadership; ensuring best practices, of effective security methods and procedures are maintained (such as secure coding practices, threat modeling, application security and proper use of encryption). Manage Data Loss Prevention, Key Management, and other data security tools. This includes analysis of results, proper configuration and provide reports/summaries/recommendations to leadership. Collaborate with other teams during security audits and other investigations. Maintains information security metrics; reporting results to leadership. Prioritizes and organizes own work to meet deadlines. Other duties and projects as assigned. Requirements 4 year degree in cyber security or related field. Years of experience can be substituted for a degree. 4 years of experience in Data Loss Prevention, Data Governance, and key management. Strong understanding of encryption standards, key management, and data governance practices. Experience with Azure. Knowledge of database security, api security, and secure data transfer protocols. Knowledge of cybersecurity frameworks, standards, and best practices (NIST CSF, ISO 27001, HIPAA). Strong verbal, written, listening and presentation skills: ability to read, understand and interpret SOP's, security and quality procedures, clearly and effectively communicate detailed instructions, presentations and respond to questions. Strong interpersonal skills; ability to foster cooperation, inspire respect and trust; motivate others to perform well; effectively influence others toward accomplishment of objectives/goals. Develop and maintain timely and accurate documentation and other supporting information. Works well without supervision and proactively recommends improvements. Current CISSP certification or comparable IT security accreditation a plus. Salary Description $100,000 - $120,000

Manager, Information Security and Data Governance is responsible for developing and implementing a strategic vision for the organization's data management, governance, protection, privacy and security, in compliance with company internal policies and procedures, contractual requirements and external regulations. This role requires a leader who can maximize the effective use of data to drive business value while safeguarding the organization against data breaches and cyber threats. Leads cross-functional teams to establish robust data governance frameworks, secure the organization's digital assets, and promote a data-driven culture. Leads a high-performing security and data governance team, provides strategic and tactical guidance, and complete execution of the cybersecurity program supporting global enterprise security initiatives, systems, applications and operations. Essential Duties and Responsibilities Information Security Develops and maintains a comprehensive cybersecurity strategy and security policies. Serve as an information security expert and trusted advisor for Information Infrastructure and Systems projects. Advises the executive team on security risks, compliance requirements, and best practices. Identifies current and emerging information security and compliance requirements of the organization and coordinates the implementation of solutions that address these requirements. Leads efforts to achieve and maintain compliance with relevant cybersecurity frameworks and standards (e.g., NIST, CMMC). Oversees cyber incident response plan and ensures alignment with the parent company's broader IT response strategy. Ensures consistency with IT processes, strengthens Greenpoint Technologies cyber threat resilience and optimizes reporting of identified threats and vulnerabilities. Leads a team of subject matter experts to ensure effective Information Security management throughout the IT service delivery lifecycle, including Security Operations, Security Architecture and Security Assurance. Provides oversight and assists as needed in investigating security breaches. Other duties as assigned. Data Governance Establishes and implements a data governance framework that aligns with organizational objectives and regulatory requirements, including policies, standards, and procedures for data management. Creates and maintains a data register to document all data assets, their classifications, including ownership and stewardship roles to ensure accountability for data quality and compliance. Develops and maintains a data classification policy to guarantee proper handling, access, and segregation of sensitive information, including intellectual property. Partners with the business stakeholders to promote data governance initiatives supporting consistent and continuous adherence to data governance policies and procedures. Fosters a data-driven culture by providing training and resources to data stewards and users. Develops, monitors and enforces compliance with relevant regulations and standards related to data management and privacy. Ensures compliance with data privacy regulations (e.g., GDPR, CCPA) and industry standards. Develops and enforces data security policies to protect sensitive information, including Intellectual Property, from internal or external unauthorized access, usage and breaches. Implements processes and controls to safeguard intellectual property and proprietary information. Defines and enforces policies for IP handling, storage, and sharing to meet contractual requirements. Partners and collaborates with legal and contracts teams to ensure applicable contracts include provisions for data protection and IP security. Conducts regular audits and assessments to identify and address data governance gaps. Evaluates and implements data governance tools and technologies to support data management and compliance efforts. Monitors the effectiveness of data governance tools and make recommendations for improvements. Maintains regular attendance including being at work, being on time to work and working full shifts. Other duties as assigned. Competencies To perform the job successfully, an individual should demonstrate the following competencies: Greenpoint Core Competencies Adaptability - Adapts to changes in the work environment, manages competing demands, and accepts constructive criticism/feedback and changes approach or method to best fit the situation. Communications - Expresses ideas and thoughts effectively in verbal and written form, exhibits good listening and comprehension, keeps others informed and uses appropriate communication methods. Dependability - Responds to requests for service and assistance, follows instruction and responds to management direction, takes responsibility for own actions and doing the best job possible, keeps commitments, and maintains reliable attendance. Initiative - Sets and achieves challenging goals, demonstrates persistence and overcomes obstacles, measures self against standard of excellence, recognizes and acts on opportunities, and takes calculated risks to accomplish goals. Teamwork - Balances team and individual responsibilities, exhibits objectivity and openness to others' views, gives and welcomes feedback, contributes to building a positive team spirit, and puts success of team above own interests. Work Quality - Demonstrates accuracy and thoroughness, displays commitment to excellence, looks for ways to improve and promote quality, applies feedback to improve performance, and monitors own work to ensure quality. Job Core Competencies Planning & Organization - Prioritizes and plans work activities, uses time efficiently, plans for additional resources, integrates changes smoothly, sets goals and objectives, works in an organized manner. Use of Technology - Demonstrates required skills, adapts to new technologies, troubleshoots technological problems, uses technology to increase productivity, and keeps technical skills up to date. Analytical Skills - Synthesizes complex or diverse information, collects and researches data and uses intuition and experience to complement data. Summary of Education, Experience & Certification Bachelor's degree in Computer Science, Software Engineering, MIS or related field, with minimum of 7 years of security field experience, or equivalent combination of education and experience. Experience leading and collaborating with projects stakeholders and cross-functional team. People management experience, including mentoring, coaching, and developing talent. Employees working on programs subject to International Traffic in Arms Regulations must qualify as a US Person which is defined as a US Citizen, a Permanent Resident who does not work for a foreign company/foreign government/foreign governmental agency or organization, or a political asylee for legal compliance purposes. Required Knowledge, Skills & Abilities Expertise in all areas of the Information Technology and Systems, preferably within Aerospace and Defense industries. Excellent understanding of best practice within Information Security and risk management including standards such as ISO/IEC 27001, NIST, CMMC, Cyber Essentials and CObIT. Strong knowledge of legislation and regulations that impact information Security. (E.g. Data Protection Act and GDPR, Freedom of Information Act, PCIDSS). Familiarity with current and emerging threats and countermeasures, including Application Security, and the related organizational challenges in addressing these threats. Practical knowledge of security technologies and wider business solutions including Firewalls, IDS/IPS, Identity and access management, SIEM, remote working and cloud technologies. Ability to analyze and understand internal business and broader customer requirements. Strong problem-solving skills with a critical thinking approach to address challenges during system implementation and integration. Proficient project management skills, including the management of timelines, resources, and stakeholders to ensure successful, on-time and quality project delivery. Familiarity with various operating systems, accounting software, databases, design tools, HR software, internet/intranet solutions, application development tools, CRM software, project management software, and office productivity software. Demonstrated adaptability to evolving technology landscapes and changing business requirements, coupled with a commitment to continuous learning and growth. Proven ability to manage teams, influence cross-functional stakeholders, and drive organizational change in security and data governance. Exceptional verbal and written communication skills, enabling effective interaction with both technical and non-technical stakeholders. Ability to address practical problems and navigate situations with limited standardization, interpreting instructions in written, oral, diagram, or schedule form. Ability to read, analyze, and interpret technical documents. Ability to effectively present information and respond to questions within all levels of an organization. Ability to sit and maintain focus for extended periods of time, use hands to lift and/or move up to 10 pounds, occasionally lift and/or move up to 25 pounds and have close/color vision ability to adjust focus. Ability to travel as required. Availability to be on call as required for system issue resolution. Flexibility to work outside of regular business hours, when necessary. The expected WA salary range for this position is between $121,000.00 - $166,000.00 USD. Actual compensation will be determined based on experience, education, location, and other factors permitted by law. Our suite of comprehensive benefits include healthcare (medical, dental & vision), life insurance, paid time off, and a 401(k) savings plan with company match. About Greenpoint Technologies Greenpoint delivers nose-to-tail VIP Jet aircraft interiors for private clients and Heads-of-State. We are proud to be known in the aerospace industry for our design and engineering innovation, award-winning company culture, and on-time delivery of our beautiful products. We use leading-edge tools and employee-built processes to deliver extraordinary, one-of-a-kind custom aircraft interiors. It's complex work, but we work smart. In return for hard work, collaboration, and creativity, our people experience a culture custom built for high achievers: Big jobs and stretch assignments. High accountability environment, with transparent decisions aligned to values, open communication, and engaged leadership. Ability to make a big, visible impact on the end product. We welcome diverse contributions and provide equal employment opportunities to all individuals without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, genetic factors, military/veteran status or other characteristics protected by law.

ABC Legal Service is proud to be the national leader in filing service of legal documents. We are growing and are looking for talented new team members to support our growth and solve exciting challenges! We are a team of 400 with offices in Los Angeles, Dallas, Miami, Brooklyn, Chicago, Washington DC, and more. Seattle is our home and headquarters. We've been successful in this unique business for over 30 years, and we continue to advance our technology and business processes to remain years ahead of what our competition can offer. Job Overview: ABC Legal is looking for an experienced IT Helpdesk Analyst. As an IT Helpdesk Analyst, you (along with the Help Desk team) will be responsible for the technical support of ABC Legal's user base both in our Seattle HQ and our remote locations. You will triage incoming support requests by order of importance and find efficient means of remediating issues. Below is a list of skills and experience that are most helpful in succeeding in this role: Key Responsibilities: IT Helpdesk Support Setup and config of workstations Manage Office 365 and Active Directory accounts Manage IT assets Focus on users' support experience Qualifications: Min. 2 years working experience in an IT helpdesk or a similar role Experience in supporting Windows and MacOS desktop and network environment preferred Job-related certification (MCSE, Network+ or Security +) preferred Experience with security policies and good knowledge of standard best practices Good hands-on experience in Microsoft Active Directory, Office 365, and Windows Servers Experience with direct customer interaction Maintain highly cohesive and collaborative relationships with team members and other coworkers Benefits: Comprehensive Medical, Dental, and Vision coverage 401(k) retirement plan with 5% matching PTO and 11 paid holidays per year Starting Pay: $25.00 to $27.00 Schedule: Full-time, Monday thru Friday, 8am to 5pm PST

Get to know Okta Okta is The World's Identity Company. We free everyone to safely use any technology, anywhere, on any device or app. Our flexible and neutral products, Okta Platform and Auth0 Platform, provide secure access, authentication, and automation, placing identity at the core of business security and growth. At Okta, we celebrate a variety of perspectives and experiences. We are not looking for someone who checks every single box - we're looking for lifelong learners and people who can make us better with their unique experiences. Join our team! We're building a world where Identity belongs to you. Role Summary: We seek an experienced and detail-oriented Staff Data Security Analyst to contribute to our strategic Data Classification and Governance Program. In this role, you will be instrumental in the operational execution of our data governance strategy. You will work hands-on with data discovery and classification tools, apply data protection policies, and collaborate extensively with cross-functional teams, including Business Technology (BT), Legal, Data & Insights (D&I), and other Security teams. Your focus will be on implementing and maintaining the data classification framework, supporting the rollout of technical controls, and ensuring that our data handling practices align with our security and compliance objectives. Key Responsibilities: * Data Classification & Labeling: * Actively participate in data discovery initiatives to identify and inventory sensitive data (PII, SPI, financial, IP, AI training data) across key enterprise systems (e.g., Google Workspace, Salesforce, Workday, NetSuite, Snowflake). * Assist in executing pilot programs for data classification on high-priority systems and contribute to refining classification processes. * Policy Operationalization & Control Support: * Assist data Stewards and system owners in implementing the data classification policy and data handling standards to support their operationalization. * Collaborate with BT and Security engineering teams to test and validate the implementation of technical controls (e.g., DLP rules, CASB configurations) based on data classification. * Help define and test controls related to sensitive data input into enabled AI tools. * Tooling & Process Support: * Become proficient in using selected data discovery, classification, and governance tools (potential tools include Varonis, native Google/Snowflake capabilities). * Assist with the configuration, including helping to set up scans and reviewing results. * Contribute to developing and maintaining documentation for classification procedures and tool usage. * Collaboration & Stakeholder Engagement: * Work closely with Data Stewards (from D&I and business units) to understand data context, validate classification results, and ensure alignment with business needs. * Partner with BT application owners to facilitate classification efforts and implement necessary data handling changes. * Support Security GRC by providing data and insights for risk assessments and compliance reporting related to data classification. * Monitoring, Reporting & Continuous Improvement: * Assist in establishing and tracking key metrics for data classification coverage, accuracy, and the effectiveness of associated controls. * Contribute to developing dashboards and reports for program stakeholders and the Data Governance Council. Required Qualifications & Skills: * Bachelor's degree in Information Security, Computer Science, Information Systems, or a related field, or equivalent practical experience. * 10+ years of experience in data security, governance, IT risk management, or a similar analytical role focusing on data protection. * Strong, demonstrable understanding of data classification principles, methodologies, data lifecycle management, and data handling best practices. * Hands-on experience with data discovery and/or data classification tools and technologies. * Solid understanding of data protection concepts and technologies (e.g., DLP, data masking, tokenization, encryption, IAM). * Knowledge of key data privacy regulations (e.g., CCPA, GDPR) and their impact on data handling. * Excellent analytical, problem-solving, and critical-thinking skills with meticulous attention to detail. * Proven ability to work effectively in a cross-functional team environment and manage multiple tasks. * Strong written and verbal communication skills, with the ability to articulate technical concepts to varied audiences. Preferred Qualifications: * Experience with specific data governance or classification platforms (e.g., Varonis, OneTrust, Google Cloud DLP, Snowflake Data Classification). * Experience implementing or operating data security controls in SaaS environments (e.g., Salesforce, Workday, Google Workspace, M365) and cloud platforms (AWS, Azure, GCP). * Familiarity with security considerations for AI/ML systems and data inputs, including knowledge of AI-native solutions for data labeling and classification. * Hands-on experience with AI governance principles and frameworks, including implementing controls for responsible AI use. * Experience in developing and delivering training or awareness materials. * Relevant industry certifications (e.g., CISM, CISSP, CIPP, CDMP, or tool-specific certifications). #LI-BF1 #LI-Hybrid The annual base salary range for this position for candidates located in the San Francisco Bay area is between: $170,000-$254,000 USD Below is the annual base salary range for candidates located in California, Colorado, New York and Washington. Your actual base salary will depend on factors such as your skills, qualifications, experience, and work location. In addition, Okta offers equity (where applicable), bonus, and benefits, including health, dental and vision insurance, 401(k), flexible spending account, and paid leave (including PTO and parental leave) in accordance with our applicable plans and policies. To learn more about our Total Rewards program please visit: **************************** The annual base salary range for this position for candidates located in California (excluding San Francisco Bay Area), Colorado, New York, and Washington is between:$151,000-$227,000 USD What you can look forward to as a Full-Time Okta employee! * Amazing Benefits * Making Social Impact * Developing Talent and Fostering Connection + Community at Okta Okta cultivates a dynamic work environment, providing the best tools, technology and benefits to empower our employees to work productively in a setting that best and uniquely suits their needs. Each organization is unique in the degree of flexibility and mobility in which they work so that all employees are enabled to be their most creative and successful versions of themselves, regardless of where they live. Find your place at Okta today! ************************************** Some roles may require travel to one of our office locations for in-person onboarding. Okta is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, ancestry, marital status, age, physical or mental disability, or status as a protected veteran. We also consider for employment qualified applicants with arrest and convictions records, consistent with applicable laws. If reasonable accommodation is needed to complete any part of the job application, interview process, or onboarding please use this Form to request an accommodation. Okta is committed to complying with applicable data privacy and security laws and regulations. For more information, please see our Privacy Policy at ************************************* U.S. Equal Opportunity Employment Information Read more Individuals seeking employment at this company are considered without regards to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, gender identity, or sexual orientation. When submitting your application above, you are being given the opportunity to provide information about your race/ethnicity, gender, and veteran status. Completion of the form is entirely voluntary. Whatever your decision, it will not be considered in the hiring process or thereafter. Any information that you do provide will be recorded and maintained in a confidential file. If you believe you belong to any of the categories of protected veterans listed below, please indicate by making the appropriate selection. As a government contractor subject to Vietnam Era Veterans Readjustment Assistance Act (VEVRAA), we request this information in order to measure the effectiveness of the outreach and positive recruitment efforts we undertake pursuant to VEVRAA. Classification of protected categories is as follows: A "disabled veteran" is one of the following: a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or a person who was discharged or released from active duty because of a service-connected disability. A "recently separated veteran" means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service. An "active duty wartime or campaign badge veteran" means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense. An "Armed forces service medal veteran" means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985. Pay Transparency Okta complies with all applicable federal, state, and local pay transparency rules. For additional information about the federal requirements, click here. Voluntary Self-Identification of Disability Form CC-305 Page 1 of 1 OMB Control Number 1250-0005 Expires 04/30/2026 Why are you being asked to complete this form? We are a federal contractor or subcontractor. The law requires us to provide equal employment opportunity to qualified people with disabilities. We have a goal of having at least 7% of our workers as people with disabilities. The law says we must measure our progress towards this goal. To do this, we must ask applicants and employees if they have a disability or have ever had one. People can become disabled, so we need to ask this question at least every five years. Completing this form is voluntary, and we hope that you will choose to do so. Your answer is confidential. No one who makes hiring decisions will see it. Your decision to complete the form and your answer will not harm you in any way. If you want to learn more about the law or this form, visit the U.S. Department of Labor's Office of Federal Contract Compliance Programs (OFCCP) website at ****************** Completing this form is voluntary, and we hope that you will choose to do so. Your answer is confidential. No one who makes hiring decisions will see it. Your decision to complete the form and your answer will not harm you in any way. If you want to learn more about the law or this form, visit the U.S. Department of Labor's Office of Federal Contract Compliance Programs (OFCCP) website at *************************** How do you know if you have a disability? A disability is a condition that substantially limits one or more of your "major life activities." If you have or have ever had such a condition, you are a person with a disability. Disabilities include, but are not limited to: * Alcohol or other substance use disorder (not currently using drugs illegally) * Autoimmune disorder, for example, lupus, fibromyalgia, rheumatoid arthritis, HIV/AIDS * Blind or low vision * Cancer (past or present) * Cardiovascular or heart disease * Celiac disease * Cerebral palsy * Deaf or serious difficulty hearing * Diabetes * Disfigurement, for example, disfigurement caused by burns, wounds, accidents, or congenital disorders * Epilepsy or other seizure disorder * Gastrointestinal disorders, for example, Crohn's Disease, irritable bowel syndrome * Intellectual or developmental disability * Mental health conditions, for example, depression, bipolar disorder, anxiety disorder, schizophrenia, PTSD * Missing limbs or partially missing limbs * Mobility impairment, benefiting from the use of a wheelchair, scooter, walker, leg brace(s) and/or other supports * Nervous system condition, for example, migraine headaches, Parkinson's disease, multiple sclerosis (MS) * Neurodivergence, for example, attention-deficit/hyperactivity disorder (ADHD), autism spectrum disorder, dyslexia, dyspraxia, other learning disabilities * Partial or complete paralysis (any cause) * Pulmonary or respiratory conditions, for example, tuberculosis, asthma, emphysema * Short stature (dwarfism) * Traumatic brain injury PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete. Okta The foundation for secure connections between people and technology Okta is the leading independent provider of identity for the enterprise. The Okta Identity Cloud enables organizations to securely connect the right people to the right technologies at the right time. With over 7,000 pre-built integrations to applications and infrastructure providers, Okta customers can easily and securely use the best technologies for their business. More than 19,300 organizations, including JetBlue, Nordstrom, Slack, T-Mobile, Takeda, Teach for America, and Twilio, trust Okta to help protect the identities of their workforces and customers.

Job Title: “Information Security Specialist” (Cyber security analysis) Duration: 9+ Months (with high possibility of extending into full time) Job Description: This position is in Corporate Information Security and under the direction of the Manager, Third-Party Cybersecurity Assessments. The Cybersecurity Assessment Analyst will perform cybersecurity assessments on new and existing third parties. The Analyst will construct detailed and summary reports of assessments, including customized reports, as needed. The Analyst will work with Subject Matter Experts (SME) to develop and apply risk assessment criteria (aligned with Policy) to new and existing suppliers using internal and external business intelligence. The Analyst will work with Third-Party Risk Management, Privacy and Legal Counsel, Procurement and Contract Managers, Compliance, and Business Owners to develop and maintain an internal service model that informs the business of key risks in a timely manner to limit unnecessary impediments and avoid bureaucracy. Specific responsibilities: - Coordinate the development of information security policies, standards and procedures. Work with key IT offices, data custodians and governance groups in the development of such policies. Ensure that company policies support compliance with external requirements. Oversee the dissemination of policies, standards and procedures to the user community - Coordinate the development and delivery of an education and training program on information security and privacy matters for employees, other authorized users, and vendors - Serve as the company compliance officer with respect to state and federal information security policies and regulations. Work with the -designated internal audit, SOX compliance, legal, and HR on compliance issues as necessary. Prepare and submit and submit required reports to external agencies. - Develop and implement an Incident Reporting and Response System to address security incidents (breaches), respond to alleged policy violations, or complaints from external parties. - Serve as the official company contact point for information security, privacy and copyright infringement incidents, including relationships with law enforcement entities. - Develop and implement an ongoing risk assessment program targeting information security and privacy matters; recommend methods for vulnerability detection and remediation, and oversee vulnerability testing. Required Qualifications: Talent management, results focus and inspirational leadership. Essential Functions • Conduct third-party cybersecurity risk assessments, applying established criteria • Support assessment team with quality assurance reviews over work product and reporting • Collaborate with internal partners and third parties to mitigate and otherwise resolve third-party cyber risks • Consistently deliver on commitments, deadlines and objectives while remaining in scope and leveraging appropriate tools, methods, frameworks, and professional standards • Demonstrate consistent credibility with business partners and leadership while recommending initiatives, identifying gaps, and potential issues • Continuously demonstrate the ability to work independently while representing the services of the department with the highest level of professionalism • Demonstrate the ability to appropriately influence business decisions, and the professional judgment for selecting the appropriate methods and techniques to do so Preferred Qualifications: • Solid background both educationally and via professional experience. No less than 3 years' professional experience in business operations, project/program management, finance, risk management, information security, business analytics or similar. • Experience in large companies and/or complex environments, or providing professional consulting services for them. • Demonstrated abilities in problem-solving and analysis: identifies issues, analyses information to assess root cause and relationships, risks, and potential risk responses. Proven ability to synthesize and summarize complex data into concise recommendations and reports. • Demonstrated strong business writing and professional oral communication skills. • Proven ability to balance multiple priorities, adapt to a constantly changing business environment, work independently, drive projects to completion, and meet deadlines in a fast-paced environment-with only periodic supervision. • Ability to work collaboratively and manage and initiate effective cross-functional relationships. • Strong computer skills, including MS Office products (e.g. Word, Excel, PowerPoint, Visio) and other business software to prepare reports, memos, summaries, and analyses. Desired • Analytical - Synthesizes complex or diverse information; Collects and researches data; employs intuition and experience to complement data; Designs work flows and procedures. • Quality Management - Looks for ways to improve and promote quality; Demonstrates accuracy and thoroughness. Applies feedback to improve performance; Monitors own work to ensure quality • Planning/Organizing - Prioritizes and plans work activities to achieve success; Sets and achieves goals and objectives; Develops realistic action plans • Professionalism - Reacts well under pressure; Keeps commitments; Accepts responsibility for own actions. • Career Growth: Focus on cyber security auditing with potential advancement goals in engineering or threat analysis roles • Self-directed team player with Agile environment experience Education Minimum Required • Bachelor's Degree • Equivalent experience is acceptable. License or Certification Desired: (one of the following): CISA (Certified Information Systems Auditor) GSEC (GIAC Security Essentials Certification) CompTIA - Security+ ECSA - EC-Council Certified Security Analyst SSCP (Systems Security Certified Practitioner) Other: Six Sigma, PMP or Agile certificates Other comments - suppliers: Organizational skills; office suite knowledge; and good communication skills are “must haves”. Cyber security analysis experience is preferred. Additional Information All your information will be kept confidential according to EEO guidelines.