Information security analyst jobs in Laguna Woods, CA

Required Skills & Experience: Bachelor's degree in a related field preferred but not required. 5+ years of experience in a SOC or similar security environment. Expertise with SIEM, EDR, CSPM tools; strong skills in SQL/KQL/Cypher for data analysis. Proven ability to lead complex investigations and coordinate across technical and business stakeholders. Solid understanding of cybersecurity frameworks (MITRE ATT&CK, NIST CSF, NIST SP800-61r3). Experience with log aggregation technologies and SIEM tuning processes. Job Description: A large financial services customer based in Irvine, CA is seeking a Cyber Security Operations Analyst, focused on Incident Response. This individual will lead Incident Response, and act as a technical expert within the SOC. This team protects the organization from cyber threats. This role requires strong analytical skills, leadership in high-severity incidents, and deep knowledge of security tools and frameworks. Pay: 50-65/hr

Security, Compliance and Audit Readiness: Enforce network security controls aligned with Criminal Justice Information Services (“CJIS”), National Institute of Standards and Technology (“NIST”), and department policy. Implement and maintain firewall rulesets, Network Access Control (“NAC”) solutions (e.g., Cisco Identity Service Engine (“ISE”)), and endpoint access policies. Support the cybersecurity team in incident detection, forensic analysis, and mitigation strategies. Provide documentation and evidence for security audits and compliance reviews. Implementation, Operations and Support: Serve as the hands-on engineer for network deployment, upgrades, and incident response. Configure and manage Cisco switches, routers, firewalls, WLCs, and wireless endpoints. Design and manage VPNs, QoS, ACLs, network monitoring, and logging systems (SolarWinds, NetFlow, SNMP). SME Leadership and Staff Development: Serve as the department's SME on enterprise security, guiding decisions across IT, public safety systems, and operations. Train, coach, and mentor internal IT staff, including junior and mid-level network technicians. Lead structured knowledge transfer sessions, hands-on training, and real-time coaching during support and implementation activities. Create SOPs, how-to guides, and step-by-step documentation tailored for ongoing use by internal staff. Support staff in preparation for certification paths (e.g., CCNA/CCNP) if desired. Any other activities reasonably related to the foregoing, as assigned by the Client

100% on-site in Santa Ana, CA Interview Schedule: 1 round- virtual, potential 2 being onsite Interview Contract Type: 18 months Security, Compliance, and Audit Readiness Enforce network security controls aligned with Criminal Justice Information Services (“CJIS”), National Institute of Standards and Technology (“NIST”), and department policy. Implement and maintain firewall rulesets, Network Access Control (“NAC”) solutions (e.g., Cisco Identity Service Engine (“ISE”)), and endpoint access policies. Support the cybersecurity team in incident detection, forensic analysis, and mitigation strategies. Provide documentation and evidence for security audits and compliance reviews. Implementation, Operations, and Support Serve as the hands-on engineer for network deployment, upgrades, and incident response. Configure and manage Cisco switches, routers, firewalls, WLCs, and wireless endpoints. Design and manage VPNs, QoS, ACLs, network monitoring, and logging systems (SolarWinds, NetFlow, SNMP). Strong technical and leadership experience in cybersecurity, with hands-on expertise in Incident Response, SIEM technologies, O365 Security Architecture and policy administration, and SIEM engineering.

100% On-site | Santa Ana, CA We are seeking a Senior Security Architect to lead enterprise security operations, compliance, and infrastructure within a mission-critical environment. This hands-on leadership role combines deep Cisco networking expertise, security architecture design, and staff mentorship to ensure audit readiness and operational excellence. Key Responsibilities: • Enforce and maintain network security controls aligned with CJIS, NIST, and internal policy frameworks. • Implement and manage firewall rules, NAC solutions (e.g., Cisco ISE), and endpoint access policies. • Support incident detection, forensics, and mitigation efforts alongside cybersecurity teams. • Lead network deployments, upgrades, and response initiatives across Cisco infrastructure. • Configure and manage switches, routers, firewalls, WLCs, and VPNs. • Design and optimize QoS, ACLs, and network monitoring (SolarWinds, NetFlow, SNMP). • Act as a Subject Matter Expert (SME), mentoring internal IT staff and guiding certification readiness (CCNA/CCNP). • Create and maintain SOPs, documentation, and training materials for ongoing operations. Top Skills Required: • Cisco networking (switches, routers, firewalls, WLCs, VPNs) • Security & compliance (CJIS, NIST, NAC, audit readiness) • Network monitoring (SolarWinds, NetFlow, SNMP, ACLs, QoS) • Leadership & mentoring (staff training, documentation, SME guidance) Nice-to-Have: • Advanced CJIS/NIST compliance experience • Public safety or government network background • Proven mentorship and SOP development experience #SecurityArchitect #NetworkSecurity #CiscoJobs #CJIS #NIST #Cybersecurity #SolarWinds #NetworkEngineer #OnsiteJobs #CaliforniaJobs #ITLeadership #InformationSecurity #InfrastructureSecurity

We don't just offer jobs; we cultivate careers. Become part of our dynamic team of professionals and experience what it means to truly be valued. We're passionate about empowering our associates to reach their full potential, fostering growth, and celebrating success together. When you join Sigma, you're stepping into a fast-growing, innovative global food organization that's redefining excellence in the industry. Are you ready to elevate your career? Come join our table! Position Summary Responsible for designing, implementing, supporting and administering the IT infrastructure and information security applications. Analyzes system requirements and defines system architecture that will meet business needs, including server infrastructure, capacity planning, storage requirements and networking protocols. Essential Job Functions Responsible for designing and implementing information systems that will adequately support the infrastructure of the organization. Examines system requirements and system architecture and provides new processes/standards that will meet business needs, including server infrastructure, capacity planning, storage requirements, and networking protocols. Ensures that architecture project roll-outs meet security standards and are effectively integrated with current applications. Completes tasks designed to ensure security of the organization's systems and information assets. Protects against unauthorized access, modification, or destruction and develops IT security policies and standards. Authorize user access and familiar with domain structures and digital signatures. Oversees and guides the work of lower-level IT personnel or other IT teams. Develops, implements and maintains policies, procedures, and programs for ensuring the security and integrity of company data, databases, information systems, and technology. Conducts risk management analysis and creates business continuity, contingency, and disaster recovery plans. Leads the development, update, and execution of Business Continuity Plans for systems and data within Enterprise Data. Develops and executes the testing processes utilized to validate the disaster recovery plans and to identify weaknesses and failure points in the plans. Works on advanced, complex technical projects or business issues. Other duties as assigned. Minimum Qualifications Associate degree in Computer Science, Computer Engineering, Technology, Information Systems or equivalent work experience. Eight years of infrastructure or security architecture. Experience in enterprise and security architecture. Experience on day to day IT operation management. Experience on Data Center environments. License/Certifications: N/A Preferred Qualifications Formal training ITIL, COBIT, or Microsoft certification. Project Management certification. Knowledge, Skills & Abilities (KSA's) Knowledge on consolidation of Active Directory environments on a medium to large company. Strong technical knowledge across infrastructure and security services support. Working understanding of Active Directory structure (e.g. GPOs). Working understanding of Agile and RACU Frameworks. Understand industry threats and the methods to apply appropriate controls. Knowledge of PowerShell and other automation methods. Understanding of server hardening. Proficient with Microsoft Office, including skills with Outlook, Word and Excel. Ability to lead and effectively communicate with technical and non-technical staff across multiple disciplines and levels of the organization. Ability to identify complex problems, review information to develop and evaluate options then implement solutions. Environmental/Working Conditions N/A Physical Requirements Usual office environment with frequent sitting, walking, and standing, and occasional climbing, stooping, kneeling, crouching, crawling, and balancing. Frequent use of eye, hand, and finger coordination enabling the use of office machinery. Oral and auditory capacity enabling interpersonal communication as well as communication through automated devices such as the telephone.

WHO WE ARE: Headquartered in Southern California, Skechers-the Comfort Technology Company -has spent over 30 years helping men, women, and kids everywhere look and feel good. Comfort innovation is at the core of everything we do, driving the development of stylish, high-quality products at a great value. From our diverse footwear collections to our expanding range of apparel and accessories, Skechers is a complete lifestyle brand. ABOUT THE ROLE: Skechers is seeking a passionate Application Security Engineer to join our team and serve as a security champion who bridges the gap between development and security operations. This role is critical to strengthening our security posture by embedding security practices throughout the software development lifecycle and fostering a security-first culture across our development teams. The ideal candidate will be a hands-on security professional who thrives on collaboration, enjoys mentoring developers, and has the technical expertise to identify vulnerabilities while providing practical remediation guidance. You will play a pivotal role in scaling our application security program and ensuring our applications are secure by design. WHAT YOU'LL DO: Successfully integrate security practices into development workflows, resulting in measurable reduction of security vulnerabilities in production applications Conduct thorough security-focused code reviews that identify critical vulnerabilities while providing actionable feedback to development teams Establish and implement efficient processes for triaging, prioritizing, and tracking remediation of security findings with clear SLAs and accountability measures Enhance developer engagement through proactive security awareness initiatives, building trusted relationships that enable developers to implement secure coding practices throughout the development process. Assist with management and optimization of SAST, DAST, OSS, WAF, and other application security tools to maximize coverage and minimize false positives Provide analysis and support as needed during security incidents to contribute to faster resolution times WHAT YOU'LL BRING: Proficiency with application security tools including SAST, DAST, dependency scanning, and WAF technologies Strong understanding of common web application vulnerabilities (OWASP Top 10) and secure coding practices Experience with at least one programming language (Java, Python, JavaScript, C#, or similar) Knowledge of API security, authentication mechanisms, and authorization frameworks Familiarity with DevSecOps practices and CI/CD pipeline integration REQUIREMENTS: 3-5 years of hands-on application security experience with demonstrated expertise in secure code review Retail or e-commerce experience a plus The pay range for this position is $110,000-$155,000/yr USD.

About the Company: Blizzard Entertainment, a global leader in interactive entertainment, has been shaping the world of video games since its founding. Renowned for iconic franchises like World of Warcraft , Overwatch , and Diablo , Blizzard is dedicated to creating immersive, innovative, and high-quality gaming experiences that captivate millions of players worldwide. Our mission is to inspire and connect players through engaging gameplay, compelling storytelling, and vibrant online communities. As we continue to expand our reach in the gaming industry, we remain committed to pushing the boundaries of creativity, technology, and entertainment. The Role: Staff Blockchain Security Engineer Blizzard's Application Security (AppSec) team is entrusted with safeguarding the company and its players from software vulnerabilities and security threats. As a Staff Blockchain Security Engineer within AppSec, you will specialize in securing blockchain-based game features, in-game economies, and Web3 integrations. You'll collaborate closely with game development and engineering teams to provide guidance, perform security assessments, and implement best practices throughout the blockchain software lifecycle. This role requires in-person collaboration two days per week at our Irvine, California headquarters. Key Responsibilities: Conduct comprehensive security reviews of blockchain integrations, smart contracts, in-game economy systems, and Web3 features for vulnerabilities and architectural flaws Advise game development teams on secure blockchain practices and remediation strategies Establish and maintain secure development processes within the blockchain software lifecycle Develop, maintain, and improve blockchain-specific security tooling (e.g., fuzzers, static analysis frameworks) Collaborate with legal, compliance, and risk teams to evaluate security, operational, and regulatory risks of blockchain implementations Minimum Qualifications: 8+ years in application security, Web3 security, or related disciplines Proven experience auditing smart contracts, blockchain protocols, or Web3 applications Expertise in design reviews, threat modeling, secure code review, or penetration testing with a hacker mindset Strong knowledge of application security principles and common vulnerabilities (e.g., SSRF, race conditions, privilege escalation) Experience with secure key management, wallet systems, or cryptography Familiarity with blockchain security tools such as Slither, Echidna, or similar Scripting or programming experience in Python, C++, JavaScript, or other relevant languages Ability to balance business goals with security priorities and communicate risks clearly to cross-functional teams Preferred Qualifications: Experience in formal verification of smart contracts Background in blockchain-enabled gaming, DeFi platforms, or NFT ecosystems Contributions to blockchain security communities, bug bounty programs, or published research Experience defining and executing long-term blockchain security strategies alongside engineering leadership Why Blizzard? Competitive base salary and discretionary annual bonus Equity opportunities and long-term incentives Comprehensive health, dental, and vision plans 401(k) with company match Paid parental leave and flexible time off A hybrid work model that balances collaboration with flexibility Salary Range: $170,000 - $250,000. This excludes discretionary bonuses or equity grants, which are determined based on experience, skills, and market standards. Blizzard Entertainment is committed to building diverse teams that reflect the communities we serve. We are an equal opportunity employer and do not discriminate based on race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or veteran status. If you require accommodation, please reach out to our People Team.

at The Azoff Music Company LLC Information Security Analyst About the RoleWe are looking for an Information Security Ånalyst to operate and maintain our information security systems. As a mid-size entertainment company with global reach, we manage sensitive intellectual property and digital assets that demand the highest level of security. This role will be responsible for helping to design, implement, and maintain a robust information security program that aligns with business objectives and compliance requirements. Key Responsibilities Governance, Risk Management, and Compliance Establish and maintain security policies, standards, and procedures that comply with applicable regulations (e.g., GDPR, CCPA, SOC 2, ISO 27001, PCI-DSS). Oversee risk assessments and audits, ensuring remediation plans are executed effectively. Manage vendor security evaluations and third-party risk management programs. Operational Security Oversee incident detection, response, and recovery processes to ensure rapid containment and resolution of security events. Implement and monitor security controls across endpoints, networks, and cloud infrastructure. This may include selecting, implementing, and monitoring security software, reviewing network settings like firewall rules and access policies, inspecting hardware and software for vulnerabilities. Lead vulnerability management, penetration testing, and threat intelligence initiatives. Awareness and Culture Develop and deliver ongoing security training and awareness programs for all employees. Champion a culture of security across departments, ensuring staff understand their role in protecting company assets. Mentor junior technical staff on information security best practices, operations, and technology. Technology and Innovation Partner with IT and digital teams to integrate security into technology architecture and workflows. Evaluate and implement advanced security tools, automation, and analytics for proactive threat management. Stay current with emerging threats, trends, and technologies in cybersecurity and the entertainment industry. Qualifications Bachelor's degree in Computer Science, Information Security, or a related field. 5+ years of progressive experience in information security. Proven experience supporting enterprise security programs, preferably in media, entertainment, or technology environments. Strong knowledge of cloud security, identity and access management, and data loss prevention. Strong knowledge of Conditional Access Policies and Device Compliance in Microsoft Entra ID. Experience implementing and managing SSO and SCIM configurations. Familiarity managing PAM solutions like Microsoft Privileged Identity Management. Strong programming (Python) and/or scripting skills (PowerShell/Bash) Familiarity with common device management tools like Intune, Jamf, Mosyle, Addigy, etc. Professional certifications such as Security +, Network +, CISSP, CCSP or CASP, or similar highly desired. Excellent communication and stakeholder management skills - able to translate complex technical risks into clear business implications. The base salary range for this role is $120,000 - $150,000 depending upon experience.Our offices are located in Westwood Village, Los Angeles, CA. Employees work in the office Monday through Thursday and from home on Fridays. We offer a very competitive benefits package, annual bonus, and a creative and dynamic working environment. We are a fully vaccinated workforce. Successful candidates will be required to show proof of being vaccinated against COVID-19. You are up to date when you have received a two-dose series and a booster, or a single dose series and a booster. Reasonable accommodations will be considered on a case-by-case basis for exemptions to this requirement in accordance with applicable law. Disclaimer: This job description only provides an overview of job responsibilities that are subject to change. We are an Equal Opportunity Employer

Job Description Forhyre is seeking a talented individual that will be able to provide security architecture support and interface across the program as needed. This support includes, but is not limited to, cybersecurity solutions, providing technical strategy for solutions, guidance, policy, and implementations. The successful candidate for this position is a highly motivated individual, with a strong IT security background who excels integrating, operating, and deploying security technology and solutions and interacts well with both internal teams and clients. Note: U.S. citizens and those authorized to work in the U.S. are encouraged to apply. We are unable to sponsor at this time. Responsibilities: Engineer, implement and monitor security measures for the protection of computer systems, networks and information Develop and implement security policies and controls to support the Cyber Security framework Manage the existing cyber security training program across global, multilingual business Assists in ensuring global Information security program meets all industry regulations, standards, and compliance requirements Drive adoption of infrastructure security best practices and work with Information Technology teams to ensure security standards are maintained Implement technology to proactively scan Information Technology environment for security breaches and suspicious activity Continuous improvement in the areas of Information Security technologies, techniques and processes Develops and maintains an effective system for the distribution of regular key performance indicator reports and dashboard Ability to interpret penetration test results and describe issues and fixes to non-security expert Responsible for leading an accurate & comprehensive status reporting to the executive steering committee Create and implement SOP/ process improvement initiatives to achieve outcomes that align or exceed the expectations of strategic roadmap Skills & Experience Bachelor's degree and 12+ years of experience; additional years of directly applicable experience may be accepted in lieu of a degree. Certified Information Systems Security Professional (CISSP) 8+ years hands-on experience designing or implementing security solutions, including all related documentation and artifacts Analytical ability, problem-solving skills, and ability to break down complex problems into actionable steps Extensive experience in design and development of enterprise security architectures. Experience must include a wide range of work in creating diagrams and documentation with all components that comprise IT systems including network topology. Strong knowledge and experience in secure enterprise architecture design, especially with regard to IAM, NDR, EDR, SIEM, AI/ML, and other cybersecurity tools and resultant applications Experience selecting effective methods, techniques, and evaluation criteria to achieve desired outcomes Previous experience developing architectures, strategies, strategic plans, roadmaps, and technical standards for the federal IT enterprise environment. Vulnerability Assessment testing and/or Penetration Testing (preferred) Robotic Process Automation/Intelligent Automation (preferred) Business case development supporting security technology solutions (preferred) Additional certifications demonstrating cybersecurity/technical mastery (preferred)

**THE COMPANY** **Silvus Technologies** is dedicated to one mission: connecting those who keep us safe. We do so by delivering the most advanced Mobile Ad-hoc Network (MANET) radios powered by our custom and ever-evolving Mobile-Networked MIMO waveform. Together, our radios and waveform provide the vital communications for mission critical applications in the harshest environments from underground tunnels to high altitude balloons. Silvus StreamCaster radios are being rapidly adopted by customers all over the world ranging from the U.S Departments of Defense, to International, Federal, State and Local Law Enforcement agencies, all the way to the Super Bowl, Grammys and industry-leading drone, robot, and other unmanned systems manufacturers. _Wouldn't you like to join an incredibly talented group of people, doing very challenging work, with the prime directive of "_ Keeping Our Heroes Connected (************************************** P0GLc) _"?_ Silvus' rapid growth is fueled by a focus on research and innovation and a team of the most passionate, skilled, and creative thinking individuals. _If you are looking for a challenging experience, you owe it to yourself to learn how Silvus can provide a rewarding opportunity that creates a pathway to a fulfilling career._ **THE OPPORTUNITY** Silvus is seeking a **Linux System and Security Analys** **t** to analyze, troubleshoot, automate, and conduct CyberSecurity activities based on Cybersecurity Maturity Model Certification (CMMC) and maintain the company's IT infrastructure. The position will exercise full ownership and decision-making authority over the resolution of end-user technical challenges, including hardware failures and software anomalies. This position's primary duty is to perform high-level systems analysis, security architecture, and risk assessment in support of organizational objectives. This includes exercising discretion and independent judgment on matters of significance to company-wide IT security and compliance. This position requires a DCSA clearance to be obtained within 12 months of employment. This position is fully onsite, Monday through Friday at Silvus Technologies' HQ in the heart of vibrant **West Los Angeles.** The following is a list of at least some of the current essential job functions of the position. Management may assign or reassign duties and responsibilities at any time at its discretion. **ROLE AND RESPONSIBILITIES** + Act as the primary technical advisor for diagnosing and resolving complex infrastructure issues, with autonomy to escalate or implement system-level changes to maintain Production department continuity. + Responsible for evaluating risks, designing secure systems in compliance with Cybersecurity Maturity Model Certification (CMMC) standards, and making strategic recommendations. + Provide Linux and Windows system desktop and server support, as well as network administration for the entire company based on the NIST CyberSecurity Framework. + For individuals with Security Clearance, apply Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIG) to secure and maintain IT infrastructure, providing the necessary documentation and technical support required for continuous Authorization to Operate (ATO). + Responsible for Automated Deployment and monitoring of computer systems. + Oversee the planning and implementation of hardware lifecycle management for Windows and Linus-based servers and VMs. + Support vulnerability and patch management processes, ensuring all Linux vulnerabilities are remediated in accordance with NIST CyberSecurity Framework. + Support Engineering and R&D teams to ensure strict IT compliance with the CMMC framework, specifically with security controls. This role is critical in protecting Controlled Unclassified Information (CUI) and maintaining our accredited environment. + Develop and maintain documentation related to the company's IT infrastructure and support processes. + Oversee the governance and accuracy of the company's hardware and software asset inventory, ensuring appropriate lifecycle management and compliance with security and audit requirements. + May occasionally require on-call coverage overnight, on weekends, and on holidays. + Perform other related duties of which the above are representative. **REQUIRED QUALIFICATIONS** + Bachelor's degree or equivalent in an IT-related field. + 3 years of Linux-related work experience. + Experience with installing, troubleshooting, and/or maintaining Linux-based software and hardware installations. + Fluency in Linux CLI, TCP/IP, LAN/VLAN Networking, Patch Management, and Backup. + Highly proficient in Google Suite and MS Office (Excel, Word, PowerPoint). + Strong interpersonal skills with a positive and enthusiastic attitude. + Demonstrated ability to operate as a team member, supporting departmental decisions, policies, and procedures with a positive and communicative attitude with company colleagues. + **Must be a U.S. Citizen** due to clients under U.S. government contracts. + **Must be able to obtain DCSA clearance within 12 months of employment.** + **All employment is contingent upon the successful clearance of a background check.** **PREFERRED KNOWLEDGE, SKILLS AND ABILITIES** + Prior experience in a fast-paced office environment is a plus. **WORKING CONDITIONS & PHYSICAL REQUIREMENTS** + Office environment. + Occasional exposure to heat, cold, and allergens while performing tests or demonstrations in the field. + While performing the duties of this job, the employee is required to do the following: + Perform bending and reaching movements to place items on lower and higher shelves. + Kneeling or squatting to access lower shelves. + Must be able to lift up to 50 lbs. + Walking/Moving in the labs. **COMPENSATION** _The pay range is NOT a guarantee. It is based on market research and peer data, and will vary depending on the candidate's experience and qualifications._ CA Pay Range $80,000-$90,000 USD **NOTE - As a U.S. Federal Contractor, Silvus Technologies requires that ALL candidates being considered for employment for any position (regardless of level) MUST be a U.S. Person (permanent resident or citizen). Stricter U.S. Citizen ONLY requirements are needed for some Engineering or R&D roles. This generally does NOT apply to International positions; only job postings for positions located in the U.S. Exceptions will be included in the Required Qualifications section of the posted position.** **_All Employment is contingent upon the successful clearance of a background check._** Silvus is proud to be an equal-opportunity employer, and we value diversity. We do not discriminate on the basis of race, color, age, religion or belief, ancestry, national origin, sex (including pregnancy), sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, physical or mental disability, protected veteran status, genetic information, political affiliation, or any other factor protected by applicable federal, state, or local laws. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive benefits and privileges of employment. Please contact us to request accommodation. _*Silvus does not accept unsolicited resumes from individual recruiters or third-party recruiting agencies in response to job postings. No fee will be paid to third parties who submit unsolicited candidates directly to Silvus Technologies._

Are you passionate about administrating and enforcing solutions that safeguard data? Are your interested in serving your fellow team and the community? If so, we want to talk to you - we are currently looking for Service Superstars to join our Team! An Information Security Analyst 1 takes a lead role in the research, design, and implementation of all information security related hardware or software; including operating systems and communications products, coordinating implementations with third party vendors and supporting representatives as needed. This role also serves as a liaison between vendors and other departments on information security related projects. Duties and Essential Functions: Service Personally, provides exceptional member service; uses Service Standards in every work-related interaction. Ensures that exceptional member service is being provided to members and team members, at all times. Serves as a strong example of leadership in work ethic, professionalism, and conduct. Promotes a harmonious work environment that motivates others towards team participation, goal setting/accomplishment, and personal development. Daily Operations Assists in the management of multiple information security systems, ensuring proper integration of the components with computer systems, network equipment and other devices. Assists in research of data security needs and requirements for current and future systems. Performs regular vulnerability analysis for intentional and unintentional systems misuse and identifies appropriate counter measures. Takes a supporting role in the management of the Credit Union's information security program including establishing, implementing and monitoring of information security, incident response procedures and policies, system configuration standards and ongoing risk assessments. Assists the credit union management team with the creation, modification, and implementation of Information Security policies and standards. Performs routine audits of security databases including Active Directory, Anti-Virus, Data Loss Prevention (DLP), Group Policy, Remote Authentication Dial-In User Service (RADIUS), and regularly reviews other security logging systems. Designs and/or implements changes to these systems in response to any discovered vulnerabilities. Performs regular audits of credit union procedures including new hire/transfer/separation process, configuration checklists, firewall changes, Uniform Resource Locator (URL)/Spam filter changes, DLP changes, file permission changes, inventory changes, equipment changes, and system health checks. Takes a supporting role in the management of Credit Union patch management, anti-virus, Spam filtering, DLP, URL filtering, and intrusion prevention systems. Assists with the development and implementation of active directory group policy objects with an emphasis on enhancing computer systems security. Manages the creation, deletion, or alteration of systems access for Credit Union team members. Makes key decisions on whether to honor system access requests and responds appropriately. Takes a supporting role in the research, design, and implementation of all information security related hardware or software including operating systems and communications products; assists with coordination of implementations with third party vendors and supports representatives as needed; serves as a liaison between vendors and other departments on information security related projects. Conducts various training and instruction programs for credit union team members on the secure use of e-mail and the internet as well as operating systems, networking, computer applications and databases. Assists in the evaluation of new projects and proposes systems for security risks and makes recommendations for implementation to management. Takes supporting role in analyzing, planning and implementing projects including software, in-house development, hardware, and networks to provide new products and services to members of the credit union and to improve the effectiveness of member data security. Performs capacity planning and tuning of information security systems to assure maximum availability and optimal utilization; directs/assists with hardware and software upgrades as needed. Develops project scope and timeline documents for individual projects per Information Systems (IS) Department standards. Stays current with evolving trends in information security related hardware, applications, development, and the internet. Provides guidance and assistance on technical skills to other IS staff. Provides regular documentation and reports on the progress of information security initiatives as well as provides suggestions or plans to further improve the credit union's security efforts. Other duties as deemed necessary and assigned by Supervisor to achieve the goals of the department and the Credit Union. Benefits Include: (not a complete list) Wellbeing Weekly pay 401K Retirement Savings Plan with company match Paid time off accrual begins upon hire, 15 paid vacation days, 11 paid holidays Paid sick leave Company-provided life insurance at twice your annual salary Financial Education Programs DoorDash DashPass Health Medical, Dental, and Vision Insurance for part-time and full-time employees Modern Health Care.com subscription Teladoc Career Development Career development opportunities Team members are eligible to apply for assistance with educational expenses through ArrowHeart's scholarship program. To learn more about Arrowhead Credit Union and our service culture, visit our Career page, and our ArrowHeart Foundation. The pay range for this position is listed below. Starting pay for successful applicants is generally within the minimum to midpoint of the pay range. Our consideration for pay is designed to support career growth and development over time. Offers extended depend on a variety of job-related factors, including but not limited to individual experience, knowledge, training, education, geographic location, market demands, and internal equity. Pay range: Minimum: $35.11/hourly | Midpoint: $43.89/hourly | Maximum: $52.67/hourly

The Information Security organization at Sony Pictures Entertainment is responsible for protecting our content, systems, and data from being stolen, damaged, or destroyed. To do so, we are continuously improving our tools, capabilities, and processes to stay ahead of evolving threats. The Manager, Information Security Productions is accountable for operationalizing the Information Security Productions program across all SPE U.S. productions. This includes driving consistent implementation of approved security standards, tools, and controls; ensuring data-driven visibility into production security risk; and supporting compliance and readiness reporting to leadership. Success in this role requires strong cross-functional collaboration across Information Security, IT, S3, and production teams to embed security into creative workflows without friction, while ensuring protection of SPE's most valuable assets-our stories and intellectual property. This role will also ensure program consistency with regional and global counterparts, contribute to automation and standardization of key controls, and support ongoing improvement of information security for productions practices across the production lifecycle. Key indicators of success in this role will be: + Business leaders have near real-time visibility into production information security risk using meaningful, actionable metrics that drive timely and effective decision-making. + Consistent application of approved tools, workflows, and controls across productions, ensuring compliance and readiness reporting aligns with studio KPIs. + Production teams trust SPE to provide a secure, highly available, and easy-to-use digital production environment that safeguards our content and data. + Information Security, Physical Security, and IT operate as unified partners to protect SPE productions from concept to archive. Within this organization, we value learning, agility, and collaboration. The Manager, Information Security Productions (CC, US) will be a key contributor to Sony Pictures Entertainment's goal of being the most trusted studio in the industry. Responsibilities Provide visibility and actionable insight into Information Security risk across active U.S. productions. + Monitor, analyze, and report on production security posture and key control performance metrics for each production. + Partner with global InfoSec, Risk, Threat Intelligence, Incident Response, Training, and Governance teams to align production needs with enterprise programs. + Prepare and present dashboards and reports on security trends, compliance status, and improvement opportunities. + Support the development of production-specific metrics and KPIs to measure control effectiveness. + With IT and Physical Security, maintain security controls in place for productions to most effectively meet our business goals. Operationalize the Production Information Security Program across U.S. productions. + Ensure consistent implementation of approved security tools, policies, and workflows within productions. + Coordinate adoption of automated controls with productions, such as provisioning, watermarking, and access telemetry. + Support the standardization and scalability of production security practices across production titles and business units. Ensure and track production security culture, awareness, and response readiness. + Amplify the reach of security training and awareness initiatives by coordinating rollout to productions, ensuring consistent messaging and participation tracking. + Gather feedback from productions to help refine information security for productions training and awareness efforts. + Partner with Incident Response to ensure clear communications, timely follow-up, and closure of corrective actions. + Track cultural and operational readiness indicators (e.g., onboarding rates, reporting engagement, post-incident improvements) to measure program maturity and continuous improvement. Qualifications + 5+ Years of experience in Information Security, Information Technology or a related field + 5+ Years of experience in an organization directly involved in movie, television and/or other entertainment production, or equivalent educational experience. + Bachelor's degree preferred + Strong understanding of the technologies, tools and processes used in production of movies and/or television. + Knowledge of Information Security frameworks, standards and best practices and their relevance to business success + Specific knowledge of processes, tools and practices used to maintain confidentiality in the context of movie and television productions. + Ability to develop and maintain meaningful metrics to track program and process effectiveness. + Strong planning and analytical skills + Strong communications skills Sony Pictures Entertainment is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, national origin, disability, veteran status, age, sexual orientation, gender identity, or other protected characteristics. To request an accommodation for purposes of participating in the hiring process, you may contact us at SPE_Accommodation_Assistance@spe.sony.com.

Department Description At Disney, we're storytellers. We make the impossible, possible. The Walt Disney Company (TWDC) is a world-class entertainment and technological leader. Walt's passion was to continuously envision new ways to move audiences around the world-a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences - and we're constantly looking for new ways to enhance these exciting experiences. The Enterprise Technology mission is to deliver technological solutions that align to business strategies while enabling enterprise efficiency and promoting cross-company collaborative innovation. Our group drives competitive advantage by enhancing our consumer experiences, enabling business growth, and advancing operational excellence. The Global Information Security (GIS) organization strives to secure the magic by employing best-in-class services to assess, prevent, detect, and respond to cyber threats that present risk to The Walt Disney Company. We enable the business by integrating enterprise and business segment-specific supported services to create a robust, efficient, and adaptable cybersecurity program. Our key objectives are to: * Secure the Magic by protecting information systems and platforms. * Reduce Risk by proactively assessing, preventing, and detecting to prevent harm to the Company and our Guests. * Strengthen the business through optimizing execution, application, and technology used to protect the Company. * Innovate by investing in core capabilities to enhance operational efficiency. Team Description: Global Information Security (GIS) supports all of Disney's business segments, including Disney Entertainment & ESPN (DE&E). DE&E encompasses the operations of Disney's streaming services-Disney+, Hulu, ESPN+, Disney+ Hotstar, Star, and the upcoming Venu Sports streaming service-as well as Disney's broadcast and cable networks, including ABC, ESPN, FX, Disney Channels, and National Geographic. DE&E sits at the intersection of entertainment, sports, and technology, striving to connect viewers with beloved stories while advancing the streaming industry with consumer-first innovations. Security professionals supporting DE&E work with industry-leading technologies to deliver world-class, highly secure services to customers. What You'll Do: * Independent audit support for: * SOX 404 ITGCs * PII * PCI * ISPS * Collaborate with Enterprise Controls and Compliance (ECC) to scope systems and respective ITGCs. * Perform control health checks and remediation testing procedures to address issues identified via audit assessments, access control reviews, internal or external audits and/or other assessments. * Develop and lead the Control Assurance Programs (ISPS and SOX). * Lead Audit Readiness efforts to ensure proper system scoping and respective ITGCs, control validations and timely program onboarding. * Participate in audit walkthrough meetings to help establish internal testing procedures to gain operational comfort in the design of the Company's automated controls. * This includes control self-evaluations of new controls or processes that impact the effectiveness of an existing control. * Perform impact analysis and risk assessment on deficiency findings and documentation associated with the assessment. * Work with management and internal audit on maintaining the master Risk and Control Matrix over the systems material to Disney Entertainment and ESPN (Broadcast TV and Streaming - Hulu, Disney+, ESPN+, STAR+ products) * Ensure for timely management response of audit findings into our corporate SOCD/SAD. * Oversee ISPS Management Audit coordination and open action plans. * Provide consultancy to Development leads to identify and implement automation and efficiency opportunities to meet governance and compliance demands. * Management of GRC workflows around coordination of certifications and attestations. * Partner with leadership to support the PCI-DSS compliance program. * Develop training materials, coordinate training sessions, and monitor compliance with training requirements. * Oversee and manage a team of compliance analysts, ensuring day-to-day operations run smoothly and efficiently. * Assign tasks and projects to team members based on priorities, deadlines, and individual strengths. * Provide executive level updates on Compliance programs Must Haves (Years of Experience, languages, programs, tools, etc.): * Minimum of 8 years of related work experience, with 3 in management roles * IT SOX experience and proven experience in supporting IT audit/compliance functions * Experience in managing people * Thorough understanding of SOX ITGC and ICFR 404 standards and audit objectives * Interpersonal skills with the ability to work with teams cross-functionally * Strong verbal and written communication skills and ability to effectively communicate to technical and non-technical audiences, including developers and tech operators * Detail-oriented but able to understand the big picture. Highly organized and efficient * Ability to navigate through ambiguity, manage and coordinate multiple project assignments simultaneously in a fast-paced, deadline-driven environment, accepting ownership and accountability of the process and deliver on commitments * Experience with cloud-based services, specifically AWS Nice To Haves (see above): * Experience and knowledge of NIST framework, ISO 27001, K-ISMS, GDPR * Experience working with companies that have a heavy microservice architecture Education: Bachelor's degree in Computer Science, CPA license, Information Systems, Software, Electrical or Electronics Engineering, or comparable field of study, and/or equivalent work experience The hiring range for this position in Glendale, CA and Santa Monica, CA is $141,900 to $190,300 per year and in New York, NY is $148,700 to $199,400 per year. The base pay actually offered will take into account internal equity and also may vary depending on the candidate's geographic region, job-related knowledge, skills, and experience among other factors. A bonus and/or long-term incentive units may be provided as part of the compensation package, in addition to the full range of medical, financial, and/or other benefits, dependent on the level and position offered. About The Walt Disney Company (Corporate): At Disney Corporate you can see how the businesses behind the Company's powerful brands come together to create the most innovative, far-reaching and admired entertainment company in the world. As a member of a corporate team, you'll work with world-class leaders driving the strategies that keep The Walt Disney Company at the leading edge of entertainment. See and be seen by other innovative thinkers as you enable the greatest storytellers in the world to create memories for millions of families around the globe. About The Walt Disney Company: The Walt Disney Company, together with its subsidiaries and affiliates, is a leading diversified international family entertainment and media enterprise that includes three core business segments: Disney Entertainment, ESPN, and Disney Experiences. From humble beginnings as a cartoon studio in the 1920s to its preeminent name in the entertainment industry today, Disney proudly continues its legacy of creating world-class stories and experiences for every member of the family. Disney's stories, characters and experiences reach consumers and guests from every corner of the globe. With operations in more than 40 countries, our employees and cast members work together to create entertainment experiences that are both universally and locally cherished. This position is with Disney Worldwide Services, Inc., which is part of a business we call The Walt Disney Company (Corporate). Disney Worldwide Services, Inc. is an equal opportunity employer. Applicants will receive consideration for employment without regard to race, religion, color, sex, sexual orientation, gender, gender identity, gender expression, national origin, ancestry, age, marital status, military or veteran status, medical condition, genetic information or disability, or any other basis prohibited by federal, state or local law. Disney champions a business environment where ideas and decisions from all people help us grow, innovate, create the best stories and be relevant in a constantly evolving world. Apply Now Apply Later Current Employees Apply via My Disney Career Explore Location

Headquartered in the United States, TP-Link Systems Inc. is a leading global provider of networking devices and smart home products. Consistently ranked as the world's top provider of Wi-Fi devices, TP-Link is dedicated to delivering innovative solutions that improve people's lives by offering faster, more reliable connectivity. Serving customers in over 170 countries, we are committed to expanding our global footprint. At TP-Link Systems Inc., we believe that technology has the power to transform the world for the better. Our mission is to design reliable, high-performance products that connect users worldwide to the limitless possibilities of technology. We are driven by our core values of professionalism, innovation, excellence, and simplicity. Our goal is to help clients achieve outstanding global performance and to provide consumers with a seamless, effortless technology experience. TP-Link Systems Inc. is seeking a skilled and proactive Sr. Security Compliance Analyst who will be responsible for developing and overseeing TP-Link's enterprise security governance framework, ensuring compliance with regulatory requirements, industry standards, and internal policies. This individual will collaborate with cross-functional teams to embed security into business operations, manage risk, and enhance security resilience across TP-Link's enterprise ecosystem. Key Responsibilities: Security Governance & Policy Development Develop, implement, and maintain security policies, standards, and guidelines aligned with industry best practices (e.g., NIST, ISO 27001, CIS). Establish and lead a security governance framework to ensure consistent application of security controls across the enterprise. Risk Management & Compliance Identify, assess, and mitigate security risks across TP-Link's global operations. Ensure compliance with regulatory requirements such as GDPR, CCPA, NIST CSF, and other applicable cybersecurity frameworks. Oversee security audits, risk assessments, and third-party security evaluations. Partner with legal, IT, and business leaders to address security compliance gaps. Third-Party & Supply Chain Security Develop and enforce security requirements for vendors, suppliers, and third-party partners. Conduct security assessments of supply chain partners to identify and mitigate potential risks. Security Awareness & Training Develop and lead security awareness programs to educate employees on cybersecurity risks and best practices. Foster a security-first culture across all levels of the organization. Provide guidance and training on security governance processes for internal stakeholders. Incident Response & Continuous Improvement Support security incident response efforts by ensuring governance processes facilitate rapid detection and response. Lead post-incident analysis to refine security policies and controls. Monitor emerging threats, regulatory changes, and industry trends to evolve TP-Link's security governance strategies. Requirements Qualifications Education: Bachelor's degree in Computer Science, Cybersecurity, Information Security, or a related field. Experience: 5+ years of experience in security governance, risk management, or compliance in a global technology or networking company. Proven track record in developing and implementing security governance frameworks for enterprise security. Experience managing compliance with industry standards and regulations (ISO 27001, NIST CSF, SOC 2, GDPR, CCPA, etc.). Hands-on experience with supply chain security, third-party risk management, and vendor security assessments. Skills: Deep understanding of security frameworks (ISO 27001, NIST, CIS, SOC 2) and regulatory requirements. Strong expertise in risk management methodologies, security policy development, and compliance auditing. Proficient in conducting security assessments, third-party risk evaluations, and internal security reviews. Ability to communicate complex security concepts to business and technical stakeholders effectively. Strong leadership skills with experience in cross-functional collaboration and executive reporting. Benefits Salary range: $100,000-$150,000 Free snacks and drinks, and provided lunch on Fridays Fully paid medical, dental, and vision insurance (partial coverage for dependents) Contributions to 401k funds Bi-annual reviews, and annual pay increases Health and wellness benefits, including free gym membership Quarterly team-building events At TP-Link Systems Inc., we are continually searching for ambitious individuals who are passionate about their work. We believe that diversity fuels innovation, collaboration, and drives our entrepreneurial spirit. As a global company, we highly value diverse perspectives and are committed to cultivating an environment where all voices are heard, respected, and valued. We are dedicated to providing equal employment opportunities to all employees and applicants, and we prohibit discrimination and harassment of any kind based on race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws. Beyond compliance, we strive to create a supportive and growth-oriented workplace for everyone. If you share our passion and connection to this mission, we welcome you to apply and join us in building a vibrant and inclusive team at TP-Link Systems Inc. Please, no third-party agency inquiries, and we are unable to offer visa sponsorships at this time.

Department Description At Disney, we're storytellers. We make the impossible, possible. The Walt Disney Company (TWDC) is a world-class entertainment and technological leader. Walt's passion was to continuously envision new ways to move audiences around the world-a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences - and we're constantly looking for new ways to enhance these exciting experiences. The Enterprise Technology mission is to deliver technological solutions that align to business strategies while enabling enterprise efficiency and promoting cross-company collaborative innovation. Our group drives competitive advantage by enhancing our consumer experiences, enabling business growth, and advancing operational excellence. The Global Information Security (GIS) organization strives to secure the magic by employing best-in-class services to assess, prevent, detect, and respond to cyber threats that present risk to The Walt Disney Company. We enable the business by integrating enterprise and business segment-specific supported services to create a robust, efficient, and adaptable cybersecurity program. Our key objectives are to: Secure the Magic by protecting information systems and platforms. Reduce Risk by proactively assessing, preventing, and detecting to prevent harm to the Company and our Guests. Strengthen the business through optimizing execution, application, and technology used to protect the Company. Innovate by investing in core capabilities to enhance operational efficiency. Team Description: Global Information Security (GIS) supports all of Disney's business segments, including Disney Entertainment & ESPN (DE&E). DE&E encompasses the operations of Disney's streaming services-Disney+, Hulu, ESPN+, Disney+ Hotstar, Star, and the upcoming Venu Sports streaming service-as well as Disney's broadcast and cable networks, including ABC, ESPN, FX, Disney Channels, and National Geographic. DE&E sits at the intersection of entertainment, sports, and technology, striving to connect viewers with beloved stories while advancing the streaming industry with consumer-first innovations. Security professionals supporting DE&E work with industry-leading technologies to deliver world-class, highly secure services to customers. What You'll Do: Independent audit support for: SOX 404 ITGCs PII PCI ISPS Collaborate with Enterprise Controls and Compliance (ECC) to scope systems and respective ITGCs. Perform control health checks and remediation testing procedures to address issues identified via audit assessments, access control reviews, internal or external audits and/or other assessments. Develop and lead the Control Assurance Programs (ISPS and SOX). Lead Audit Readiness efforts to ensure proper system scoping and respective ITGCs, control validations and timely program onboarding. Participate in audit walkthrough meetings to help establish internal testing procedures to gain operational comfort in the design of the Company's automated controls. This includes control self-evaluations of new controls or processes that impact the effectiveness of an existing control. Perform impact analysis and risk assessment on deficiency findings and documentation associated with the assessment. Work with management and internal audit on maintaining the master Risk and Control Matrix over the systems material to Disney Entertainment and ESPN (Broadcast TV and Streaming - Hulu, Disney+, ESPN+, STAR+ products) Ensure for timely management response of audit findings into our corporate SOCD/SAD. Oversee ISPS Management Audit coordination and open action plans. Provide consultancy to Development leads to identify and implement automation and efficiency opportunities to meet governance and compliance demands. Management of GRC workflows around coordination of certifications and attestations. Partner with leadership to support the PCI-DSS compliance program. Develop training materials, coordinate training sessions, and monitor compliance with training requirements. Oversee and manage a team of compliance analysts, ensuring day-to-day operations run smoothly and efficiently. Assign tasks and projects to team members based on priorities, deadlines, and individual strengths. Provide executive level updates on Compliance programs Must Haves (Years of Experience, languages, programs, tools, etc.): Minimum of 8 years of related work experience, with 3 in management roles IT SOX experience and proven experience in supporting IT audit/compliance functions Experience in managing people Thorough understanding of SOX ITGC and ICFR 404 standards and audit objectives Interpersonal skills with the ability to work with teams cross-functionally Strong verbal and written communication skills and ability to effectively communicate to technical and non-technical audiences, including developers and tech operators Detail-oriented but able to understand the big picture. Highly organized and efficient Ability to navigate through ambiguity, manage and coordinate multiple project assignments simultaneously in a fast-paced, deadline-driven environment, accepting ownership and accountability of the process and deliver on commitments Experience with cloud-based services, specifically AWS Nice To Haves (see above): Experience and knowledge of NIST framework, ISO 27001, K-ISMS, GDPR Experience working with companies that have a heavy microservice architecture Education: Bachelor's degree in Computer Science, CPA license, Information Systems, Software, Electrical or Electronics Engineering, or comparable field of study, and/or equivalent work experience The hiring range for this position in Glendale, CA and Santa Monica, CA is $141,900 to $190,300 per year and in New York, NY is $148,700 to $199,400 per year. The base pay actually offered will take into account internal equity and also may vary depending on the candidate's geographic region, job-related knowledge, skills, and experience among other factors. A bonus and/or long-term incentive units may be provided as part of the compensation package, in addition to the full range of medical, financial, and/or other benefits, dependent on the level and position offered. Job Posting Segment: Enterprise Technology Job Posting Primary Business: Corporate Global Information Security Primary Job Posting Category: Security Governance Employment Type: Full time Primary City, State, Region, Postal Code: Glendale, CA, USA Alternate City, State, Region, Postal Code: USA - CA - 2450 Broadway, USA - NY - 7 Hudson Square Date Posted: 2025-11-21

This position is responsible for ensuring that the Bank's Security operations and preventive controls are managed and maintained in accordance with established Information Security policies, standards and procedures, published regulations and industry best practices. Primarily responsible for the constant review of vendor security controls in comparison with policies and industry frameworks, risk assessments, determination of control gaps and their remediation. ESSENTIAL FUNCTIONS Performs vendor security risk assessments to determine inherent risk on proposed projects and assesses vendor security controls to determine residual risk. Evaluates the potential exposure to application security risks and threats based on industry security frameworks and recommends appropriate mitigation. Assesses security practices including Information Security governance, Identity and access control, Incident monitoring and response, Vulnerability assessment and Penetration tests, Network Security and Endpoint Security, among others. Acts as liaison with Third Party Risk Management, Information Technology and business department Relationship Managers related to vendor risk assessments. Reports information security risks and follows-up remediations. Remediates audit and regulatory findings and recommendations related to Information Security and Vendor Risk Management. QUALIFICATIONS Education: College degree in Information Technology or Information Security or equivalent; Security+, SSCP, CISSP, CISM or similar information security certifications preferred. Experience: Minimum two years of experience in Information Security Risk, Information Security Operations or Security Auditing. Proven experience on third-party risk management and vendor security assessments. Working knowledge of security practices such as Endpoint Security, Network Security, Security Operations and Security Governance required. Experience working with Vendor Risk Management (VRM) applications preferred. Skills/Ability: Proven ability to initiate and manage projects. Excellent communication and problem-solving skills. Strong inter-personal communication and collaboration skills. Self-starter, highly motivated, and able to work with general supervision. OTHER DETAILS $28.84 - $33.65 / hour Pay determined based on job-related knowledge, skills, experience, and location. This position may be eligible for a discretionary bonus.

The System Security Engineer Level II is required to be a highly skilled and hands-on security engineer, and will be responsible for helping to maintain and expand the infrastructure of the entire Cambro network, ensuring that they are protected from cyber threats and attacks, ensuring compliance, and responding to incidents. In this role, the responsibility is to manage, monitor, and maintain our Network IT infrastructure from CVEs, cyber threats, manage and implement device firmware and software updates. Also, the role is required to assist in projects and initiatives to support, upgrade, and maintain our technical environment to improve network security. The role requirement is to be proficient with cybersecurity frameworks including NIS, ISO27001/27002, CIS, HIPAA, CCPA/CPRA and GDPR. The role requires to have a multi-disciplined background including experience with Cybersecurity Operations, firewalls, IDS/IPS, switches, VLANs, routing protocols, IPsec, VPN tunnels, multi factor authentication and e-mail security. In addition, they must have a solid understanding of virtualized servers, Windows workstations and services. This role is required to have the network monitoring skills and technologies for detecting unusual activity, investigate security breaches and lead incidence response. ESSENTIAL JOB FUNCTIONS • Monitor network traffic for anomalies, investigate alerts and respond to security incidents. • Conduct regular vulnerability scans, risk assessments, patch management and mitigation across network devices. • Ensure adherence to cybersecurity frameworks including NIS, ISO27001/27002, CIS, HIPAA, CCPA/CPRA and GDPR. • Able to proactively scan servers and network devices for vulnerable ports and protocols and rogue devices. • Manage our firewall environment with the ability to create route policies and apply cybersecurity recommendations • Install and configure Network Equipment (Switches, Firewalls, and other networking hardware) • Perform (Layer 2) switch administration and configuration on Cisco/Ruckus switches. Including configuring LAGs, interfaces, creating trunks, creating, and managing segmented VLANs. • Possess a solid understanding of Windows Server services and roles including installation and configuration • Create certificates for network devices and servers that have a web management capability • A strong understanding of Windows Active Directory and can design, implement, and configure and troubleshoot Active Directory issues • Create, Manage and Deploy Group Policy Objects (GPO's) to deploy applications and implement security including windows firewalls • Effectively use PowerShell to automate and standardize administrative tasks • Capable of installing a Linux VM and execute basic Linux commands and managing Linux appliances • Manage our virtualized server environment managing, creating VM's and patching the VMware environment. • Strong understanding of Virtual Switches, Port Groups (Distributed and Standard) • Manage the Active Backup for Business on Synology and other advanced Synology administration features • Maintain and monitor Backup solutions. • Manage our users email accounts using the cloud service M365 from Microsoft • Responsible for creating and maintaining server and network documentation to include tasks and procedures • Proactively monitor our network using a variety of tools to help identify potential network and server issues • Assist in patching our entire infrastructure when needed using a variety of tools • Maintains strong technical abilities, knowledge of new and changing technologies • Prepare for emergencies by creating and/or updating action plans • Jumping into time-sensitive projects wherever needed • Showing flexibility and a willingness to learn • Maintain healthy communication with IT Staff, IT Customers and Vendors • Actively participate in IT Infrastructure and Operations projects, managing, completing, communicating, and fully documenting assigned tasks and deliverables. • Maintain reliable and consistent attendance, including being punctual, and dependable in order to meet the needs of the department and the organization. • Execute each essential duty satisfactorily to perform job successfully. • Follows all safety procedures required in work area, wears PPE as needed, attends all safety meetings, and reports safety issues regarding equipment or unsafe/hazardous conditions. • Performs effectively as a team member, able to work well with others, open to receiving and give feedback, and treats everyone with respect. • Takes ownership of own work and behavior, accepts accountability for own actions, encourages solutions, and communicates status of work/projects. • Follow all department quality standards/criteria. Raise concerns and issues to immediate manager. • Able to understand and demonstrate Cambro company culture, display company core values (Safety, Quality, Respect, and Service). • Understands department's key performance indicators and contributes to achieve these goals both individually and as a team. • Maintains reliable and consistent attendance, including being punctual, dependable, and flexible to potential schedule changes to meet the needs of the department and the organization. • Executes each essential duty satisfactorily to perform job successfully. • Follows all safety procedures required in work area, wears PPE as needed, attends all safety meetings, and reports safety issues regarding equipment or unsafe/hazardous conditions. • Performs effectively as a team member, able to work well with others, open to receive and give feedback, and treats everyone with respect. • Takes ownership of own work and behavior, accepts accountability for own actions, encourages solutions, and communicates status of work/projects. • Follows all department quality standards/criteria. Raises concerns and issues to management. • Understands department's key performance indicators (KPIs) and contributes to achieve these goals both individually and as a team. • Other duties as needed or required. ADDITIONAL RESPONSIBILITIES • Ability to be on call 24 hours a day, 7 days a week for global operations, by periodically providing off-hours, evening, and weekend support to accommodate maintenance windows and issue resolution • Occasional travel to various Cambro locations domestically and internationally as required (15%) • May occasionally guide less experienced associates to help with technical projects • Some travel may be required. REQUIRED QUALIFICATIONS The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. • Bachelor's degree (B.A.) from a four-year accredited college or university. • 5-10 years of experience in IT security, network, administration, and support roles. • Ability to interpret a variety of instructions furnished in written, oral, diagram, or schedule form. • Ability to adapt and adjust plans to meet changing needs. • Proficient in Microsoft Office Suite • Experience with Fortinet solutions, EDR, email security solutions • Solid knowledge of cybersecurity frameworks including NIS, ISO27001/27002, CIS, HIPAA, CCPA/CPRA and GDPR. • Solid working knowledge of Layer 2 (VLANs, Inter-VLANs, VTP Domains, bridge groups, MVRP, ACL's) technologies and network segmentation. • Strong knowledge of DNS records including reverse zones and maintaining DNS records • Strong DHCP Knowledge to include DHCP Fail over and able to configure DCHP relay on Switches • Solid understanding of routing protocols, static routes and ARP cache • Proficient in creating and implementing certificates on layer 2 devices (Switches, Firewalls, Linux Appliances) • Strong troubleshooting skills and possess the ability to find security and network issues in a timely manner • Strong Windows administration skills including Active Directory/GPO's and security policies • Solid working knowledge of Virtualization, such as VMware ESXi servers and vCenter 7.x • Solid working knowledge of Veeam/Bacula/Exagrid backup software to manage backup and restore procedures • Must be able to follow instructions and procedures and ask questions if something is unclear • Excellent documentation skills including ability to create network drawings • Self-motivated and energetic with the ability to manage time efficiently without supervision and to work effectively under pressure • Strong customer service and communication skills • Excellent organizational skills and strong sense of urgency • Familiarity with various network types including LANs, WANs, SDWAN, WLANs, SANs, and VoIP networks • Great accuracy and attention to detail PREFERRED QUALIFICATIONS • Experience in Business Continuity and disaster recovery is a plus • Knowledge of Ruckus Access Points and Switches • Knowledge of IBMi PHYSICAL DEMANDS The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Sitting, walking, standing, bending at the neck, bending at the waist, squatting, climbing, kneeling, crawling, twisting at the neck and waist, repetitive use of hands, simple grasping, power grasping, fine manipulation, pushing and pulling, reaching above and below the shoulder, carrying/lifting up to 50 lbs. Driving cars and other IT equipment Working around equipment and machinery Exposure to excessive noise Exposure to dust, gas, fumes or chemicals Working at heights Use of special visual or auditory protective equipment Walking on uneven ground PPE Requirements Safety glasses Steel-toe slip-resistant shoes - When in production area Hearing protection (e.g. ear plugs, ear muffs) - When in production area Face covering (mask) in accordance with company policy. Hardhat/bump camp IT Application COMPENSATION RANGE: $97,000- $120,000 Salary may vary based on experience. CAMBRO is proud to be an equal-opportunity workplace. All qualified applicants will receive consideration for employment without regard to and will not be discriminated against based upon race, color, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, genetic information, military or veteran status, or other characteristics protected by law.

Are you passionate about administrating and enforcing solutions that safeguard data? Are your interested in serving your fellow team and the community? If so, we want to talk to you - we are currently looking for Service Superstars to join our Team! An Information Security Analyst 1 takes a lead role in the research, design, and implementation of all information security related hardware or software; including operating systems and communications products, coordinating implementations with third party vendors and supporting representatives as needed. This role also serves as a liaison between vendors and other departments on information security related projects. Duties and Essential Functions: Service * Personally, provides exceptional member service; uses Service Standards in every work-related interaction. * Ensures that exceptional member service is being provided to members and team members, at all times. * Serves as a strong example of leadership in work ethic, professionalism, and conduct. * Promotes a harmonious work environment that motivates others towards team participation, goal setting/accomplishment, and personal development. Daily Operations * Assists in the management of multiple information security systems, ensuring proper integration of the components with computer systems, network equipment and other devices. * Assists in research of data security needs and requirements for current and future systems. * Performs regular vulnerability analysis for intentional and unintentional systems misuse and identifies appropriate counter measures. * Takes a supporting role in the management of the Credit Union's information security program including establishing, implementing and monitoring of information security, incident response procedures and policies, system configuration standards and ongoing risk assessments. * Assists the credit union management team with the creation, modification, and implementation of Information Security policies and standards. * Performs routine audits of security databases including Active Directory, Anti-Virus, Data Loss Prevention (DLP), Group Policy, Remote Authentication Dial-In User Service (RADIUS), and regularly reviews other security logging systems. Designs and/or implements changes to these systems in response to any discovered vulnerabilities. * Performs regular audits of credit union procedures including new hire/transfer/separation process, configuration checklists, firewall changes, Uniform Resource Locator (URL)/Spam filter changes, DLP changes, file permission changes, inventory changes, equipment changes, and system health checks. * Takes a supporting role in the management of Credit Union patch management, anti-virus, Spam filtering, DLP, URL filtering, and intrusion prevention systems. * Assists with the development and implementation of active directory group policy objects with an emphasis on enhancing computer systems security. * Manages the creation, deletion, or alteration of systems access for Credit Union team members. Makes key decisions on whether to honor system access requests and responds appropriately. * Takes a supporting role in the research, design, and implementation of all information security related hardware or software including operating systems and communications products; assists with coordination of implementations with third party vendors and supports representatives as needed; serves as a liaison between vendors and other departments on information security related projects. * Conducts various training and instruction programs for credit union team members on the secure use of e-mail and the internet as well as operating systems, networking, computer applications and databases. * Assists in the evaluation of new projects and proposes systems for security risks and makes recommendations for implementation to management. * Takes supporting role in analyzing, planning and implementing projects including software, in-house development, hardware, and networks to provide new products and services to members of the credit union and to improve the effectiveness of member data security. Performs capacity planning and tuning of information security systems to assure maximum availability and optimal utilization; directs/assists with hardware and software upgrades as needed. * Develops project scope and timeline documents for individual projects per Information Systems (IS) Department standards. * Stays current with evolving trends in information security related hardware, applications, development, and the internet. * Provides guidance and assistance on technical skills to other IS staff. * Provides regular documentation and reports on the progress of information security initiatives as well as provides suggestions or plans to further improve the credit union's security efforts. * Other duties as deemed necessary and assigned by Supervisor to achieve the goals of the department and the Credit Union. Benefits Include: (not a complete list) Wellbeing * Weekly pay * 401K Retirement Savings Plan with company match * Paid time off accrual begins upon hire, 15 paid vacation days, 11 paid holidays * Paid sick leave * Company-provided life insurance at twice your annual salary * Financial Education Programs * DoorDash DashPass Health * Medical, Dental, and Vision Insurance for part-time and full-time employees * Modern Health * Care.com subscription * Teladoc Career Development * Career development opportunities * Team members are eligible to apply for assistance with educational expenses through ArrowHeart's scholarship program. To learn more about Arrowhead Credit Union and our service culture, visit our Career page, and our ArrowHeart Foundation. The pay range for this position is listed below. Starting pay for successful applicants is generally within the minimum to midpoint of the pay range. Our consideration for pay is designed to support career growth and development over time. Offers extended depend on a variety of job-related factors, including but not limited to individual experience, knowledge, training, education, geographic location, market demands, and internal equity. Pay range: Minimum: $35.11/hourly| Midpoint: $43.89/hourly | Maximum: $52.67/hourly

The Information Security organization at Sony Pictures Entertainment is responsible for protecting our content, systems, and data from being stolen, damaged, or destroyed. To do so, we are continuously improving our tools, capabilities, and processes to stay ahead of evolving threats. The Manager, Information Security Productions is accountable for operationalizing the Information Security Productions program across all SPE U.S. productions. This includes driving consistent implementation of approved security standards, tools, and controls; ensuring data-driven visibility into production security risk; and supporting compliance and readiness reporting to leadership. Success in this role requires strong cross-functional collaboration across Information Security, IT, S3, and production teams to embed security into creative workflows without friction, while ensuring protection of SPE's most valuable assets-our stories and intellectual property. This role will also ensure program consistency with regional and global counterparts, contribute to automation and standardization of key controls, and support ongoing improvement of information security for productions practices across the production lifecycle. Key indicators of success in this role will be: Business leaders have near real-time visibility into production information security risk using meaningful, actionable metrics that drive timely and effective decision-making. Consistent application of approved tools, workflows, and controls across productions, ensuring compliance and readiness reporting aligns with studio KPIs. Production teams trust SPE to provide a secure, highly available, and easy-to-use digital production environment that safeguards our content and data. Information Security, Physical Security, and IT operate as unified partners to protect SPE productions from concept to archive. Within this organization, we value learning, agility, and collaboration. The Manager, Information Security Productions (CC, US) will be a key contributor to Sony Pictures Entertainment's goal of being the most trusted studio in the industry. Responsibilities Provide visibility and actionable insight into Information Security risk across active U.S. productions. Monitor, analyze, and report on production security posture and key control performance metrics for each production. Partner with global InfoSec, Risk, Threat Intelligence, Incident Response, Training, and Governance teams to align production needs with enterprise programs. Prepare and present dashboards and reports on security trends, compliance status, and improvement opportunities. Support the development of production-specific metrics and KPIs to measure control effectiveness. With IT and Physical Security, maintain security controls in place for productions to most effectively meet our business goals. Operationalize the Production Information Security Program across U.S. productions. Ensure consistent implementation of approved security tools, policies, and workflows within productions. Coordinate adoption of automated controls with productions, such as provisioning, watermarking, and access telemetry. Support the standardization and scalability of production security practices across production titles and business units. Ensure and track production security culture, awareness, and response readiness. Amplify the reach of security training and awareness initiatives by coordinating rollout to productions, ensuring consistent messaging and participation tracking. Gather feedback from productions to help refine information security for productions training and awareness efforts. Partner with Incident Response to ensure clear communications, timely follow-up, and closure of corrective actions. Track cultural and operational readiness indicators (e.g., onboarding rates, reporting engagement, post-incident improvements) to measure program maturity and continuous improvement. Qualifications 5+ Years of experience in Information Security, Information Technology or a related field 5+ Years of experience in an organization directly involved in movie, television and/or other entertainment production, or equivalent educational experience. Bachelor's degree preferred Strong understanding of the technologies, tools and processes used in production of movies and/or television. Knowledge of Information Security frameworks, standards and best practices and their relevance to business success Specific knowledge of processes, tools and practices used to maintain confidentiality in the context of movie and television productions. Ability to develop and maintain meaningful metrics to track program and process effectiveness. Strong planning and analytical skills Strong communications skills The anticipated base salary for this position is $115,000-$150,000. This role may also qualify for annual incentive and/or comprehensive benefits. The actual base salary offered will depend on a variety of factors, including without limitation, the qualifications of the individual applicant for the position, years of relevant experience, level of education attained, certifications or other professional licenses held, and if applicable, the location of the position. Sony Pictures Entertainment is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, national origin, disability, veteran status, age, sexual orientation, gender identity, or other protected characteristics. SPE will consider qualified applicants with arrest or conviction records in accordance with applicable law. To request an accommodation for purposes of participating in the hiring process, you may contact us at SPE_Accommodation_Assistance@spe.sony.com.