Information security analyst jobs in Lancaster, CA - 257 jobs

"I can be myself at work." You are more than a job title. We want you to feel comfortable doing great work and bringing your best, authentic self to everything you do. We value your talents, traditions, and uniqueness-and we're committed to fostering a strong sense of belonging in a respectful workplace. We intentionally seek diverse perspectives, experiences, and backgrounds, investing in a culture designed to celebrate differences. We believe that belonging leads to better outcomes and a stronger community of associates united by our mission. At Capital, we live our core values every day: Integrity, Client Focus, Diverse Perspectives, Long-Term Thinking, and Community. "I can influence my income." You want to feel recognized at work. Your performance will be reviewed annually, and your compensation will be designed to motivate and reward the value that you provide. You'll receive a competitive salary, bonuses and benefits. Your company-funded retirement contribution will factor in salary and variable pay, including bonuses. "I can lead a full life." You bring unique goals and interests to your job and your life. Whether you're raising a family, you're passionate about where you volunteer, or you want to explore different career paths, we'll give you the resources that can set you up for success. Enjoy generous time-away and health benefits from day one, with the opportunity for flexible work options Receive 2-for-1 matching gifts for your charitable contributions and the opportunity to secure annual grants for the organizations you love Access on-demand professional development resources that allow you to hone existing skills and learn new ones "I can succeed as a Lead AI Security Engineer at Capital Group" As aLeadAISecurity Engineer, you willbe responsible forsecuring Capital Group's enterprise AI Platforms.You willhelp enable Capital Group's AIstrategy bybuilding and/orprocuringsolutions toprotecta diverse set of enterprise AI platforms being built and deployed at Capital Group.You'llcollaborate with platformengineering, security engineering, and risk teams toensure their solutions support scalable, secureadoption of AI. Additionally,you'llbe expected toprovidementoring,advising diverse teams across the organization, andpromoting AI Securityprinciples across Capital Group. AISecurityProcurementManagements:You willprocureand/or build technical solutionsto reducethe riskof misconfiguration, exploitation, andother security issues formultipleenterprise AI platforms. Embedding Security in the AIPlatform Ecosystem:Working closely withplatform teams tointegrate securityintoeverycomponentof the AI Platform. Implementing Security Controls & "Guardrails" for GenAI:Designing, deploying, andoperatingtechnical controls to prevent misuse of AI systems.Guardrails designincludescontent filtering systems, usage policies, and safety checks that mitigate issues like prompt injection attacks, unauthorized data extraction, model bias or hallucinations, and other misuse of generative AIplatforms. AI Runtime Security:Engineer continually tests and updatestothe guardrails, replacing weaker controls with more robust solutions as threats evolve. AI Governance:You will work cross functionally with architecture and platform teams tomonitoralignment of solutions to AI Governance processes Contribute to Standards and Policies:You will providethought leadership for Information Security policies and standards for AIin collaboration with technology risk AI/Agent SME:Youwill provide AI/Agent subject matterexpertisefor AI Incidentsand Security Reviews, and helpdevelop incident response playbooks for AI-related security incidents "I am the person Capital Group is looking for." You have 8+yearsof experience in information security, application security, platform security, or penetration testing,DevSecOps, networksecurityand other security disciplines. You have experience securing AI platforms, whetherinternal AIplatforms or offerings such as CoPilot Studio, Amazon Bedrock, and/or Azure AI Gateway Proficient in Programming & ML Tool.Strong Python skillsrequired, with experience in AI/ML frameworks.Abilityto review and write ML code to implement security measures (e.g., model validation, adversarial testing) isdesired. You have5+ years of relevant professional experience ordemonstrated anequivalent level ofexpertisein security engineering, such as cloud, API, or platform security. You have3+ years of experience embedded identity, network, and encryption controls into enterprise platforms Youcaneffectively partner and collaborate with stakeholder teams. You have effective communication skills andthe abilityto outline security riskstoleadership. You are familiar with cloud and API security vendors and managed services providers. Preferred Qualifications: You have knowledge and experience with technologies including Kubernetes, Containers, CI/CD, and Cloud Service Providers You are familiar withfunctionand purpose of key AI platform components such as AI gateways (Kong, Databricks Mosaic AI Gateway, custom API orchestration), Model Orchestration (ExamplesLangChain,LlamaIndex, etc.) You are familiar with key AI regulatory frameworks such as NIST AI RMF, MITRE ATLAS, GDPR, EU AI Act,etc You have information Security certifications (CISSP, SANS GIAC, CISA, etc.) "I can apply in less than 4 minutes." You've reviewed this job posting and you're ready to start the candidate journey with us. Apply now to move to the next step in our recruiting process. If this role isn't what you're looking for, check out our other opportunities and join our talent community. "I can learn more about Capital Group." At Capital Group, the success of the people who invest with us depends on the people in whom we invest. That's why we offer a culture, compensation and opportunities that empower our associates to build successful and prosperous careers. Through nine decades, our goal has been to improve people's lives through successful investing. We know that our history is a testament to the strength of the people we hire. More than 9,000 associates in 30+ offices around the world help our clients and each other grow and thrive every day. Find us on LinkedIn, Instagram, YouTube and Glassdoor. Southern California Base Salary Range: $179,273-$286,837San Antonio Base Salary Range: $147,378-$235,805New York Base Salary Range: $190,040-$304,064 In addition to a highly competitive base salary, per plan guidelines, restrictions and vesting requirements, you also will be eligible for an individual annual performance bonus, plus Capital's annual profitability bonus plus a retirement plan where Capital contributes 15% of your eligible earnings. You can learn more about our compensation and benefits here . * Temporary positions in the United States are excluded from the above mentioned compensation and benefit plans. We are an equal opportunity employer, which means we comply with all federal, state and local laws that prohibit discrimination when making all decisions about employment. As equal opportunity employers, our policies prohibit unlawful discrimination on the basis of race, religion, color, national origin, ancestry, sex (including gender and gender identity), pregnancy, childbirth and related medical conditions, age, physical or mental disability, medical condition, genetic information, marital status, sexual orientation, citizenship status, AIDS/HIV status, political activities or affiliations, military or veteran status, status as a victim of domestic violence, assault or stalking or any other characteristic protected by federal, state or local law.

Security Engineer II Assignment Length: 6 month W2 Assignment (possible extension) Pay Rate: $53- $59/ HR About the Organization This organization is a leading healthcare provider delivering patient-centered care through advanced clinical services, research, and education. The technology and security teams support critical healthcare systems that enable safe, compliant, and reliable patient care operations. Position Summary The Security Engineer II provides operational, administrative, and project support for the Information Security team. This role is responsible for protecting information systems and organizational data from unauthorized access, misuse, or destruction. The position supports network and system security, incident response, monitoring, reporting, policy development, and implementation of security solutions. The Security Engineer II serves as an escalation point for complex security issues and collaborates closely with senior engineers and cross-functional IT teams. Key Responsibilities Implement and monitor security measures to protect computer systems, networks, and organizational data Perform technical analysis, installation, maintenance, and modification of security systems and software Monitor, analyze, and report on system and security performance Participate in security solution implementations and system hardening initiatives Investigate, respond to, mitigate, and remediate security incidents using established incident response protocols Support the full incident lifecycle including detection, response, mitigation, reporting, recovery, remediation, and lessons learned Provide escalation support to senior engineers for complex security issues Assist in the development and maintenance of security policies, standards, procedures, and documentation Configure, manage, and troubleshoot security infrastructure devices Identify and define system security requirements Develop and recommend short- and long-term security strategies and enhancements Create and maintain standard operating procedures and security documentation Prepare reports documenting security incidents and impact assessments Collaborate with other IT and Information Security teams on incidents, remediation, and security initiatives Provide after-hours and weekend support as needed in a 24x7 incident response environment Perform other duties as assigned Required Education Associate's degree in Computer Science or a related field OR an equivalent combination of education and experience demonstrating the ability to perform the role successfully Required Experience Minimum of 5 years of experience in Information Security Healthcare industry experience Experience with PCI, HIPAA, and NIST frameworks Proven experience as a system security engineer or information security engineer Hands-on experience maintaining and supporting security systems Knowledge of security control concepts including physical, logical, and administrative controls Required Knowledge, Skills, and Abilities Strong technical knowledge of operating system security Hands-on experience with security tools and systems such as: Intrusion detection and prevention systems Anti-virus and endpoint protection solutions Authentication and access control systems Log management and monitoring tools Content filtering solutions Solid understanding of network security concepts and networking technologies Ability to analyze security events and respond effectively to incidents Please submit your resume in Word or PDF format to be considered.

RELOCATION ASSISTANCE: No relocation assistance available CLEARANCE TYPE: SecretTRAVEL: Yes, 25% of the TimeDescriptionAt Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work - and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they're making history. Put your skills to the test by pushing the boundaries of what's possible. From global defense to sustainment and modernization to mission readiness, your experience and ability will make it a reality. Our programs are built on equal parts of curiosity and collaboration. Our combined effort means our customers can connect and defend millions of people around the world. With Northrop Grumman, you'll have the opportunity to be an essential part of projects that will define your career, now and in the future. Northrop Grumman Defense Systems is seeking an Principal or Sr. Principal Industrial Security Analyst (3/4) for our Northridge, CA location. Roles and Responsibilities: Develops and administers physical security programs and procedures for classified or proprietary materials, documents, and equipment. Studies and implements federal security regulations that apply to company operations Obtains rulings, interpretations, and acceptable deviations for compliance with regulations from government agencies Prepares manuals outlining regulations, and establishes procedures for handling, storing, and keeping records, and for granting personnel and visitors access to restricted records and materials Conducts security education classes and security audits Ensures security compliance as a CSSO in accordance with DoDM 5205.07 Responsible for offsite and subcontractor security standups and posture ISA duties will include: CSSO for offsite and subcontractor sites associated with the program Support a fast-paced, high-profile program; creating, maintaining, and leveraging working relationships with internal and external customers Study and implement company and federal security policies, regulations, and procedures that apply to company operations Obtain rulings, interpretations, and acceptable deviations for compliance with regulations from government agencies Manage program security compliance and operations across multiple functions, including security SCIF and/or SAPF administration, PHYSEC, COMSEC, PERSEC, OPSEC, Contract Security, Security Education, Investigations, Visitor Control, and Document Control Management Develop and implement a security education and awareness program Conduct internal security audits. Investigate security violations and prepare reports specifying preventive action to be taken Ensure adherence to contractual guidance for classified programs and cleared facilities in accordance with the Security Statements of Work, DD Form 254, DoD Contract Security Classification Specifications guidance Assist program managers and professional staff in interpreting, applying, and complying with program Security Classification Guides (SCG) Provide personnel security (PERSEC) support to include but not limited to reviewing and processing required documentation in support of SCI and SAP nomination processes; maintain PERSEC databases; prepare and administer program indoctrination and debriefings; access, review, and submit clearance and access information using the appropriate government database and other information systems Provide facility security administration, documentation, and support: implement Standard Operating Procedures (SOP); conduct SCI and SAP security program self-inspections Provide security support for Sensitive Compartmented Information Facility (SCIF) and Special Access Program Facility (SAPF) build construction projects to include obtaining customer accreditation in accordance with SCI and SAP DoD Manuals, ICD, ICS Tech Spec, and other government requirements Manage and maintain UL-2050 Compliant Intrusion Detection Systems (IDS) and automated Access Control Systems (ACS) Other duties as assigned Basic Qualifications: Principal Industrial Security Analyst (level 3) Must have a high school diploma or GED with at least 9 years of related experience; OR 5 year of experience with a bachelor's degree Experience with any of the following: Government manuals (32 CFR Part 117, NISPOM, DODM 5205.07, etc.) Strong working knowledge of basic office automation tool suites such as MS Office (Word, Excel, PowerPoint) Excellent customer service and communication skills Must have an active Secret clearance Ability to maintain flexibility to deal with changing priorities and deadlines. Ability to work extended hours, in a fast paced, deadline driven environment, excellent communication skills speaking, writing skills and organized skills enabling effective communications CSSO Experience Ability to travel Basic Qualifications: Sr. Principal Industrial Security Analyst (level 4) Must have a high school diploma or GED with at least 12 years of related experience; OR 8 year of experience with a bachelor's degree Experience with any of the following: Government manuals (32 CFR Part 117, NISPOM, DODM 5205.07, etc.) Strong working knowledge of basic office automation tool suites such as MS Office (Word, Excel, PowerPoint) Excellent customer service and communication skills Must have an active Secret clearance Ability to maintain flexibility to deal with changing priorities and deadlines. Ability to work extended hours, in a fast paced, deadline driven environment, excellent communication skills speaking, writing skills and organized skills enabling effective communications CSSO Experience Ability to travel Preferred Qualifications: Experience Leading Security Teams from Subcontractors and Offsite Ability to work independently and follow projects through to completion. Current Top-Secret clearance Self-starter with minimal supervision Security experience in a manufacturing environment Supply Chain Security Experience Primary Level Salary Range: $94,200.00 - $141,200.00Secondary Level Salary Range: $117,500.00 - $176,300.00The above salary range represents a general guideline; however, Northrop Grumman considers a number of factors when determining base salary offers such as the scope and responsibilities of the position and the candidate's experience, education, skills and current market conditions.Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay. Annual bonuses are designed to reward individual contributions as well as allow employees to share in company results. Employees in Vice President or Director positions may be eligible for Long Term Incentives. In addition, Northrop Grumman provides a variety of benefits including health insurance coverage, life and disability insurance, savings plan, Company paid holidays and paid time off (PTO) for vacation and/or personal business.The application period for the job is estimated to be 20 days from the job posting date. However, this timeline may be shortened or extended depending on business needs and the availability of qualified candidates.Northrop Grumman is an Equal Opportunity Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO and pay transparency statement, please visit *********************************** U.S. Citizenship is required for all positions with a government clearance and certain other restricted positions.

As an Analyst, Information Security (Compliance) you will be part of Team focusing adherence to Macau Cyber Security Law (MCSL), ISO27001 (latest) standard, regulatory requirements, and in-house policies. PRIMARY RESPONSIBILITIES: * Ensure Melco Information Security Policy is compliant with Macau Cyber Security Law (MCSL) and to carried out required activities accordingly. * Enforce Melco Information Security Policy based on industrial standards (e.g. ISO27001 latest) and best practices across all Melco properties and locations * Oversee security control systems to prevent or deal with violation of Information Security Policies and Standards * Review and revise Information Security policies, procedures, standards and checklists periodically to ensure compliance to the latest standards and best practices * Coordinate/support an information security awareness program to deliver risk communication, awareness and training for audiences, which may range from senior leaders to field staff * Coordinate/support internal/external audit activities; perform annual internal audit in conjunction with internal policy, regulation and governance. Ensure audit findings and corrective actions are closed out accordingly * Review change/service request tickets in ticketing system within agreed SLA * Remain informed on current standards, trends and issues in the information security industry * Ensure cloud product (e.g. AWS, Azure, Alibaba) compliance to an array of cyber-security industry frameworks * Support Information Security Operation Calendar activities * Produce required dashboard for management reviews (e. Compliance, Vulnerability reports) QUALIFICATIONS: Experience * 2+ years' working of experience in a related field. * Requires in depth experience and knowledge of enterprise IT concerns and technologies * Experience with managing a compliance and/or security organization, including planning and executing security policies and standards development * Experience in ISO 27001 latest standard * Experience in Macau Cyber Security Law is a plus * 1+ years in information security preferred to include management or administration in least 6 of the following disciplines: * Network Security and firewalls (CCSP/CCIE - Security, CCNA) * Relational Database Security * Remote Access/VPN solutions * Information Security Auditing * Intrusion Detection and Response * Anti-virus systems * Messaging Security * Security policy and procedure development * Windows and Active Directory security * Access management processes * Security benchmarking requirements (CIS) * Security compliance for Regulatory requirements (NERC/SOX/HIPPA/FISMA) * Security Strategic Planning and Risk Management * Web and application based security * Encryption (PKI/Kerberos/SSL) * Cloud Technologies Education * Bachelor's degree in Management Information System, Computer Science, or related disciplines * An information security or other similar technical certification such as Certified Information Systems Auditor (CISA) and Certified Information Systems Security Professional (CISSP) is highly desirable Skills / Competencies * Knowledge of security policies, standards, regulatory requirements such as ISO 27001, PCI-DSS, GDPR, MCSL * Fluent in of written and spoken English. Fluency in Cantonese and Mandarin will also be an advantage * Good knowledge of cloud platforms (e.g. AWS, Azure, Alibaba) a plus * Proven excellence in researching, organizing, writing, and presenting technical information via report writing and presentation (PowerPoint, Excel) * Capacity to work independently and in a team environment, with leadership ability and project management skills * Ability to multi-task and have solid project management skills. * Ability to understand the relationship between business processes, priorities, risk and their underlying * technologies and security risks * Ability to keep pace with a fast pace and growing company * Strong analytical and inter-personal skills to communicate technical information to non-technical background * users PERSONAL COMPETENCIES: * Displays a high commitment to delivering results * Leads others to achieve business objectives * Communicates effectively * Displays the highest level of integrity * Ability to maintain discretion * Self-motivated * Approachable

Job Description Forhyre is seeking a talented individual that will be able to provide security architecture support and interface across the program as needed. This support includes, but is not limited to, cybersecurity solutions, providing technical strategy for solutions, guidance, policy, and implementations. The successful candidate for this position is a highly motivated individual, with a strong IT security background who excels integrating, operating, and deploying security technology and solutions and interacts well with both internal teams and clients. Note: U.S. citizens and those authorized to work in the U.S. are encouraged to apply. We are unable to sponsor at this time. Responsibilities: Engineer, implement and monitor security measures for the protection of computer systems, networks and information Develop and implement security policies and controls to support the Cyber Security framework Manage the existing cyber security training program across global, multilingual business Assists in ensuring global Information security program meets all industry regulations, standards, and compliance requirements Drive adoption of infrastructure security best practices and work with Information Technology teams to ensure security standards are maintained Implement technology to proactively scan Information Technology environment for security breaches and suspicious activity Continuous improvement in the areas of Information Security technologies, techniques and processes Develops and maintains an effective system for the distribution of regular key performance indicator reports and dashboard Ability to interpret penetration test results and describe issues and fixes to non-security expert Responsible for leading an accurate & comprehensive status reporting to the executive steering committee Create and implement SOP/ process improvement initiatives to achieve outcomes that align or exceed the expectations of strategic roadmap Skills & Experience Bachelor's degree and 12+ years of experience; additional years of directly applicable experience may be accepted in lieu of a degree. Certified Information Systems Security Professional (CISSP) 8+ years hands-on experience designing or implementing security solutions, including all related documentation and artifacts Analytical ability, problem-solving skills, and ability to break down complex problems into actionable steps Extensive experience in design and development of enterprise security architectures. Experience must include a wide range of work in creating diagrams and documentation with all components that comprise IT systems including network topology. Strong knowledge and experience in secure enterprise architecture design, especially with regard to IAM, NDR, EDR, SIEM, AI/ML, and other cybersecurity tools and resultant applications Experience selecting effective methods, techniques, and evaluation criteria to achieve desired outcomes Previous experience developing architectures, strategies, strategic plans, roadmaps, and technical standards for the federal IT enterprise environment. Vulnerability Assessment testing and/or Penetration Testing (preferred) Robotic Process Automation/Intelligent Automation (preferred) Business case development supporting security technology solutions (preferred) Additional certifications demonstrating cybersecurity/technical mastery (preferred)

At Disney, we're storytellers. We make the impossible, possible. The Walt Disney Company is a world-class entertainment and technological leader. Walt's passion was to continuously envision new ways to move audiences around the world-a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences - and we're constantly looking for new ways to enhance these exciting experiences. The Enterprise Technology mission is to deliver technology solutions that align to business strategies while enabling enterprise efficiency and promoting cross-company collaborative innovation. Our group drives competitive advantage by enhancing our consumer experiences, enabling business growth, and advancing operational excellence. The Global Information Security (GIS) organization strives to secure the magic by employing best-in-class services to assess, prevent, detect, and respond to cyber threats that present risk to The Walt Disney Company. We enable the business by combining enterprise and business segment supported services to create a robust, efficient, and adaptable cyber security program for The Walt Disney Company. Our objectives are: + Secure the Magic by protecting information systems and platforms within TWDC + Reduce Risk by proactively assess, prevent, and detect to prevent harm to TWDC and our guests + Enable the business through optimizing execution, application, and technology used to protect TWDC + Innovate! We strive to strategically invest in building core capabilities to advance operational efficacy **Team Description:** We are defenders of the magic, waging an epic battle to safeguard our franchises, protect our people, and ensure the world's most admired entertainment company is not disrupted by cybersecurity threats. We are partners in protecting Disney's highly respected Disney Entertainment portfolio, including ESPN, Disney+, Hulu, and ABC. The GIS Disney Entertainment ISO team are seeking a highly skilled and experienced PCI Lead to join our team. The ideal candidate will possess a deep understanding of PCI Data Security Standard (DSS) requirements, compliance frameworks, and industry best practices. This role requires a strong technical background, excellent communication skills, and the ability to translate complex technical information into clear and concise language for both technical and non-technical audiences. **Responsibilities Of Role:** + Provide in-depth expertise on PCI standards, requirements, and compliance methodologies. + Conduct PCI DSS assessments and gap analysis to identify compliance gaps and develop remediation plans. + Develop and implement PCI compliance programs, policies, and procedures. + Provide guidance on PCI DSS scoping and segmentation. + Manage the relationship and be the Disney Entertainment liaison to the Qualified Security Assessor. + Partner with leadership to manage, mature, and maintain the PCI-DSS compliance program. + Responsible for providing subject matter expertise in PCI compliance requirements and working with all relevant departments to coordinate the gathering, approval and storage of PCI evidence that will be used as input to the PCI Report on Compliance and Self Assessment Questionnaire. + Develop and deliver PCI status reports, proposals, and requirements documentation to senior leadership and key stakeholders on an established frequency (daily, weekly, or monthly as required or needed) - produce executive reports on the projects and keep leadership apprised of project changes and milestone delays. + Support incident response activities related to PCI DSS compliance. + Maintain up-to-date knowledge of PCI DSS changes and industry best practices. + Develop and deliver project reports, proposals, and requirements documentation to senior leadership and key stakeholders on an established frequency (daily, weekly, or monthly as required or needed) - produce executive reports on the projects and keep leadership apprised of project changes and milestone delays. + Support other Disney Entertainment Compliance programs (e.g. SOX ITGC, ISO 27001) as needed **Must-Haves:** + Minimum of 5 years of related work experience + Proven experience as a PCI DSS SME with a deep understanding of PCI 4.0 standards. + Strong technical background in information security, networking, and systems administration. + Certified Information Security Professional (CISSP) or equivalent certification preferred. + Excellent written and verbal communication skills. + Ability to work independently and as part of a team. + Strong analytical and problem-solving skills. + Experience with PCI DSS assessment tools and methodologies. + Must be a strong communicator to technical and non-technical audiences including developers, architects, customers, business analysts and tech operators. + Highly organized and efficient. Proven ability to manage multiple projects at a given time. **Nice-To-Haves:** + Proven experience with PCI DSS scoping and segmentation. + Experience with compliance frameworks (e.g., ISO 27001, NIST Cybersecurity Framework, SOX ITGC). + Understanding of cloud security and virtualization technologies. **Education:** + Bachelor's degree in Computer Science, Information Systems, Software, Electrical or Electronics Engineering, or comparable field of study, and/or equivalent work experience \#DISNEYTECH The hiring range for this position in Glendale, California; Santa Monica, California; and Burbank, California is $117,500 - $157,500 per year. The base pay actually offered will take into account internal equity and also may vary depending on the candidate's geographic region, job-related knowledge, skills, and experience among other factors. A bonus and/or long-term incentive units may be provided as part of the compensation package, in addition to the full range of medical, financial, and/or other benefits, dependent on the level and position offered. **Job ID:** 10127776 **Location:** Burbank,California **Job Posting Company:** The Walt Disney Company (Corporate) The Walt Disney Company and its Affiliated Companies are Equal Employment Opportunity employers and welcome all job seekers including individuals with disabilities and veterans with disabilities. If you have a disability and believe you need a reasonable accommodation in order to search for a job opening or apply for a position, email Candidate.Accommodations@Disney.com with your request. This email address is not for general employment inquiries or correspondence. We will only respond to those requests that are related to the accessibility of the online application system due to a disability.

Description & Requirements Maximus is seeking a qualified Sr. Technical/Security Analyst for multiple projects, current and upcoming. The qualified candidate will be involved in technical/security planning and assessment projects with potentially multiple state agencies. The position requires the candidate to produce/review security relevant documentation, such as system security plans, POA&Ms, assessment plans, etc., produce technical/security analyses, develop estimates, review and contribute to requirements for large systems-planning efforts in the Child Support, Child Welfare and/or Integrated Eligibility public-sector domains. The individual will report directly to a Senior Manager. Maximus is a matrix-managed organization, which means the individual will have secondary reporting relationships to one or more Project Managers, depending on which projects they are assigned. *This role is remote but requires working standard business hours in the US time zone of the client. This position is contingent upon award. * Essential Duties and Responsibilities: - Collaborate with project managers on various initiatives and projects to track progress and provide support as necessary. - Support leadership in ensuring that the project is delivered to specifications, is on time, and within budget. - Work closely with management and work groups to create and maintain work plan documents. - Track the status and due dates of projects. - Manage relationships with project staff responsible for projects. - Produce regular weekly and monthly status reports that could include; work plan status, target dates, budget, resource capacity, and other reports as needed. - Facilitate regular meetings and reviews. - Adhere to contract requirements and comply with all corporate policies and procedures. Job Specific Duties and Responsibilities: -Perform duties independently under the direction of their direct manager and/or Project Managers on specific projects. -Review project documentation and client materials and provide analysis of technical and security related topics. -Participate in client meetings and offer observations and insight on technical and security related topics. -Identify risk areas and potential problems that require proactive attention. -Review and author artifacts and other project documents and identify potential gaps, inconsistencies, or other issues that may put the project at risk. Such artifacts and documents may include but are not limited to: *System Security Plan *Plan of Action and Milestones (POA&M) *Security Assessment Plan *Risk Assessment reports *CMS ARC-AMPE forms and documentation *Data Conversion and Migration Management Plan *Deployment and/or roll-out plans -Perform security assessments, lead security audit and assessment activities, and provide direct security oversight support to assigned clients and projects. -Identify and escalate to the Senior Manager / Project Manager risks, alternatives, and potential quality issues. -Attend interviews, focus groups, or other meetings necessary to gather information for project deliverables in accordance with the project scope of work. -Attend project meetings with the client, subcontractors, project stakeholders, or other Maximus Team members, as requested by the Senior Manager / Project Manager. -Complete project work in compliance with Maximus standards and procedures. -Support team to complete assigned responsibilities as outlined in the Project schedule. -Support all other tasks assigned by Senior Manager / Project Manager. Minimum Requirements - Bachelor's degree in related field. - 7-10 years of relevant professional experience required. - Equivalent combination of education and experience considered in lieu of degree. Job Specific Requirements: -Be available to work during standard client business hours. Projects may involve clients from any US time zone, so it is possible that work outside of the individual's local business hours will be required. -Bachelor's degree from an accredited college or university, or equivalent work experience. -7+ years of experience in information security, with at least 3 years of security-compliance work in a regulated industry. -5+ years of experience working with HIPAA, NIST 800-53 and/or CMS MARS-E or ARC-AMPE security frameworks. -Familiar with operating systems: Windows, Linux/UNIX, OS/X. -Familiar with AI tools, capabilities. -Strong command of cloud computing topics. -Strong command of agile software development practices as well as waterfall development practices. -Strong desktop software skills: proficient in MS Office, Excel, Word, Project. -Ability to explain and communicate technical subjects to non-technical audiences. -Ability to develop advanced concepts, techniques, and standards requiring a high level of interpersonal and technical skills. -Ability to work independently. -Good organizational skills and the ability to manage multiple tasks and deadlines simultaneously. -Strong interpersonal and team building skills, as well as an understanding of client relationship building are essential. -Excellent verbal and writing skills and be comfortable working with customers. -Ability to multi-task with supervision. -Self-motivated fast learner. Preferred Skills: -Prefer a candidate with experience in the Health & Human Services industry, which may include working with programs such as Child Support, Child Welfare, or Integrated Eligibility (SNAP, TANF, and Medicaid). -Preference for security related certifications, such as the CISSP (Certified Information Systems Security Professional). EEO Statement Maximus is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, age, national origin, disability, veteran status, genetic information and other legally protected characteristics. Pay Transparency Maximus compensation is based on various factors including but not limited to job location, a candidate's education, training, experience, expected quality and quantity of work, required travel (if any), external market and internal value analysis including seniority and merit systems, as well as internal pay alignment. Annual salary is just one component of Maximus's total compensation package. Other rewards may include short- and long-term incentives as well as program-specific awards. Additionally, Maximus provides a variety of benefits to employees, including health insurance coverage, life and disability insurance, a retirement savings plan, paid holidays and paid time off. Compensation ranges may differ based on contract value but will be commensurate with job duties and relevant work experience. An applicant's salary history will not be used in determining compensation. Maximus will comply with regulatory minimum wage rates and exempt salary thresholds in all instances. Accommodations Maximus provides reasonable accommodations to individuals requiring assistance during any phase of the employment process due to a disability, medical condition, or physical or mental impairment. If you require assistance at any stage of the employment process-including accessing job postings, completing assessments, or participating in interviews,-please contact People Operations at **************************. Minimum Salary $ 120,000.00 Maximum Salary $ 140,000.00

We are seeking a highly motivated and experienced Information Security Cloud Engineer to join our dynamic security team. This critical role will focus on building and maintaining robust data ingestion pipelines into our AWS Data Lake, primarily leveraging Fluent Bit, while also developing and implementing security solutions centered around Cortex XSOAR. The ideal candidate will possess a deep understanding of data ingestion methodologies, AWS Data Lake architecture, security automation, and SIEM technologies. You will be instrumental in ensuring the secure and efficient collection and processing of security-relevant data to proactively detect and respond to threats.Responsibilities: + Data Ingestion (Fluent Bit & AWS Security Data Lake): + Architect, implement, and manage scalable and reliable data ingestion pipelines from various sources into the AWS Data Lake using Fluent Bit/App Fabric etc. + Design and configure Fluent Bit agents for efficient log collection, parsing, and routing. + Troubleshoot and optimize data ingestion pipelines for performance and reliability. + Implement data transformation and enrichment processes during ingestion. + Ensure data integrity and quality throughout the ingestion process. + Security Data Lake (AWS): + Design and implement robust security controls for our AWS Data Lake environment. + Develop and enforce data access policies and encryption standards within the data lake. + Monitor data lake activity for security threats and unauthorized access using AWS security services. + Conduct security assessments and participate in hardening the data lake infrastructure. + SOAR (Cortex XSOAR) Operations: + Design, develop, and maintain security automation playbooks using Cortex XSOAR, leveraging data from the AWS Data Lake and other sources. + Integrate various security tools and platforms with Cortex XSOAR to automate incident response workflows triggered by data lake analytics. + Troubleshoot and optimize existing SOAR playbooks to improve efficiency and effectiveness based on data lake insights. + Develop and maintain custom integrations and scripts as needed. + Use Case Development: + Collaborate with security analysts and incident responders to identify and develop new security use cases that leverage the rich data within the AWS Data Lake. + Translate security requirements into actionable playbooks, dashboards, and alerts, with a focus on data lake-driven insights. + Document and maintain security use case documentation, emphasizing data sources and ingestion methods. + Research and stay up to date on new attack vectors and develop data lake-centric use cases to detect them. + Incident Response: + Assist in the investigation and remediation of security incidents, utilizing data lake logs and analytics. + Provide technical expertise during security incident analysis, focusing on data lake-related events. + Collaboration and Communication: + Work closely with cross-functional teams, including data engineers, security analysts, and developers, on data ingestion and security initiatives. + Communicate security findings and recommendations, especially those related to data lake security and ingestion, to stakeholders. + Provide training and support to other team members on data ingestion processes and security tools. Requirements: + Experience: + Minimum of 4-6 years of experience in information security. + Significant hands-on experience designing, implementing, and managing data ingestion pipelines, with a strong emphasis on Fluent Bit. + Proven experience working with AWS Data Lake architecture and related services (e.g., S3, IAM, Glue, Athena). + Experience with Cortex XSOAR or other SOAR platforms. + Strong experience with Splunk or other SIEM tools. + Deep understanding of data lake security best practices on AWS. + Proficient in scripting languages (e.g., Python, Shell scripting). + Experience with infrastructure-as-code (IaC) tools like Terraform or CloudFormation is a plus. + Skills: + Strong understanding of data ingestion methodologies and best practices. + Excellent analytical and problem-solving skills, particularly in troubleshooting data pipelines. + Solid understanding of security principles and practices. + Ability to work independently and as part of a team. + Strong communication and interpersonal skills. + Knowledge of common attack frameworks like MITRE ATT&CK. + Education: Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience). + Certifications (Preferred): + AWS Certified Data Analytics - Specialty + AWS Certified Security - Specialty + AWS Certified Data Engineer Sony Pictures Entertainment is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, national origin, disability, veteran status, age, sexual orientation, gender identity, or other protected characteristics. To request an accommodation for purposes of participating in the hiring process, you may contact us at SPE_Accommodation_Assistance@spe.sony.com.

Project Description: This project entails providing cybersecurity staff augmentation services to Metro's Information Security Department for two years. The assigned resource will support various core functions within the department, focusing on enhancing security strategy, governance, risk assessments, and security operations. Flexibility in work schedules and locations is required. The project aims to bolster Metro's cybersecurity posture and adherence to industry best practices in the transportation sector. Key qualifications: Proficiency in Windows and Linux operating systems and their security aspects. Expertise in a wide range of security products, including modern solutions like cloud security, Zero Trust architectures, advanced threat protection, and AI-Driven security analytics. Deep understanding of Incident Response, Disaster Recovery, Business Continuity, and Breach Management. Knowledge of information systems engineering, secure software development, networks security, and security operations. Familiarity with security standards and framework suck as PCI DSS, ISO Standards, ITIL, NIST Cybersecurity Framework, CCPA, CPRA, and GDPR. Ability to review and create security procedures and requirements. In-depth knowledge of industry frameworks like ISO 27000, NIST 800-53, ITIL Foundation, and NIST Cybersecurity. Strong grasp of regulatory compliance requirements, including PCI DSS, HIPAA, GDPR, etc. Comprehensive knowledge of security risk and countermeasures for Windows and Linux platforms. Project Management skills and coordination capabilities. Experience in Public Transportation or Transit Industries preferred. Skills & Qualifications: Required CISSP Preferred Certifications: Microsoft Certification Azure Solutions Architect Expert, SANS GIAC, CEH-CCNA. Minimum ten (10) years of experience in cybersecurity, primarily focused on technical and Security Operations Center (SOC) functions. Expertise in User Behavior Analytics, Cybersecurity AI tools, SIEM, Endpoint Security, NextGen Firewalls, etc. Advanced knowledge of security applications, infrastructure, technologies, and methodologies. Up-to-Date understanding of the latest security advisories, alerts, and vulnerabilities relevant to Metro. Initiative and independent judgement within established guidelines. Ability to prioritize work processes and project effectively. Timely response to cybersecurity issues and incidents. Hybrid position: 30% home & 70% On Site Salary Range: $156,000 to $238,000 /Year

At Disney, we're storytellers. We make the impossible, possible. The Walt Disney Company is a world-class entertainment and technological leader. Walt's passion was to continuously envision new ways to move audiences around the world-a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences - and we're constantly looking for new ways to enhance these exciting experiences. The Enterprise Technology mission is to deliver technology solutions that align to business strategies while enabling enterprise efficiency and promoting cross-company collaborative innovation. Our group drives competitive advantage by enhancing our consumer experiences, enabling business growth, and advancing operational excellence. The Global Information Security (GIS) organization strives to secure the magic by employing best-in-class services to assess, prevent, detect, and respond to cyber threats that present risk to The Walt Disney Company. We enable the business by combining enterprise and business segment supported services to create a robust, efficient, and adaptable cyber security program for The Walt Disney Company. Our objectives are: Secure the Magic by protecting information systems and platforms within TWDC Reduce Risk by proactively assess, prevent, and detect to prevent harm to TWDC and our guests Enable the business through optimizing execution, application, and technology used to protect TWDC Innovate! We strive to strategically invest in building core capabilities to advance operational efficacy Team Description: We are defenders of the magic, waging an epic battle to safeguard our franchises, protect our people, and ensure the world's most admired entertainment company is not disrupted by cybersecurity threats. We are partners in protecting Disney's highly respected Disney Entertainment portfolio, including ESPN, Disney+, Hulu, and ABC. The GIS Disney Entertainment ISO team are seeking a highly skilled and experienced PCI Lead to join our team. The ideal candidate will possess a deep understanding of PCI Data Security Standard (DSS) requirements, compliance frameworks, and industry best practices. This role requires a strong technical background, excellent communication skills, and the ability to translate complex technical information into clear and concise language for both technical and non-technical audiences. Responsibilities Of Role: Provide in-depth expertise on PCI standards, requirements, and compliance methodologies. Conduct PCI DSS assessments and gap analysis to identify compliance gaps and develop remediation plans. Develop and implement PCI compliance programs, policies, and procedures. Provide guidance on PCI DSS scoping and segmentation. Manage the relationship and be the Disney Entertainment liaison to the Qualified Security Assessor. Partner with leadership to manage, mature, and maintain the PCI-DSS compliance program. Responsible for providing subject matter expertise in PCI compliance requirements and working with all relevant departments to coordinate the gathering, approval and storage of PCI evidence that will be used as input to the PCI Report on Compliance and Self Assessment Questionnaire. Develop and deliver PCI status reports, proposals, and requirements documentation to senior leadership and key stakeholders on an established frequency (daily, weekly, or monthly as required or needed) - produce executive reports on the projects and keep leadership apprised of project changes and milestone delays. Support incident response activities related to PCI DSS compliance. Maintain up-to-date knowledge of PCI DSS changes and industry best practices. Develop and deliver project reports, proposals, and requirements documentation to senior leadership and key stakeholders on an established frequency (daily, weekly, or monthly as required or needed) - produce executive reports on the projects and keep leadership apprised of project changes and milestone delays. Support other Disney Entertainment Compliance programs (e.g. SOX ITGC, ISO 27001) as needed Must-Haves: Minimum of 5 years of related work experience Proven experience as a PCI DSS SME with a deep understanding of PCI 4.0 standards. Strong technical background in information security, networking, and systems administration. Certified Information Security Professional (CISSP) or equivalent certification preferred. Excellent written and verbal communication skills. Ability to work independently and as part of a team. Strong analytical and problem-solving skills. Experience with PCI DSS assessment tools and methodologies. Must be a strong communicator to technical and non-technical audiences including developers, architects, customers, business analysts and tech operators. Highly organized and efficient. Proven ability to manage multiple projects at a given time. Nice-To-Haves: Proven experience with PCI DSS scoping and segmentation. Experience with compliance frameworks (e.g., ISO 27001, NIST Cybersecurity Framework, SOX ITGC). Understanding of cloud security and virtualization technologies. Education: Bachelor's degree in Computer Science, Information Systems, Software, Electrical or Electronics Engineering, or comparable field of study, and/or equivalent work experience #DISNEYTECH The hiring range for this position in Glendale, California; Santa Monica, California; and Burbank, California is $117,500 - $157,500 per year. The base pay actually offered will take into account internal equity and also may vary depending on the candidate's geographic region, job-related knowledge, skills, and experience among other factors. A bonus and/or long-term incentive units may be provided as part of the compensation package, in addition to the full range of medical, financial, and/or other benefits, dependent on the level and position offered. Job Posting Segment: Enterprise Technology Job Posting Primary Business: Corporate Global Information Security Primary Job Posting Category: Security Governance Employment Type: Full time Primary City, State, Region, Postal Code: Burbank, CA, USA Alternate City, State, Region, Postal Code: USA - CA - 1200 Grand Central Ave, USA - CA - 2450 Broadway Date Posted: 2025-08-07

At Arete, we are on the forefront of utilizing innovative solutions, with great minds from all backgrounds, to help solve the nation's most complex security challenges. We strive for an inclusive, collaborative team environment that approaches differences as opportunities for innovation and excellence. As an employee-owned company, we foster an atmosphere that propels diverse career opportunities and professional growth. Discover your future with us. Arete is seeking an experienced Principal Industrial Security Analyst/CPSO. This is a multidisciplinary security position requiring an experienced and knowledgeable security professional to support Special Programs. The Contractor Program Security Officer (CPSO) is responsible for the execution and sustainment of comprehensive security programs for assigned efforts with contractually mandated security requirements that exceed standard NISPOM (32 CFR Part 117) compliance. The CPSO serves as a liaison to government security representatives, ensuring full alignment with DoD policy and directives while maintaining a proactive and audit-ready security posture across all assigned programs. This position is based at our Northridge, CA office and is an exempt, non-supervisory, full-time position. Key Responsibilities: Serve as the Contractor Program Security Officer (CPSO) ensuring full compliance with DoD security requirements as outlined in DoDM 5205.07 Volumes. Interpret and apply policy guidance and security classification guides (SCGs) to ensure continued DoD compliance-driven security practices across all program elements. As a member of the Security team, you will support all aspects of program security administration, including Personnel Security (PERSEC), Security Education, Training, and Awareness (SETA), Operations Security (OPSEC), document control/inventories, visitor control, supporting hosted program meetings, etc. in coordination with internal and external stakeholders. Ensure timely submission and management of program access requests (PARs), nomination packages, and eligibility actions within DISS and other applicable systems as directed by Program Management. Conduct indoctrinations, debriefings, and security training for program personnel in accordance with government directives. Accomplish and retain Lead Trainer status. In coordination with the Contractor Program Security Manager (CPSM) and other security team members review program-specific documentation as required, (e.g., Standard Operating Procedures (SOP), Fixed Facility Checklists (FFC), Emergency Action Plan (EAP), Concept of Operations (ConOps), Media Control Plan, etc. Prepare for and support government security reviews, inspections, audits, and self-inspections. Implement corrective actions and maintain a state of readiness. Support secure facility operations in accordance with ICD 705 requirements, including alarm monitoring, guard testing, UL2050 inspections, TEMPEST compliance, etc. Track and report security incidents, conduct preliminary inquiries, and support investigations in conjunction with the Security Manager and government sponsors. Assist with the review and approval of technical documents, ensuring proper classification markings and adherence to security classification guidance. Demonstrate proficiency with/utilize specific databases to determine personnel eligibility to access classified information - DISS, JADE, Enterprise Security Systems (SIMS), and other databases and record-keeping repositories. Interface with government customers, contractors, employees, and all levels of management. Responsible for the daily handling of Personally Identifiable Information (PII), Controlled Unclassified Information (CUI), and clearance-related data in compliance with the Privacy Act and DoD policies; must demonstrate discretion and sound judgment in the protection and management of sensitive information. Maintain proficiency and currency in security policy and operational practices through continuous training and engagement with the security community. Additional Responsibilities: Support after-hours and emergency response activities related to alarms or ICD705 construction. Assist with enforcement of prohibited electronic device (PED) policies and perform entry/exit inspections as required. Support additional security tasks or projects as assigned by the CPSM. We have an impressive range of benefits, programs, and perks that we offer: Health & Wellness: Medical, Dental & Vision Insurance Life and Long-Term Disability (LTD) Vision Reimbursement Fitness Reimbursement Financial: Company-funded 5% contribution to your 401(k) retirement plan Company-funded 5% contribution to your Employee Stock Ownership Plan Continuing Education Assistance Work-Life Balance: Flexible Scheduling Paid Time Off (PTO) Paid Parental and Bereavement Leave What We Value: Creativity and innovation in solving challenges Integrity and responsibility in all actions Collaboration across teams and specialties Responsiveness in fast-paced environments Passion for national security and excellence Experiences and Background We Look For: U.S. Citizenship and active Top-Secret clearance required; must be eligible to obtain and maintain a TS/SCI with polygraph. Minimum of 10 years of progressively responsible experience in Program Security, Physical Security, and direct support as a CPSO/CSSO, including extensive experience managing Special Access Programs (SAPs) in compliance with DoD, NISPOM, and ICD requirements. Individual must be reliable, dependable and trustworthy. Excellent verbal and written communication skills are critical. Must be able to prioritize assignments, manage multiple tasks simultaneously, and work well under deadlines with minimal supervision, often in fast-paced environments requiring quick turnaround. Proficient in Windows 10 and Microsoft Office Suite, to include: Microsoft Word, PowerPoint, Excel and Outlook. Strong interpersonal and communication skills, with a collaborative mindset is essential. Must be able to walk, stand, and sit for extended periods as part of routine facility inspections and escort duties. Comfortable working at elevated heights or in construction areas with PPE (e.g., hard hats, gloves, safety glasses). 6-month probationary period may apply. Must be willing and able to travel (10-15%) as needed for assessments or inspections at other Arete sites. Nice to have: FSO training certificate COMSEC Custodian certificate or experience required. Complete IAEC-2112 COMSEC Training Course six months after being appointed as Alternate COMSEC Account Manager Courier preparation procedures Experience developing and implementing OPSEC plans Knowledge of Access Control and Intrusion Detection Systems Experience conducting Security incident inquiries Resourceful in solving problems and capitalizing on opportunities Professional Certifications/Affiliations The salary range for this role is $90,000/yr to $140,000/yr; however, Arete considers several factors when extending an offer of employment, including but not limited to: the position and associated responsibilities, a candidate's work experience, education/training, and key skills. Other Considerations Areté is committed to the principles of equal employment opportunity and nondiscrimination, and we believe every person has the right to be treated with fairness, dignity, and equal consideration. Areté is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender identity, marital status, national origin, age, veteran status, disability, or any other characteristic protected by applicable federal, state, or local law. U.S. citizenship is required to meet position eligibility. Successful passage of a criminal background screen is required to meet position eligibility. Selected applicants will be subject to a government security investigation and must meet eligibility requirements for access to classified information. Areté will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of the Los Angeles Fair Chance Initiative for Hiring. Successful passage of a Department of Transportation (DOT) drug test is required to meet position eligibility. If you are a qualified individual with a disability or a disabled veteran, you have the right to request an accommodation if you are unable or limited in your ability to use or access our website because of your disability. To request an accommodation, please contact Areté Human Resources at ************ for assistance.

The Director of Information Security reports to the Chief Information Officer (CIO) and is responsible for information security policy assessments, enforcing compliance with firm security policies and applicable law, vendor management and security incident management. Working with the firm's Information Technology teams, including Network Operations, Customer Experience, Practice Services and Research, the Director of Information Security will help develop, manage, audit and enforce security related policies and procedures throughout the firm's enterprise on premise and cloud systems. REQUIRED KNOWLEDGE, SKILLS AND ABILITIES: Admin-level knowledge of Windows system administration and Active Directory. Knowledge of network security principals, best practices and industry standards. Knowledge of security models that maintain and enforce security policies. Expert understanding of cloud controls and environments, a strong foundation in IT solutions deployment and practical understanding of IT security compliance, risk management and information security principles including access control, network security, information security architecture, information security operations, and leading practices and associated tools in a cloud environment are critical. Experience with IT security, compliance, risk and privacy frameworks such as ISO 27001, NIST 800-53, HIPAA, GDPR, CCPA. Knowledge of security tools and concepts including: IDS/IPS; SIEM; Web Proxy; Encryption; Patch management; Vulnerability Scanning & Remediation; Forensics; Penetration Testing; DLP; Email Gateways; Anti-spam Services; MDM; Privileged Account Management; Log Analytics; Two Factor Authentication; Single Sign On. Individual must possess excellent communication and interpersonal skills with a high degree of empathy and emotional intelligence, be self-motivated with the ability to manage and prioritize multiple deliverables to meet deadlines and demonstrate proven success delivering results individually and as part of a team in a fast-paced, demanding, growth environment. JOB COMPETENCIES / SUCCESS FACTORS: Client-service orientation Pro-active problem solving Strong communication skills Work ethic and teamwork Leadership skills Interpersonal skills QUALIFICATIONS: 4+ years of experience working in an Information Security management role. CISSP certification Project management experience preferred Previous law firm experience highly desired

ISSO Employment Type: Full-Time, Experienced Department: Information Technology CGS is seeking an Information Systems Security Officer (ISSO) with DIACAP and/or RMF experience who has deep expertise in security assessment documentation to support Dept. of Commerce systems and efforts to achieve their Authorization to Operate (ATO). This position is located at the client site in the Herbert Hoover building in Washington, DC. The scope of this position includes full life-cycle Assessment and Authorization (A&A) management through all 6 Steps of the RMF process in support of the Government ISSM.In this role, you'll conduct security assessment, and information system security oversight activities in accordance with NIST 800.53 that support systems from the perspective RMF requirements. CGS brings motivated, highly skilled, and creative people together to solve the government's most dynamic problems with cutting-edge technology. To carry out our mission, we are seeking candidates who are excited to contribute to government innovation, appreciate collaboration, and can anticipate the needs of others. Here at CGS, we offer an environment in which our employees feel supported, and we encourage professional growth through various learning opportunities. Skills and attributes for success: * Review systems to identify potential security weaknesses and recommend improvements to amend vulnerabilities, implement changes, and document upgrades. * Maintain responsibility for managing cybersecurity risk from an organizational perspective. * Identify organizational risks, prioritize those risks, and maintain a risk registry for escalating and presenting those risks to senior leadership. * Provide security guidance and IS validation using the National Institute of Standards and Technology (NIST) RMF, DoC, and local security policies. * Providing configuration management (CM) recommendations for information system security software, hardware, and firmware and coordinating changes and modifications with the ISSM, Security Control Assessor (SCA), and Authorizing Official (AO). * Maintain vulnerability scanning tool compliance, such as HBSS or ACAS, and patch management, such as IAVM to ensure IT staff pushes patches to all systems in an effort to maintain compliance with all applicable directives, manage system changes, and assess the security impact of those changes. * Support security authorization activities, including transitioning from the legacy Information Assurance Certification and Accreditation Process (DIACAP) to compliance with the DoC RMF. * Provide subject matter expertise for cyber security and trusted system technology. * Apply advanced technical knowledge and analysis of specialized functional areas in task requirements to develop solutions to complex problems. * Research, write, review, disposition feedback, and finalize recommendations regarding cyber security policy, assessment and authorization assessments (A&As), security test and evaluation reports, and security engineering practices and processes. * Conduct research and write risk assessment reports to include risk thresholds, evaluation, and scoring. * Support analysis of the findings and provide expert technical guidance for mitigation strategies, including implementation advice on the cyber security risk findings, and other complex problems. Qualifications: * Bachelor's Degree. * A minimum of five (5) years experience as an Information Assurance (IA) Analyst, ISSE, ISSO, or similar role in ATO package development, including generating security documentation for requirements, security control assessment, STIG and IAVA compliance, Standard Operating Procedures, test results, etc. * eMASS experience. * Professional security certification such as: CCNA Security, CySA+, GICSP, GSEC, CompTIA Security+ CE, SSCP, or higher. * Strong desktop publishing skills using Microsoft Word and Excel. * Experience with industry writing styles such as grammar, sentence form, and structure. * Ability to multi-task in a deadline-oriented environment. Ideally, you will also have: * CISSP, CASP, or a similar certificate is preferred. * Master's Degree in Cybersecurity or related field. * Strong initiative, detail orientation, organizational skills, and aptitude for analytical thinking. * Demonstrated ability to work well independently and as a part of a team. * Excellent work ethic and a high commitment to quality. Our Commitment: Contact Government Services (CGS) strives to simplify and enhance government bureaucracy through the optimization of human, technical, and financial resources. We combine cutting-edge technology with world-class personnel to deliver customized solutions that fit our client's specific needs. We are committed to solving the most challenging and dynamic problems. For the past seven years, we've been growing our government contracting portfolio, and along the way, we've created valuable partnerships by demonstrating a commitment to honesty, professionalism, and quality work. Here at CGS we value honesty through hard work and self-awareness, professionalism in all we do, and to deliver the best quality to our consumers mending those relations for years to come. We care about our employees. Therefore, we offer a comprehensive benefits package. Health, Dental, and Vision Life Insurance 401k Flexible Spending Account (Health, Dependent Care, and Commuter) Paid Time Off and Observance of State/Federal Holidays Contact Government Services, LLC is an Equal Opportunity Employer. Applicants will be considered without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Join our team and become part of government innovation! Explore additional job opportunities with CGS on our Job Board: ************************************* For more information about CGS please visit: ************************** or contact: Email: [email protected] #CJ $92,213.33 - $125,146.66 a year We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

At a glance Another Source is partnering with Cal State LA- a mission-driven, highly diverse public university in the heart of Los Angeles- to recruit a Chief Information Security Officer (CISO). This is a high-visibility leadership role responsible for shaping and advancing the university's enterprise information security, risk management, and privacy program. The CISO will work closely with executive leadership, IT, and campus stakeholders to protect institutional data while enabling teaching, learning, research, and student success. Why this role stands out:• Enterprise ownership of information security, risk, and compliance across a complex university environment• Direct partnership with senior leadership and governance bodies• Opportunity to build a shared, campus-wide culture of security and risk awareness• Meaningful work in support of equity, access, and public impact Description: What you'll be doing Another Source's client, California State University Los Angeles, is recruiting for a Chief Information Security Officer to join their team in Los Angeles. Did you know? California State University system is the largest public four-year university system in the world, with more than 486,000 students, and 56,000 faculty and staff. ******************************************* California State University, Los Angeles (Cal State LA) is one of 23 campuses within the California State University system. The University is the premier comprehensive public university in the heart of Los Angeles. We offer nationally recognized programs and our faculty have a strong commitment to scholarship, research, creative pursuits, and service. As a federally recognized Hispanic-serving (HSI) and Asian-American, Native American, and Pacific Islander-serving institution (AANAPISI), Cal State LA recognizes the transformative power of education and embraces its duty to identify and serve the needs of all of its students. The University is committed to creating a community in which a diverse population of students, faculty, and staff can thrive. About the role: Reporting directly to the Vice President, this pivotal role entails exercising enterprise-wide authority to ensure compliance with university information security policies and IT risk management practices, consistent with industry standards and governmental regulations. The Chief Information Security Officer (CISO) also serves as a strategic advisor to the university's executive leadership on information security matters. As an advocate for Cal State LA's overall information security needs and awareness planning, the CISO provides vision and leadership for developing and supporting security and compliance initiatives. The CISO serves as the campus security and compliance liaison on various committees including the CSU Information Security Advisory Committee (ISAC) and CSU system-wide information security initiatives. Learn more about the Information Technology Services department and Information Security Resources: ************************************************************* The anticipated annual hiring range is up to $180,000 depending on experience. Key Responsibilities: In collaboration with the university's executive leadership, the CISO plays a pivotal role in defining acceptable levels of information security risk, aligning cybersecurity strategies with institutional objectives, and ensuring the university's overall resilience against cyber threats and regulatory compliance requirements. Key responsibilities encompass: Identify risks and IT security and compliance requirements and priorities: Collaborate with executive management to establish acceptable risk profiles, balance security measures with operational needs and business objectives, identify and remediate security-related compliance gaps, establish security and compliance governance processes to ensure security and compliance solutions are appropriate, and resources are allocated based on the priorities of the university business objectives. Protect the information assets and reputation of the university from cyberattacks: Design, implement, and maintain a comprehensive campus-wide information security management program, encompassing policies, procedures, practices, and capabilities to safeguard sensitive data and critical infrastructure. Conduct security awareness program to educate Cal State LA user community to protect themselves from phishing and/or cyberattacks. Detect cyber threats, attacks, system vulnerabilities, and security-related non-compliance issues: Enhance technical capabilities to improve cyber threat detection effectiveness. Develop IT security talents to identify symptoms of cyberattacks. Establish security threat detection processes to monitor cyber risks and vulnerabilities. Lead the assessments and security health check efforts on regulatory compliance mandates including FERPA, PII, GLBA, GDPR, PCI DSS, and HIPAA. Respond to security incidents and cyberattacks: Maintain up-to-date Incident Response Management Plans and improve the university's incident response readiness via CSIRT training and tabletop exercises. Lead the incident response efforts, perform investigation, coordinate remediation activities, and ensure effective communication with stakeholders during and after security breaches or cyberattacks. Collect evidence for the cyber incidents to enable post incident activities. Restore disrupted systems and business capabilities after cyber incidents: Coordinate with Infrastructure Team to back up critical systems and sensitive data to enable quick and comprehensive restoration of systems after cyber-attacks or system disruption. Strategic Planning and Prioritization: Actively participate in IT strategic planning initiatives, projects, and resource allocation decisions, prioritizing security investments and aligning cybersecurity strategies with the university's evolving needs. IT Audit Oversight: Oversee IT-related audit responses, ensuring adherence to internal controls, regulatory compliance requirements, and industry best practices. Required Qualifications: Bachelor's degree in information security, computer science, or a related field. Minimum of 8-10 years of progressive experience in information security, cybersecurity, or a related field. Proven experience in a leadership role, overseeing comprehensive information security programs, and managing security initiatives in a complex organizational environment, preferably in higher education. Strong communication skills with the ability to effectively convey complex security concepts to both technical and non-technical stakeholders. Experience collaborating with executive management and presenting to governing boards. In-depth knowledge of information security principles, cybersecurity technologies, and risk management frameworks. Experience with the implementation and management of security operations centers (SOCs) and security monitoring systems. Familiarity with industry-accepted information security standards, frameworks, and best practices. Expertise in developing, implementing, and maintaining information security policies, procedures, and standards. Experience with information security governance and ensuring compliance with applicable industry standards and governmental regulations. Strong background in conducting risk assessments and implementing risk management strategies. Experience managing relationships with security-related vendors and overseeing security services. Knowledge of vetting and reviewing security practices and controls of third-party service providers. Experience with overseeing compliance efforts, including audits and assessments related to FERPA, GLBA, HIPAA, and other relevant regulations. Ability to align information security initiatives with organizational goals. Demonstrated commitment to staying abreast of the latest trends, emerging threats, and best practices in information security. Participation in professional organizations, conferences, and networking events in the cybersecurity field. Experience in leading and developing a diverse team of information security professionals. Ability to foster a collaborative and inclusive team culture. Understanding of legal and regulatory requirements related to information security, particularly in the context of higher education. Why a career with CSU is for You: The CSU system offers a comprehensive benefits package designed to meet you where you're at in life and typically adds 30-35% to your total compensation package. For more information on programs available, take a closer look in the Employee Benefits Summary: ******************************************************************************************** Emphasis on maintaining a healthy work-life balance with ample PTO and flexibility, which includes up to 24 vacation days per year (based on employee group/or services). Enjoy the vibrant campus life with access to athletic and gym facilities, renowned sporting events, artist events, and world-renowned speakers. Numerous professional development opportunities to advance your career including tuition waivers for yourself, a spouse, registered domestic partner or an eligible dependent child across any of the 23 CSU campuses. Two different retirement plans catered to fit your personal saving goals: CalPERS Retirement Plan or 403(b) Supplemental Retirement Plan (Similar to a 401k plan) Medical benefits tailored to support various life stages We recognize that transportation to and from work can be expensive and we are here to help support you with pre-tax commuter benefits. Equal Employment Statement The California State University is an Equal Opportunity/Affirmative Action employer committed to nondiscrimination on the basis of age, ancestry, citizenship status, color, creed, disability, ethnicity, gender, genetic information, marital status, medical condition, national origin, race, religion or lack thereof, sex, sexual orientation, transgender, or protected veteran status consistent with applicable federal and state laws. This policy applies to all CSU students, faculty and staff programs and activities. Title IX of the Education Amendments of 1972, and certain other federal and state laws, prohibit discrimination on the basis of sex in all education programs and activities operated by the university (both on and off campus). Another Source works with their clients, on a retained project basis. We are committed to building inclusive candidate pools as we partner with hiring teams. As you read through the job posting and review the list of qualifications (required and/or preferred), please do not self-select out if you feel you do not meet every qualification. No one is 100% qualified. We encourage you to apply and share your story with us. #AS1 #LI-JK1

Who You'll Work With As a modern technology company, our Slalom Technologists are disrupting the market and bringing to life the art of the possible for our clients. We have passion for building strategies, solutions, and creative products to help our clients solve their most complex and interesting business problems. We surround our technologists with interesting challenges, innovative minds, and emerging technologies As a Consultant or Senior Consultant, you will collaborate with cross-functional teams, including IT, security, and business units, to design and implement Google Cloud-based application innovation solutions. You will work alongside experienced cloud architects, data scientists, and other specialists, ensuring the successful delivery of scalable, cloud-native applications and AI-powered solutions. What You'll Do * Stay current with security trends, technologies, and best practices around Google Cloud solutions, leveraging tools like Cloud IAM, Cloud Security Command Center, BeyondCorp, and Cloud Armor. * Define and guide transformational security strategies for Google Cloud environments, ensuring alignment with Google's Zero Trust and BeyondCorp principles. * Translate complex regulatory requirements (e.g., GDPR, SOC 2, HIPAA) and technology standards into actionable functional and technical requirements for cloud and hybrid environments, ensuring security and compliance. * Lead teams through various phases of gap analyses, including security assessments, remediation planning, roadmap development, and implementation of remediation actions using Google Cloud-native tools. * Deliver on the vision, architecture, execution, and quality assurance of security projects on Google Cloud, driving initiatives that secure enterprise workloads and data. * Guide stakeholders and senior leaders on aligning security solutions with broader business goals, ensuring the architecture follows Google Cloud's security best practices and roadmap. * Establish security architecture patterns based on Google Cloud security frameworks and industry standards to meet the unique needs of enterprise clients. * Collaborate with other Google Cloud architects and security teams to continuously improve security knowledge assets and best practices, ensuring the most effective security solutions for clients. * Design and architect solutions to secure Generative AI models and applications against adversarial attacks, prompt injection, and their potential misuse for malicious cyber activities. What You'll Bring * Proven experience with Google Cloud security architecture, with hands-on experience in tools like Cloud IAM, VPC Service Controls, Cloud DLP, and Cloud Armor. * Strong background in defining and implementing Zero Trust and BeyondCorp security models within Google Cloud environments. * Familiarity or direct experience with Identity and Access Management (IAM), Data Protection, Vulnerability Management, and Cloud Security solutions in Google Cloud. * Extensive experience with security design patterns specific to Google Cloud, as well as hybrid and multi-cloud security architecture. * Experience in security and risk advisory consulting, particularly related to cloud security transformations. * Ability to lead the development and implementation of cloud security roadmaps aligned with business goals and compliance needs. * Familiarity with Google Cloud's Artificial Intelligence (AI) capabilities (e.g., Vertex AI, Generative AI services, Model Armor) including their applications, associated security risks (e.g., prompt injection, data poisoning, privacy concerns), and proven strategies for implementing security controls, governance, and responsible AI practices. * Relevant certifications are strongly desired, including (but not limited to): * GCP Professional Security Engineer * GCP Professional Cloud Architect * CISSP * Security+ About Us Slalom is a fiercely human business and technology consulting company that leads with outcomes to bring more value, in all ways, always. From strategy through delivery, our agile teams across 52 offices in 12 countries collaborate with clients to bring powerful customer experiences, innovative ways of working, and new products and services to life. We are trusted by leaders across the Global 1000, many successful enterprise and mid-market companies, and 500+ public sector organizations to improve operations, drive growth, and create value. At Slalom, we believe that together, we can move faster, dream bigger, and build better tomorrows for all. Compensation and Benefits Slalom prides itself on helping team members thrive in their work and life. As a result, Slalom is proud to invest in benefits that include meaningful time off and paid holidays, parental leave, 401(k) with a match, a range of choices for highly subsidized health, dental, & vision coverage, adoption and fertility assistance, and short/long-term disability. We also offer yearly $350 reimbursement account for any well-being-related expenses, as well as discounted home, auto, and pet insurance. Slalom is committed to fair and equitable compensation practices. For this position the base salary pay ranges are listed below. In addition, individuals may be eligible for an annual discretionary bonus. Actual compensation will depend upon an individual's skills, experience, qualifications, location, and other relevant factors. The salary pay range is subject to change and may be modified at any time. East Bay, San Francisco, Silicon Valley: * Consultant: $120,000-$177,000 * Senior Consultant: $140,000-$203,000 San Diego, Los Angeles, Orange County, Seattle, Houston, New Jersey, New York City, Westchester, Boston, Washington DC: * Consultant: $110,000-$162,000 * Senior Consultant: $130,000-$186,000 All other locations: * Consultant: $105,000-$148,000 * Senior Consultant: $115,000-$171,000 EEO and Accommodations Slalom is an equal opportunity employer and is committed to inclusion, diversity, and equity in the workplace. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veterans' status, or any other characteristic protected by federal, state, or local laws. Slalom will also consider qualified applications with criminal histories, consistent with legal requirements. Slalom welcomes and encourages applications from individuals with disabilities. Reasonable accommodations are available for candidates during all aspects of the selection process. Please advise the talent acquisition team if you require accommodations during the interview process. We are accepting applications until 12/31.

Job Description Exciting Threat Intelligence Analyst / Security Analyst Tier II, 6 months, contract opportunity in Los Angeles, CA. Requirements 2 plus years of experience in tactical intelligence or intelligence analysis, or a related area. 3 plus years of experience in cyber security or related discipline. Understands the following concepts: confidence intervals, MITRE, kill chain, C2, passive DNS, traffic light protocol, and collections bias. Cyber Threat Intelligence Analyst will focus on technical analysis of threats in order to drive the collection, creation, and dissemination of indicators of compromise and indicators of attack. Ability to conduct open-source intelligence collection and analysis. Ability to produce intelligence products at the tactical, operational, and strategic levels. Familiarity with multiple threat intelligence types, sources, and methods of gathering/ obtaining information and data. Basic knowledge of open-source tools, such as Shodan, Maltego, PassiveTotal, and Virus Total. Good understanding of the intelligence lifecycle and associated analytic methodologies (Cyber Kill Chain, Diamond Model, ATT&CK, etc.). Triaging tactical reporting to focus on serious threats and/or those likely to be perceived as such Nice to have: GCTI: Cyber Threat Intelligence, CCTA: Certified Cyber Threat Analyst, CCIP: Certified Cyber Intelligence Professional

Exciting Threat Intelligence Analyst / Security Analyst Tier II, 6 months, contract opportunity in Los Angeles, CA. Requirements 2 plus years of experience in tactical intelligence or intelligence analysis, or a related area. 3 plus years of experience in cyber security or related discipline. Understands the following concepts: confidence intervals, MITRE, kill chain, C2, passive DNS, traffic light protocol, and collections bias. Cyber Threat Intelligence Analyst will focus on technical analysis of threats in order to drive the collection, creation, and dissemination of indicators of compromise and indicators of attack. Ability to conduct open-source intelligence collection and analysis. Ability to produce intelligence products at the tactical, operational, and strategic levels. Familiarity with multiple threat intelligence types, sources, and methods of gathering/ obtaining information and data. Basic knowledge of open-source tools, such as Shodan, Maltego, PassiveTotal, and Virus Total. Good understanding of the intelligence lifecycle and associated analytic methodologies (Cyber Kill Chain, Diamond Model, ATT&CK, etc.). Triaging tactical reporting to focus on serious threats and/or those likely to be perceived as such Nice to have: GCTI: Cyber Threat Intelligence, CCTA: Certified Cyber Threat Analyst, CCIP: Certified Cyber Intelligence Professional

THE COMPANY Silvus Technologies is dedicated to one mission: connecting those who keep us safe. We do so by delivering the most advanced Mobile Ad-hoc Network (MANET) radios powered by our custom and ever-evolving Mobile-Networked MIMO waveform. Together, our radios and waveform provide the vital communications for mission critical applications in the harshest environments from underground tunnels to high altitude balloons. Silvus StreamCaster radios are being rapidly adopted by customers all over the world ranging from the U.S Departments of Defense, to International, Federal, State and Local Law Enforcement agencies, all the way to the Super Bowl, Grammys and industry-leading drone, robot, and other unmanned systems manufacturers. Wouldn't you like to join an incredibly talented group of people, doing very challenging work, with the prime directive of “ Keeping Our Heroes Connected ”? Silvus' rapid growth is fueled by a focus on research and innovation and a team of the most passionate, skilled, and creative thinking individuals. If you are looking for a challenging experience, you owe it to yourself to learn how Silvus can provide a rewarding opportunity that creates a pathway to a fulfilling career. THE OPPORTUNITY Silvus is seeking a Senior Defensive Security Engineer - Embedded Systems who will report to the Director of Software Engineering on the Software Engineering team. The successful individual in this role will focus on protecting our embedded systems from potential threats by designing and implementing robust security measures, conducting security assessments, and ensuring compliance with industry standards. This position is based at Silvus Technologies' headquarters in the heart of vibrant West Los Angeles, CA and is on a hybrid schedule; a minimum of 3 days onsite per week is expected. On-site days are Mondays, Wednesdays, and Thursdays. The following is a list of at least some of the current essential job functions of the position. Management may assign or reassign duties and responsibilities at any time at its discretion. ROLE AND RESPONSIBILITIES Design and implement Linux-based security architectures for embedded systems, focusing on secure boot, and kernel hardening. Develop and enforce Linux security features, including iptables, netfilter, and auditd for intrusion detection and prevention. Conduct security assessments and audits of Linux-based embedded systems to identify and mitigate vulnerabilities. Integrate Linux security best practices into the development lifecycle (DevSecOps), emphasizing secure coding and configuration management. Manage vulnerabilities in Linux-based embedded systems, including timely patching and kernel updates. Train teams on Linux security practices, including privilege management, file system permissions, and container security. Participate in incident response planning and execution for Linux-based embedded systems. Implement Linux-native encryption and authentication mechanisms (e.g., dm-crypt, OpenSSL, PAM) for secure communications. REQUIRED QUALIFICATIONS Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or related field (e.g., Mathematics, Computer Engineering). Minimum 5 years in cybersecurity, with at least 2 years in defensive security roles focused on Linux-based systems. Expertise in Linux network security, secure coding, or embedded systems security. Coding/scripting in C/C++, Python, Bash, or assembly for Linux environments. Familiarity with Linux security tools like Auditd, Lynis, or vulnerability scanners. Security Clearance: Active U.S. Government SECRET clearance or the ability to obtain one within 12 months of hire. NOTE - Must be a U.S. Person (U.S. Citizen, or U.S. Permanent Resident) due to clients under U.S. federal contracts PREFERRED KNOWLEDGE, SKILLS AND ABILITIES Master's degree in Cybersecurity, Computer Science, Information Technology, or related field. One or more of the following certifications: CISSP, CISM, GIAC Security Expert (GSE), CompTIA Security+, or Linux-specific (e.g., LFCS, RHCE). Hands-on experience implementing Linux security controls, such as SELinux, AppArmor, or iptables, and conducting security assessments. Proficiency in Linux security frameworks, such as CIS Benchmarks, NIST SP 800-53, or STIGs. Broad experience with Linux secure development lifecycle (SDL) practices. Knowledge of Linux threat intelligence and threat modeling. Familiarity with Linux container security (e.g., Docker, Podman) and cloud environments. Strong communication skills to explain Linux security concepts to technical and non-technical audiences. Collaborative teamwork with cross-functional groups. Experience securing resource-constrained Linux-based embedded systems. Understanding of real-time Linux systems and their security implications. Knowledge of Linux hardware security integration, such as TPM or Secure Enclave. Demonstrated experience designing secure Linux communication systems with encryption, authentication, and key management. Familiarity with mobile ad-hoc networking security on Linux platforms. WORKING CONDITIONS & PHYSICAL REQUIREMENTS Office environment. While performing the duties of this job, the employee is required to do the following: Lift equipment up to 20 lbs. for the set-up of demonstrations and testing. Perform bending and reaching movements to place items on lower and higher shelves. Walking/Moving in the labs. #techcareers COMPENSATION The pay range is NOT a guarantee. It is based on market research and peer data, and will vary depending on the candidate's experience and qualifications. CA Pay Range$140,000-$200,000 USD NOTE - As a U.S. Federal Contractor, Silvus Technologies requires that ALL candidates being considered for employment for any position (regardless of level) MUST be a U.S. Person (permanent resident or citizen). Stricter U.S. Citizen ONLY requirements are needed for some Engineering or R&D roles. This generally does NOT apply to International positions; only job postings for positions located in the U.S. Exceptions will be included in the Required Qualifications section of the posted position. All Employment is contingent upon the successful clearance of a background check. Silvus is proud to be an equal-opportunity employer, and we value diversity. We do not discriminate on the basis of race, color, age, religion or belief, ancestry, national origin, sex (including pregnancy), sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, physical or mental disability, protected veteran status, genetic information, political affiliation, or any other factor protected by applicable federal, state, or local laws. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive benefits and privileges of employment. Please contact us to request accommodation. *Silvus does not accept unsolicited resumes from individual recruiters or third-party recruiting agencies in response to job postings. No fee will be paid to third parties who submit unsolicited candidates directly to Silvus Technologies.

This sr‑level hire will serve as the organization's CISO, Facility Security Officer (FSO), and compliance authority. The role leads cybersecurity strategy, implements CMMC and GCC High controls, manages security programs, and ensures compliance for government contracts. Lead CMMC program implementation and ensure GCC High compliance for defense programs. Serve as CISO and FSO overseeing facility security, information security, cybersecurity policy, and regulatory compliance. Conduct enterprise risk assessments, vulnerability analysis, and incident response planning. Lead internal/external audits, gap assessments, and remediation plans. Interface directly with DoD, federal regulators, and auditors. Provide cybersecurity awareness training and guidance to staff. Track metrics, report on cyber posture, and advise executive leadership. Skills aerospace defense, CMMC, nist, DFARS, itar, gcc, Compliance, Audit, cissp, cism, cisa, FedRAMP Top Skills Details aerospace defense,CMMC,nist,DFARS,itar,gcc,Compliance,Audit Additional Skills & Qualifications sr level (7+ years cybersecurity/compliance; prior FSO experience required). Strong leadership and communication skills; able to influence executive decision‑making. Ability to interface with government regulators and defense customers. Experience creating policies, remediation plans, and cyber maturity tracking. US citizenship with ability to obtain/maintain required clearances (mandatory for FSO). Experience Level Expert Level Job Type & Location This is a Contract to Hire position based out of Chatsworth, CA. Pay and Benefits The pay range for this position is $48.00 - $70.00/hr. Eligibility requirements apply to some benefits and may depend on your job classification and length of employment. Benefits are subject to change and may be subject to specific elections, plan, or program terms. If eligible, the benefits available for this temporary role may include the following: • Medical, dental & vision • Critical Illness, Accident, and Hospital • 401(k) Retirement Plan - Pre-tax and Roth post-tax contributions available • Life Insurance (Voluntary Life & AD&D for the employee and dependents) • Short and long-term disability • Health Spending Account (HSA) • Transportation benefits • Employee Assistance Program • Time Off/Leave (PTO, Vacation or Sick Leave) Workplace Type This is a fully onsite position in Chatsworth,CA. Application Deadline This position is anticipated to close on Jan 28, 2026. About Actalent Actalent is a global leader in engineering and sciences services and talent solutions. We help visionary companies advance their engineering and science initiatives through access to specialized experts who drive scale, innovation and speed to market. With a network of almost 30,000 consultants and more than 4,500 clients across the U.S., Canada, Asia and Europe, Actalent serves many of the Fortune 500. The company is an equal opportunity employer and will consider all applications without regard to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law. If you would like to request a reasonable accommodation, such as the modification or adjustment of the job application process or interviewing due to a disability, please email actalentaccommodation@actalentservices.com for other accommodation options.