Information security analyst jobs in Lancaster, CA

We are seeking an Information Security Analyst to support enterprise security operations with a focus on vendor risk management, security control integration, and infrastructure security. This role is responsible for conducting security assessments, coordinating the implementation of core security services (including SSO, logging, IAM, and data protection), and supporting compliance activities aligned with frameworks such as NIST and ISO 27001. The ideal candidate has experience in cybersecurity risk management, cloud environments (AWS/Azure), and collaborating with technical teams to ensure the effective delivery of security controls. At least 2+ years of experience in the following: Security & Compliance Frameworks NIST CSF ISO 27001 CIS Controls ITIL SOC 2 PCI DSS FedRAMP GDPR / CCPA Vendor Risk & GRC Tools OneTrust SIG (Standardized Information Gathering) Other GRC/TPRM platforms Identity, SSO & Access Management SSO (PingFederate, SAML) Active Directory Azure AD AWS IAM

IT Security & Network Engineer - JM Eagle Los Angeles, CA | Onsite 4 Days / Remote Fridays | $150,000 - $170,000 + Comprehensive Benefits About Us JM Eagle is the world's largest manufacturer of plastic pipe, providing the infrastructure that keeps communities connected across North America. Behind every operation is a secure, stable IT environment supporting 1,000+ users across 20+ locations. We're strengthening that foundation - and seeking a hands-on IT Security & Network Engineer who can own our daily security operations and help modernize our network and cybersecurity posture. This is a high-impact, individual contributor role for a senior engineer who thrives in both the strategic and technical trenches. The Opportunity This role is ideal for a seasoned IT security professional who wants broad ownership without stepping into management. You'll work closely with the Director of IT Operations and outsourced partners to secure our enterprise, harden our infrastructure, and enhance our cybersecurity frameworks. Your time will be split approximately: 60% Cybersecurity: tools, monitoring, vulnerability management, incident response 40% Network Engineering: SD-WAN, firewalls, VPN, wireless, connectivity across 20+ sites You will be the technical driver behind our security improvement roadmap. What You'll Do Cybersecurity Operations Own day-to-day cybersecurity operations, including monitoring, threat response, and risk mitigation. Manage security tools and platforms: endpoint protection, SIEM, MFA, SSO, VPN, firewalls, and vulnerability management tools. Perform recurring vulnerability scans and penetration-testing coordination; track and validate remediation. Monitor security alerts using Fortinet, Darktrace, CrowdStrike, Nessus, Microsoft Defender, etc. Lead internal security awareness initiatives and social engineering simulations. Maintain documentation for configurations, policies, and security processes. Network Engineering Support secure network architecture across 20+ locations. Oversee SD-WAN, firewall policies, VPN configuration, internet filtering, and remote-access security. Support wireless infrastructure, site connectivity, and network performance monitoring. Partner with third-party providers to ensure uptime, reliability, and strong security posture. Governance & Collaboration Work with IT leadership to strengthen cybersecurity governance and reporting. Contribute to incident response planning, tabletop exercises, and monthly security briefings. Evaluate threats and emerging technologies; propose continuous improvements. What You Bring Bachelor's degree in Computer Science, Information Systems, or equivalent experience. 8+ years of experience in IT security and network engineering supporting 1,000+ users across distributed sites. 4+ years of hands-on experience with enterprise security tools and platforms. Deep experience with the Microsoft ecosystem: Azure, M365, Active Directory / Entra ID, SCCM / Intune. Strong working knowledge of: MFA, SSO, VPN Endpoint protection SIEM solutions Network segmentation, encryption, hardening Monitor and respond to security alerts using tools like Fortinet, Darktrace, CrowdStrike, Nessus, and Microsoft Defender. Familiarity with SD-WAN architectures, wireless networking, and network monitoring tools. Understanding of ITIL, ITSM, NIST frameworks; CISSP or similar preferred but not required. Excellent communication skills with the ability to work across teams. Comfort managing outsourced security and network service providers. A highly proactive, self-starting approach - someone who solves problems end-to-end. Why JM Eagle Directly influence and modernize the cybersecurity posture of the world's largest pipe manufacturer. Join an enterprise undergoing major IT transformation with full executive backing. Work with a Microsoft-centric environment supporting 1,000+ users and 20+ distributed locations. Competitive salary: $150K-$170K + bonus + excellent benefits. 4 days onsite in Los Angeles; remote Fridays. Work Environment Primarily a professional headquarters environment. Occasional travel to manufacturing and distribution facilities may be required. Some exposure to plant or outdoor areas during site visits.

We don't just offer jobs; we cultivate careers. Become part of our dynamic team of professionals and experience what it means to truly be valued. We're passionate about empowering our associates to reach their full potential, fostering growth, and celebrating success together. When you join Sigma, you're stepping into a fast-growing, innovative global food organization that's redefining excellence in the industry. Are you ready to elevate your career? Come join our table! Position Summary Responsible for designing, implementing, supporting and administering the IT infrastructure and information security applications. Analyzes system requirements and defines system architecture that will meet business needs, including server infrastructure, capacity planning, storage requirements and networking protocols. Essential Job Functions Responsible for designing and implementing information systems that will adequately support the infrastructure of the organization. Examines system requirements and system architecture and provides new processes/standards that will meet business needs, including server infrastructure, capacity planning, storage requirements, and networking protocols. Ensures that architecture project roll-outs meet security standards and are effectively integrated with current applications. Completes tasks designed to ensure security of the organization's systems and information assets. Protects against unauthorized access, modification, or destruction and develops IT security policies and standards. Authorize user access and familiar with domain structures and digital signatures. Oversees and guides the work of lower-level IT personnel or other IT teams. Develops, implements and maintains policies, procedures, and programs for ensuring the security and integrity of company data, databases, information systems, and technology. Conducts risk management analysis and creates business continuity, contingency, and disaster recovery plans. Leads the development, update, and execution of Business Continuity Plans for systems and data within Enterprise Data. Develops and executes the testing processes utilized to validate the disaster recovery plans and to identify weaknesses and failure points in the plans. Works on advanced, complex technical projects or business issues. Other duties as assigned. Minimum Qualifications Associate degree in Computer Science, Computer Engineering, Technology, Information Systems or equivalent work experience. Eight years of infrastructure or security architecture. Experience in enterprise and security architecture. Experience on day to day IT operation management. Experience on Data Center environments. License/Certifications: N/A Preferred Qualifications Formal training ITIL, COBIT, or Microsoft certification. Project Management certification. Knowledge, Skills & Abilities (KSA's) Knowledge on consolidation of Active Directory environments on a medium to large company. Strong technical knowledge across infrastructure and security services support. Working understanding of Active Directory structure (e.g. GPOs). Working understanding of Agile and RACU Frameworks. Understand industry threats and the methods to apply appropriate controls. Knowledge of PowerShell and other automation methods. Understanding of server hardening. Proficient with Microsoft Office, including skills with Outlook, Word and Excel. Ability to lead and effectively communicate with technical and non-technical staff across multiple disciplines and levels of the organization. Ability to identify complex problems, review information to develop and evaluate options then implement solutions. Environmental/Working Conditions N/A Physical Requirements Usual office environment with frequent sitting, walking, and standing, and occasional climbing, stooping, kneeling, crouching, crawling, and balancing. Frequent use of eye, hand, and finger coordination enabling the use of office machinery. Oral and auditory capacity enabling interpersonal communication as well as communication through automated devices such as the telephone.

📍 Base: Client base is in LA and HQ is in La Verne, CA 💰 $130 to $140K + Bonus + Benefits We're seeking a System Engineer/ Consultative to join a growing Managed Services Provider (MSP). This role blends advanced technical expertise with consultative, client-facing responsibilities. You'll resolve high-level escalations, lead infrastructure projects, and identify opportunities to upsell solutions that truly add value for clients. What You'll Do: Own L3 escalations across server, cloud, and networking environments Design and implement solutions (Azure, M365, VMware, SonicWall, etc.) Act as a trusted advisor to clients, aligning IT with business goals Spot upsell opportunities and work with leadership to close deals Mentor junior engineers and help shape best practices What We're Looking For: 4+ years MSP experience (required) Advanced knowledge of Microsoft Server, Azure, M365, AD, VMware, and networking Strong client-facing, consultative approach Proven ability to upsell or expand client accounts through solutions Perks & Benefits: ✅ Competitive salary + bonus ✅ Medical, Dental, Vision, 401(k) + 5% match ✅ PTO + Holidays ✅ Clear upward mobility and leadership growth ✅ Paid parking

IDR is seeking a IT Procurement Analyst to join one of our top clients for an opportunity in Santa Monica, CA. This role is ideal for candidates with a strong background in IT procurement and a focus on hardware purchasing within a fast-paced environment. The organization specializes in media and entertainment, providing innovative solutions to industry challenges. Position Overview for the IT Procurement Analyst: Manage procurement processes related to IT hardware and software in a high-volume environment. Collaborate with internal teams to understand their procurement needs and ensure timely delivery. Utilize tools such as MS Excel and ServiceNow to track and report procurement activities. Maintain strong communication with vendors and stakeholders to ensure service levels are met. Support the procurement team with data analysis, reporting, and process improvements. Requirements for the IT Procurement Analyst: Good knowledge of MS Excel & Office (or similar) Strong customer service skills Good written and verbal communication Good understanding of IT Hardware Previous experience of IT Procurement or IT Buying Desk environment What's in it for you? Competitive compensation package Full Benefits; Medical, Vision, Dental, and more! Opportunity to get in with an industry leading organization. Why IDR? 25+ Years of Proven Industry Experience in 4 major markets Employee Stock Ownership Program Dedicated Engagement Manager who is committed to you and your success. Medical, Dental, Vision, and Life Insurance ClearlyRated's Best of Staffing Client and Talent Award winner 12 years in a row. $20.86/hr

RELOCATION ASSISTANCE: No relocation assistance available CLEARANCE TYPE: SecretTRAVEL: Yes, 25% of the TimeDescriptionAt Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work - and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they're making history. Put your skills to the test by pushing the boundaries of what's possible. From global defense to sustainment and modernization to mission readiness, your experience and ability will make it a reality. Our programs are built on equal parts of curiosity and collaboration. Our combined effort means our customers can connect and defend millions of people around the world. With Northrop Grumman, you'll have the opportunity to be an essential part of projects that will define your career, now and in the future. Northrop Grumman Defense Systems is seeking an Principal or Sr. Principal Industrial Security Analyst (3/4) for our Northridge, CA location. Roles and Responsibilities: Develops and administers physical security programs and procedures for classified or proprietary materials, documents, and equipment. Studies and implements federal security regulations that apply to company operations Obtains rulings, interpretations, and acceptable deviations for compliance with regulations from government agencies Prepares manuals outlining regulations, and establishes procedures for handling, storing, and keeping records, and for granting personnel and visitors access to restricted records and materials Conducts security education classes and security audits Ensures security compliance as a CSSO in accordance with DoDM 5205.07 Responsible for offsite and subcontractor security standups and posture ISA duties will include: CSSO for offsite and subcontractor sites associated with the program Support a fast-paced, high-profile program; creating, maintaining, and leveraging working relationships with internal and external customers Study and implement company and federal security policies, regulations, and procedures that apply to company operations Obtain rulings, interpretations, and acceptable deviations for compliance with regulations from government agencies Manage program security compliance and operations across multiple functions, including security SCIF and/or SAPF administration, PHYSEC, COMSEC, PERSEC, OPSEC, Contract Security, Security Education, Investigations, Visitor Control, and Document Control Management Develop and implement a security education and awareness program Conduct internal security audits. Investigate security violations and prepare reports specifying preventive action to be taken Ensure adherence to contractual guidance for classified programs and cleared facilities in accordance with the Security Statements of Work, DD Form 254, DoD Contract Security Classification Specifications guidance Assist program managers and professional staff in interpreting, applying, and complying with program Security Classification Guides (SCG) Provide personnel security (PERSEC) support to include but not limited to reviewing and processing required documentation in support of SCI and SAP nomination processes; maintain PERSEC databases; prepare and administer program indoctrination and debriefings; access, review, and submit clearance and access information using the appropriate government database and other information systems Provide facility security administration, documentation, and support: implement Standard Operating Procedures (SOP); conduct SCI and SAP security program self-inspections Provide security support for Sensitive Compartmented Information Facility (SCIF) and Special Access Program Facility (SAPF) build construction projects to include obtaining customer accreditation in accordance with SCI and SAP DoD Manuals, ICD, ICS Tech Spec, and other government requirements Manage and maintain UL-2050 Compliant Intrusion Detection Systems (IDS) and automated Access Control Systems (ACS) Other duties as assigned Basic Qualifications: Principal Industrial Security Analyst (level 3) Must have a high school diploma or GED with at least 9 years of related experience; OR 5 year of experience with a bachelor's degree Experience with any of the following: Government manuals (32 CFR Part 117, NISPOM, DODM 5205.07, etc.) Strong working knowledge of basic office automation tool suites such as MS Office (Word, Excel, PowerPoint) Excellent customer service and communication skills Must have an active Secret clearance Ability to maintain flexibility to deal with changing priorities and deadlines. Ability to work extended hours, in a fast paced, deadline driven environment, excellent communication skills speaking, writing skills and organized skills enabling effective communications CSSO Experience Ability to travel Basic Qualifications: Sr. Principal Industrial Security Analyst (level 4) Must have a high school diploma or GED with at least 12 years of related experience; OR 8 year of experience with a bachelor's degree Experience with any of the following: Government manuals (32 CFR Part 117, NISPOM, DODM 5205.07, etc.) Strong working knowledge of basic office automation tool suites such as MS Office (Word, Excel, PowerPoint) Excellent customer service and communication skills Must have an active Secret clearance Ability to maintain flexibility to deal with changing priorities and deadlines. Ability to work extended hours, in a fast paced, deadline driven environment, excellent communication skills speaking, writing skills and organized skills enabling effective communications CSSO Experience Ability to travel Preferred Qualifications: Experience Leading Security Teams from Subcontractors and Offsite Ability to work independently and follow projects through to completion. Current Top-Secret clearance Self-starter with minimal supervision Security experience in a manufacturing environment Supply Chain Security Experience Primary Level Salary Range: $94,200.00 - $141,200.00Secondary Level Salary Range: $117,500.00 - $176,300.00The above salary range represents a general guideline; however, Northrop Grumman considers a number of factors when determining base salary offers such as the scope and responsibilities of the position and the candidate's experience, education, skills and current market conditions.Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay. Annual bonuses are designed to reward individual contributions as well as allow employees to share in company results. Employees in Vice President or Director positions may be eligible for Long Term Incentives. In addition, Northrop Grumman provides a variety of benefits including health insurance coverage, life and disability insurance, savings plan, Company paid holidays and paid time off (PTO) for vacation and/or personal business.The application period for the job is estimated to be 20 days from the job posting date. However, this timeline may be shortened or extended depending on business needs and the availability of qualified candidates.Northrop Grumman is an Equal Opportunity Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO and pay transparency statement, please visit *********************************** U.S. Citizenship is required for all positions with a government clearance and certain other restricted positions.

at The Azoff Music Company LLC Information Security Analyst About the RoleWe are looking for an Information Security Ånalyst to operate and maintain our information security systems. As a mid-size entertainment company with global reach, we manage sensitive intellectual property and digital assets that demand the highest level of security. This role will be responsible for helping to design, implement, and maintain a robust information security program that aligns with business objectives and compliance requirements. Key Responsibilities Governance, Risk Management, and Compliance Establish and maintain security policies, standards, and procedures that comply with applicable regulations (e.g., GDPR, CCPA, SOC 2, ISO 27001, PCI-DSS). Oversee risk assessments and audits, ensuring remediation plans are executed effectively. Manage vendor security evaluations and third-party risk management programs. Operational Security Oversee incident detection, response, and recovery processes to ensure rapid containment and resolution of security events. Implement and monitor security controls across endpoints, networks, and cloud infrastructure. This may include selecting, implementing, and monitoring security software, reviewing network settings like firewall rules and access policies, inspecting hardware and software for vulnerabilities. Lead vulnerability management, penetration testing, and threat intelligence initiatives. Awareness and Culture Develop and deliver ongoing security training and awareness programs for all employees. Champion a culture of security across departments, ensuring staff understand their role in protecting company assets. Mentor junior technical staff on information security best practices, operations, and technology. Technology and Innovation Partner with IT and digital teams to integrate security into technology architecture and workflows. Evaluate and implement advanced security tools, automation, and analytics for proactive threat management. Stay current with emerging threats, trends, and technologies in cybersecurity and the entertainment industry. Qualifications Bachelor's degree in Computer Science, Information Security, or a related field. 5+ years of progressive experience in information security. Proven experience supporting enterprise security programs, preferably in media, entertainment, or technology environments. Strong knowledge of cloud security, identity and access management, and data loss prevention. Strong knowledge of Conditional Access Policies and Device Compliance in Microsoft Entra ID. Experience implementing and managing SSO and SCIM configurations. Familiarity managing PAM solutions like Microsoft Privileged Identity Management. Strong programming (Python) and/or scripting skills (PowerShell/Bash) Familiarity with common device management tools like Intune, Jamf, Mosyle, Addigy, etc. Professional certifications such as Security +, Network +, CISSP, CCSP or CASP, or similar highly desired. Excellent communication and stakeholder management skills - able to translate complex technical risks into clear business implications. The base salary range for this role is $120,000 - $150,000 depending upon experience.Our offices are located in Westwood Village, Los Angeles, CA. Employees work in the office Monday through Thursday and from home on Fridays. We offer a very competitive benefits package, annual bonus, and a creative and dynamic working environment. We are a fully vaccinated workforce. Successful candidates will be required to show proof of being vaccinated against COVID-19. You are up to date when you have received a two-dose series and a booster, or a single dose series and a booster. Reasonable accommodations will be considered on a case-by-case basis for exemptions to this requirement in accordance with applicable law. Disclaimer: This job description only provides an overview of job responsibilities that are subject to change. We are an Equal Opportunity Employer

Job Description Forhyre is seeking a talented individual that will be able to provide security architecture support and interface across the program as needed. This support includes, but is not limited to, cybersecurity solutions, providing technical strategy for solutions, guidance, policy, and implementations. The successful candidate for this position is a highly motivated individual, with a strong IT security background who excels integrating, operating, and deploying security technology and solutions and interacts well with both internal teams and clients. Note: U.S. citizens and those authorized to work in the U.S. are encouraged to apply. We are unable to sponsor at this time. Responsibilities: Engineer, implement and monitor security measures for the protection of computer systems, networks and information Develop and implement security policies and controls to support the Cyber Security framework Manage the existing cyber security training program across global, multilingual business Assists in ensuring global Information security program meets all industry regulations, standards, and compliance requirements Drive adoption of infrastructure security best practices and work with Information Technology teams to ensure security standards are maintained Implement technology to proactively scan Information Technology environment for security breaches and suspicious activity Continuous improvement in the areas of Information Security technologies, techniques and processes Develops and maintains an effective system for the distribution of regular key performance indicator reports and dashboard Ability to interpret penetration test results and describe issues and fixes to non-security expert Responsible for leading an accurate & comprehensive status reporting to the executive steering committee Create and implement SOP/ process improvement initiatives to achieve outcomes that align or exceed the expectations of strategic roadmap Skills & Experience Bachelor's degree and 12+ years of experience; additional years of directly applicable experience may be accepted in lieu of a degree. Certified Information Systems Security Professional (CISSP) 8+ years hands-on experience designing or implementing security solutions, including all related documentation and artifacts Analytical ability, problem-solving skills, and ability to break down complex problems into actionable steps Extensive experience in design and development of enterprise security architectures. Experience must include a wide range of work in creating diagrams and documentation with all components that comprise IT systems including network topology. Strong knowledge and experience in secure enterprise architecture design, especially with regard to IAM, NDR, EDR, SIEM, AI/ML, and other cybersecurity tools and resultant applications Experience selecting effective methods, techniques, and evaluation criteria to achieve desired outcomes Previous experience developing architectures, strategies, strategic plans, roadmaps, and technical standards for the federal IT enterprise environment. Vulnerability Assessment testing and/or Penetration Testing (preferred) Robotic Process Automation/Intelligent Automation (preferred) Business case development supporting security technology solutions (preferred) Additional certifications demonstrating cybersecurity/technical mastery (preferred)

THE COMPANY Silvus Technologies is dedicated to one mission: connecting those who keep us safe. We do so by delivering the most advanced Mobile Ad-hoc Network (MANET) radios powered by our custom and ever-evolving Mobile-Networked MIMO waveform. Together, our radios and waveform provide the vital communications for mission critical applications in the harshest environments from underground tunnels to high altitude balloons. Silvus StreamCaster radios are being rapidly adopted by customers all over the world ranging from the U.S Departments of Defense, to International, Federal, State and Local Law Enforcement agencies, all the way to the Super Bowl, Grammys and industry-leading drone, robot, and other unmanned systems manufacturers. Wouldn't you like to join an incredibly talented group of people, doing very challenging work, with the prime directive of “ Keeping Our Heroes Connected ”? Silvus' rapid growth is fueled by a focus on research and innovation and a team of the most passionate, skilled, and creative thinking individuals. If you are looking for a challenging experience, you owe it to yourself to learn how Silvus can provide a rewarding opportunity that creates a pathway to a fulfilling career. THE OPPORTUNITY Silvus is seeking a Linux System and Security Analyst to analyze, troubleshoot, automate, and conduct CyberSecurity activities based on Cybersecurity Maturity Model Certification (CMMC) and maintain the company's IT infrastructure. The position will exercise full ownership and decision-making authority over the resolution of end-user technical challenges, including hardware failures and software anomalies. This position's primary duty is to perform high-level systems analysis, security architecture, and risk assessment in support of organizational objectives. This includes exercising discretion and independent judgment on matters of significance to company-wide IT security and compliance. This position requires a DCSA clearance to be obtained within 12 months of employment. This position is fully onsite, Monday through Friday at Silvus Technologies' HQ in the heart of vibrant West Los Angeles. The following is a list of at least some of the current essential job functions of the position. Management may assign or reassign duties and responsibilities at any time at its discretion. ROLE AND RESPONSIBILITIES Act as the primary technical advisor for diagnosing and resolving complex infrastructure issues, with autonomy to escalate or implement system-level changes to maintain Production department continuity. Responsible for evaluating risks, designing secure systems in compliance with Cybersecurity Maturity Model Certification (CMMC) standards, and making strategic recommendations. Provide Linux and Windows system desktop and server support, as well as network administration for the entire company based on the NIST CyberSecurity Framework. For individuals with Security Clearance, apply Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIG) to secure and maintain IT infrastructure, providing the necessary documentation and technical support required for continuous Authorization to Operate (ATO). Responsible for Automated Deployment and monitoring of computer systems. Oversee the planning and implementation of hardware lifecycle management for Windows and Linus-based servers and VMs. Support vulnerability and patch management processes, ensuring all Linux vulnerabilities are remediated in accordance with NIST CyberSecurity Framework. Support Engineering and R&D teams to ensure strict IT compliance with the CMMC framework, specifically with security controls. This role is critical in protecting Controlled Unclassified Information (CUI) and maintaining our accredited environment. Develop and maintain documentation related to the company's IT infrastructure and support processes. Oversee the governance and accuracy of the company's hardware and software asset inventory, ensuring appropriate lifecycle management and compliance with security and audit requirements. May occasionally require on-call coverage overnight, on weekends, and on holidays. Perform other related duties of which the above are representative. REQUIRED QUALIFICATIONS Bachelor's degree or equivalent in an IT-related field. 3 years of Linux-related work experience. Experience with installing, troubleshooting, and/or maintaining Linux-based software and hardware installations. Fluency in Linux CLI, TCP/IP, LAN/VLAN Networking, Patch Management, and Backup. Highly proficient in Google Suite and MS Office (Excel, Word, PowerPoint). Strong interpersonal skills with a positive and enthusiastic attitude. Demonstrated ability to operate as a team member, supporting departmental decisions, policies, and procedures with a positive and communicative attitude with company colleagues. Must be a U.S. Citizen due to clients under U.S. government contracts. Must be able to obtain DCSA clearance within 12 months of employment. All employment is contingent upon the successful clearance of a background check. PREFERRED KNOWLEDGE, SKILLS AND ABILITIES Prior experience in a fast-paced office environment is a plus. WORKING CONDITIONS & PHYSICAL REQUIREMENTS Office environment. Occasional exposure to heat, cold, and allergens while performing tests or demonstrations in the field. While performing the duties of this job, the employee is required to do the following: Perform bending and reaching movements to place items on lower and higher shelves. Kneeling or squatting to access lower shelves. Must be able to lift up to 50 lbs. Walking/Moving in the labs. COMPENSATION The pay range is NOT a guarantee. It is based on market research and peer data, and will vary depending on the candidate's experience and qualifications. CA Pay Range$80,000-$90,000 USD NOTE - As a U.S. Federal Contractor, Silvus Technologies requires that ALL candidates being considered for employment for any position (regardless of level) MUST be a U.S. Person (permanent resident or citizen). Stricter U.S. Citizen ONLY requirements are needed for some Engineering or R&D roles. This generally does NOT apply to International positions; only job postings for positions located in the U.S. Exceptions will be included in the Required Qualifications section of the posted position. All Employment is contingent upon the successful clearance of a background check. Silvus is proud to be an equal-opportunity employer, and we value diversity. We do not discriminate on the basis of race, color, age, religion or belief, ancestry, national origin, sex (including pregnancy), sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, physical or mental disability, protected veteran status, genetic information, political affiliation, or any other factor protected by applicable federal, state, or local laws. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive benefits and privileges of employment. Please contact us to request accommodation. *Silvus does not accept unsolicited resumes from individual recruiters or third-party recruiting agencies in response to job postings. No fee will be paid to third parties who submit unsolicited candidates directly to Silvus Technologies.

At Disney, we're storytellers. We make the impossible, possible. The Walt Disney Company is a world-class entertainment and technological leader. Walt's passion was to continuously envision new ways to move audiences around the world-a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences - and we're constantly looking for new ways to enhance these exciting experiences. The Enterprise Technology mission is to deliver technology solutions that align to business strategies while enabling enterprise efficiency and promoting cross-company collaborative innovation. Our group drives competitive advantage by enhancing our consumer experiences, enabling business growth, and advancing operational excellence. The Global Information Security (GIS) organization strives to secure the magic by employing best-in-class services to assess, prevent, detect, and respond to cyber threats that present risk to The Walt Disney Company. We enable the business by combining enterprise and business segment supported services to create a robust, efficient, and adaptable cyber security program for The Walt Disney Company. Our objectives are: + Secure the Magic by protecting information systems and platforms within TWDC + Reduce Risk by proactively assess, prevent, and detect to prevent harm to TWDC and our guests + Enable the business through optimizing execution, application, and technology used to protect TWDC + Innovate! We strive to strategically invest in building core capabilities to advance operational efficacy **Team Description:** We are defenders of the magic, waging an epic battle to safeguard our franchises, protect our people, and ensure the world's most admired entertainment company is not disrupted by cybersecurity threats. We are partners in protecting Disney's highly respected Disney Entertainment portfolio, including ESPN, Disney+, Hulu, and ABC. The GIS Disney Entertainment ISO team are seeking a highly skilled and experienced PCI Lead to join our team. The ideal candidate will possess a deep understanding of PCI Data Security Standard (DSS) requirements, compliance frameworks, and industry best practices. This role requires a strong technical background, excellent communication skills, and the ability to translate complex technical information into clear and concise language for both technical and non-technical audiences. **Responsibilities Of Role:** + Provide in-depth expertise on PCI standards, requirements, and compliance methodologies. + Conduct PCI DSS assessments and gap analysis to identify compliance gaps and develop remediation plans. + Develop and implement PCI compliance programs, policies, and procedures. + Provide guidance on PCI DSS scoping and segmentation. + Manage the relationship and be the Disney Entertainment liaison to the Qualified Security Assessor. + Partner with leadership to manage, mature, and maintain the PCI-DSS compliance program. + Responsible for providing subject matter expertise in PCI compliance requirements and working with all relevant departments to coordinate the gathering, approval and storage of PCI evidence that will be used as input to the PCI Report on Compliance and Self Assessment Questionnaire. + Develop and deliver PCI status reports, proposals, and requirements documentation to senior leadership and key stakeholders on an established frequency (daily, weekly, or monthly as required or needed) - produce executive reports on the projects and keep leadership apprised of project changes and milestone delays. + Support incident response activities related to PCI DSS compliance. + Maintain up-to-date knowledge of PCI DSS changes and industry best practices. + Develop and deliver project reports, proposals, and requirements documentation to senior leadership and key stakeholders on an established frequency (daily, weekly, or monthly as required or needed) - produce executive reports on the projects and keep leadership apprised of project changes and milestone delays. + Support other Disney Entertainment Compliance programs (e.g. SOX ITGC, ISO 27001) as needed **Must-Haves:** + Minimum of 5 years of related work experience + Proven experience as a PCI DSS SME with a deep understanding of PCI 4.0 standards. + Strong technical background in information security, networking, and systems administration. + Certified Information Security Professional (CISSP) or equivalent certification preferred. + Excellent written and verbal communication skills. + Ability to work independently and as part of a team. + Strong analytical and problem-solving skills. + Experience with PCI DSS assessment tools and methodologies. + Must be a strong communicator to technical and non-technical audiences including developers, architects, customers, business analysts and tech operators. + Highly organized and efficient. Proven ability to manage multiple projects at a given time. **Nice-To-Haves:** + Proven experience with PCI DSS scoping and segmentation. + Experience with compliance frameworks (e.g., ISO 27001, NIST Cybersecurity Framework, SOX ITGC). + Understanding of cloud security and virtualization technologies. **Education:** + Bachelor's degree in Computer Science, Information Systems, Software, Electrical or Electronics Engineering, or comparable field of study, and/or equivalent work experience \#DISNEYTECH The hiring range for this position in Glendale, California; Santa Monica, California; and Burbank, California is $117,500 - $157,500 per year. The base pay actually offered will take into account internal equity and also may vary depending on the candidate's geographic region, job-related knowledge, skills, and experience among other factors. A bonus and/or long-term incentive units may be provided as part of the compensation package, in addition to the full range of medical, financial, and/or other benefits, dependent on the level and position offered. **Job ID:** 10127776 **Location:** Burbank,California **Job Posting Company:** The Walt Disney Company (Corporate) The Walt Disney Company and its Affiliated Companies are Equal Employment Opportunity employers and welcome all job seekers including individuals with disabilities and veterans with disabilities. If you have a disability and believe you need a reasonable accommodation in order to search for a job opening or apply for a position, email Candidate.Accommodations@Disney.com with your request. This email address is not for general employment inquiries or correspondence. We will only respond to those requests that are related to the accessibility of the online application system due to a disability.

We are seeking a highly motivated and experienced Information Security Cloud Engineer to join our dynamic security team. This critical role will focus on building and maintaining robust data ingestion pipelines into our AWS Data Lake, primarily leveraging Fluent Bit, while also developing and implementing security solutions centered around Cortex XSOAR. The ideal candidate will possess a deep understanding of data ingestion methodologies, AWS Data Lake architecture, security automation, and SIEM technologies. You will be instrumental in ensuring the secure and efficient collection and processing of security-relevant data to proactively detect and respond to threats.Responsibilities: + Data Ingestion (Fluent Bit & AWS Security Data Lake): + Architect, implement, and manage scalable and reliable data ingestion pipelines from various sources into the AWS Data Lake using Fluent Bit/App Fabric etc. + Design and configure Fluent Bit agents for efficient log collection, parsing, and routing. + Troubleshoot and optimize data ingestion pipelines for performance and reliability. + Implement data transformation and enrichment processes during ingestion. + Ensure data integrity and quality throughout the ingestion process. + Security Data Lake (AWS): + Design and implement robust security controls for our AWS Data Lake environment. + Develop and enforce data access policies and encryption standards within the data lake. + Monitor data lake activity for security threats and unauthorized access using AWS security services. + Conduct security assessments and participate in hardening the data lake infrastructure. + SOAR (Cortex XSOAR) Operations: + Design, develop, and maintain security automation playbooks using Cortex XSOAR, leveraging data from the AWS Data Lake and other sources. + Integrate various security tools and platforms with Cortex XSOAR to automate incident response workflows triggered by data lake analytics. + Troubleshoot and optimize existing SOAR playbooks to improve efficiency and effectiveness based on data lake insights. + Develop and maintain custom integrations and scripts as needed. + Use Case Development: + Collaborate with security analysts and incident responders to identify and develop new security use cases that leverage the rich data within the AWS Data Lake. + Translate security requirements into actionable playbooks, dashboards, and alerts, with a focus on data lake-driven insights. + Document and maintain security use case documentation, emphasizing data sources and ingestion methods. + Research and stay up to date on new attack vectors and develop data lake-centric use cases to detect them. + Incident Response: + Assist in the investigation and remediation of security incidents, utilizing data lake logs and analytics. + Provide technical expertise during security incident analysis, focusing on data lake-related events. + Collaboration and Communication: + Work closely with cross-functional teams, including data engineers, security analysts, and developers, on data ingestion and security initiatives. + Communicate security findings and recommendations, especially those related to data lake security and ingestion, to stakeholders. + Provide training and support to other team members on data ingestion processes and security tools. Requirements: + Experience: + Minimum of 4-6 years of experience in information security. + Significant hands-on experience designing, implementing, and managing data ingestion pipelines, with a strong emphasis on Fluent Bit. + Proven experience working with AWS Data Lake architecture and related services (e.g., S3, IAM, Glue, Athena). + Experience with Cortex XSOAR or other SOAR platforms. + Strong experience with Splunk or other SIEM tools. + Deep understanding of data lake security best practices on AWS. + Proficient in scripting languages (e.g., Python, Shell scripting). + Experience with infrastructure-as-code (IaC) tools like Terraform or CloudFormation is a plus. + Skills: + Strong understanding of data ingestion methodologies and best practices. + Excellent analytical and problem-solving skills, particularly in troubleshooting data pipelines. + Solid understanding of security principles and practices. + Ability to work independently and as part of a team. + Strong communication and interpersonal skills. + Knowledge of common attack frameworks like MITRE ATT&CK. + Education: Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience). + Certifications (Preferred): + AWS Certified Data Analytics - Specialty + AWS Certified Security - Specialty + AWS Certified Data Engineer Sony Pictures Entertainment is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, national origin, disability, veteran status, age, sexual orientation, gender identity, or other protected characteristics. To request an accommodation for purposes of participating in the hiring process, you may contact us at SPE_Accommodation_Assistance@spe.sony.com.

Darktrace is a global leader in AI for cybersecurity that keeps organizations ahead of the changing threat landscape every day. Founded in 2013, Darktrace provides the essential cybersecurity platform protecting nearly 10,000 organizations from unknown threats using its proprietary AI. The Darktrace Active AI Security Platform™ delivers a proactive approach to cyber resilience to secure the business across the entire digital estate - from network to cloud to email. Breakthrough innovations from our R&D teams have resulted in over 200 patent applications filed. Darktrace's platform and services are supported by over 2,400 employees around the world. To learn more, visit ************************* Job Description: Launch Your Cybersecurity Career with Darktrace! Are you detail-oriented, curious, and ready to make an impact? Darktrace is hiring entry-level Cyber Security Analysts to join our team of experts protecting businesses from cyber threats. You'll receive full training, work with cutting-edge AI technology, and gain hands-on experience in a fast-paced environment. About the Role As a Cyber Security Analyst at Darktrace, you will play a critical role in safeguarding our customers' digital environments. You'll analyze technical data, identify potential threats, and provide actionable insights to ensure peace of mind for our clients. This role combines investigative work, report writing, customer interaction, consultancy, threat intelligence and technical problem-solving in a fast-paced Security Operations focused environment. Please Note: This role is Hybrid. 3 days in office. Key Responsibilities Investigate alerts and network traffic using the Darktrace platform and supporting tools. Draft clear, technical reports for customers on identified threats and recommended actions. Assist in assessing risks and implementing basic security measures. Identify emerging threat trends and analyze campaigns across customer environments. Respond to customer inquiries via email or chat with concise, accurate information. Collaborate with team members to share strategies and best practices. Contribute to internal and external knowledge sharing, including technical blog posts. Stay current on cybersecurity trends and developments. Support customers in adopting and optimizing the Darktrace platform through consultancy efforts. Maintain strict standards for data security and confidentiality. Qualifications & Skills Strong attention to detail and analytical thinking. Ability to work independently and as part of a team. Excellent written and verbal communication skills. Organizational skills to manage multiple tasks and meet deadlines. Basic understanding of cybersecurity principles and incident response. Problem-solving mindset with the ability to break down complex issues. Preferred Experience Familiarity with network protocols and security concepts. Technical writing or reporting experience. Bachelor's degree in Cybersecurity, Computer Science, or related field (or equivalent experience). Fluent in Spanish and/or Portuguese, capable of technical writing and delivery of consultancy service in language a plus What We Offer Comprehensive training and ongoing professional development. Opportunities for career growth in a rapidly expanding industry. Collaborative, inclusive work environment. Base $75k-$85k. Final offer will be determined based on years of experience and location. Benefits: 100% medical, dental and vision insurance, plus dependents Paid parental leave Pet insurance Discount Life insurance Commuter benefits 401(k) Employee Assistance Program

At EY, we're all in to shape your future with confidence. We'll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world. The opportunity As application senior security specialist for the Security Certification Team, candidate will be resposible to conduct application vulnerability assessment and penetration testing of EY applications before they move into production and support the team to meet overall security certification goals and client requirements. Your key responsibilities Capable of conducting application & network penetration testing and vulnerability assessments Preparing detailed security review reports and remediation guidances Researching new application security vulnerabilities and attack vectors Leading strategic initiatives and mentoring new team members Support the team in updating their skill and knowledge Skills and attributes for success Hands on experience of Web, thick client, Mobile, VOIP, Wireless application security testing. Proficient in automated and manual application testing methodologies. Expert in using manual testing tools such as Burp Professional, Nmap, Wireshark, Nessus, echomirage. Expert in using automated application scan tool Webinspect / Qualys WAS, CheckMarx, WhiteSource etc.. Basic Knowledge of programming language like C/C++, C#, JAVA, ASP.NET and familiar with PERL/Python Scripting. Familiar with OWASP and Secure SDLC standards Knowledge of common security requirements within ASP.NET & Java application Good Knowledge of TCP/IP, Network Security. Knowledge / experience on code review Good Technical aptitude, problem solving and ability to quickly learn and master new topics and domains. Excellent communication skills; written and verbal. Supervision Responsibilities:None Other Requirements:Flexible work environment Education: Bachelor's degree in a technical discipline such as Engineering or Computer Science or equivalent work experience in IT and Information Security. Experience: 4 - 6 yrs. experience in application security assessment Hands on experience of Web, thick client, Mobile Application security reviews. Exposure and good understanding of the various manual testing methodologies. Certification Requirements: Desirable: IT security Certifications (CEH. ECSA, OSCP etc..). What we offer you At EY, we'll develop you with future-focused skills and equip you with world-class experiences. We'll empower you in a flexible environment, and fuel you and your extraordinary talents in a diverse and inclusive culture of globally connected teams. Learn more. We offer a comprehensive compensation and benefits package where you'll be rewarded based on your performance and recognized for the value you bring to the business. The base salary range for this job in all geographic locations in the US is $76,400 to $138,600. The base salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is $91,700 to $157,500. Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options. Join us in our team-led and leader-enabled hybrid model. Our expectation is for most people in external, client serving roles to work together in person 40-60% of the time over the course of an engagement, project or year. Under our flexible vacation policy, you'll decide how much vacation time you need based on your own personal circumstances. You'll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being. Are you ready to shape your future with confidence? Apply today. EY accepts applications for this position on an on-going basis. For those living in California, please click here for additional information. EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. EY | Building a better working world EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets. Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow. EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories. EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status, or any other legally protected basis, including arrest and conviction records, in accordance with applicable law. EY is committed to providing reasonable accommodation to qualified individuals with disabilities including veterans with disabilities. If you have a disability and either need assistance applying online or need to request an accommodation during any part of the application process, please call 1-800-EY-HELP3, select Option 2 for candidate related inquiries, then select Option 1 for candidate queries and finally select Option 2 for candidates with an inquiry which will route you to EY's Talent Shared Services Team (TSS) or email the TSS at **************************.

Project Description: This project entails providing cybersecurity staff augmentation services to Metro's Information Security Department for two years. The assigned resource will support various core functions within the department, focusing on enhancing security strategy, governance, risk assessments, and security operations. Flexibility in work schedules and locations is required. The project aims to bolster Metro's cybersecurity posture and adherence to industry best practices in the transportation sector. Key qualifications: Proficiency in Windows and Linux operating systems and their security aspects. Expertise in a wide range of security products, including modern solutions like cloud security, Zero Trust architectures, advanced threat protection, and AI-Driven security analytics. Deep understanding of Incident Response, Disaster Recovery, Business Continuity, and Breach Management. Knowledge of information systems engineering, secure software development, networks security, and security operations. Familiarity with security standards and framework suck as PCI DSS, ISO Standards, ITIL, NIST Cybersecurity Framework, CCPA, CPRA, and GDPR. Ability to review and create security procedures and requirements. In-depth knowledge of industry frameworks like ISO 27000, NIST 800-53, ITIL Foundation, and NIST Cybersecurity. Strong grasp of regulatory compliance requirements, including PCI DSS, HIPAA, GDPR, etc. Comprehensive knowledge of security risk and countermeasures for Windows and Linux platforms. Project Management skills and coordination capabilities. Experience in Public Transportation or Transit Industries preferred. Skills & Qualifications: Required CISSP Preferred Certifications: Microsoft Certification Azure Solutions Architect Expert, SANS GIAC, CEH-CCNA. Minimum ten (10) years of experience in cybersecurity, primarily focused on technical and Security Operations Center (SOC) functions. Expertise in User Behavior Analytics, Cybersecurity AI tools, SIEM, Endpoint Security, NextGen Firewalls, etc. Advanced knowledge of security applications, infrastructure, technologies, and methodologies. Up-to-Date understanding of the latest security advisories, alerts, and vulnerabilities relevant to Metro. Initiative and independent judgement within established guidelines. Ability to prioritize work processes and project effectively. Timely response to cybersecurity issues and incidents. Hybrid position: 30% home & 70% On Site Salary Range: $156,000 to $238,000 /Year

Job Description At Arete, we are on the forefront of utilizing innovative solutions, with great minds from all backgrounds, to help solve the nation's most complex security challenges. We strive for an inclusive, collaborative team environment that approaches differences as opportunities for innovation and excellence. As an employee-owned company, we foster an atmosphere that propels diverse career opportunities and professional growth. Discover your future with us. Arete is seeking an experienced Principal Industrial Security Analyst/CPSO. This is a multidisciplinary security position requiring an experienced and knowledgeable security professional to support Special Programs. The Contractor Program Security Officer (CPSO) is responsible for the execution and sustainment of comprehensive security programs for assigned efforts with contractually mandated security requirements that exceed standard NISPOM (32 CFR Part 117) compliance. The CPSO serves as a liaison to government security representatives, ensuring full alignment with DoD policy and directives while maintaining a proactive and audit-ready security posture across all assigned programs. This position is based at our Northridge, CA office and is an exempt, non-supervisory, full-time position. Key Responsibilities: Serve as the Contractor Program Security Officer (CPSO) ensuring full compliance with DoD security requirements as outlined in DoDM 5205.07 Volumes. Interpret and apply policy guidance and security classification guides (SCGs) to ensure continued DoD compliance-driven security practices across all program elements. As a member of the Security team, you will support all aspects of program security administration, including Personnel Security (PERSEC), Security Education, Training, and Awareness (SETA), Operations Security (OPSEC), document control/inventories, visitor control, supporting hosted program meetings, etc. in coordination with internal and external stakeholders. Ensure timely submission and management of program access requests (PARs), nomination packages, and eligibility actions within DISS and other applicable systems as directed by Program Management. Conduct indoctrinations, debriefings, and security training for program personnel in accordance with government directives. Accomplish and retain Lead Trainer status. In coordination with the Contractor Program Security Manager (CPSM) and other security team members review program-specific documentation as required, (e.g., Standard Operating Procedures (SOP), Fixed Facility Checklists (FFC), Emergency Action Plan (EAP), Concept of Operations (ConOps), Media Control Plan, etc. Prepare for and support government security reviews, inspections, audits, and self-inspections. Implement corrective actions and maintain a state of readiness. Support secure facility operations in accordance with ICD 705 requirements, including alarm monitoring, guard testing, UL2050 inspections, TEMPEST compliance, etc. Track and report security incidents, conduct preliminary inquiries, and support investigations in conjunction with the Security Manager and government sponsors. Assist with the review and approval of technical documents, ensuring proper classification markings and adherence to security classification guidance. Demonstrate proficiency with/utilize specific databases to determine personnel eligibility to access classified information - DISS, JADE, Enterprise Security Systems (SIMS), and other databases and record-keeping repositories. Interface with government customers, contractors, employees, and all levels of management. Responsible for the daily handling of Personally Identifiable Information (PII), Controlled Unclassified Information (CUI), and clearance-related data in compliance with the Privacy Act and DoD policies; must demonstrate discretion and sound judgment in the protection and management of sensitive information. Maintain proficiency and currency in security policy and operational practices through continuous training and engagement with the security community. Additional Responsibilities: Support after-hours and emergency response activities related to alarms or ICD705 construction. Assist with enforcement of prohibited electronic device (PED) policies and perform entry/exit inspections as required. Support additional security tasks or projects as assigned by the CPSM. We have an impressive range of benefits, programs, and perks that we offer: Health & Wellness: Medical, Dental & Vision Insurance Life and Long-Term Disability (LTD) Vision Reimbursement Fitness Reimbursement Financial: 401(k) Retirement Plan Contributions Employee Stock Ownership Plan (ESOP) Continuing Education Assistance Work-Life Balance: Flexible Scheduling Paid Time Off (PTO) Paid Parental and Bereavement Leave What We Value: Creativity and innovation in solving challenges Integrity and responsibility in all actions Collaboration across teams and specialties Responsiveness in fast-paced environments Passion for national security and excellence Experiences and Background We Look For: U.S. Citizenship and active Top-Secret clearance required; must be eligible to obtain and maintain a TS/SCI with polygraph. Minimum of 10 years of progressively responsible experience in Program Security, Physical Security, and direct support as a CPSO/CSSO, including extensive experience managing Special Access Programs (SAPs) in compliance with DoD, NISPOM, and ICD requirements. Individual must be reliable, dependable and trustworthy. Excellent verbal and written communication skills are critical. Must be able to prioritize assignments, manage multiple tasks simultaneously, and work well under deadlines with minimal supervision, often in fast-paced environments requiring quick turnaround. Proficient in Windows 10 and Microsoft Office Suite, to include: Microsoft Word, PowerPoint, Excel and Outlook. Strong interpersonal and communication skills, with a collaborative mindset is essential. Must be able to walk, stand, and sit for extended periods as part of routine facility inspections and escort duties. Comfortable working at elevated heights or in construction areas with PPE (e.g., hard hats, gloves, safety glasses). 6-month probationary period may apply. Must be willing and able to travel (10-15%) as needed for assessments or inspections at other Arete sites. Nice to have: FSO training certificate COMSEC Custodian certificate or experience required. Complete IAEC-2112 COMSEC Training Course six months after being appointed as Alternate COMSEC Account Manager Courier preparation procedures Experience developing and implementing OPSEC plans Knowledge of Access Control and Intrusion Detection Systems Experience conducting Security incident inquiries Resourceful in solving problems and capitalizing on opportunities Professional Certifications/Affiliations The salary range for this role is $90,000/yr to $140,000/yr; however, Arete considers several factors when extending an offer of employment, including but not limited to: the position and associated responsibilities, a candidate's work experience, education/training, and key skills. Other Considerations Areté is committed to the principles of equal employment opportunity and nondiscrimination, and we believe every person has the right to be treated with fairness, dignity, and equal consideration. Areté is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender identity, marital status, national origin, age, veteran status, disability, or any other characteristic protected by applicable federal, state, or local law. U.S. citizenship is required to meet position eligibility. Successful passage of a criminal background screen is required to meet position eligibility. Selected applicants will be subject to a government security investigation and must meet eligibility requirements for access to classified information. Areté will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of the Los Angeles Fair Chance Initiative for Hiring. Successful passage of a Department of Transportation (DOT) drug test is required to meet position eligibility. If you are a qualified individual with a disability or a disabled veteran, you have the right to request an accommodation if you are unable or limited in your ability to use or access our website because of your disability. To request an accommodation, please contact Areté Human Resources at ************ for assistance.

Job DescriptionISSOEmployment Type: Full-Time, Experienced Department: Information Technology CGS is seeking an Information Systems Security Officer (ISSO) with DIACAP and/or RMF experience who has deep expertise in security assessment documentation to support Dept. of Commerce systems and efforts to achieve their Authorization to Operate (ATO). This position is located at the client site in the Herbert Hoover building in Washington, DC. The scope of this position includes full life-cycle Assessment and Authorization (A&A) management through all 6 Steps of the RMF process in support of the Government ISSM.In this role, you'll conduct security assessment, and information system security oversight activities in accordance with NIST 800.53 that support systems from the perspective RMF requirements. CGS brings motivated, highly skilled, and creative people together to solve the government's most dynamic problems with cutting-edge technology. To carry out our mission, we are seeking candidates who are excited to contribute to government innovation, appreciate collaboration, and can anticipate the needs of others. Here at CGS, we offer an environment in which our employees feel supported, and we encourage professional growth through various learning opportunities. Skills and attributes for success:- Review systems to identify potential security weaknesses and recommend improvements to amend vulnerabilities, implement changes, and document upgrades. - Maintain responsibility for managing cybersecurity risk from an organizational perspective. - Identify organizational risks, prioritize those risks, and maintain a risk registry for escalating and presenting those risks to senior leadership.- Provide security guidance and IS validation using the National Institute of Standards and Technology (NIST) RMF, DoC, and local security policies.- Providing configuration management (CM) recommendations for information system security software, hardware, and firmware and coordinating changes and modifications with the ISSM, Security Control Assessor (SCA), and Authorizing Official (AO).- Maintain vulnerability scanning tool compliance, such as HBSS or ACAS, and patch management, such as IAVM to ensure IT staff pushes patches to all systems in an effort to maintain compliance with all applicable directives, manage system changes, and assess the security impact of those changes.- Support security authorization activities, including transitioning from the legacy Information Assurance Certification and Accreditation Process (DIACAP) to compliance with the DoC RMF.- Provide subject matter expertise for cyber security and trusted system technology. - Apply advanced technical knowledge and analysis of specialized functional areas in task requirements to develop solutions to complex problems.- Research, write, review, disposition feedback, and finalize recommendations regarding cyber security policy, assessment and authorization assessments (A&As), security test and evaluation reports, and security engineering practices and processes. - Conduct research and write risk assessment reports to include risk thresholds, evaluation, and scoring.- Support analysis of the findings and provide expert technical guidance for mitigation strategies, including implementation advice on the cyber security risk findings, and other complex problems. Qualifications:- Bachelor's Degree.- A minimum of five (5) years experience as an Information Assurance (IA) Analyst, ISSE, ISSO, or similar role in ATO package development, including generating security documentation for requirements, security control assessment, STIG and IAVA compliance, Standard Operating Procedures, test results, etc.- eMASS experience.- Professional security certification such as: CCNA Security, CySA+, GICSP, GSEC, CompTIA Security+ CE, SSCP, or higher.- Strong desktop publishing skills using Microsoft Word and Excel.- Experience with industry writing styles such as grammar, sentence form, and structure.- Ability to multi-task in a deadline-oriented environment. Ideally, you will also have:- CISSP, CASP, or a similar certificate is preferred.- Master's Degree in Cybersecurity or related field.- Strong initiative, detail orientation, organizational skills, and aptitude for analytical thinking.- Demonstrated ability to work well independently and as a part of a team.- Excellent work ethic and a high commitment to quality. Our Commitment:Contact Government Services (CGS) strives to simplify and enhance government bureaucracy through the optimization of human, technical, and financial resources. We combine cutting-edge technology with world-class personnel to deliver customized solutions that fit our client's specific needs. We are committed to solving the most challenging and dynamic problems. For the past seven years, we've been growing our government contracting portfolio, and along the way, we've created valuable partnerships by demonstrating a commitment to honesty, professionalism, and quality work. Here at CGS we value honesty through hard work and self-awareness, professionalism in all we do, and to deliver the best quality to our consumers mending those relations for years to come. We care about our employees. Therefore, we offer a comprehensive benefits package.Health, Dental, and VisionLife Insurance 401k Flexible Spending Account (Health, Dependent Care, and Commuter) Paid Time Off and Observance of State/Federal Holidays Contact Government Services, LLC is an Equal Opportunity Employer. Applicants will be considered without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Join our team and become part of government innovation!Explore additional job opportunities with CGS on our Job Board:**************************************** more information about CGS please visit: ************************** or contact:Email: ******************* #CJ We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

Who You'll Work With As a modern technology company, our Slalom Technologists are disrupting the market and bringing to life the art of the possible for our clients. We have passion for building strategies, solutions, and creative products to help our clients solve their most complex and interesting business problems. We surround our technologists with interesting challenges, innovative minds, and emerging technologies As a Consultant or Senior Consultant, you will collaborate with cross-functional teams, including IT, security, and business units, to design and implement Google Cloud-based application innovation solutions. You will work alongside experienced cloud architects, data scientists, and other specialists, ensuring the successful delivery of scalable, cloud-native applications and AI-powered solutions. What You'll Do * Stay current with security trends, technologies, and best practices around Google Cloud solutions, leveraging tools like Cloud IAM, Cloud Security Command Center, BeyondCorp, and Cloud Armor. * Define and guide transformational security strategies for Google Cloud environments, ensuring alignment with Google's Zero Trust and BeyondCorp principles. * Translate complex regulatory requirements (e.g., GDPR, SOC 2, HIPAA) and technology standards into actionable functional and technical requirements for cloud and hybrid environments, ensuring security and compliance. * Lead teams through various phases of gap analyses, including security assessments, remediation planning, roadmap development, and implementation of remediation actions using Google Cloud-native tools. * Deliver on the vision, architecture, execution, and quality assurance of security projects on Google Cloud, driving initiatives that secure enterprise workloads and data. * Guide stakeholders and senior leaders on aligning security solutions with broader business goals, ensuring the architecture follows Google Cloud's security best practices and roadmap. * Establish security architecture patterns based on Google Cloud security frameworks and industry standards to meet the unique needs of enterprise clients. * Collaborate with other Google Cloud architects and security teams to continuously improve security knowledge assets and best practices, ensuring the most effective security solutions for clients. * Design and architect solutions to secure Generative AI models and applications against adversarial attacks, prompt injection, and their potential misuse for malicious cyber activities. What You'll Bring * Proven experience with Google Cloud security architecture, with hands-on experience in tools like Cloud IAM, VPC Service Controls, Cloud DLP, and Cloud Armor. * Strong background in defining and implementing Zero Trust and BeyondCorp security models within Google Cloud environments. * Familiarity or direct experience with Identity and Access Management (IAM), Data Protection, Vulnerability Management, and Cloud Security solutions in Google Cloud. * Extensive experience with security design patterns specific to Google Cloud, as well as hybrid and multi-cloud security architecture. * Experience in security and risk advisory consulting, particularly related to cloud security transformations. * Ability to lead the development and implementation of cloud security roadmaps aligned with business goals and compliance needs. * Familiarity with Google Cloud's Artificial Intelligence (AI) capabilities (e.g., Vertex AI, Generative AI services, Model Armor) including their applications, associated security risks (e.g., prompt injection, data poisoning, privacy concerns), and proven strategies for implementing security controls, governance, and responsible AI practices. * Relevant certifications are strongly desired, including (but not limited to): * GCP Professional Security Engineer * GCP Professional Cloud Architect * CISSP * Security+ About Us Slalom is a fiercely human business and technology consulting company that leads with outcomes to bring more value, in all ways, always. From strategy through delivery, our agile teams across 52 offices in 12 countries collaborate with clients to bring powerful customer experiences, innovative ways of working, and new products and services to life. We are trusted by leaders across the Global 1000, many successful enterprise and mid-market companies, and 500+ public sector organizations to improve operations, drive growth, and create value. At Slalom, we believe that together, we can move faster, dream bigger, and build better tomorrows for all. Compensation and Benefits Slalom prides itself on helping team members thrive in their work and life. As a result, Slalom is proud to invest in benefits that include meaningful time off and paid holidays, parental leave, 401(k) with a match, a range of choices for highly subsidized health, dental, & vision coverage, adoption and fertility assistance, and short/long-term disability. We also offer yearly $350 reimbursement account for any well-being-related expenses, as well as discounted home, auto, and pet insurance. Slalom is committed to fair and equitable compensation practices. For this position the base salary pay ranges are listed below. In addition, individuals may be eligible for an annual discretionary bonus. Actual compensation will depend upon an individual's skills, experience, qualifications, location, and other relevant factors. The salary pay range is subject to change and may be modified at any time. East Bay, San Francisco, Silicon Valley: * Consultant: $120,000-$177,000 * Senior Consultant: $140,000-$203,000 San Diego, Los Angeles, Orange County, Seattle, Houston, New Jersey, New York City, Westchester, Boston, Washington DC: * Consultant: $110,000-$162,000 * Senior Consultant: $130,000-$186,000 All other locations: * Consultant: $105,000-$148,000 * Senior Consultant: $115,000-$171,000 EEO and Accommodations Slalom is an equal opportunity employer and is committed to inclusion, diversity, and equity in the workplace. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veterans' status, or any other characteristic protected by federal, state, or local laws. Slalom will also consider qualified applications with criminal histories, consistent with legal requirements. Slalom welcomes and encourages applications from individuals with disabilities. Reasonable accommodations are available for candidates during all aspects of the selection process. Please advise the talent acquisition team if you require accommodations during the interview process. We are accepting applications until 12/31.

Exciting Threat Intelligence Analyst / Security Analyst Tier II, 6 months, contract opportunity in Los Angeles, CA. Requirements 2 plus years of experience in tactical intelligence or intelligence analysis, or a related area. 3 plus years of experience in cyber security or related discipline. Understands the following concepts: confidence intervals, MITRE, kill chain, C2, passive DNS, traffic light protocol, and collections bias. Cyber Threat Intelligence Analyst will focus on technical analysis of threats in order to drive the collection, creation, and dissemination of indicators of compromise and indicators of attack. Ability to conduct open-source intelligence collection and analysis. Ability to produce intelligence products at the tactical, operational, and strategic levels. Familiarity with multiple threat intelligence types, sources, and methods of gathering/ obtaining information and data. Basic knowledge of open-source tools, such as Shodan, Maltego, PassiveTotal, and Virus Total. Good understanding of the intelligence lifecycle and associated analytic methodologies (Cyber Kill Chain, Diamond Model, ATT&CK, etc.). Triaging tactical reporting to focus on serious threats and/or those likely to be perceived as such Nice to have: GCTI: Cyber Threat Intelligence, CCTA: Certified Cyber Threat Analyst, CCIP: Certified Cyber Intelligence Professional

Job Description Exciting Threat Intelligence Analyst / Security Analyst Tier II, 6 months, contract opportunity in Los Angeles, CA. Requirements 2 plus years of experience in tactical intelligence or intelligence analysis, or a related area. 3 plus years of experience in cyber security or related discipline. Understands the following concepts: confidence intervals, MITRE, kill chain, C2, passive DNS, traffic light protocol, and collections bias. Cyber Threat Intelligence Analyst will focus on technical analysis of threats in order to drive the collection, creation, and dissemination of indicators of compromise and indicators of attack. Ability to conduct open-source intelligence collection and analysis. Ability to produce intelligence products at the tactical, operational, and strategic levels. Familiarity with multiple threat intelligence types, sources, and methods of gathering/ obtaining information and data. Basic knowledge of open-source tools, such as Shodan, Maltego, PassiveTotal, and Virus Total. Good understanding of the intelligence lifecycle and associated analytic methodologies (Cyber Kill Chain, Diamond Model, ATT&CK, etc.). Triaging tactical reporting to focus on serious threats and/or those likely to be perceived as such Nice to have: GCTI: Cyber Threat Intelligence, CCTA: Certified Cyber Threat Analyst, CCIP: Certified Cyber Intelligence Professional