Information security analyst jobs in New Providence, NJ

One of our clients is looking for a Data Security Analyst in New York, NY - 10172. This is a hybrid position and 6 month of contract with possible extension, offering $43/hour ona W2. About the Role Supports Data Loss Prevention and Data Security initiatives in the mission to protect sensitive data. Responsibilities Monitor alerts coming from data loss prevention technologies. Perform initial triage and escalation in accordance with internal processes. Draft playbooks/job aids for responsibilities. Partner with senior data loss prevention leaders to support incident validations. Provide feedback to technologists responsible for DLP policy tuning on the efficacy of rules. Prepare DLP program metrics for routine reporting. Support ad hoc data requests from DLP leadership. Qualifications Knowledge of Proofpoint, Microsoft Purview, and Island.io. Proficiency in Microsoft Excel, including pivot tables. Required Skills Strong attention to detail, inquisitive, analytical, and can pull together multiple data sources to formulate holistic pictures. Effective verbal and written communication skills and ability to work with cross-functional teams. Pay range and compensation package $43/hour on W2.

JOB FUNCTION The Cybersecurity Engineer will be responsible for implementing and maintaining the firm's cybersecurity technology solutions, monitoring for security incidents and vulnerabilities, coordinating end user activities, and participating in the investigation and response of any breaches or attacks. The ideal candidate will be a self-starter who can work both independently and collaboratively with diverse technical and business teams. He or she will report to the Chief Information Security Officer. Additional responsibilities include: Managing the vulnerability management program, including internal and external scanning, monitoring threat feeds, news sources, and vendor bulletins for risks and tracking remediation Maintaining and monitoring control baselines, hardening standards, asset/coverage metrics, and configuration compliance Monitoring and documenting key performance indicators (KPIs) and governance, risk, and compliance (GRC) evidence Suggesting and evaluating new technologies Educating employees on security best practices to reduce the risk of human error Collaborating with the Cloud, Systems, Network, Database, Desktop, and Development engineering teams on risk identification, analysis, and remediation Assisting with vendor due diligence Assisting with physical security infrastructure projects, maintenance, and updates QUALIFICATIONS The ideal candidate should have the following experience: 3+ years of experience in a Security Engineer role Proficiency with managing EDR solutions, SIEM, network security, cloud security, mobile security, vulnerability management, identity and access management, encryption, and a solid understanding of operating systems like Windows and Linux Strong ability to analyze security data, identify threats, and create effective solutions Ability to document and communicate technical information clearly to both technical and non-technical audiences Scripting/automation experience a plus The ideal candidate possesses the following traits: Creativity: the ability to deploy different approaches and be resourceful. Intellectual curiosity: passion for learning and investigating a broad range of subject matter; satisfaction derived from the consumption and understanding of information and increasing knowledge base. Accountability: ownership of individual responsibilities and work product. Strong people skills: ability to build relationships internally and externally and to be versatile in engaging with different constituents.

Job Title: Cyber Security Risk Analyst. Job Type: Contract. IS NOT OPEN TO AGENCIES. The Cyber Security Risk Analyst supports enterprise governance, risk, and compliance (GRC) initiatives by strengthening cyber risk management practices, enhancing third-party risk oversight, and contributing to cybersecurity governance across a complex organizational environment. This role works closely with cybersecurity leadership, internal stakeholders, and partner teams to mature risk assessment processes and ensure consistent, well-documented risk management activities. Key Responsibilities Design, develop, and enhance cybersecurity risk management processes and supporting frameworks Support enterprise cyber risk governance, including risk identification, evaluation, and remediation tracking Perform cybersecurity risk assessments in collaboration with business and IT stakeholders Evaluate and manage third-party and vendor cybersecurity risk throughout the vendor lifecycle Contribute to the development and maintenance of a third-party risk register Review and analyze cybersecurity risk cases, exceptions, and justifications Document risks, mitigations, and remediation actions within a centralized risk register Assist in developing risk assessment procedures, methodologies, and testing approaches aligned with industry frameworks Collaborate with cross-functional teams and subject matter experts to gather risk intelligence Support remediation efforts by helping initiate corrective actions where vulnerabilities or weaknesses are identified Participate in special cybersecurity initiatives and projects as assigned Required Qualifications Minimum of 4 years of experience in one or more of the following areas: Cybersecurity risk management Cybersecurity risk assessment Third-party or vendor risk management within a cybersecurity function Strong understanding of GRC concepts and the cyber risk lifecycle Experience working in large, complex, multi-stakeholder environments Strong analytical, investigative, and documentation skills Excellent written and verbal communication skills Preferred Qualifications Bachelor's degree in Cybersecurity, Risk Management, Information Systems, Computer Science, or a related field Familiarity with one or more cybersecurity frameworks or standards, including: NIST ISO/IEC 27001 / 27002 CIS SANS PCI Relevant certifications are a plus, including but not limited to: CISSP, CISM, CRISC, CISA CompTIA Security+, CySA+, Network+ GIAC certifications Knowledge of cybersecurity laws, regulations, and data privacy principles Ability to work independently in a self-directed and organized manner About Buchanan Technologies Since Buchanan's inception over 30 years ago, we have operated on 5 core values - People Matter, Customers Matter, Principles Matter, Community Matters, and Every Interaction Matters. These values are represented across each facet of the company, from employee relations to client service delivery to corporate social responsibility initiatives and beyond. Why Work at Buchanan? At Buchanan Technologies, we offer a great employment experience with a fun but professional work environment, competitive salary, and various employee career advancement programs that add value to your skills and daily life. If you are excited about being part of an energetic team where your contributions are appreciated and hard work is recognized, Buchanan is the place for you. Things We Are Passionate About We are passionate about providing top-tier technology services to our customers and clients and fostering a culture of continuous learning for our employees. We are a people- centric company, focused on growth and diversity for our workforce. Come join us and let's build something amazing together. Follow Us: LinkedIn: ******************************************************* Website: **************** Buchanan Technologies provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability, protected veteran status, or genetics. In addition to federal law requirements, Buchanan Technologies complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.

Job information: Functional title - Application Security Specialist Department - IT Security Corporate level - Vice President Report to - Director, Application Security Expected full-time salary range between $ 140,000- $180,000 + variable compensation + 401(k) match + benefits. What you will be doing: Perform Application Security scans (e.g. DAST and SCA) on applications and APIs to identify security vulnerabilities and weaknesses, Triage security findings and collaborate with development teams to prioritize and remediate identified vulnerabilities. Drive threat modelling as a standard part of the SDLC, and develop and maintain threat models for critical applications, identifying potential security risks and proposing mitigations. Drive the Security Champions program, and define and promote secure coding practices, patterns, and standards across development teams. Conduct security reviews and provide guidance on security requirements for new features and projects. Assist in the analysis, selection and rollout of new application security tools, processes, and standards. Stay up to date with the latest security threats, vulnerabilities, and industry best practices. What we're looking for: Proven experience in application security with a focus on application security testing and vulnerability management. Hands-on experience with Application Security tools. Strong understanding of common application vulnerabilities (e.g., OWASP Top 10) and mitigation techniques. Experience with threat modelling methodologies and tools. Proficiency in at least one programming language (e.g., Java, Python, JavaScript). Excellent communication and collaboration skills, with the ability to work effectively in cross functional teams. Strong understanding of risk management. Professional qualifications / certifications Degree in a technology discipline (Computer Science, Information Management, Computer Engineering, Cybersecurity or equivalent). Relevant security certifications (e.g. CISSP, CEH, CSSLP) or equivalent is preferred.

The Security Architect main role is to design, implement, and oversee our cybersecurity strategy, ensuring robust protection against evolving threats. The ideal candidate will have 7-10 years of experience in cybersecurity architecture, security operations, and risk management with a strong focus on enterprise security solutions, cloud security, identity & access management (IAM), and security best practices. The Security Architect must have hands-on experience with internet secure gateway, EDR, MDR, ITDR, secure email gateway, firewalls, MFA, scripting, policies, data classification, and cloud security controls. This role requires deep expertise in security frameworks, architecture principles, security automation, and compliance standards (NIST, CIS, ISO 27001, Zero Trust, etc.). Essential Functions Develop and maintain a comprehensive security architecture covering on-premises, cloud, and hybrid environments. Design security solutions that align with business objectives while mitigating risk. Ensure Zero Trust principles, network segmentation, and security best practices are enforced across the enterprise. Architect cloud security strategies, leveraging best practices for Azure and GCP. Lead security investigations, conduct root cause analysis, and document incident response actions. Provide threat intelligence and recommend proactive security measures to mitigate risk. Implement and maintain cloud security controls in Azure and GCP. Optimize cloud security solutions for web and network protection. Ensure Active Directory (AD) and IAM policies align with best practices. Support identity governance, access reviews, and privileged access management (PAM). Oversee the continuous best practice is leveraged for data classification policies and enforce data protection controls. Conduct security assessments and ensure compliance with industry standards (PCI, NIST, CIS). Recommend, evaluate, and implement new security technologies based on business needs and threat landscape. • Work with DevOps and IT teams to integrate security automation, security-as-code, and DevSecOps principles. Additional Functions Threat Modeling & Risk Management: Conduct threat modeling, risk assessments, and security reviews for applications, infrastructure, and networks. Provide technical leadership in responding to security incidents, forensic analysis, and root cause investigations. Develop and maintain security policies, standards, and playbooks for security operations. Collaborate with IT and business units to ensure security compliance with regulatory frameworks (PCI DSS, NIST, ISO 27001, SOC 2). Identity & Access Management (IAM) & Authentication: Design and enhance IAM policies, privileged access management (PAM), and role-based access control (RBAC). Enforce strong authentication and MFA strategies using Okta, Microsoft Authenticator, and AD. Define identity threat detection and response (ITDR) strategies. Security Governance & Compliance: Ensure security controls align with industry frameworks (NIST CSF, ISO 27001, CIS, Zero Trust, MITRE ATT&CK). Assist with audit, regulatory compliance, and security assessments. Conduct penetration testing, red/blue teaming exercises, and vulnerability management programs. Provide security guidance for third-party risk management and vendor security evaluations. Leadership & Collaboration: Act as a subject matter expert (SME) in cybersecurity architecture and best practices. Provide mentorship and training to security engineers and analysts. Work cross-functionally with IT, DevOps, and executive leadership to align security strategy with business goals. Develop security roadmaps and strategic initiatives for continuous security improvement. Maintain and fine-tune security configurations across various security platforms. Identify security gaps and recommend security enhancements and process improvements. Develop playbooks and automation scripts to enhance security operations efficiency. Conduct vulnerability assessments and penetration testing to identify security weaknesses in systems and applications. Develop and implement security policies, procedures, and standards to ensure compliance with industry's best practices and regulatory requirements. Investigate security breaches and other security incidents to determine the root cause and implement corrective actions. Stay up-to-date on the latest security threats and vulnerabilities and recommend appropriate security measures. Collaborate with other IT teams to ensure that security is integrated into all aspects of the organization's IT infrastructure. Participate in security audits and assessments to identify and address security gaps. Develop and maintain incident response plans and procedures. Evaluate and recommend security technologies and solutions to improve the organization's security posture. Qualifications 7-10 years of experience in cybersecurity architecture, security operations, or cloud security. Deep understanding of: Enterprise security architectures, security frameworks (NIST, CIS, Zero Trust, ISO 27001), and best practices Email secure gateway (Proofpoint, Mimecast) Firewalls (Palo Alto, Cisco) and network security principles Cloud security (Azure, GCP) and security automation IAM, MFA, AD, Okta, Microsoft Authenticator Endpoint security, EDR, ITDR, and threat intelligence Data classification, DLP, and information protection Experience designing secure architectures for large-scale enterprises and cloud environments. Strong knowledge of DevSecOps, security automation, and scripting (Python, PowerShell, Terraform). Excellent communication and leadership skills, capable of influencing security strategies across the organization. CISSP Certifications (Required): CISM and CCSP is plus A bachelor's degree in computer science, information systems, or a related experience. 7-10 years of experience in cybersecurity, security operations, or network security. Hands-on expertise with: Zscaler, CrowdStrike, Microsoft Defender, Sophos Proofpoint (Email Security Gateway) EDR & ITDR solutions Palo Alto & Cisco Firewalls Okta, Microsoft Authenticator (MFA), Active Directory (AD), IAM Cloud Security (Azure and GCP) Data classification and protection strategies Strong knowledge of threat intelligence, SIEM, vulnerability management, and incident response. Experience with security frameworks such as PCI, NIST, ISO 27001, CIS Benchmarks. Strong analytical, problem-solving, and communication skills. Ability to work independently and collaboratively in a fast-paced environment. Excellent communication and interpersonal skills, capable of collaborating effectively with cross-functional teams. Working Conditions & Physical Demands This position requires in person office presence at least 4x a week.

We are seeking a highly skilled and motivated CyberArk PAM Administrator to support the deployment, configuration, and ongoing management of privileged access management (PAM) and cybersecurity technologies. This role is ideal for a cybersecurity professional who enjoys working in collaborative environments, driving secure system design, and supporting enterprise-scale security initiatives. The successful candidate will play a key role in implementing new cybersecurity solutions, supporting infrastructure upgrades, and ensuring systems are secure, reliable, and well-documented. This position offers the opportunity to work with modern security platforms while contributing to the organization's overall cyber maturity and growth. Key Responsibilities Implement and support new deployments of cybersecurity technologies, including CyberArk PAM and related security products. Assist with infrastructure upgrades to support application growth and evolving cybersecurity requirements. Configure, deploy, and maintain systems in accordance with security best practices and architectural standards. Troubleshoot and support all aspects of CyberArk Privileged Access Management, including onboarding, vault management, and access controls. Develop and maintain technical documentation, procedures, and runbooks for daily operations and major initiatives. Propose and document system architectures for secure and scalable deployments. Collaborate with internal teams, vendors, and stakeholders to ensure successful technology implementations. Patch, maintain, and monitor security platforms to ensure system stability and compliance. Train team members and end users on new systems and security processes as needed. Follow up promptly with stakeholders to address issues, changes, and enhancements. Required Skills / Education Proven experience as a CyberArk Administrator or in a similar Privileged Access Management role. Hands-on experience troubleshooting and supporting CyberArk PAM components. Strong understanding of cybersecurity principles, access control, and secure system administration. Ability to create clear, detailed technical documentation and operational procedures. Excellent written and verbal communication skills, with the ability to work effectively across technical and non-technical teams. Preferred Qualifications Experience with scripting or programming languages. Hands-on experience with PowerShell. Familiarity with enterprise infrastructure environments and security integrations. Strong interpersonal skills and the ability to collaborate with stakeholders at all organizational levels. About Seneca Resources At Seneca Resources, we are more than just a staffing and consulting firm-we are a trusted career partner. With offices across the U.S. and clients ranging from Fortune 500 companies to government organizations, we provide opportunities that help professionals grow their careers while making an impact. When you work with Seneca, you're choosing a company that invests in your success, celebrates your achievements, and connects you to meaningful work with leading organizations nationwide. We take the time to understand your goals and match you with roles that align with your skills and career path. Our consultants and contractors enjoy competitive pay, comprehensive health, dental, and vision coverage, 401(k) retirement plans, and the support of a dedicated team who will advocate for you every step of the way. Seneca Resources is proud to be an Equal Opportunity Employer and is committed to fostering a diverse and inclusive workplace where all qualified individuals are encouraged to apply.

Who You Are: You are collaborative and results driven, with a proven ability to think out of the box. You thrive in a rapidly changing environment, are curious and great at analysis and finding solutions. You understand technology and have experience with hands-on technical support. You have a passion to learn about or have experience with PLM & 3D applications such as CLO, Autodesk Maya/Arnold, Adobe Substance, and Zbrush. In this role, you will be a change driver for the 3D team merging tech, systems, and processes to drive efficiencies. What You'll Do: Understand the 3D processes and applications and provide the 3D/TD teams with hardware/software research, procurement, and light technical support Work closely with business users to gather requirements and translate back to IT, 3D or business teams ensuring on time completion of projects Utilize PLM and other systems to help 3D team manage workflow Develop functional business requirements specifications to support improved business process and business/ systems modification Develop and execute integrated testing scripts. Coordinate with and incorporate business community into the testing process. Develop user documentation and training material needed as needed Lead weekly touch bases with 3D team Liaise between 3D teams, IT (internal/external) and vendors. Assist with issue resolution when appropriate Ensure 3D applications and hardware are synergized with Capri Core Systems Maintain proper IT process with Procurement, Security, Legal, and Architecture teams, etc. when onboarding new technology Work well in a global business environment, being able to communicate effectively with business associates across different cultures, time zones and languages Assist with research and advise on implementations of new hardware/software technologies Test software and hardware as necessary You'll Need to Have: Minimum 2-5 years of IT experience required Experience in requirements gathering, process mapping, and systems support Excellent verbal and written communication and collaboration skills to effectively communicate with both business and technical IT teams Ability to work in NYC 3 days a week We'd Love to See: Experience with Adobe Design Software Understanding of the 3D design process and terminology Experience with 3D modeling software, rendering software, and real time engines Experience with any major PLM platform (Dassault Enovia/PTC FlexPLM/Centric) Experience with VBA Scripts or SharePoint Automations Passion for 3D and to be a change driver and influencer for the initiative Proven ability to be strategic and tactical in a demanding, fast-paced environment Proactive and persistent to provide solutions Strong analytical and communication skills Works with a sense of urgency and thoroughness Strong interpersonal skills to connect with user community and vendors Curiosity to keep up with industry trends in the 3D world and technology Ability to author documents using MS Office products (Word, Excel, Power Point, Project, and Visio) MK Perks: Generous Paid Time Off & Holiday Calendar Summer Fridays Internal Mobility Across Brands Cross-brand Discount Exclusive Employee Sales Fav 5 Cards (MK Discount for friends and family) 401k Match Paid Parental Leave Thrive Wellness Program Commuter Benefits Gym Discounts The Company is an equal employment opportunity employer. The Company's policy is not to unlawfully discriminate against any applicant or employee on the basis of race, color, sex, sexual orientation, gender identity, religion, national origin, age, military status, disability, genetic information or any other consideration made unlawful by applicable federal, state, or local laws. The Company also prohibits harassment of applicants and employees based on any of these protected categories. At Capri Holdings Limited, we are committed to providing a fair and accessible recruitment process. If you require a reasonable accommodation for the interview or application process, please contact our Talent Acquisition team at ****************************************. In compliance with certain Pay Transparency laws, employers are required to disclose a salary range. The salary for this position will vary based on role requirements, skill set and years of experience.

A financial firm is looking for a Chief Information Security Officer (CISO) to join their team in New York, NY. Compensation: $150-200K Responsibilities: Define and maintain the enterprise information security strategy, roadmap, and governance framework, aligned with business objectives and regulatory requirements Draft, maintain, and periodically review security-related policies and procedures Establish and chair/co-chair an Information Security / Cyber Risk Committee and contribute to Board-level reporting on cyber risk Develop and maintain the firm's information security governance framework Lead the firm's SOC 1 (Type 1/Type 2) and SOC 2 (Type 1/Type 2) readiness and ongoing attestation efforts Own the control catalog, control testing coordination, evidence collection, and remediation tracking across technology, operations, and third parties Act as primary security point of contact for external auditors, assessment firms, and key institutional partners Ensure security program alignment with SEC Regulation S-P, Reg S-ID, Reg SCI, SEC / Client cybersecurity expectations, and NYDFS 23 NYCRR 500 Partner with Compliance and Legal to interpret new regulations, assess impact, and implement necessary control and policy changes Maintain and periodically test the Incident Response Plan, Business Continuity and Disaster Recovery (BC/DR) from a security perspective Provide security oversight for cloud (AWS) and on-prem infrastructure, including network security, endpoint security, identity and access management (IAM), and data protection Work with Infrastructure/DevOps and application teams to embed secure SDLC practices, including code review, security testing, and secure deployment pipelines Oversee vulnerability management, including patch management processes, penetration testing, and remediation programs Define and oversee Security Operations Center (SOC) / XDR usage, log management, SIEM, threat detection, and incident handling Design and enforce data classification, data loss prevention (DLP), encryption, and key management controls Partner with business and product teams to ensure client data privacy and secure data flows, including with third-party vendors and partners Own the vendor security risk management program, including security due diligence, contract security clauses, and ongoing monitoring Evaluate and manage key security vendors Build and lead a small but high-impact security team, scaling capabilities over time Promote a security-first culture through training, awareness programs, and regular communication with staff at all levels Qualifications: Required Bachelor's degree in Computer Science, Information Security, Engineering, or related field; or equivalent experience 7+ years of progressive experience in information security, including at least 3 years in a leadership role (Head of Security, Deputy CISO, CISO, or equivalent) Hands-on experience leading SOC 1 and/or SOC 2 attestation projects at a financial institution, fintech, or SaaS provider Strong background in financial services or capital markets (broker-dealer, clearing firm, trading platform, or similar) Understanding of Information security frameworks (e.g., NIST CSF, NIST 800-53, ISO 27001) Understanding of Regulatory landscape for U.S. financial firms (e.g., SEC, Client, possibly NYDFS 500) Experience with Identity & access management, network security, endpoint security, and cloud security (preferably AWS) Experience building and maintaining incident response, BC/DR, and vulnerability/patch management programs Strong track record of cross-functional leadership, communicating complex security and risk topics to non-technical executives and boards Preferred Experience as CISO, Deputy CISO, or security leader at a broker-dealer, clearing firm, exchange/ATS, or large fintech Professional certifications such as CISSP, CISM, CISA, CRISC, CCSP or similar Experience with AWS security services Familiarity with DevSecOps practices and secure CI/CD pipelines Experience managing data localization and cross-border data separation initiatives

You will provide guidance and technical support to clients deploying security integrations. You'll act as the technical partner, providing strategic guidance around complex systems to secure a digital environment. Interacting directly with the client, you'll partner closely with client personnel to guide and suggest integrations to better serve their success. Your thorough understanding of our product integrations contributes to the development of new principles and concepts - providing detailed analysis around what's working, what's not, and what could be better. You enjoy implementation work, are proactive about resolving potential concerns, and operate well around strict best practices that enable our clients on their road to a more secure digital world. You're creative, innovative, and you love a challenge - learning how integrations might work better around new products and technologies. Responsibilities Communicate with the customer(s), sales teams, peers, engineering and support teams as appropriate Understand the customer environment, requirements, and security roadmap to implement the appropriate security solution Configure, implement, and maintain Security Operating Platform Optimize and migrate policies and objects from the existing environment to our Next-Gen Firewall Test and validate the migration environment Coordinate and execute cutover to production Provide guidance on code upgrades Facilitate the development of new application and threat signatures Interact with our Technical Assistance Center (TAC) to understand and diagnose support cases Some travel may be required, dependent on customer request You work with the customer's security & network teams to build confidence across the business units impacted by the change Experience High level of experience with Panorama and log collectors NGFW Global Protect BS in Computer Science, MIS, business, or equivalent education/training/experience Minimum of 5 years' experience with network/security solutions and technologies (BGP, SD-WAN concepts, VXLAN and general routing and switching) Minimum of 3 years' experience leading security solutions in large environments) Detailed technical experience in the installation, configuration, and operation of high-end firewall appliances, ideally Palo Alto Networks products You're experienced in internetworking, LAN, and WAN technologies You have a good understanding of Internet protocols and applications Any of the following industry certifications or equivalent experience is a plus: CISSP, CCNA, PCNSE, JNCIE-SEC You effectively handle multiple projects and work calmly in high pressure You're an excellent writer, with strong verbal communication skills, with demonstrable ability to communicate to senior leaders and technical peers

This young and agile company, providing identity risk solutions is currently seeking a Senior Cloud Security Engineer with a focus on Infrastructure and Security to join their growing team. You will assist with the continuous maturation of their Cloud Security services within the Security division. This is an excellent opportunity for an experienced Cloud Security Engineer with experience in both Infrastructure and Security to take the next step into a challenging position with a company offering significant growth potential. About the Company: Founded in the last 10 years, they are one the fastest growing companies in their space. They are a fast-growing company that have built a platform that allows finance organisations and fintechs to strengthen their security defences. Their mission is to allow companies to manage their identity and fraud risk. Everything they do is entrenched in achieving engineering excellence. Their culture is not corporate, and they like to trust their employees to take on a lot of responsibility and have input into the shape of growth of the organisation. About the Senior Cloud Security Engineer (Infrastructure and Security) Vacancy: What you will be doing: • Serve as a cloud security subject matter expert, advise on and implementing best practices • Respond to security incidents and provide timely and appropriate solutions • Conduct cloud security risk assessments and audits • Conduct investigations into security incidents and potential threats • Take part in on call rotations for incident response and remediation • Assist with policy management, security audits, and due diligence for cloud security concerns • Advise on, configuring, and managing a variety of security tools • Keep informed about and respond to emerging security threats and vulnerabilities • Assist with cloud security reviews of potential vendors Ideal Requirements for the Senior Cloud Security Engineer (Infrastructure and Security) Vacancy: • Several years of experience working in a similar role with a focus on Cloud Security in AWS • Experience provisioning infrastructure in AWS using Terraform, CloudFormation, CDK, or similar tools • Experience configuring VPCs, route tables, NACLs, Security Groups, iptables, Web Application Firewall, Config, GuardDuty, Inspector, KMS, IAM, etc. • In depth knowledge of AWS security best practices around systems hardening, monitoring, and incident response • Experience taking part in an on-call rotation • You are passionate about securing infrastructure, reducing risk, and protecting data! • You are a subject matter expert on cloud security in AWS • You have a solid understanding of network architecture and protocols • You can advise on cloud security policies and procedures Apply to the Role: Roles like these are snapped up very quickly, so act now if you do not want to miss out! Reply to this advert or email your CV to **********************

Type : Contract f2f Interview is must We are seeking an experienced AWS Security Engineer to design, implement, and manage security controls across Snowflake and Databricks environments. The ideal candidate will have strong expertise in AWS security, data platform governance, and Python-based automation to ensure secure, compliant, and efficient operations within our cloud ecosystem. Key Responsibilities: Implement, monitor, and enhance security controls across network, application, and data layers for Snowflake and Databricks environments. Manage user access, roles, and permissions in Snowflake or Databricks to ensure compliance with least privilege and governance policies. Configure and manage AWS security components, including IAM roles/policies, S3 bucket policies, EC2, Lambda, and CloudWatch for monitoring and event response. Collaborate with data engineering and platform teams to ensure secure data ingestion, storage, and access controls. Automate security monitoring and configuration management using Python scripting and AWS SDKs. Identify and remediate security vulnerabilities, ensuring continuous compliance with internal and external standards. Contribute to security documentation, audits, and process improvements for data platform security posture.

This role is for a mid-to-senior Security Engineer who thrives in a lean, high-performance environment and takes a hands-on, engineering-first approach to security. You will operate as a generalist within a small security team, owning the design, build, and evolution of security systems that protect a highly technical organization with many proprietary platforms. This is not an analyst role; the focus is on building, integrating, and improving security capabilities end to end, with a strong emphasis on problem solving, automation, and how systems work together. You will design and implement enterprise-grade security monitoring, detection, and response solutions, integrating commercial tools and developing custom capabilities tailored to the environment. While the role includes reviewing and triaging alerts from detection and response platforms, the core responsibility is continuously improving detection quality, response workflows, and overall security posture. You will engineer and tune detections using structured data and JSON-based queries, develop automated response and orchestration workflows, and drive improvements across the full incident lifecycle. The position requires close collaboration with teams across the organization, translating security risks and technical concepts into clear, practical language for non-security stakeholders. You will partner with engineering, infrastructure, and product teams to embed security into systems and workflows, applying strong security principles that are portable across technologies rather than tied to a single toolset. The environment is fast-moving and production-heavy, with ongoing adoption of AI-driven technologies and modern development practices. The ideal candidate has several years of experience in security engineering, preferably in a fintech, startup, or similarly high-tech environment, and is accustomed to operating outside of large, siloed security teams. You bring strong hands-on experience with cloud and endpoint security platforms such as Azure, Microsoft Defender, and Elastic, with exposure to tools like Zscaler and Purview considered a plus. You are comfortable coding and scripting, particularly in Python, working with Git-based workflows, and applying infrastructure-as-code concepts. Experience building and operating detection and response systems, security orchestration and automation platforms, and threat-informed defenses is essential. They'll need someone who's fully authorized to work in the US without any sponsorship / visa (cannot support H1B).

Lead Security Engineer - Hands-On Role with Leadership Opportunity We're looking to hire a senior-level Security Engineer who's ready to step up and take the lead. Someone who's still very hands-on technically but also enjoys mentoring others, setting direction, and building scalable solutions that make a real difference. Title: Lead Security Engineer Salary: $160,000 to 190,000 +Bonus Location: Queens, NY (Hybrid) This role sits at the center of engineering, operations, and security-you'll be working directly with software and infrastructure teams to make sure security is embedded into everything we do. You won't just be managing tools; you'll help shape how security is done across the company. If you're based in the NYC area and looking for the next serious step in your career-where your ideas are heard and your work actually drives change-this is worth a conversation. What the Role Looks Like: You'll lead and mentor a small but growing team of security engineers, helping them grow while staying deep in the tech yourself. Work with internal teams to design and implement security solutions-cloud security, PAM, app and system hardening, etc. You'll be the one connecting the dots between development, infrastructure, and security-building relationships across teams and making sure security is part of the process from the start. Help optimize and improve the tools we already have, and figure out what's missing. What We're Hoping You Bring: A few years of experience leading or mentoring other security engineers-you don't need to have managed huge teams, but you've helped others level up. Solid technical background (5+ years in security engineering) and experience with on-prem and cloud security solutions (AWS or Azure). Hands-on knowledge of privileged access, identity management, system hardening, and network security. Strong instincts for risk, practical problem-solving, and keeping systems both secure and usable. Someone who communicates clearly, doesn't get lost in buzzwords, and works well with people across teams. Nice to Have, But Not Dealbreakers: Certifications like CISSP, CEH, CISM Experience with Linux security or scripting Familiarity with CI/CD pipelines and how security fits into DevOps Why This Role Might Be Right for You: You're ready for more responsibility and leadership, but don't want to give up the technical side of the work. You want to be part of a stable company with real backing and complex challenges to work on.

Job Posting Title: Cloud Security Engineer - SRE Job Profile: Technical Project Management - Advisor II We are seeking a skilled and motivated Cloud Security Engineer - SRE to join our dynamic team. The ideal candidate will possess a strong technical background in systems administration, cloud computing, and infrastructure as code, with a particular focus on solution engineering/site reliability. This role will involve collaborating with cross-functional teams to enhance our security posture and streamline processes through automation. Technical Skills • Programming and Scripting: Strong proficiency in languages like Python, Go, Bash, or Ruby. SREs often need to write automation scripts and build tooling. • Systems Administration: Deep understanding of operating systems (Linux/Unix), file systems, processes, and system configurations. • Infrastructure as Code (IaC): Experience with IaC tools like Terraform, Ansible, or Chef to manage infrastructure. • Cloud Computing: Knowledge of cloud platforms such as AWS, Azure, or Google Cloud Platform, including services like EC2, S3, Kubernetes, and serverless functions. • Containers and Orchestration: Expertise in containerization (Docker) and container orchestration (Kubernetes, OpenShift). • Networking: Understanding of networking concepts, including DNS, firewalls, load balancing, and VPNs. • Monitoring and Observability: Experience with monitoring and observability tools like Prometheus, Grafana, Datadog, or New Relic. Ability to set up and maintain monitoring dashboards, alerts, and logs. • Continuous Integration/Continuous Deployment (CI/CD): Familiarity with CI/CD tools like Jenkins, GitLab CI, GitHub Actions, or CircleCI. • A strong understanding of HashiCorp Vault and Terraform will make you stand out. 2. Problem-Solving and Troubleshooting • Incident Management: Ability to manage and respond to incidents, perform root cause analysis, and implement post-mortem reviews. • Automation: Focus on automating repetitive tasks to improve efficiency and reduce human error. • Performance Tuning: Skills in identifying and resolving performance bottlenecks in systems and applications. 3. Collaboration and Communication • Teamwork: Ability to work closely with cross-functional teams, including software engineers, product managers, and DevOps teams. • Documentation: Skill in creating clear and comprehensive documentation for systems, processes, and incident reports. • Communication: Effective communication skills for interacting with stakeholders and explaining technical concepts to non-technical audiences. 4. Reliability and Scalability • Service-Level Objectives (SLOs) and Service-Level Agreements (SLAs): Understanding of setting, monitoring, and maintaining SLOs and SLAs for system reliability. • Scalability: Knowledge of best practices for designing and scaling systems to handle increased loads and demands. • Redundancy and Resilience: Experience in designing systems with redundancy and fault tolerance to minimize downtime. 5. Security and Compliance • Security Best Practices: Understanding of security principles, such as access control, data encryption, and secure coding practices. • Compliance: Familiarity with compliance standards like GDPR, HIPAA, or PCI-DSS, depending on the industry. Minimum Job Qualifications: • Bachelor degree in business or equivalent work experience • 10 years of previous program leadership and/or relevant consulting experience • Knowledge of and demonstrated experience in program management framework, knowledge groups & life cycle • 5+ years' experience in driving large scale data center consolidation efforts • Minimum 5 years' experience with matrix management of cross-functional processes and teams • Proficient with Project Management tools

We are seeking a high-judgment, detail-oriented operator to lead our Threat Modeling Program Operations. This individual will be responsible for orchestrating workflows, triaging intake, designing key metrics, and eliminating process inefficiencies. The role demands an expert in building executive-ready reports and dashboards to track throughput, cycle times, and model quality, ensuring optimal outcomes for complex, multifaceted initiatives in Information Security Engineering. This is a contingent resource assignment, and the candidate may: Consult on complex, large-scale initiatives in Information Security Engineering. Review and analyze intricate, long-term security challenges, considering multiple factors including intangible or unprecedented elements. Contribute to resolving complex issues requiring deep understanding of security policies, procedures, and compliance requirements. Strategically collaborate with client personnel to ensure project success. Key Responsibilities: Lead and optimize workflow orchestration for the Threat Modeling Program. Develop and manage reports and dashboards to monitor program effectiveness (throughput, cycle time, model quality). Analyze and address complex security engineering issues, guiding teams to resolution. Collaborate cross-functionally with stakeholders, delivering executive communication and reporting. Continuously improve processes to eliminate inefficiencies and ensure scalability. Required Qualifications: 5+ years of experience in Information Security Engineering or equivalent (consulting, training, military, education). Proven ability to take initiative, work independently, and drive results. Strong attention to detail and ability to handle ad hoc reporting. Advanced skills in Microsoft Excel (VLookups & Pivot Tables) and PowerPoint. Proficient with Agile methodologies and project management tools like Atlassian JIRA and Confluence. Experience in analytical

Job Title: Information Technology Analyst I Duration: 3 Months assignment with possible extension Schedule: 7a-3p - 5 days/week (including weekends). Hours if resource works Saturday &/or Sunday will be 9a-5p regardless of shift they are booked for. Pay Range: $25 - $28/Hour Requirements: Bachelors or equivalent exp (R). Degree in computer science (P). 1-2 yr exp (P). Excellent analytical, problem solving , written and verbal communication skills, strong customer service skills. (R). Ability to work within a team environment (R). “Pride Health offers eligible employee's comprehensive healthcare coverage (medical, dental, and vision plans), supplemental coverage (accident insurance, critical illness insurance and hospital indemnity), 401(k)-retirement savings, life & disability insurance, an employee assistance program, legal support, auto, home insurance, pet insurance, and employee discounts with preferred vendors”

Department Description At Disney, we're storytellers. We make the impossible, possible. The Walt Disney Company (TWDC) is a world-class entertainment and technological leader. Walt's passion was to continuously envision new ways to move audiences around the world-a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences - and we're constantly looking for new ways to enhance these exciting experiences. The Enterprise Technology mission is to deliver technological solutions that align to business strategies while enabling enterprise efficiency and promoting cross-company collaborative innovation. Our group drives competitive advantage by enhancing our consumer experiences, enabling business growth, and advancing operational excellence. The Global Information Security (GIS) organization strives to secure the magic by employing best-in-class services to assess, prevent, detect, and respond to cyber threats that present risk to The Walt Disney Company. We enable the business by integrating enterprise and business segment-specific supported services to create a robust, efficient, and adaptable cybersecurity program. Our key objectives are to: * Secure the Magic by protecting information systems and platforms. * Reduce Risk by proactively assessing, preventing, and detecting to prevent harm to the Company and our Guests. * Strengthen the business through optimizing execution, application, and technology used to protect the Company. * Innovate by investing in core capabilities to enhance operational efficiency. Team Description: Global Information Security (GIS) supports all of Disney's business segments, including Disney Entertainment & ESPN (DE&E). DE&E encompasses the operations of Disney's streaming services-Disney+, Hulu, ESPN+, Disney+ Hotstar, Star, and the upcoming Venu Sports streaming service-as well as Disney's broadcast and cable networks, including ABC, ESPN, FX, Disney Channels, and National Geographic. DE&E sits at the intersection of entertainment, sports, and technology, striving to connect viewers with beloved stories while advancing the streaming industry with consumer-first innovations. Security professionals supporting DE&E work with industry-leading technologies to deliver world-class, highly secure services to customers. What You'll Do: * Independent audit support for: * SOX 404 ITGCs * PII * PCI * ISPS * Collaborate with Enterprise Controls and Compliance (ECC) to scope systems and respective ITGCs. * Perform control health checks and remediation testing procedures to address issues identified via audit assessments, access control reviews, internal or external audits and/or other assessments. * Develop and lead the Control Assurance Programs (ISPS and SOX). * Lead Audit Readiness efforts to ensure proper system scoping and respective ITGCs, control validations and timely program onboarding. * Participate in audit walkthrough meetings to help establish internal testing procedures to gain operational comfort in the design of the Company's automated controls. * This includes control self-evaluations of new controls or processes that impact the effectiveness of an existing control. * Perform impact analysis and risk assessment on deficiency findings and documentation associated with the assessment. * Work with management and internal audit on maintaining the master Risk and Control Matrix over the systems material to Disney Entertainment and ESPN (Broadcast TV and Streaming - Hulu, Disney+, ESPN+, STAR+ products) * Ensure for timely management response of audit findings into our corporate SOCD/SAD. * Oversee ISPS Management Audit coordination and open action plans. * Provide consultancy to Development leads to identify and implement automation and efficiency opportunities to meet governance and compliance demands. * Management of GRC workflows around coordination of certifications and attestations. * Partner with leadership to support the PCI-DSS compliance program. * Develop training materials, coordinate training sessions, and monitor compliance with training requirements. * Oversee and manage a team of compliance analysts, ensuring day-to-day operations run smoothly and efficiently. * Assign tasks and projects to team members based on priorities, deadlines, and individual strengths. * Provide executive level updates on Compliance programs Must Haves (Years of Experience, languages, programs, tools, etc.): * Minimum of 8 years of related work experience, with 3 in management roles * IT SOX experience and proven experience in supporting IT audit/compliance functions * Experience in managing people * Thorough understanding of SOX ITGC and ICFR 404 standards and audit objectives * Interpersonal skills with the ability to work with teams cross-functionally * Strong verbal and written communication skills and ability to effectively communicate to technical and non-technical audiences, including developers and tech operators * Detail-oriented but able to understand the big picture. Highly organized and efficient * Ability to navigate through ambiguity, manage and coordinate multiple project assignments simultaneously in a fast-paced, deadline-driven environment, accepting ownership and accountability of the process and deliver on commitments * Experience with cloud-based services, specifically AWS Nice To Haves (see above): * Experience and knowledge of NIST framework, ISO 27001, K-ISMS, GDPR * Experience working with companies that have a heavy microservice architecture Education: Bachelor's degree in Computer Science, CPA license, Information Systems, Software, Electrical or Electronics Engineering, or comparable field of study, and/or equivalent work experience The hiring range for this position in Glendale, CA and Santa Monica, CA is $141,900 to $190,300 per year and in New York, NY is $148,700 to $199,400 per year. The base pay actually offered will take into account internal equity and also may vary depending on the candidate's geographic region, job-related knowledge, skills, and experience among other factors. A bonus and/or long-term incentive units may be provided as part of the compensation package, in addition to the full range of medical, financial, and/or other benefits, dependent on the level and position offered. About The Walt Disney Company (Corporate): At Disney Corporate you can see how the businesses behind the Company's powerful brands come together to create the most innovative, far-reaching and admired entertainment company in the world. As a member of a corporate team, you'll work with world-class leaders driving the strategies that keep The Walt Disney Company at the leading edge of entertainment. See and be seen by other innovative thinkers as you enable the greatest storytellers in the world to create memories for millions of families around the globe. About The Walt Disney Company: The Walt Disney Company, together with its subsidiaries and affiliates, is a leading diversified international family entertainment and media enterprise that includes three core business segments: Disney Entertainment, ESPN, and Disney Experiences. From humble beginnings as a cartoon studio in the 1920s to its preeminent name in the entertainment industry today, Disney proudly continues its legacy of creating world-class stories and experiences for every member of the family. Disney's stories, characters and experiences reach consumers and guests from every corner of the globe. With operations in more than 40 countries, our employees and cast members work together to create entertainment experiences that are both universally and locally cherished. This position is with Disney Worldwide Services, Inc., which is part of a business we call The Walt Disney Company (Corporate). Disney Worldwide Services, Inc. is an equal opportunity employer. Applicants will receive consideration for employment without regard to race, religion, color, sex, sexual orientation, gender, gender identity, gender expression, national origin, ancestry, age, marital status, military or veteran status, medical condition, genetic information or disability, or any other basis prohibited by federal, state or local law. Disney champions a business environment where ideas and decisions from all people help us grow, innovate, create the best stories and be relevant in a constantly evolving world. Apply Now Apply Later Current Employees Apply via My Disney Career Explore Location

Information Security Analyst II (E5122) - 250363: KNW-B40 Description Job Summary The overall purpose of this position is to protect the security and integrity of IEEE data through the implementation and maintenance of information security practices, measures, and technologies consistent with industry best practices. This position will act as a subject matter expert who will diligently assist with the maintenance and improvement of information and systems to ensure appropriate safeguards are in place. The incumbent must possess a thorough understanding and knowledge of security controls, strategies and methodologies as well as knowledge of some of the following technologies: firewalls, identity and access management, advanced authentication, single sing on, security audits, security diagnostics and encryption. The role reports to the Manager, Information Security and manages 0 direct reports. Key ResponsibilitiesProactively identify and remediates vulnerabilities using industry best practices and maintains a strong awareness and understanding of the current threat landscape. Performs internal and external security audits to ensure compliance with agreed security practices, policy and procedures to adhere with legal and regulatory requirements. Identifies security policy violations and leads in the corrective actions to maintain data and infrastructure security. Provides guidance and technical expertise to other technical employees and project teams and enforces established security policies. Assists project teams with the application and implementation of IEEE security policies, standards, processes and agreed architectures. Makes recommendations for enhancing security services, participates and, at times, leads the evaluation of commercial information security products and services to determine which of these should be adopted by or tested by the organization. Assists with the installation, maintenance and support of information security tools and services including, but not limited to, identity and access management systems including single sign on (SSO). Participates in development and update of security policies, procedures, standards, guidelines, and architectures. Assists with the execution vulnerability and penetration tests of IEEE network and systems including the remediation of findings. Assists with the investigation of security incidents, recommends and implements solutions to remediate or mitigate them. Assists in the formulation and enforcement of security policies and procedures. Qualifications Education Bachelor's degree or equivalent experience Bachelor's Degree in computer related field such as Computer Science, Mathematics or Engineering. In lieu of a degree equivalent experience will be considered. ReqWork Experience 2-4 years At least 4 years direct experience involving security, network architectures and Internet communications protocols (TCP/IP), monitoring and intrusion prevention strategies (e. g. Firewalls, Security Event Correlation, Malware Detection, IDS/IPS), Identity & Access Management technologies and concepts (Enterprise Directory Services, Virtual Directory, Enterprise Single Sign-On / Web Access Controls and Authorization models) in a large, distributed, high performance, business critical networked environment. ReqLicenses and Certifications Relevant professional qualifications / certifications (CISSP, CEH, CISM, CISA, CSSLP, SANS, CHECK, CREST) a plus. PrefSkills and Requirements Knowledge or familiarity of security technologies and concepts, including but not limited to, encryption, Public Key Infrastructure (PKI), two factor authentication, network security (firewall, intrusion detection / protection, and network anomaly detection), host based security (Anti-malware, firewall, intrusion detection / protection, patch management and file integrity), web application security (web application firewall, secure application development, authentication, session management, access control, single sign-on and error handling), database security (authentication, access control, auditing and integrity), secure remote access (VPN, terminal and console), security data analysis (security event monitoring, correlation, analysis and response) Knowledge or familiarity on conducting and mitigating security/risk assessments Knowledge of Authentication & Authorization technologies (LDAP, RADIUS, Two-factor authentication, SAML, OpenToken, OAuth, etc. ) Knowledge and experience installing and administering Enterprise Directory Services technologies, such as; Oracle Unified Directory, Oracle Virtual Directory, OpenLDAP, and Microsoft Active Directory. Knowledge or familiarity installing and administering Enterprise Single Sign-On (ESSO) and Access Management (AM) technologies, such as; Computer Associates SiteMinder, Oracle Access Manager, IBM Tivoli, PingFederate, PingAccess and OpenSSO / OpenAM. Knowledge and experience Windows Active Directory. Knowledge of Self Service Account Management technologies, concepts and best practices, such as; Identity validation, user provisioning, self-service password recovery and automation workflows (i. e. Self Service Access requests). Good understanding of a programming language (e. g. Java, C, Perl), HTML/XML and Unix “shells” scripting (e. g. CSH, KSH, SH). Excellent communication skills (written and verbal) and able to articulate key messages to a range of audiences. o Can effectively discuss security challenges with developers and testerso Experience of at least one code security review tool Ability to work alone and build relationships across the organization. Anticipates problems and identifies long-term implications of decisions and actions. Familiarity with server operating systems, such as; Windows, Linux & SolarisFamiliarity with web application security concepts, such as; secure application development, secure session management, cryptography, input validation, logging and error handling a plus. Familiarity with load balancer technologies and ESSO integration capabilities is a plus. Familiarity of Authentication, Authorization concepts, such as; Identity Federation, Multi-Factor Authentication (MFA), Public Key Infrastructure (PKI), RADIUS / TACACS a plus. Other Requirements:As defined in IEEE Policies, individuals currently serving on an IEEE board or committee are not eligible to apply. PLEASE NOTE: This position is not budgeted for employer-sponsored immigration support, this includes all persons in F (both CPT and OPT), J, H, L, or O status. For information on work demands and conditions required for this position, please consult the reference document, ADA Requirements. This position is classified under Category I - Office Positions. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. ===============================================Disclaimer: This is proprietary to IEEE. It outlines the general nature and key features performed by various positions that share the same job classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties and qualifications required of all employees assigned to the job. Nothing in this job description restricts management's right to assign or re-assign duties to this job at any time due to reasonable accommodations or other business reasons. Min: $91,000. 00 Max: $114,000. 00 Job: Technology Primary Location: United States-New Jersey-Piscataway Schedule: Full-time Job Type: Regular Job Posting: Dec 22, 2025, 4:20:40 PM

The Cloud Security Specialist is a senior technical and leadership position responsible for implementing, managing, and continuously improving cloud security across multi cloud environments including AWS, Azure, Google Cloud, and Oracle Cloud Infrastructure (OCI).This role combines hands on technical execution with team leadership. The successful candidate will lead a team of cloud security engineers, develop secure architectures, and manage enterprise grade cloud security solutions such as Cloud Security Posture Management (CSPM), Cloud Workload Protection (CWP), Container Security, API Security, and AI Security Posture Management (AISPM).The individual will partner with cloud service, DevOps, and application teams to design secure deployments, enforce policies, and integrate automation for vulnerability remediation, threat detection, and compliance. They will also implement secure private connectivity between cloud and on premise networks using technologies such as AWS PrivateLink and Azure ExpressRoute. Required Education/Experience * Master's Degree and with 3 years of relevant experience IT or Information security or * Bachelor's Degree and with 5 years of relevant experience IT or Information security or * Associate's Degree and with 6 years of relevant experience IT or Information security or * High School Diploma/GED and with 8 years of relevant experience IT or Information security. Preferred Education/Experience * Master's Degree in Cybersecurity, Computer Engineering, Computer Science, Information Systems Security, Information Technology. and 3 years in Information security, Cloud Security or Cloud Architect in a senior technical role. With certifications such as CCSP, AWS Certified Security, Azure Security Engineer Associate, or GCP Cloud Security Engineer. Experience in cloud security or cloud architecture. Experience with CSPM, CWP, AISPM, and API security implementations. Handson work with identity management, hybrid connectivity (PrivateLink, ExpressRoute). * Bachelor's Degree in Cybersecurity, Computer Engineering, Computer Science, Information Systems Security, Information Technology. and 5 years in Information security, Cloud Security or Cloud Architect in a senior technical role. With certifications such as CCSP, AWS Certified Security, Azure Security Engineer Associate, or GCP Cloud Security Engineer. Experience in cloud security or cloud architecture. Experience with CSPM, CWP, AISPM, and API security implementations. Handson work with identity management, hybrid connectivity (PrivateLink, ExpressRoute). Relevant Work Experience * Handson experience with at least two major cloud providers (AWS, Azure, GCP, or OCI), required. * Implementation and management experience with CSPM, CWP, AISPM, and API security platforms, required. * Knowledge of IAM, rolebased access control, and policy enforcement, required. * Experience integrating cloud telemetry and logs with SIEM tools, required. * Understanding of hybrid connectivity and private link technologies (PrivateLink, ExpressRoute), required. * Experience with scripting (Python, PowerShell, Bash) and automation, required. * Experience with WAF and cloud API gateway configurations, required. * Strong understanding of cloud network fundamentals and background in cloud network security, and secure architecture design, required. * Experience collaborating with cloud service teams for planning and remediation, required. * Experience implementing application security best practices and training engineering teams, required. * Familiarity with CDN operations, certificates, and brand monitoring preferred, required. * Experience with SIEM integration, telemetry collection, and event analysis, preferred. * Demonstrated experience leading technical teams or project groups, preferred. * Experience with Container Security, preferred. * Experience securing API endpoints and implementing advanced cloud application protections, preferred. * Knowledge of AI/ML data protection and secure model deployment practices, preferred. * Experience integrating security automation into DevSecOps workflows using Terraform or Ansible, preferred. * Experience developing and delivering cloud security training and awareness programs, preferred. Skills and Abilities * Effective leadership skills * Demonstrated problem solving skills * Demonstrated problem solving skills * Strong written and verbal communication skills * Ability to drive multiple projects to successful completion * Proactively approaches responsibilities Licenses and Certifications * Driver's License Required * Other: CISSP, CCNP Security, GSEC, GCIH, CEH, or equivalent certifications. Preferred * Other: CCSP, AWS Certified Security, Azure Security Engineer Associate, GCP Professional Cloud Security Engineer, or OCI Security Professional. Preferred Physical Demands * Ability to push, pull, and lift up to 25 pounds * Sit or stand to use a keyboard, mouse, and computer for the duration of the workday Additional Physical Demands * The selected candidate will be assigned a System Emergency Assignment (i.e., an emergency response role) and will be expected to work non-business hours during emergencies, which may include nights, weekends, and holidays. * The selected candidate will be assigned a System Emergency Assignment (i.e., an emergency response role) and will be expected to work non-business hours during emergencies, which may include nights, weekends, and holidays. Core Responsibilities * Lead and mentor a team of cloud security engineers, fostering technical excellence and professional growth. * Architect and maintain secure multi-cloud environments across AWS, Azure, GCP, and OCI in partnership with Enterprise Architecture. * Deploy and manage CSPM platforms to drive continuous visibility, compliance, and risk posture improvement. * Implement CWP solutions to protect cloud workloads, prevent threats, and manage vulnerabilities effectively. * Define and enforce IAM policies and least-privilege principles to strengthen identity security across all platforms. * Design and secure private and hybrid connectivity using technologies such as AWS PrivateLink, Azure ExpressRoute, and Google Cloud Interconnect. * Integrate cloud telemetry and security events with SIEM systems to enhance incident detection and response capabilities. * Automate provisioning, configuration, and remediation workflows using IaC tools like Terraform and Ansible, supported by Python or PowerShell scripting. * Implement and manage WAF policies and API gateways to safeguard cloud applications and services. * Partner with DevOps and engineering teams to embed security within CI/CD pipelines and promote secure development practices. * Collaborate with risk and architecture teams to assess emerging technologies and align them with enterprise security strategy. * Stay informed on evolving threats, regulatory frameworks, and AI security trends to continuously improve cloud security posture.