Information security analyst jobs in North Hempstead, NY

Job Description We is seeking a talented Cyber Security Analyst. As a Cyber Security Analyst, you will play a key role in ensuring the security and integrity of our organization's data and systems. Requirements Responsibilities: Monitor, detect, and respond to cyber threats and security incidents, Conduct vulnerability assessments and penetration testing to identify potential weaknesses in our systems, Develop and implement security measures and best practices to protect against cyber attacks, Stay up-to-date with the latest cyber security trends and technologies, Collaborate with cross-functional teams to identify security risks and implement appropriate solutions, Provide training and guidance to employees on cyber security awareness and best practices. Requirements: Bachelor's degree in Computer Science, Information Security, or a related field, Proven experience in cyber security or a related role, Strong knowledge of security protocols and tools, Ability to analyze and interpret complex data and make informed decisions, Excellent problem-solving and communication skills, Relevant certifications (e.g. CISSP, CISM) are preferred but not required. Benefits About Us Zone IT Solutions is an Australia-based Recruitment Company. We specialise in Digital, ERP and larger IT Services. We offer flexible, efficient and collaborative solutions to any organisation that requires IT, experts. Our agile, agnostic and flexible solutions will help you source the IT Expertise you need. If you are looking for new opportunities, your profile at *******************************. Also, follow our LinkedIn page for new job opportunities and more. Zone IT Solutions is an equal-opportunity employer, and our recruitment process focuses on essential skills and abilities.

Information Security Specialist Job Responsibilities: Safeguards information system assets by identifying and solving potential and actual security problems. Protects system by defining access privileges, control structures, and resources. Recognizes problems by identifying abnormalities; reporting violations. Implements security improvements by assessing current situation; evaluating trends; anticipating requirements. Determines security violations and inefficiencies by conducting periodic audits. Upgrades system by implementing and maintaining security controls. Keeps users informed by preparing performance reports; communicating system status. Maintains quality service by following organization standards. Maintains technical knowledge by attending educational workshops; reviewing publications. Contributes to team effort by accomplishing related results as needed. Information Security Specialist Skills and Qualifications: System Administration, Network Security, Problem Solving, Information Security Policies, Informing Others, Process Improvement, On-Call, Network Troubleshooting, Firewall Administration, Network Protocols, Routers, Hubs, and Switches.

The Wealth Management (WM) Chief Data Office (CDO) sits within the WM Risk organization and strives to find the right balance between risk management and business enablement. WM CDO's mission is to: prevent unauthorized access to or misuse of client sensitive data and assets; abide by relevant privacy laws and regulations; effectively retain, retrieve, and protect information and records; and mitigate risks caused by inaccurate, untimely, or incomplete WM data. The Application and Infrastructure Security Team within WM CDO works to ensure that our clients' Personally Identifiable Information (PII) is stored securely, and appropriate controls are applied across all technology assets handling sensitive data. Role Description: The Application and Infrastructure Security Team is seeking an Assistant Vice President to enhance our risk identification and remediation efforts. The successful candidate will employ application telemetry and security tools to programmatically identify risks critical to the WM business. This position demands a high level of expertise in data analysis and automation, as well as familiarity with Artificial Intelligence techniques. Candidates should possess a strong understanding of common application architecture and software development practices, as well as a solid foundation in cybersecurity and network security principles. A commitment to ongoing research and a willingness to learn on the job are essential for this role. Key responsibilities include: * Serving as a subject matter expert to junior team members executing risk assessments * Conducting extensive data analysis and developing automated solutions to improve risk management * Employing Artificial Intelligence to enhance risk identification * Serving as the Business Owner for multiple technology squads, ensuring they deliver appropriate products * Liaising with Morgan Stanley's central cybersecurity organization to interpret and translate control requirements for WM business stakeholders Qualifications: * 3-5 years of relevant risk management experience * Experience with enterprise security controls and knowledge of application and network security concepts * Experience automating tasks using scripting languages (e.g. Python, Bash) and data analysis tools (e.g. Dataiku, SQL) * Ability to partner with external stakeholders and drive projects to completion in a large matrixed organization * Excellent written and verbal communication skills, with the ability to communicate at all levels within the organization * Exceptional critical thinking, problem-solving, and research skills Preferred Qualifications: * Knowledge of the financial services industry; preferably in wealth management, finance, operations, or technology * Strong understanding of common application architecture and software development practices * Solid foundation in cybersecurity and network security principles * Eagerness to engage in research and continuous learning on the job * Familiarity with the evolving Artificial Intelligence landscape and an understanding of capabilities WHAT YOU CAN EXPECT FROM MORGAN STANLEY: We are committed to maintaining the first-class service and high standard of excellence that have defined Morgan Stanley for over 89 years. Our values - putting clients first, doing the right thing, leading with exceptional ideas, committing to diversity and inclusion, and giving back - aren't just beliefs, they guide the decisions we make every day to do what's best for our clients, communities and more than 80,000 employees in 1,200 offices across 42 countries. At Morgan Stanley, you'll find an opportunity to work alongside the best and the brightest, in an environment where you are supported and empowered. Our teams are relentless collaborators and creative thinkers, fueled by their diverse backgrounds and experiences. We are proud to support our employees and their families at every point along their work-life journey, offering some of the most attractive and comprehensive employee benefits and perks in the industry. There's also ample opportunity to move about the business for those who show passion and grit in their work. To learn more about our offices across the globe, please copy and paste ***************************************************** into your browser. Expected base pay rates for the role will be between $85,000 and $140,000 per year at the commencement of employment. However, base pay if hired will be determined on an individualized basis and is only part of the total compensation package, which, depending on the position, may also include commission earnings, incentive compensation, discretionary bonuses, other short and long-term incentive packages, and other Morgan Stanley sponsored benefit programs. Morgan Stanley's goal is to build and maintain a workforce that is diverse in experience and background but uniform in reflecting our standards of integrity and excellence. Consequently, our recruiting efforts reflect our desire to attract and retain the best and brightest from all talent pools. We want to be the first choice for prospective employees. It is the policy of the Firm to ensure equal employment opportunity without discrimination or harassment on the basis of race, color, religion, creed, age, sex, sex stereotype, gender, gender identity or expression, transgender, sexual orientation, national origin, citizenship, disability, marital and civil partnership/union status, pregnancy, veteran or military service status, genetic information, or any other characteristic protected by law. Morgan Stanley is an equal opportunity employer committed to diversifying its workforce (M/F/Disability/Vet).

We are seeking a Senior Security DevOps Engineer who will be responsible for a variety of objectives resulting in risk mitigation and remediation of internal & external security threats. This role performs advanced threat analysis, threat intelligence gathering & reporting, incident response activities, improves accuracy of security systems, improves existing processes, and works on Cybersecurity focused projects. Contract to hire Onsite 2 days a week located in New York Cybersecurity - Cyber Intelligence & Incident Response Responds to and remediates email, endpoint, threat intelligence, and network-based threats; provides forensic investigation and support. Provides after-hours support as needed for response activities. Integration experience. Collaborates with cross divisional and Cybersecurity teams to continuously improve security capabilities and response to threats in the most efficient and effective manner. Assists with projects to implement advanced technologies to prevent & identify malicious behavior within cloud environments, networks, endpoints, and email technologies. Operates products such as SIEM, SOAR, threat intelligence platforms, advanced email protection, EDR, cloud security products, IDS/IPS, Zero Trust tooling, and other security technologies. Scripting experience. Implements and performs threat analysis utilizing industry standard frameworks (kill chain/diamond model) and techniques. Proposes and helps review security plans and policies to improve environmental security. Maintains and produces metrics, operational playbooks, process diagrams and documentation for the Cybersecurity program. AWS and/or Azure knowledge. Produces and distributes operational and tactical threat intelligence reports. Other duties may be assigned as needed to address new security threats facing the enterprise. Ability to: Demonstrate great teamwork and partnership with internal teams for resolution of security-based issues. Python programming tasks and understand of programming in general. Perform security event correlation, triage, and analysis. Apply security Threat Intelligence while responding to and investigating security events or Incidents. Identify when an application, network, system, or user has been compromised by an internal or external threat. Work on multiple projects to improve security capabilities. Exercise strong understanding of defense-in-depth security best practices. Apply security engineering and architecture concepts to best understand how to employ the most effective security monitoring, response, and threat reporting. Demonstrate effective communication of security issues and topics to management and others. Work well under pressure and within a high paced environment. Maintain operational guidelines and standards for Cybersecurity.

Hudson River Trading (HRT) is looking for a Systems Engineer with a focus on physical security systems to join our Enterprise Technology team. This role will liaise closely with our Workplace and various Security teams to conduct research, design, and maintain physical security platforms. You'll join a lean and technical team with opportunities to architect, own, and evolve HRT's global physical security infrastructure, driving both strategic vision and hands-on execution, to help HRT stay secure while providing a great employee experience. Responsibilities Research, architect, and deploy physical security systems across our offices and supporting sites around the globe Conduct audits and risk assessments of the physical security of equipment and locations globally Curate an enjoyable employee experience while helping to maintain safety, security and compliance Manage user roles, permissions, and system access in compliance with company policies and best practices Troubleshoot hardware/software issues, perform diagnostics, and provide Level 2/3 support Create and maintain documentation of configurations, procedures, and system architecture Help lead technical response and forensic analysis for physical security incidents in collaboration with Workplace and Security Operations teams Collaborate with internal stakeholders to evaluate and adopt next-generation physical security technologies, such as AI-driven analytics, mobile credentials, or zero-trust physical systems Qualifications 5+ years of experience in the systems architecture, engineering, and administration of physical security systems (camera infrastructure, badge platforms, biometrics, environmental sensors, access control, etc.) Experience with open protocols and standards in physical security (OSDP, SNMP, etc.) Experience with consolidating and automating identity management, configuration, and logging for disparate physical security, access control, and digital IAM platforms Experience with data center physical security systems (VSS, ACS, IDS, anti-tailgating, anti-passback, mantraps, etc.) Experience automating through code (Python, Go, PowerShell) and working with SDKs/APIs Strong knowledge of networking concepts and protocols Familiarity with securing IP-based physical systems and awareness of modern physical security threats (e.g., firmware supply chain, OT/IT convergence) Willing to travel 20% of time to visit other offices and facilities as needed A certification like Certified Protection Professional (CPP) or Physical Security Professional (PSP) is a plus Experience using Linux is a plus Experience with public cloud providers (GCP, AWS, Azure) is a plus The estimated base salary range for this position is $150,000 - $250,000 per year, based on job-related skills and experience. This role will also be eligible for discretionary performance-based bonuses and a competitive benefits package. Culture Hudson River Trading (HRT) brings a scientific approach to trading financial products. We have built one of the world's most sophisticated computing environments for research and development. Our researchers are at the forefront of innovation in the world of algorithmic trading. At HRT we welcome a variety of expertise: mathematics and computer science, physics and engineering, media and tech. We're a community of self-starters who are motivated by the excitement of being at the cutting edge of automation in every part of our organization-from trading, to business operations, to recruiting and beyond. We value openness and transparency, and celebrate great ideas from HRT veterans and new hires alike. At HRT we're friends and colleagues - whether we are sharing a meal, playing the latest board game, or writing elegant code. We embrace a culture of togetherness that extends far beyond the walls of our office. Feel like you belong at HRT? Our goal is to find the best people and bring them together to do great work in a place where everyone is valued. HRT is proud of our diverse staff; we have offices all over the globe and benefit from our varied and unique perspectives. HRT is an equal opportunity employer; so whoever you are we'd love to get to know you.

About Ramp At Ramp, we're rethinking how modern finance teams function in the age of AI. We believe AI isn't just the next big wave. It's the new foundation for how business gets done. We're investing in that future - and in the people bold enough to build it. Ramp is a financial operations platform designed to save companies time and money. Our all-in-one solution combines payments, corporate cards, vendor management, procurement, travel booking, and automated bookkeeping with built-in intelligence to maximize the impact of every dollar and hour spent. More than 45,000 businesses, from family-owned farms to e-commerce giants to space startups, have saved $10B and 27.5M hours with Ramp. Founded in 2019, Ramp powers the fastest-growing corporate card and bill payment platform in America, and enables over $100 billion in purchases each year. Ramp's investors include Thrive Capital, Sands Capital, General Catalyst, Founders Fund, Khosla Ventures, Sequoia Capital, Greylock, and Redpoint, as well as over 100 angel investors who were founders or executives of leading companies. The Ramp team comprises talented leaders from leading financial services and fintech companies-Stripe, Affirm, Goldman Sachs, American Express, Mastercard, Visa, Capital One-as well as technology companies such as Meta, Uber, Netflix, Twitter, Dropbox, and Instacart. Ramp has been named to Fast Company's Most Innovative Companies list and LinkedIn's Top U.S. Startups for more than 3 years, as well as the Forbes Cloud 100, CNBC Disruptor 50, and TIME Magazine's 100 Most Influential Companies. About the Role Join Ramp's Enterprise Security team to operationalize core and sovereign security programs. You'll oversee Insider Risk, DLP, SaaS posture, and Endpoint security across corporate and FedRAMP‑aligned environments-setting strategy, implementing controls, and measuring outcomes. Ramp is agent‑first: you will securely enable AI assistants and automated workflows across the enterprise. Please note that this role will require you to be comfortable with working in-person at our NYC HQ (located near Madison Square Park) at least 2 days/week What You'll Do * Harden Core Programs: Evaluate and uplift Insider Risk and DLP coverage; tune detections, policies, and workflows end‑to‑end. * Secure SaaS at Scale: Use SSPM/CASB and configuration baselines to remediate misconfigurations, remove stale access/admins, enforce key rotation, and gate risky app/OAuth scopes. * Operate Sovereign SaaS: Maintain strict access and monitoring for sovereign Google Workspace and Okta tenants; ensure controls map to NIST 800‑53/800‑171 and FedRAMP‑aligned requirements. * Modernize Identity & Access: Enforce phishing‑resistant MFA, device‑aware access, least privilege/JIT, SCIM life‑cycle, and strong break‑glass patterns. * Endpoint & Network Defense: Keep mac OS/Windows hardened at scale (EDR, disk encryption, MDM), ensure patch SLAs, and apply ZTNA/SSE (e.g., Cloudflare WARP) policies. * Continuous Improvement: Define metrics (coverage, policy efficacy, MTTD/MTTR, configuration drift), run control health reviews, and close gaps across corporate and sovereign environments. * Partner & Ship: Work with IT to validate endpoint agents and patching; document risks, decisions, and runbooks succinctly. What You Need * 3+ years in enterprise/corporate security engineering or operations. * U.S. citizenship is required for this role. * Proven delivery hardening Insider Risk, DLP, SaaS posture, and endpoint controls. * Hands‑on Okta administration and Google Workspace security configuration. * Experience with EDR/MDM, SSPM/CASB, DSPM, and ZTNA/SSE; mac OS/Windows hardening at scale. * Solid grasp of IAM and control mapping in FedRAMP‑aligned environments; familiarity with NIST 800‑53/171. * Ability to identify gaps, design remediations, automate where possible, and drive adoption across teams. * Clear, concise communicator who writes crisp docs and runbooks. Nice-to-Haves * Experience aligning Google Workspace and Okta to regulated/sovereign requirements. * Background scaling security in a high‑growth, cloud‑first company. * Relevant certs (CISSP, CISM, Security+, GIAC) or equivalent real‑world depth. Benefits (for U.S.-based full-time employees) * 100% medical, dental & vision insurance coverage for you * Partially covered for your dependents * One Medical annual membership * 401k (including employer match on contributions made while employed by Ramp) * Flexible PTO * Fertility HRA (up to $5,000 per year) * WFH stipend to support your home office needs * Wellness stipend * Parental Leave * Relocation support to NYC or SF (as needed) * Pet insurance Referral Instructions If you are being referred for the role, please contact that person to apply on your behalf. Other notices Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records. Ramp Applicant Privacy Notice

Akkodis is seeking a Network Security Analyst for a Contract with a client in New York, NY. Candidates will develop and enforce network security strategies while managing firewalls, VPNs, and intrusion detection systems across enterprise environments. Rate Range: $53/hour to $68/hour; The rate may be negotiable based on experience, education, geographic location, and other factors. Network Security Analyst job responsibilities include: * Develop and enforce network security policies and procedures to ensure compliance with regulatory standards and organizational goals. * Deploy, manage, and monitor security technologies such as firewalls (Fortinet, Cisco, Palo Alto), intrusion detection systems, VPNs, and proxies. * Conduct risk assessments and vulnerability scans to identify, analyze, and mitigate potential threats across the network. * Lead incident response and recovery efforts, including troubleshooting high-severity security breaches and coordinating break-fix activities. * Collaborate with IT and business teams to integrate security into system designs and provide solutions aligned with current security trends. * Generate and maintain performance dashboards and reports to track security operations, drive improvements, and support governance. Required Qualifications: * Bachelor's degree in computer science, Information Security, or a related field (Master's preferred). * Minimum of 10 years in network security and IT security operations. * Proven expertise in managing enterprise firewall systems (Fortinet, Cisco, Palo Alto). * Strong communication skills and experience in project management and security governance. If you are interested in this role, then please click APPLY NOW. For other opportunities available at Akkodis, or any questions, feel free to contact me at **********************************. Pay Details: $53.00 to $68.00 per hour Benefit offerings available for our associates include medical, dental, vision, life insurance, short-term disability, additional voluntary benefits, EAP program, commuter benefits and a 401K plan. Our benefit offerings provide employees the flexibility to choose the type of coverage that meets their individual needs. In addition, our associates may be eligible for paid leave including Paid Sick Leave or any other paid leave required by Federal, State, or local law, as well as Holiday pay where applicable. Equal Opportunity Employer/Veterans/Disabled Military connected talent encouraged to apply To read our Candidate Privacy Information Statement, which explains how we will use your information, please navigate to ************************************************* The Company will consider qualified applicants with arrest and conviction records in accordance with federal, state, and local laws and/or security clearance requirements, including, as applicable: * The California Fair Chance Act * Los Angeles City Fair Chance Ordinance * Los Angeles County Fair Chance Ordinance for Employers * San Francisco Fair Chance Ordinance Massachusetts Candidates Only: It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.

The Special Projects Information Security Analyst will serve as a key individual contributor supporting Major League Baseball's Email Security and Cloud Security team. This role focuses on operational execution, technical analysis, and project coordination across two critical domains: email security engineering and cloud security analysis. The analyst will work hands-on with security tools, processes, and data, helping to protect MLB's communications, cloud environments, and infrastructure from evolving threats. This position offers the opportunity to learn from subject matter experts while contributing to the successful delivery of high-impact security initiatives. Responsibilities Cloud Security Analysis * Assist in the deployment, configuration, and monitoring of cloud security controls across public and private clouds (e.g., logging & monitoring, WAF, API security gateways, anti-bot/fraud technologies). * Support vulnerability scanning, compliance checks, and incident investigation in cloud environments using industry leading tools. * Help integrate and validate security tooling within CI/CD pipelines. * Conduct basic log and traffic analysis to identify anomalous or suspicious activity. Email Security Support * Assist with the configuration, monitoring, and maintenance of MLB's email security platforms (e.g., Microsoft Defender for Office 365, Exchange Online Protection, multiple integrated and secure email gateways). * Support phishing detection, triage, and remediation efforts. * Help manage authentication protocols (SPF, DKIM, DMARC, BIMI, VMC) across the league. * Participate in tuning email security policies, blocklists, and advanced rules to reduce false positives and improve detection. Operational Execution * Maintain accurate Jira/Asana ticketing, change documentation, and configuration records for security systems. * Support proof-of-concept testing for new security tools, documenting results for engineering review. * Use scripting languages (Python, Go, PowerShell, Bash) to automate security processes and streamline reporting. * Interact with REST, GraphQL APIs and MCP Servers for security tool integration and data collection. Research & Documentation * Stay current on email-based and cloud-based threat trends, summarizing findings for engineering teams. * Create and update SOPs, runbooks, and security awareness materials. * Assist with audit and compliance documentation, ensuring alignment with MLB policies and industry standards. Qualifications & Skills * Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or related field - or equivalent practical experience. * 2+ years in an information security, SOC, IT operations, or related technical role. * Familiarity with email authentication protocols (SPF, DKIM, DMARC) and cloud security fundamentals. * Exposure to security tools such as Microsoft Defender for Office 365, Exchange Online Protection, WAFs, and API gateways. * Proficiency in at least one scripting language (Python, Go, PowerShell, Bash). * Ability to analyze logs, alerts, and security telemetry to support incident investigation. * Comfort working with APIs and automation frameworks. * Familiarity with collaboration and tracking tools (e.g., Jira, Asana, Confluence, GitHub). * Strong organizational skills; able to manage multiple tasks and shifting priorities. * Excellent written and verbal communication; able to translate technical details for varied audiences. * Discreet and professional when handling sensitive information. * Proactive problem solver with an interest in continuous learning and professional growth. Pay Range: $30.00 - $33.00 per hour The actual offer will carefully consider a wide range of factors, including your work experience, education, skills, and any other factors MLB considers relevant to the hiring decision.

ISSO Employment Type: Full-Time, Experienced Department: Information Technology CGS is seeking an Information Systems Security Officer (ISSO) with DIACAP and/or RMF experience who has deep expertise in security assessment documentation to support Dept. of Commerce systems and efforts to achieve their Authorization to Operate (ATO). This position is located at the client site in the Herbert Hoover building in Washington, DC. The scope of this position includes full life-cycle Assessment and Authorization (A&A) management through all 6 Steps of the RMF process in support of the Government ISSM.In this role, you'll conduct security assessment, and information system security oversight activities in accordance with NIST 800.53 that support systems from the perspective RMF requirements. CGS brings motivated, highly skilled, and creative people together to solve the government's most dynamic problems with cutting-edge technology. To carry out our mission, we are seeking candidates who are excited to contribute to government innovation, appreciate collaboration, and can anticipate the needs of others. Here at CGS, we offer an environment in which our employees feel supported, and we encourage professional growth through various learning opportunities. Skills and attributes for success: * Review systems to identify potential security weaknesses and recommend improvements to amend vulnerabilities, implement changes, and document upgrades. * Maintain responsibility for managing cybersecurity risk from an organizational perspective. * Identify organizational risks, prioritize those risks, and maintain a risk registry for escalating and presenting those risks to senior leadership. * Provide security guidance and IS validation using the National Institute of Standards and Technology (NIST) RMF, DoC, and local security policies. * Providing configuration management (CM) recommendations for information system security software, hardware, and firmware and coordinating changes and modifications with the ISSM, Security Control Assessor (SCA), and Authorizing Official (AO). * Maintain vulnerability scanning tool compliance, such as HBSS or ACAS, and patch management, such as IAVM to ensure IT staff pushes patches to all systems in an effort to maintain compliance with all applicable directives, manage system changes, and assess the security impact of those changes. * Support security authorization activities, including transitioning from the legacy Information Assurance Certification and Accreditation Process (DIACAP) to compliance with the DoC RMF. * Provide subject matter expertise for cyber security and trusted system technology. * Apply advanced technical knowledge and analysis of specialized functional areas in task requirements to develop solutions to complex problems. * Research, write, review, disposition feedback, and finalize recommendations regarding cyber security policy, assessment and authorization assessments (A&As), security test and evaluation reports, and security engineering practices and processes. * Conduct research and write risk assessment reports to include risk thresholds, evaluation, and scoring. * Support analysis of the findings and provide expert technical guidance for mitigation strategies, including implementation advice on the cyber security risk findings, and other complex problems. Qualifications: * Bachelor's Degree. * A minimum of five (5) years experience as an Information Assurance (IA) Analyst, ISSE, ISSO, or similar role in ATO package development, including generating security documentation for requirements, security control assessment, STIG and IAVA compliance, Standard Operating Procedures, test results, etc. * eMASS experience. * Professional security certification such as: CCNA Security, CySA+, GICSP, GSEC, CompTIA Security+ CE, SSCP, or higher. * Strong desktop publishing skills using Microsoft Word and Excel. * Experience with industry writing styles such as grammar, sentence form, and structure. * Ability to multi-task in a deadline-oriented environment. Ideally, you will also have: * CISSP, CASP, or a similar certificate is preferred. * Master's Degree in Cybersecurity or related field. * Strong initiative, detail orientation, organizational skills, and aptitude for analytical thinking. * Demonstrated ability to work well independently and as a part of a team. * Excellent work ethic and a high commitment to quality. Our Commitment: Contact Government Services (CGS) strives to simplify and enhance government bureaucracy through the optimization of human, technical, and financial resources. We combine cutting-edge technology with world-class personnel to deliver customized solutions that fit our client's specific needs. We are committed to solving the most challenging and dynamic problems. For the past seven years, we've been growing our government contracting portfolio, and along the way, we've created valuable partnerships by demonstrating a commitment to honesty, professionalism, and quality work. Here at CGS we value honesty through hard work and self-awareness, professionalism in all we do, and to deliver the best quality to our consumers mending those relations for years to come. We care about our employees. Therefore, we offer a comprehensive benefits package. Health, Dental, and Vision Life Insurance 401k Flexible Spending Account (Health, Dependent Care, and Commuter) Paid Time Off and Observance of State/Federal Holidays Contact Government Services, LLC is an Equal Opportunity Employer. Applicants will be considered without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Join our team and become part of government innovation! Explore additional job opportunities with CGS on our Job Board: ************************************* For more information about CGS please visit: ************************** or contact: Email: [email protected] #CJ $92,213.33 - $125,146.66 a year We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

Job DescriptionThis role is located in New York City and will require a hybrid work schedule of at least 2 days in office per week. This role is for Vice President level candidates. About the Bank: Sumitomo Mitsui Trust Bank, Limited was established through the merger of The Sumitomo Trust and Banking Co., Ltd with Chuo Mitsui Trust and Banking, Ltd. on April 1, 2012. We are one of the largest asset managers in Asia and number one among Japanese financial institutions by AUM, with approximately $850 Billion USD in AUM. The Bank provides an assortment of financial solutions and manages a broad spectrum of financial products across its global branches. Department Overview: The Americas Division (“AD”) was established in the Sumitomo Mitsui Trust Bank, Limited, New York Branch) (“SMTBNY”) to perform corporate functions and supervise U.S. entities. Established under the AD are the “Global Banking Unit (“GBU”), Americas Division” and “Global Markets Unit (“GMU”), Americas Division” which performs business functions. Information Risk Governance (“IRG”) provides oversight to information and cyber security risk by maintaining and improving branch wide framework that is in-line with the Head Office and regulatory requirements and addresses Confidentiality, Integrity, and Availability for information assets. IRG establishes appropriate policies, procedures, measurement, and monitoring processes to proactively assess and evaluate cyber security and information security risks inherent in the Branch Operations. IRG is directly involved in all information and cyber security related projects, matters, and issues. Your Role Overview: To assist the Head of the Department with the day-to-day management and operation of the department. To assume the role of Information Security Officer and take the lead on overseeing the timely completion of the department's critical risk management projects. To provide direct assistance to the Head of the Department with regards to accomplishing the department's goals and objectives. To manage, guide and mentor other staff members with the preparation and completion of their assigned tasks. To contribute significantly to the overall success of the department in all key risk management and cyber security areas. Directly oversee completion of all critical projects, assist the HOD with implementing desired operational strategies and procedures. Recommend ways to improve efficiency, effectiveness, and productivity. Focus on proactive day-to-day operations. As ISO, assist with overseeing all information and cyber security matters. Your Duties and Responsibilities: Maintain and improve the information risk framework with guidance from HOD, address regulatory requirements, residual information risks specific to NY Branch Operations. Provide Information Security subject-matter-expertise to senior management. Work with IRT and coordinate incident responses to cyber security events. Keep abreast of industry wide information risk issues that could potentially have an impact on Branch Operations. Establish processes for communicating data classification guidelines and its governance. Oversee employee information security awareness training. Assesses and evaluates critical risk management projects: Annual Risk Assessment. Semi-annual Vulnerability Assessments. Special Risk Assessments done for a Particular Purpose Trend analysis of key risk management concepts and principles Attend the ISSRM and Branch Risk Management related meetings. Performs key information risk governance related tasks as described below: Provides User Access Control Governance. Monitors, analyzes and follows-up on Information Risk events/issues. Reviews information risk and proactively advises as necessary on: IT Projects/Issues Management process, Change Management Process, significant changes to IT procedures, IT Asset Management Report, key IT Vendor Contracts, IT Disaster Recovery Plan/Process, Record Retention Process, any related audit findings, etc. Establish and maintain Information Risk Key Risk Indicators (KRI). Periodically updates IT resources on Information risk related practices. Manages all information and cyber security policy and procedures manuals. Assist with the management of all matters related to Information Security and Information Risk Management, including directing appropriate Information/Applications Risk Assessments. Your Qualifications: Certification in Information Security (CISSP) required. 8+ years of Information Security related experience, IT Audit experience, preferred. Knowledge of Information Security principles, terminologies, and technologies required. Knowledge of Information Risk Management framework and principles required. Ability to analyze and design information security monitoring procedures and activities preferred. Detailed Knowledge and expertise in Technology Risk Assessments and Risk Analysis required. Excellent written and verbal communication skills, required. Good computer skills in Microsoft Office Excel and Word required. Strong project management and people management skills. preferred Why you should join SuMi Trust:SuMi Trust embraces flexible ways of working when the business and role permits. We provide employees with a hybrid working model, allowing for in-office work and work from home. Our diverse and inclusive environment along with our global presence enables us to collaborate and communicate to meet our business needs. We believe that efficient teams need truth, loyalty, and a strong sense of purpose to balance risk and their targets. We make sustainable business decisions to improve our society and the world. We believe that each person brings a unique value that drives the business though their creativity and passion. The Employee Benefits package includes: Paid Time Off, medical, HSA, vision, dental, FSA, 401(k), profit sharing, legal plan, cancer indemnity plan, disability insurance, life insurance, employee assistance program, commuter benefits, business travel accident, paid volunteer day, paid memberships, paid seminars, and tuition assistance. We offer many socialization opportunities for wellness, financial wellbeing, runs/walks, team building, happy hours, and activities to support the Sustainable Developmental Goals. Check out our LinkedIn for our employee experience: *************************************** We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, national origin, disability status, protected veteran status or any other characteristic protected by law. SuMi Trust provides reasonable accommodations for employees and applicants with disabilities consistent with applicable law. If you need a reasonable accommodation during the application

A Few Words About Us Integrated Resources, Inc is a premier staffing firm recognized as one of the tri-states most well-respected professional specialty firms. IRI has built its reputation on excellent service and integrity since its inception in 1996. Our mission centers on delivering only the best quality talent, the first time and every time. We provide quality resources in four specialty areas: Information Technology (IT), Clinical Research, Rehabilitation Therapy and Nursing. Job Description: Network Security Analyst 6 months CTH • 3+ years of designing, implementing and supporting CISCO ISE is required Responsibilities: Work with vendor to ensure the quality design, implementation, installation/configuration, and provide technical admin support for Cisco ISE Authentication Authorization, Posture Assessment, and AnyConnect end point Malware Prevention solutions. • Upgrade Cisco ISE infrastructure including hardware, software, and AnyConnect • Perform Cisco ISE Authentication and Authorization • Enforce security Posture compliance for wired and wireless endpoints and enhance infrastructure security using the Cisco ISE • Deploy Cisco ISE Profiling and client provisioning services • Integrate Endpoint Malware Protection Services (AMP) with AnyConnect and Cisco ISE • Provide Reports, Monitoring, Troubleshooting, and Security Work with vendor on problem resolution Create policies and reports to meet the business requirements Participate in Planning, Design, and Tests Perform security audits, scan and monitor servers Investigate and report on security alerts and perform security incident reporting Requirements: Expert-level knowledge and experience with design, implementation and support of Cisco ISE 3-5 year of experience working with Network Security applications Complex routing and switching solutions (Cisco is a must, Nexus strongly preferred, other manufacturers are a plus) Advance knowledge of networking, TCP/IP, FTP, SCP, firewalls, ACLs, Authentication protocols, Authorization, VPN, PKI, RSA, and Encryption Knowledge of Directory Services including Active Directory, LDAP, and TDS Knowledge of F5 load balancers Knowledge of IT security principles, HIPAA, SOX and PCI regulations Knowledge of IDS/IPS, Malware Prevention (Sourcefire & Fireye desired, Palo Alto a plus) Business Analysis skills and ability to translate business requirements into technical requirements Excellent oral/written communication and organizational skills Security certification a plus such as CISSP, CEH or CISA Qualifications Bachelor's Degree in Computer Science, Programming, or IT required Additional Information Contact- 732-549-2030 ext 242 Harshad

The Bronx Defenders (BxD) is an innovative, progressive public defense office in the South Bronx. We are seeking a passionate technology professional with a commitment to public defense to join the Information Technology (IT) Team as an Information Governance & Security Manager. Founded in 1997, BxD is a public defender nonprofit that has developed a nationally recognized model of representation called holistic defense, which provides people with teams of lawyers, social workers, and advocates to defend them zealously in court and address the underlying drivers and enmeshed penalties of legal system involvement. Our office now has more than 400 staff members who defend nearly 20,000 New Yorkers facing incarceration, family separation, eviction, and deportation (among other devastating consequences) in criminal, family, civil, and immigration proceedings each year. We continue reimagining the role of public defense even further, using community organizing and engagement, legislative advocacy, and impact litigation to partner with the communities we represent to bring about long-lasting systemic change. We also share our model and lessons learned on how to move to a holistic model of representation with current and future public defenders throughout the country. Information Technology Our Information Technology (IT) department is our first line of support in assisting our dedicated staff of attorneys, advocates, social workers, and administrative professionals. Ultimately, the work of our department helps to advance the needs of our clients and facilitate the process by which their legal teams support and advocate for them to reach their goals. As the leading office in providing holistic representation, we stay abreast of innovative technological tools and resources that are used to support our staff and clients as they navigate the criminal, family, immigration, and civil court systems. From onboarding new employees to strengthening cybersecurity and modernizing our digital tools, the IT department is dedicated to creating an environment where technology empowers people, minimizes friction, and keeps our organization at the forefront of innovation in public defense. Responsibilities The Information Governance & Security Manager ensures that organizational information (case files, HR data, client records, financial systems) is managed securely, compliantly, and in alignment with regulatory requirements (CJIS, HIPAA, SHIELD). This role develops and enforces information governance policies, manages risk assessments and audits, and coordinates with the MSP and IT leadership to safeguard the integrity, availability, and confidentiality of organizational data. Responsibilities Own and update organizational information governance policies (data retention, access control, encryption, privacy) Coordinate audits and access reviews across systems (M365, LegalServer, HRIS, Finance) Review and respond to SOC/security alerts escalated from the MSP Lead development and testing of Business Continuity (BCP), Disaster Recovery (DRP), and Incident Response (IRP) plans Conduct quarterly data protection and compliance audits Partner with HR, Legal, and IT to enforce retention and preservation schedules Oversee data backup strategy (3-2-1 rule: cloud, onsite, offline) Provide reports on compliance posture and risk exposure to the IT Director and COO Stay current on changes to CJIS, HIPAA, SHIELD, and ABA confidentiality standards Stay current with emerging technologies, security practices, and industry standards relevant to the role, and provide recommendations for improvements Maintain awareness of ongoing IT initiatives, organizational priorities, and cross-departmental projects to ensure alignment with broader business goals Perform other related duties as assigned in response to organizational needs, new compliance requirements, or changes in technology Qualifications 6+ years in IT governance, compliance, or security roles Strong knowledge of NIST CSF, ISO 27001, ITIL Security Mgmt Hands-on experience with M365 Security & Compliance Center, Purview, Intune Familiarity with audits, penetration testing, and risk assessments Ability to develop, test, and maintain BCP/DRP/IRP Excellent communication and report-writing skills for technical and non-technical audiences Experience collaborating with MSPs, auditors, and cross-functional teams Bachelor's degree in Information Systems, Computer Science, Cybersecurity, or related field Professional Certifications (strongly preferred): CISSP,CISM,CISA, ISO 27001, Microsoft certified The following qualifications are preferred, but not : Experience in nonprofit, academic or healthcare environment Experience with unionized employees To cultivate the deep subject matter knowledge, strong interpersonal relationships and collaborative approach that are critical to the position's success, it is essential that the candidate be able to participate in-person and onsite in both internal and external meetings and events. This position has an onsite requirement of in-office, 5 days per week. Approximately 70% of The Bronx Defenders' staff, including attorneys and non-attorneys, are represented by UAW Local 2325 - Association of Legal Aid Attorneys (AFL-CIO). This position is not within the bargaining unit. Salary is commensurate with experience. The salary range for this position is $130,000 to $150,000 annually. Full-time employees are also eligible for a comprehensive benefits package including but not limited to medical, dental, and vision coverage; a 403(b) plan with employer contribution; and a generous vacation, sick leave, and parental leave policy To apply, please click APPLY TO THIS JOB ONLINE and upload your resume and cover letter in one document. Your resume will be used to determine your salary based on the number of years of directly relevant professional experience and should include all relevant professional experience. Applications without a written cover letter will not be considered. The Bronx Defenders is an equal opportunity employer and is cultivating a workplace that embraces staff with a diversity of backgrounds, identities, and experiences. We acknowledge the ways in which systemic oppression and injustice can undermine access to professional opportunities and are committed to conducting hiring and promotion processes that are equitable and accessible to those commonly excluded from the workforce. We do not discriminate against and encourage applicants from marginalized communities to apply, including those who identify as Black, Indigenous, people of color, queer, transgender, gender non-conforming, disabled, neurodivergent, and those directly impacted by criminal, civil, family, and immigration legal systems. We value lived as well as professional experience and particularly welcome applications from the Bronx community that we work with.

Job Title:Information Security Risk Compliance Manager Descrption Seeks an Information Security Risk Compliance Manager who will have the responsibility for several functions associated with IT security - from ensuring the security of software to selecting and/or constructing and deploying broader network security systems. Scope of Work Objectives: The Information Security Risk Compliance Manager oversees the organization's efforts in Risk assessment, Risk mitigation, Compliance management, Security governance, incident response, vendor risk management, Security awareness and training, Security audits and assessments, reporting and communication, continual improvement, and cross-functional collaboration. Their role is to ensure that the organization's systems, networks, and processes are secure, compliant with regulations and standards, and aligned with organizational goals and objectives. Requirements Responsibilities: Conduct risk assessments to identify potential threats and vulnerabilities to the organization. Develop and implement risk management strategies and policies to mitigate identified risks. Monitor and evaluate risk exposure across various departments and business units. Coordinate with stakeholders to ensure compliance with regulatory requirements and industry standards. Communicate risk management strategies and findings to senior management and relevant stakeholders. Lead the development and maintenance of the organization's risk register and risk management framework. Provide guidance and support to departments and teams in implementing risk mitigation measures. Conduct training and awareness programs on risk management principles and practices. Continuously monitor and review the effectiveness of risk management strategies and adjust as necessary. Stay updated on emerging risks and industry trends to proactively address potential threats to the organization. Maintain and enhance the company-wide security awareness program. Take ownership of establishing and enforcing security standards both within the team and across the organization. Work proactively and collaboratively to achieve change management and buy-in. Deliverables: Compliance Management: Ensure compliance with relevant regulations, standards, and frameworks such as GDPR, HIPAA, ISO 27001, NIST, etc., by establishing and maintaining appropriate controls and processes. Risk Mitigation: Develop and oversee risk mitigation strategies and controls to address identified security risks, including implementing technical controls, security best practices, and security awareness training programs. Incident Response: Develop and implement incident response plans and procedures to effectively respond to and manage security incidents, including data breaches, cyberattacks, and security breaches. Vendor Risk Management: Assess and manage risks associated with third-party vendors and service providers, including evaluating their security posture, conducting due diligence assessments, and ensuring contractual compliance. Cross-functional collaboration: Collaborate with IT teams, legal, HR, compliance, and other departments to ensure a holistic approach to information security risk management and compliance. Continual Improvement: Monitor industry trends, emerging threats, and regulatory changes to ensure that the organization's information security risk and compliance programs remain up-todate and effective. Preferred Skills: Excellent verbal and written communication skills. Ability to work both independently and as part of a team. Knowledge of Networking (Firewall, Networking Protocols); Working knowledge Frameworks Working knowledge of Information Security Domains Working knowledge of Security protocols Working knowledge of Cloud

Job Description We're seeking an experienced part-time Information Security Manager to lead security and risk programs in our growing stablecoin and digital asset ecosystem. The ideal candidate has a proven track record building and scaling security governance across FinTech or crypto companies, with deep knowledge of blockchain risk, compliance frameworks, and secure product design. Location: New York. Key Responsibilities: Develop and lead the company's information security strategy, aligning it with industry standards such as ISO 27001, SOC 2, and NIST CSF. Design and enforce security frameworks for stablecoin operations, blockchain-based systems, wallets, and custody infrastructure. Conduct risk assessments and threat modeling across smart contracts, custody solutions, and digital asset management systems. Drive regulatory and audit readiness for SOC 2 Type II, ISO 27001, and evolving digital asset compliance requirements (e.g., MiCA, DORA). Oversee incident response and vulnerability management, ensuring effective triage, remediation, and post-incident review. Partner with product and engineering teams to embed security into the SDLC and blockchain integrations. Lead security awareness programs across global teams with a focus on crypto-native risks (phishing, wallet security, private key management). Manage third-party risk assessments for vendors, custodians, and DeFi partners. Develop and maintain metrics and KPIs that measure security performance and maturity across the organization. Qualifications: Bachelor's degree in Computer Science, Cybersecurity, or related field (Master's preferred). 5+ years of progressive experience in information security. Proven experience in stablecoins and digital assets security, including wallet and blockchain risk governance. Deep knowledge of cloud security (AWS, GCP, Azure) and modern security architectures. Strong understanding of regulatory compliance frameworks (SOC 2, ISO 27001, NIST, GDPR, CCPA). Excellent communication and executive reporting skills, capable of translating complex risk topics to business stakeholders. Relevant certifications preferred: CISSP, CISM, CCSP, ISO 27001 Lead Implementer, or equivalent. Preferred Experience Security leadership experience in digital asset, blockchain, or FinTech companies. Familiarity with custody, trading, or settlement systems for crypto assets. Exposure to compliance automation, GRC tools, and Zero Trust architecture. Experience working with auditors, regulators, and institutional clients in the stablecoin or blockchain ecosystem

At American Express, our culture is built on a 175-year history of innovation, shared values and Leadership Behaviors, and an unwavering commitment to back our customers, communities, and colleagues. As part of Team Amex, you'll experience this powerful backing with comprehensive support for your holistic well-being and many opportunities to learn new skills, develop as a leader, and grow your career. Here, your voice and ideas matter, your work makes an impact, and together, you will help us define the future of American Express. The Technical Risk Management (TRM) team, within the Global Risk and Compliance organization and led by the Chief Risk Officer, manage operational risks associated with Information & Cyber Security Risk, Business Disruption, Technology Risk, Data Risk, & AI Risk Management. The team also ensures that risk management activities are conducted in a manner compliant with regulatory requirements and expectations. The team aggregates and reports on key risk management and oversight activities to the relevant management and Board risk committees. **Functional Description:** This role is part of the second line technology risk management team within the GRC group, headed by the Chief Risk Officer (CRO) of the company. This is a unique opportunity to work with a team of diverse and talented professionals who are responsible for building the technology risk management program and providing independent risk oversight to the technology, cyber security and data risks. Reporting to the Director for Technology Risk Oversight, this position is responsible for independently assessing, reporting, and aggregating technology risks. The risks identified by this team are reported to the Senior Management, Risk Management Committees, Board of Directors, and Regulators. This position will be responsible for effectively collaborating with key stakeholders across lines of business and lines of defense to ensure IT risks are managed effectively and efficiently in accordance with the company policies and applicable regulatory requirements. **Essential Job Functions:** * Learn IT Risk Management policy, Information technology policy & standards & processes at American Express, demonstrating strong levels of curiosity and willingness, to present an effective credible challenge. * Engage and liaise with internal stakeholder groups that have oversight of processes relevant to the firm's IT risk management approach to prevent, protect, respond and adopt/learn from IT incidents. * Provide effective oversight and credible challenge to the 1st line's implementation of IT related controls within the Risk and Control Self-Assessment (RCSA) and review the design and operating effectiveness of controls linked to the IT risk taxonomy. * Contribute to enterprise-wide initiatives focused on enhancing the IT risk management framework, information security policies, & security standards. Support development of key risk indicators and key performance indicators that delivers meaningful insights into IT risks and control performance trends. * Perform data-driven reviews focused on IT risks and prepare risk review reports for senior stakeholders and governance bodies. * Stay abreast of applicable regulations, guidelines, and industry standards, and drive continuous enhancement of oversight practices to ensure alignment with evolving regulatory expectations and leading practices. * Conduct exploratory data analysis on large sets of structure data using industry standard tools (Ex: SQL, Python, Power BI, and Excel data models) to develop meaningful insights on cybersecurity and technology related data. * Learn technology, cyber security, and business continuity management processes at American Express, demonstrating strong levels of curiosity and willingness, in order to present an effective credible challenge. * Support the design of independent technology risk oversight program which defines the engagement and integration with various risk management programs, including Risk and Control Self Assessments, operational risk event management, operational risk issue management. * Help embed a strong risk-aware culture, encouraging proactive risk management behaviors within the organization. **Minimum Qualifications:** + Minimum five years of experience in IT, security, or risk management within the banking/financial services industry including policy & procedure development, risk appetite, risk control self-assessment and testing, operational event & issue management. * Proven ability to identify & assess risks, analyze issues and derive meaningful insights about risk trends by conducting interviews and analyzing large volumes of data. * Strong verbal and written communication skills with an ability to explain complex problems and ideas clearly and succinctly to senior management. * Ability to work in a highly collaborative environment, excellent relationship building skills and ability to influence partners with a firm strategic view. * Excellent analytical skills with high attention to detail and accuracy. * Excellent critical thinking and problem-solving skills. * Required self-starter who can work with minimal supervision. * Willingness to challenge traditional thinking by actively engaging in constructive dialogue. **Preferred:** * Educational background: Bachelor's in computer science or information systems. * Working knowledge of cybersecurity and technology risk management concepts. * Experience in risk management frameworks and standards across cyber security, data risk, information technology, 3rd party, business continuity management. * Industry certifications (e.g., CISSP, CISM, CISA, CRISC, CompTIA Security ) * Understanding of risk assessment methodologies, frameworks, and industry standards (e.g., COSO, COBIT, ISO 27001, FAIR or NIST RMF) * Knowledge of relevant policies & regulations (e.g., OCC Heightened Standards, FFIEC IT booklets). * Experience with Governance, Risk and Compliance tools (Ex: Archer). **Qualifications** Salary Range: $123,000.00 to $215,250.00 annually bonus benefits The above represents the expected salary range for this job requisition. Ultimately, in determining your pay, we'll consider your location, experience, and other job-related factors. We back you with benefits that support your holistic well-being so you can be and deliver your best. This means caring for you and your loved ones' physical, financial, and mental health, as well as providing the flexibility you need to thrive personally and professionally: + Competitive base salaries + Bonus incentives + 6% Company Match on retirement savings plan + Free financial coaching and financial well-being support + Comprehensive medical, dental, vision, life insurance, and disability benefits + Flexible working model with hybrid, onsite or virtual arrangements depending on role and business need + 20 weeks paid parental leave for all parents, regardless of gender, offered for pregnancy, adoption or surrogacy + Free access to global on-site wellness centers staffed with nurses and doctors (depending on location) + Free and confidential counseling support through our Healthy Minds program + Career development and training opportunities For a full list of Team Amex benefits, visit our Colleague Benefits Site . American Express is an equal opportunity employer and makes employment decisions without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran status, disability status, age, or any other status protected by law. American Express will consider for employment all qualified applicants, including those with arrest or conviction records, in accordance with the requirements of applicable state and local laws, including, but not limited to, the California Fair Chance Act, the Los Angeles County Fair Chance Ordinance for Employers, and the City of Los Angeles' Fair Chance Initiative for Hiring Ordinance. For positions covered by federal and/or state banking regulations, American Express will comply with such regulations as it relates to the consideration of applicants with criminal convictions. We back our colleagues with the support they need to thrive, professionally and personally. That's why we have Amex Flex, our enterprise working model that provides greater flexibility to colleagues while ensuring we preserve the important aspects of our unique in-person culture. Depending on role and business needs, colleagues will either work onsite, in a hybrid model (combination of in-office and virtual days) or fully virtually. US Job Seekers - Click to view the " Know Your Rights " poster. If the link does not work, you may access the poster by copying and pasting the following URL in a new browser window: *************************** Employment eligibility to work with American Express in the U.S. is required as the company will not pursue visa sponsorship for these positions. **Job:** Risk **Primary Location:** US-New York-New York **Schedule** Full-time **Req ID:** 25019948

Anthropic's mission is to create reliable, interpretable, and steerable AI systems. We want AI to be safe and beneficial for our users and for society as a whole. Our team is a quickly growing group of committed researchers, engineers, policy experts, and business leaders working together to build beneficial AI systems. About the Role We're looking for an Operating Systems Security Engineer to harden and secure the OS layer of our infrastructure. You'll be responsible for designing and implementing OS-level security controls, from kernel hardening to runtime protection, ensuring our systems can withstand sophisticated attacks while maintaining the performance required for AI model training. This is a hands-on role where you'll work with cutting-edge hardware and implement novel security solutions for environments that don't exist anywhere else in the world. You'll need to balance extreme security requirements with the operational needs of researchers training models at unprecedented scale. What You'll Do: Design and implement hardened OS configurations for AI workloads across diverse hardware platforms Develop kernel security policies using SELinux, AppArmor, and custom Linux Security Modules and runtime enforcement mechanisms Implement and maintain full-disk encryption solutions for diverse storage systems Build security infrastructure for AI systems, research environments, and production services Build secure network stacks with appropriate isolation and segmentation Create OS-level attestation and integrity monitoring systems Develop security patches, custom kernel modules, and kernel hardening configurations Design secure boot processes and trusted execution environments Work with container teams to ensure proper workload isolation at the kernel level Design privilege separation and mandatory access control policies Implement secure update mechanisms for OS components Build tooling for security configuration management and compliance verification Who You Are: 5+ years of experience in operating systems security or kernel development Deep knowledge of Linux internals, including kernel subsystems and security frameworks (SELinux, AppArmor, seccomp, etc.) Experience with kernel hardening techniques and exploit mitigation Strong programming skills in C and systems programming languages Experience with eBPF for security monitoring and enforcement Understanding of virtualization and containerization security Track record of identifying and fixing OS-level security vulnerabilities Experience with security-focused Linux distributions Strong candidates may also have: Kernel development experience or contributions to Linux kernel Experience with real-time or embedded operating systems Knowledge of hardware security features and their OS integration Experience with confidential computing and memory encryption technologies (SEV, TDX, SGX) Background in vulnerability research, exploit development, or fuzzing Experience with formal methods for OS verification Knowledge of hardware security features and their OS integration (TPM, HSM, secure enclaves) Deadline to apply: None. Applications will be reviewed on a rolling basis. The expected base compensation for this position is below. Our total compensation package for full-time employees includes equity, benefits, and may include incentive compensation. Annual Salary:$300,000-$405,000 USDLogistics Education requirements: We require at least a Bachelor's degree in a related field or equivalent experience. Location-based hybrid policy: Currently, we expect all staff to be in one of our offices at least 25% of the time. However, some roles may require more time in our offices. Visa sponsorship: We do sponsor visas! However, we aren't able to successfully sponsor visas for every role and every candidate. But if we make you an offer, we will make every reasonable effort to get you a visa, and we retain an immigration lawyer to help with this. We encourage you to apply even if you do not believe you meet every single qualification. Not all strong candidates will meet every single qualification as listed. Research shows that people who identify as being from underrepresented groups are more prone to experiencing imposter syndrome and doubting the strength of their candidacy, so we urge you not to exclude yourself prematurely and to submit an application if you're interested in this work. We think AI systems like the ones we're building have enormous social and ethical implications. We think this makes representation even more important, and we strive to include a range of diverse perspectives on our team. How we're different We believe that the highest-impact AI research will be big science. At Anthropic we work as a single cohesive team on just a few large-scale research efforts. And we value impact - advancing our long-term goals of steerable, trustworthy AI - rather than work on smaller and more specific puzzles. We view AI research as an empirical science, which has as much in common with physics and biology as with traditional efforts in computer science. We're an extremely collaborative group, and we host frequent research discussions to ensure that we are pursuing the highest-impact work at any given time. As such, we greatly value communication skills. The easiest way to understand our research directions is to read our recent research. This research continues many of the directions our team worked on prior to Anthropic, including: GPT-3, Circuit-Based Interpretability, Multimodal Neurons, Scaling Laws, AI & Compute, Concrete Problems in AI Safety, and Learning from Human Preferences. Come work with us! Anthropic is a public benefit corporation headquartered in San Francisco. We offer competitive compensation and benefits, optional equity donation matching, generous vacation and parental leave, flexible working hours, and a lovely office space in which to collaborate with colleagues. Guidance on Candidates' AI Usage: Learn about our policy for using AI in our application process

Qualifications Bachelor's degree required. Minimum five years of full-time professional experience in information technology, including evidence of successful and progressively responsible roles in information security or related area (including growth in levels of responsibility, complexity of work, numbers, and sophistication of employees) related to the essential responsibilities listed. Demonstrated fluency in written and spoken English with the sophistication necessary to effectively communicate technical details to both technical and non-technical individuals. Demonstrated willingness and ability to carry out the essential responsibilities listed with humility, grace, and optimism. Demonstrated understanding of, sensitivity to, and respect for the academic, cultural, and social diversity in the Hofstra University community. Preferred Qualifications Advanced degree in computer science, computer engineering, information security, or related field strongly preferred. One or more relevant professional certifications (e.g., CISSP , CISM /A, etc.) strongly preferred. Experience with state and federal information security regulatory requirements ( GLBA , FERPA , HIPAA , etc.) and other compliance requirements ( PCI , etc.). Knowledge of and experience applying industry-standard IT security frameworks ( NIST , IHECF , etc.). Significant experience in computing and information security, network security issues, and security incident response and recovery in a higher education environment. Significant experience in communicating information security principles and concepts to non-technical stakeholders, and success in improving cybersecurity awareness in a higher education environment. Working knowledge of the information security policy and regulatory environment of information security, particularly in higher education. Demonstrated experience and success in advising and collaborating with key stakeholders relevant to the essential responsibilities listed, including senior leadership, Internal Audit, outside auditors, and consultants. Professional experience in a leadership role in a higher education institution.

Why us? You will be part of a team that believes that believes in employees success! They are a dynamic, fast growing company with great opportunities and an employee focused company culture. Join this fantastic team today and make a difference in your life and the lives of those around you! They are an equal opportunity employer and value diversity at our company. Job Description Strong knowledge of Information Security concepts such as: •Encryption, Cloud and Mobile Device Security •Data Loss and Prevention tools and solutions •Risk-Threat Analysis and Vulnerability Assessments •Enterprise Security Monitoring, Role-Based Access Control (RBAC) •Identity and Access Management, Computer Forensic •IT Audit and Compliance, Regulatory Requirements (HIPAA, CMS, FISMA, et. al.) •Knowledge of common vulnerability tools, and the ability to identify basic categories of vulnerability. Sounds like you? then ping us with your most updated resume. We'd love to talk to you! We are excited about the companies growth and the role you will play with them. Qualifications Desired Skills & Experience: You hold a Bachelor's degree in any domain. You are certified in CISSP, or CISA, or CEH, required. You have more than 1 year experience working in the IT security function. You have good experience with Operating System, Database, Network and Application Security. Additional Information All your information will be kept confidential according to EEO guidelines. Ping me at **********************

At American Express, our culture is built on a 175-year history of innovation, shared values and Leadership Behaviors, and an unwavering commitment to back our customers, communities, and colleagues. As part of Team Amex, you'll experience this powerful backing with comprehensive support for your holistic well-being and many opportunities to learn new skills, develop as a leader, and grow your career. Here, your voice and ideas matter, your work makes an impact, and together, you will help us define the future of American Express. The Technical Risk Management (TRM) team, within the Global Risk and Compliance organization and led by the Chief Risk Officer, manage operational risks associated with Information & Cyber Security Risk, Business Disruption, Technology Risk, Data Risk, & AI Risk Management. The team also ensures that risk management activities are conducted in a manner compliant with regulatory requirements and expectations. The team aggregates and reports on key risk management and oversight activities to the relevant management and Board risk committees. Functional Description: This role is part of the second line technology risk management team within the GRC group, headed by the Chief Risk Officer (CRO) of the company. This is a unique opportunity to work with a team of diverse and talented professionals who are responsible for building the technology risk management program and providing independent risk oversight to the technology, cyber security and data risks. Reporting to the Director for Technology Risk Oversight, this position is responsible for independently assessing, reporting, and aggregating technology risks. The risks identified by this team are reported to the Senior Management, Risk Management Committees, Board of Directors, and Regulators. This position will be responsible for effectively collaborating with key stakeholders across lines of business and lines of defense to ensure IT risks are managed effectively and efficiently in accordance with the company policies and applicable regulatory requirements. Essential Job Functions: * Learn IT Risk Management policy, Information technology policy & standards & processes at American Express, demonstrating strong levels of curiosity and willingness, to present an effective credible challenge. * Engage and liaise with internal stakeholder groups that have oversight of processes relevant to the firm's IT risk management approach to prevent, protect, respond and adopt/learn from IT incidents. * Provide effective oversight and credible challenge to the 1st line's implementation of IT related controls within the Risk and Control Self-Assessment (RCSA) and review the design and operating effectiveness of controls linked to the IT risk taxonomy. * Contribute to enterprise-wide initiatives focused on enhancing the IT risk management framework, information security policies, & security standards. Support development of key risk indicators and key performance indicators that delivers meaningful insights into IT risks and control performance trends. * Perform data-driven reviews focused on IT risks and prepare risk review reports for senior stakeholders and governance bodies. * Stay abreast of applicable regulations, guidelines, and industry standards, and drive continuous enhancement of oversight practices to ensure alignment with evolving regulatory expectations and leading practices. * Conduct exploratory data analysis on large sets of structure data using industry standard tools (Ex: SQL, Python, Power BI, and Excel data models) to develop meaningful insights on cybersecurity and technology related data. * Learn technology, cyber security, and business continuity management processes at American Express, demonstrating strong levels of curiosity and willingness, in order to present an effective credible challenge. * Support the design of independent technology risk oversight program which defines the engagement and integration with various risk management programs, including Risk and Control Self Assessments, operational risk event management, operational risk issue management. * Help embed a strong risk-aware culture, encouraging proactive risk management behaviors within the organization. Minimum Qualifications: * Minimum five years of experience in IT, security, or risk management within the banking/financial services industry including policy & procedure development, risk appetite, risk control self-assessment and testing, operational event & issue management. * Proven ability to identify & assess risks, analyze issues and derive meaningful insights about risk trends by conducting interviews and analyzing large volumes of data. * Strong verbal and written communication skills with an ability to explain complex problems and ideas clearly and succinctly to senior management. * Ability to work in a highly collaborative environment, excellent relationship building skills and ability to influence partners with a firm strategic view. * Excellent analytical skills with high attention to detail and accuracy. * Excellent critical thinking and problem-solving skills. * Required self-starter who can work with minimal supervision. * Willingness to challenge traditional thinking by actively engaging in constructive dialogue. Preferred: * Educational background: Bachelor's in computer science or information systems. * Working knowledge of cybersecurity and technology risk management concepts. * Experience in risk management frameworks and standards across cyber security, data risk, information technology, 3rd party, business continuity management. * Industry certifications (e.g., CISSP, CISM, CISA, CRISC, CompTIA Security+) * Understanding of risk assessment methodologies, frameworks, and industry standards (e.g., COSO, COBIT, ISO 27001, FAIR or NIST RMF) * Knowledge of relevant policies & regulations (e.g., OCC Heightened Standards, FFIEC IT booklets). * Experience with Governance, Risk and Compliance tools (Ex: Archer). Salary Range: $123,000.00 to $215,250.00 annually + bonus + benefits The above represents the expected salary range for this job requisition. Ultimately, in determining your pay, we'll consider your location, experience, and other job-related factors. We back you with benefits that support your holistic well-being so you can be and deliver your best. This means caring for you and your loved ones' physical, financial, and mental health, as well as providing the flexibility you need to thrive personally and professionally: * Competitive base salaries * Bonus incentives * 6% Company Match on retirement savings plan * Free financial coaching and financial well-being support * Comprehensive medical, dental, vision, life insurance, and disability benefits * Flexible working model with hybrid, onsite or virtual arrangements depending on role and business need * 20+ weeks paid parental leave for all parents, regardless of gender, offered for pregnancy, adoption or surrogacy * Free access to global on-site wellness centers staffed with nurses and doctors (depending on location) * Free and confidential counseling support through our Healthy Minds program * Career development and training opportunities For a full list of Team Amex benefits, visit our Colleague Benefits Site. American Express is an equal opportunity employer and makes employment decisions without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran status, disability status, age, or any other status protected by law. American Express will consider for employment all qualified applicants, including those with arrest or conviction records, in accordance with the requirements of applicable state and local laws, including, but not limited to, the California Fair Chance Act, the Los Angeles County Fair Chance Ordinance for Employers, and the City of Los Angeles' Fair Chance Initiative for Hiring Ordinance. For positions covered by federal and/or state banking regulations, American Express will comply with such regulations as it relates to the consideration of applicants with criminal convictions. We back our colleagues with the support they need to thrive, professionally and personally. That's why we have Amex Flex, our enterprise working model that provides greater flexibility to colleagues while ensuring we preserve the important aspects of our unique in-person culture. Depending on role and business needs, colleagues will either work onsite, in a hybrid model (combination of in-office and virtual days) or fully virtually. US Job Seekers - Click to view the "Know Your Rights" poster. If the link does not work, you may access the poster by copying and pasting the following URL in a new browser window: *************************** Employment eligibility to work with American Express in the U.S. is required as the company will not pursue visa sponsorship for these positions.