Information security analyst jobs in North Lindenhurst, NY - 386 jobs

Why us? You will be part of a team that believes that believes in employees success! They are a dynamic, fast growing company with great opportunities and an employee focused company culture. Join this fantastic team today and make a difference in your life and the lives of those around you! They are an equal opportunity employer and value diversity at our company. Job Description Strong knowledge of Information Security concepts such as: •Encryption, Cloud and Mobile Device Security •Data Loss and Prevention tools and solutions •Risk-Threat Analysis and Vulnerability Assessments •Enterprise Security Monitoring, Role-Based Access Control (RBAC) •Identity and Access Management, Computer Forensic •IT Audit and Compliance, Regulatory Requirements (HIPAA, CMS, FISMA, et. al.) •Knowledge of common vulnerability tools, and the ability to identify basic categories of vulnerability. What's in it for YOU? Salary: $120000 to $140000 10% bonus, exceptional perks and benefits Professional development training, mentoring, career coaching, and more! Sounds like you? then ping us with your most updated resume. We'd love to talk to you! We are excited about the companies growth and the role you will play with them. Qualifications Desired Skills & Experience: You hold a Bachelor's degree in any domain. You are certified in CISSP, or CISA, or CEH, required. You have more than 10 years experience working in the IT security function. You have working experience in the health care and/or financial services industries with project management and program management experience. You have good experience with Operating System, Database, Network and Application Security. Additional Information All your information will be kept confidential according to EEO guidelines.

Join our global Cyber team as a Wordings Analyst supporting the Global Cyber Wordings Manager in the strategic development and governance of our Cyber and Tech policy suite, including Liberty Cyber Resolution and Liberty Tech Resolution. This role is a hands-on business enabler: you will help translate complex legal and regulatory requirements into clear, market-ready wordings, maintain our global clause library, support manuscript negotiations, and produce practical tools that empower underwriters and strengthen broker confidence. It's an excellent opportunity for an early-career insurance wordings or legal professional to build expertise in a fast-moving, global specialty line and make a visible impact on growth, innovation, and client experience. Key responsibilities: Wording library and drafting support Maintain and expand the global wording library centered on Liberty Cyber Resolution and Liberty Tech Resolution, including endorsements, exclusions, and guidance notes. Redline and prepare first drafts of standard clauses and endorsements; ensure consistency with definitions, coverage intent, and plain-language standards. Track version control, change logs, approvals, and archiving; Assist with localization for different jurisdictions, coordinating translations and filing documentation with Legal/Compliance. Commercial enablement Build practical tools (playbooks, FAQs, objection-handling guides, coverage summaries) to help regional teams position our products and close deals efficiently. Prepare broker/client comparison decks and battlecards; support pitches, RFP/RFI responses, and manuscript negotiations with clause comparisons and recommended alternatives. Triage wording queries from regions; track SLAs and referral approvals per the global governance framework. Partner closely with Underwriting, Product, Global Cyber Engagement, Claims, Legal/Compliance, and regional leaders to deliver accurate, timely support and uphold governance standards. Regulatory and legal stewardship Monitor and synthesize global regulatory and market developments (e.g., Lloyd's cyber war/systemic guidance, GDPR, DORA, NIS2, sanctions) into succinct briefs and recommended wording actions. Maintain audit-ready documentation; assist with regulatory filings or attestations where required. Claims partnership and feedback loop Collaborate with Claims to capture lessons from disputes and litigation trends; draft guidance notes and propose clarifications to improve coverage certainty. Support coverage position letters and documentation packs with research, citations, and clause histories. Innovation and product development support Help draft prototype wordings for new propositions Check alignment between underlying policy wordings and reinsurance treaty/facultative clauses. Administer wording management tools, ensuring robust version control, approval workflows, and usage analytics. Build dashboards and trackers for adoption of standard forms, deviation rates, SLA performance, disputes, and audit findings; provide monthly reporting to stakeholders. Qualifications Bachelor's degree in business, economics, or other quantitative field. Minimum 3 years, typically 4 years or more of relevant work experience. 2 - 5 years of experience in insurance wordings, legal/paralegal support, underwriting support, or product documentation; cyber specialty experience preferred. Strong drafting, redlining, and proofreading skills with a plain-language mindset and exceptional attention to detail. Working knowledge of insurance policy structures, endorsements, exclusions, and coverage interpretation; familiarity with cyber war/systemic language, sanctions, and privacy regulations is advantageous. Research and synthesis skills to translate complex regulatory/legal topics into practical guidance and actionable updates. Proficiency with MS Word (advanced track changes/redlining), Excel (trackers and dashboards), PowerPoint (training/pitch materials), and document/enablement tools. Collaborative, service-oriented approach; comfortable operating in a global matrix and meeting defined SLAs. Curiosity about cybersecurity risks and the incident response ecosystem; willingness to learn common threat scenarios to inform practical drafting. About Us Pay Philosophy: The typical starting salary range for this role is determined by a number of factors including skills, experience, education, certifications and location. The full salary range for this role reflects the competitive labor market value for all employees in these positions across the national market and provides an opportunity to progress as employees grow and develop within the role. Some roles at Liberty Mutual have a corresponding compensation plan which may include commission and/or bonus earnings at rates that vary based on multiple factors set forth in the compensation plan for the role. At Liberty Mutual, our goal is to create a workplace where everyone feels valued, supported, and can thrive. We build an environment that welcomes a wide range of perspectives and experiences, with inclusion embedded in every aspect of our culture and reflected in everyday interactions. This comes to life through comprehensive benefits, workplace flexibility, professional development opportunities, and a host of opportunities provided through our Employee Resource Groups. Each employee plays a role in creating our inclusive culture, which supports every individual to do their best work. Together, we cultivate a community where everyone can make a meaningful impact for our business, our customers, and the communities we serve. We value your hard work, integrity and commitment to make things better, and we put people first by offering you benefits that support your life and well-being. To learn more about our benefit offerings please visit: *********************** Liberty Mutual is an equal opportunity employer. We will not tolerate discrimination on the basis of race, color, national origin, sex, sexual orientation, gender identity, religion, age, disability, veteran's status, pregnancy, genetic information or on any basis prohibited by federal, state or local law. Fair Chance Notices California Los Angeles Incorporated Los Angeles Unincorporated Philadelphia San Francisco We can recommend jobs specifically for you! Click here to get started.

Principal Information Security Analyst (Tier 2) As a Principal Information Security Analyst within Gen Digital's global Security Operations Center (SOC), you will play a key role in strengthening threat detection and response across the organization. The role focuses on improving SOC monitoring and detection processes through technical expertise, continuous development, and close collaboration with other security teams. In this position, you will serve as a senior specialist, leading automation and detection engineering efforts, mentoring junior analysts and contributing to projects that enhance security visibility and overall SOC performance. Operating in a follow-the-sun model, the SOC ensures 24/7 global coverage, with regional teams working during their respective business hours and sharing on-call responsibilities for weekend. Key Responsibilities: * Monitor, analyze, and correlate security alerts and events across multiple platforms (SIEM, WAF, EDR, email, cloud, network, and threat intelligence tools) to identify and validate suspicious or malicious activity * Continuously develop and fine-tune detection rules, correlation searches, security policies, and dashboards to improve visibility, reduce false positives, and increase alert accuracy across security platforms * Support and mentor Tier 1 analysts in alert triage, escalation quality, and use of tools * Collaborate with security engineers on automation and enrichment initiatives to streamline operational workflows and improve detection efficiency * Maintain complete and up-to-date documentation for all detection use cases, workflows and process improvements * Participate in security projects and collaborate with internal stakeholders (e.g., Incident Response, Security Engineering, Application Security, and IT) to enhance detection coverage, visibility, and response capabilities * Support the execution of incident response playbooks Qualification and Work Experience: * 3-5 years of hands-on experience in SOC operations, cybersecurity monitoring, or related areas such as detection engineering or threat analysis * Solid understanding of networking concepts (TCP/IP, DNS, HTTP/S) and how they apply to security monitoring and threat analysis * Strong knowledge of cybersecurity principles, common attack techniques, and threat types (e.g., phishing, malware, brute force, web application attacks) * Proven experience working with security logs, alerts, and structured data across multiple platforms (SIEM, EDR, WAF, cloud, and network telemetry) * Hands-on experience with SIEM platforms - Splunk preferred - including detection content development, rule tuning, and dashboard creation * Familiarity with Web Application Firewall (WAF) technologies and the ability to analyze or tune related alerts and policies * Understanding of cloud security concepts and experience with monitoring tools for major providers (AWS, Azure, GCP) * Working knowledge of scripting or automation (e.g., Python, PowerShell, or API-based integrations) to support analysis and enrichment workflows * Experience using AI-based tools to support daily SOC operations, including data analysis, investigation, documentation, and collaboration * Strong analytical and problem-solving skills with attention to detail and curiosity for continuous learning * Effective communication and documentation skills in English, both written and verbal * Experience collaborating across teams (e.g., Security Engineering, Incident Response, Application Security) on detection improvements or automation projects * Prior experience in a Security Operations Center (SOC) or similar environment is highly preferred * Familiarity with the fintech environment or experience supporting financial services infrastructure is considered a strong advantage #LI-AS1 Gen is proud to be an equal-opportunity employer, committed to diversity and inclusivity. We base employment decisions on merit, experience, and business needs, without considering race, color, national origin, age, religion, sex, pregnancy, genetic information, disability, medical condition, marital status, sexual orientation, gender identity or expression, military or veteran status, or other unlawful factors. Gen prohibits discrimination based on these protected characteristics and recruits talented candidates from diverse backgrounds. We consider individuals with arrest and conviction records and do not discriminate against employees for discussing their own pay or that of other employees or applicants. Learn more about pay transparency. To conform to U.S. export control regulations, applicant should be eligible for any required authorizations from the U.S. Government.

Information Security Specialist Job Responsibilities: Safeguards information system assets by identifying and solving potential and actual security problems. Information Security Specialist Job Duties: Protects system by defining access privileges, control structures, and resources. Recognizes problems by identifying abnormalities; reporting violations. Implements security improvements by assessing current situation; evaluating trends; anticipating requirements. Determines security violations and inefficiencies by conducting periodic audits. Upgrades system by implementing and maintaining security controls. Keeps users informed by preparing performance reports; communicating system status. Maintains quality service by following organization standards. Maintains technical knowledge by attending educational workshops; reviewing publications. Contributes to team effort by accomplishing related results as needed. Information Security Specialist Skills and Qualifications: System Administration, Network Security, Problem Solving, Information Security Policies, Informing Others, Process Improvement, On\-Call, Network Troubleshooting, Firewall Administration, Network Protocols, Routers, Hubs, and Switches. "}}],"is Mobile":false,"iframe":"true","job Type":"Full time","apply Name":"Apply Now","zsoid":"641401441","FontFamily":"Verdana, Geneva, sans\-serif","job OtherDetails":[{"field Label":"Industry","uitype":2,"value":"Technology"},{"field Label":"City","uitype":1,"value":"Brooklyn"},{"field Label":"State\/Province","uitype":1,"value":"New York"}],"header Name":"Information Security Specialist","widget Id":"**********00072311","is JobBoard":"false","user Id":"**********00133003","attach Arr":[],"custom Template":"3","is CandidateLoginEnabled":true,"job Id":"**********00267067","FontSize":"12","location":"Brooklyn","embedsource":"CareerSite","indeed CallBackUrl":"https:\/\/recruit.zoho.com\/recruit\/JBApplyAuth.do","logo Id":"2qf78d018cc5be94b40bbbcb719566377b192"}

Job Code 839 Department Name IT Infrastructure Reports To Manager, Information Security FLSA Status Exempt Union Code N/A Management No About Us: Building Services 32BJ Benefit Funds (“the Funds”) is the umbrella organization responsible for administering Health, Pension, Retirement Savings, Training, and Legal Services benefits to over 100,000 SEIU 32BJ members. Our mission is to make significant contributions to the lives of our members by providing high quality benefits and services. Through our commitment, we embody five core values: Flexibility, Initiative, Respect, Sustainability, and Teamwork (FIRST). By following our core values, employees are open to different and new ways of doing things, take active steps to improve the organization, create an environment of trust and respect, approach their work with the intent of a positive outcome, and work collaboratively with colleagues. The Funds oversees and manages $9 billion of dollars in assets, which are made up of many, varied and complex funds. The dollars come from a number of sources, including the property owners who pay into the funds on behalf of their employees, and as such, requires those who oversee and manage the money to be highly skilled financial management people. For 2025 and beyond, 32BJ Benefit Funds will continue to drive innovation, equity, and technology insights to further help the lives of our hard-working members and their families. We use cutting edge technology such as: M365, Dynamics 365 CRM, Dynamics 365 F&O, Azure, AWS, SQL, Snowflake, QlikView, and more. Please take a moment to watch our video to learn more about our culture and contributions to our members: youtu.be/hYNdMGLn19A Job Summary: Under the supervision of the Manager, Information Security, the Information Security Analyst is responsible to plan and carry out security measures to protect Funds' computer networks, systems, and digital and physical technology assets. Performs assessments, develops and implements information security policies, procedure, and guidelines. Works inter-departmentally to identify and correct flaws in the Funds' security systems, solutions, and applications while recommending specific measures that can improve the Funds' overall security posture. Essential Duties and Responsibilities: Provide guidance and expertise in the field of risk management regarding the protection and security of digital assets in the cloud and on premise. Design and develop Information Security Architectures to prevent unauthorized access to our information and data breaches. Develop and implement information security policies and procedures; develops security guidelines and safe practices for Funds'-wide computing and networking systems, and maintain the documentation. Manage, maintain and monitor security technologies such as vulnerability scanning solutions, IDS/IPS, anti-virus technologies, DLP capabilities, SIEM technologies, host forensics and malware analysis, web application firewalls and proxy solutions. Manage real time threat detention technologies to identify and quarantine threats, Monitor Endpoint Security Alerts and take corrective action. Minimize security threats by examining governance, technology infrastructure, and facilities to identify security deficiencies, using risk analysis and follow up with corrective action plan. Monitor internal control systems to ensure appropriate access levels are maintained, protect against unauthorized system access, modification and destruction. Review security related reports, logs and occurrences; escalate issues and initiate security response procedures. Create and review vulnerability reports, track compliance with vulnerability management policies, and escalate. Research and evaluate emerging technologies in support of security technology enhancements, propose technical solutions to management, to address security weaknesses and coordinate with relevant stakeholders to implement. Reviews, updates, and enforces data security practices within the organization; tests for exposures to ensure adherence to guidelines and procedures, and works with platform experts to implement remedial measures as appropriate. Tests security controls and manages the associated remediation of any deficiencies as needed. Assess security information, triaging and responding to security events, identify false positives, and conduct correlation analysis across numerous internal and external data sources while prioritizing information security incidents. Perform Project Management tasks for security initiatives /projects. Manage incident-handling processes, which include implementation of containment, protection, and remediation activities. Coordinates the handling and resolution of security incidents, to include system intrusions and abuse, and acts as a primary point of contact. Develop responses to internal & external audits, penetration tests and vulnerability assessments. Support Information Security training and awareness by providing ideas and content, assist HR with employee security awareness education and training. Manage multiple priorities and deadlines concurrently. Provide support after hours, on weekends and through on-call rotation. Performs other duties as assigned Qualifications (Competencies): To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Minimum 4 years in Information Security, or IT OPS management and systems administration with at least 2 years specific to IT Security; Strong knowledge of Information Security design, principles, and processes; Experience in writing and /maintaining information security policies, standards, and guidelines; Demonstrated ability to monitor and audit network security systems such as Firewalls, IPS, SIEM, DLP, web proxy, NAC, and Vulnerability scanners; Hands on experience with mitigating security controls (i.e., anti-virus, IPS/IDS, DLP, web and network proxies, URL content filtering, multi-factor authentication, SSL VPNs); Experience in incident response required; In-depth knowledge of Windows/Unix operating system forensics, event logging systems, authentication methods, remote and local web application security, penetration testing); Advanced experience in networking (TCP/IP) protocols, DNS, LDAP, AD, DHCP, HTTP, Web browsers, Firewalls, and other computer/network security and system administration; Familiar with regulatory compliance regulations (PCI, SOX, PII, HIPAA, etc.); Strong knowledge of common security frameworks (ISO, NIST, etc.); Experience in risk assessments and vulnerability management; General knowledge of Endpoint protection solutions; Knowledge of mainstream operating systems (Microsoft Windows, Linux, IOS) and a wide range of security technologies; General knowledge of Database technologies and queries (Microsoft SQL, MySQL, Oracle, etc.); Ability to independently identify, research and resolve issues with minimal amount of supervision, and ability to work with peers in a team effort; Soft Skills (Interpersonal Skills): Detail oriented with excellent organization and analytical skills; Ability to plan, take initiatives to accomplish objectives in timely fashion, and work independently; Ability to prioritize work and meet deadlines; Ability to establish and maintain effective working relationships with project team members, supervisors, and other employees. Education: Bachelor's degree in Computer Science, or a related discipline. Language Skills: Speak, read, write and understand English Reasoning Ability: High Certificates, Licenses, Registrations: CISM (Certified Information Security Manager), CISSP (Certified Information Systems Security Professional), or CISA (Certified Information Systems Auditor) certification are highly preferred. Physical Demands: The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals to perform the essential functions. The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals to perform the essential functions. Under 1/3 of the time: Standing, Walking, Climbing or Balancing, Stooping, Kneeling, Crouching, or Crawling Over 2/3 of the time: Talking or Hearing 100% of the time: Using Hands Work Environment: The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions. 1/3 to 2/3 of the time: Work near moving or mechanical parts, exposure to radiation, moderate noise.

Job Title: Cyber Command Forensic Analyst SCOPE OF SERVICES: The forensics Analyst will investigate network intrusions and other cyber incidents to determine cause, extent and consequences of the breach. TASKS: · Research and develop new techniques, and procedures to continually improve the digital forensics process. · Produce high quality written work product presenting complex technical issues clearly and concisely. · Managing and maintaining the analysis labs and forensics tools leveraged for investigations. · Ensuring data is collected and preserved within industry standard best practices and in alignment evidence integrity requirements. · Assisting the Cyber Emergency Response Team during critical incidents. · Investigate network intrusions and other cybersecurity incidents to determine the cause and extent of the breach. Includes ability to perform host -based and network -based forensic analysis. MANDATORY SKILLS/EXPERIENCE: · Minimum 4 years of experience in Threat Management/Forensics Investigations/Incident Response environment · Proficient in performing digital forensic investigations on a variety of platforms and operating systems with a deep understanding of digital forensics processes and tools. Requirements DESIRABLE SKILLS/EXPERIENCE: · Experience with a wide range of forensic tools (FTK, X -Ways, SIFT, AXIOM, EnCase, etc.) · Experience with memory analysis tools (i.e. Volatility, MemProcFS) · Experience with Linux and open source tools · Experience investigating intrusions on Windows and Linux/Unix operating systems · Experience with performing forensics collections in cloud environments (AWS, Azure, GCP) · Knowledge of gathering, accessing, and assessing evidence from computer systems and electronic devices · Knowledge of virtual environments · Knowledge of forensic imaging techniques · Knowledge of Microsoft Windows operating system and Windows artifacts · Knowledge of Linux/UNIX operating systems and artifacts · Knowledge of mac OS operating system and forensics artifacts · Knowledge of file systems · Strong analytical skills Skills: · Incident Management · Threat Management · Cyber Security

This position is posted by Jobgether on behalf of a partner company. We are currently looking for a Cyber Security Analyst - REMOTE. In this role, you will safeguard critical systems and drive innovation in security practices. As a proactive professional, you will contribute to a collaborative environment that prioritizes data protection and infrastructure security. Your work will have a significant impact on maintaining the integrity of our systems and ensuring a safe digital landscape. Join us to make a difference in cybersecurity.Accountabilities Lead efforts to monitor and maintain security across servers, networks, and endpoints. Administer and enhance network security defenses to prevent breaches. Analyze vulnerabilities and implement solutions to strengthen system integrity. Respond to and investigate cyber incidents, ensuring timely resolution and documentation. Develop and maintain security policies, standards, and guidelines aligned with best practices. Collaborate with IT teams to ensure security controls, compliance and risk management strategies are effective. Educate staff on cybersecurity awareness and best practices. Requirements Minimum 5 years of experience in cybersecurity, network engineering, or system analysis. Strong knowledge of incident response, intrusion detection, and risk management. Proficiency in analyzing complex systems and security audit results. Excellent communication and problem-solving skills. Bachelor's degree in Computer Science or related field (preferred). Certifications such as CISSP, CEH, or CISA (preferred). Experience with Windows Server, Linux, Cisco, and security tools like Wireshark (preferred). Benefits Comprehensive health-related benefits including medical, vision, and dental care. 401(k) plan with company contributions. Company-paid life insurance. Tuition reimbursement program. Minimum of 18 days of paid time off per year plus paid holidays. Participation in an annual bonus plan. Why Apply Through Jobgether? We use an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. Our system identifies the top-fitting candidates, and this shortlist is then shared directly with the hiring company. The final decision and next steps (interviews, assessments) are managed by their internal team. We appreciate your interest and wish you the best!Data Privacy Notice: By submitting your application, you acknowledge that Jobgether will process your personal data to evaluate your candidacy and share relevant information with the hiring employer. This processing is based on legitimate interest and pre-contractual measures under applicable data protection laws (including GDPR). You may exercise your rights (access, rectification, erasure, objection) at any time.#LI-CL1We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

Job Description We is seeking a talented Cyber Security Analyst. As a Cyber Security Analyst, you will play a key role in ensuring the security and integrity of our organization's data and systems. Requirements Responsibilities: Monitor, detect, and respond to cyber threats and security incidents, Conduct vulnerability assessments and penetration testing to identify potential weaknesses in our systems, Develop and implement security measures and best practices to protect against cyber attacks, Stay up-to-date with the latest cyber security trends and technologies, Collaborate with cross-functional teams to identify security risks and implement appropriate solutions, Provide training and guidance to employees on cyber security awareness and best practices. Requirements: Bachelor's degree in Computer Science, Information Security, or a related field, Proven experience in cyber security or a related role, Strong knowledge of security protocols and tools, Ability to analyze and interpret complex data and make informed decisions, Excellent problem-solving and communication skills, Relevant certifications (e.g. CISSP, CISM) are preferred but not required. Benefits About Us Zone IT Solutions is an Australia-based Recruitment Company. We specialise in Digital, ERP and larger IT Services. We offer flexible, efficient and collaborative solutions to any organisation that requires IT, experts. Our agile, agnostic and flexible solutions will help you source the IT Expertise you need. If you are looking for new opportunities, your profile at *******************************. Also, follow our LinkedIn page for new job opportunities and more. Zone IT Solutions is an equal-opportunity employer, and our recruitment process focuses on essential skills and abilities.

Public Health Solutions (PHS) is a 501(c)3 non-profit community-based organization (CBO) that has existed for 70 years to improve health equity and address health-related social needs (HRSN) for historically underserved marginalized communities. As the largest public health nonprofit serving New York City, we improve health outcomes and help communities thrive by providing services directly to vulnerable families, supporting community-based organizations through our long-standing public-private partnerships, and bridging the gap between healthcare and community services. We focus on a wide range of public health issues including food and nutrition, health insurance, maternal and child health, sexual and reproductive health, tobacco control, and HIV/AIDS. Learn more about our work at healthsolutions.org. PHS administers WholeYouNYC (WYNYC), a coordinated community resource network that builds trustworthy and reliable pathways between healthcare providers, health plans and CBOs providing critical resources in the community that address the social drivers of health. WYNYC brings together over 100 organizations offering various programs - such as food, housing, employment, health insurance, and sexual health services - across all five boroughs. These services and programs make it possible for New Yorkers to live their healthiest lives and ultimately reduce health disparities and advance health equity. To date, our network has already impacted thousands of lives through community partnerships and referrals, generating millions in estimated healthcare savings. New York State (NYS) recently announced the availability of $500M statewide to support Social Care Network (SCN) lead entities responsible for coordinating social care delivery in various regions across the state. Public Health Solutions (PHS) and our WYNYC network were awarded the role of regional SCN for Brooklyn, Manhattan, and Queens. This is a grant-funded position ending March 31, 2027. Program Description: The Information Security Analyst is responsible for supporting and maintaining the organization's information security and compliance program in accordance with applicable federal, state, and contractual requirements, including the NYS OHIP, Common Security Framework (CSF), and HIPAA Security practices. This position plays a critical role in safeguarding organizational assets by monitoring information systems, evaluating security controls, and coordinating incident response activities. The Analyst will collaborate closely with internal IT resources, the managed Security Operations Center (SOC), and external partners to ensure adherence to established policies, standards, and regulatory obligations. Key Responsibilities Regulatory Compliance and Risk Management Support and maintain compliance with OHIP PM-17 standards, NYS security requirements, HITRUST CSF, and HIPAA regulations. Participate in internal and external security audits, assessments, and certification readiness efforts. Document and maintain evidence of compliance activities, corrective action plans, and remediation tracking. Assist in the periodic review and revision of information security policies, standards, and procedures. Security Operations Monitor and respond to alerts generated through the organization's SIEM and security monitoring platforms, in coordination with the SOC. Investigate, triage, and document security incidents and vulnerabilities in accordance with established escalation protocols. Prepare and distribute regular security and compliance reports to IT leadership. Microsoft 365 and Azure Security Administer and maintain controls within the Microsoft 365 Security & Compliance Center, including data loss prevention (DLP), auditing, retention, and threat protection. Implement and review Azure Cloud security configurations, including conditional access, identity protection, and secure baselines. Monitor privileged access and ensure adherence to least-privilege and separation-of-duties principles. Coordination and Communication Serve as a liaison with the SOC and external vendors for incident response, threat intelligence, and log management activities. Collaborate with infrastructure, application, and compliance teams to align security practices with organizational objectives. Qualifications and Experience: Education: Associate or Bachelor's degree in IT, Computer Science, or related field or equivalent. Experience: Minimum of one (1) to three (3) years of professional experience in information security, cybersecurity operations, or IT compliance. Demonstrated knowledge of, NYS OHIP, and HIPAA compliance frameworks. Proficiency with Microsoft 365 Security & Compliance Center, Azure Security Center, and Defender for Cloud. Experience with SIEM platforms (e.g., Microsoft Sentinel, Splunk, LogRhythm) and associated reporting functions. Familiarity with security incident response, vulnerability management, and risk assessment methodologies. Strong written and verbal communication skills, with the ability to produce audit-ready documentation and reports. Other duties as assigned. Desired Skills: Professional certifications such as CompTIA Security+, CISSP, CCSK, Microsoft Certified: Security Operations Analyst Associate, or HITRUST CCSFP. Prior experience supporting compliance efforts within a public health, nonprofit, or governmental organization. Key Attributes for Success Strong eagerness to learn and develop new technical skills. A proactive and problem-solving mindset. Attention to detail and ability to document IT processes clearly. Ability to work both independently and collaboratively within an IT team. Willingness to take on new challenges in a fast-paced IT environment. Reports To: Information Security Manager Direct Reports: This position has no direct reports Benefits: • Hybrid Work Schedule. • Generous Paid Time Off and Holidays. • An attractive and comprehensive benefits package including Medical, Dental and Vision. • Flexible Spending Accounts and Commuter Benefits. • Company Paid Life Insurance and Disability Coverage. • 403(b) + employer matching and discretionary company contributions. • College Savings Plan. • Ongoing training and continuous opportunities for professional growth and development. At PHS, we place immense value on diversity within our teams, understanding that varied backgrounds and experiences significantly enhance our community and propel us toward our goals. If you find you don't have experience in all the areas listed above, we still encourage you to apply and share your background and experiences in your application. We are eager to discover how your unique perspective can bring positive transformations to our team and help advance our mission of creating healthier, more equitable communities. We look forward to learning more about you! PHS is proud to be an equal opportunity employer and encourages applications from women, people of color, persons with disabilities, LGBTQIA+ individuals, and veterans. 9am- 5pm 35 hours

The Information Security Analyst plays a key role in advancing the company's Governance, Risk & Compliance (GRC) program by protecting enterprise information assets and ensuring compliance with regulatory, contractual, and ethical standards. This position offers hands-on experience across multiple security domains including policy governance, risk management, AI governance, and data security, making it an excellent opportunity for early career professionals or recent graduates passionate about cybersecurity and emerging technology risks. In this role, you will collaborate with teams across Information Security, IT, and Legal to drive initiatives that safeguard sensitive data, maintain compliance obligations, and promote responsible use of artificial intelligence and other advanced technologies. Responsibilities Governance & Policy Management Assist in developing, maintaining, and aligning information security policies with frameworks such as NIST CSF, ISO 27001, SOC 2, CIS, and the NIST AI RMF. Contribute to documentation and control mapping for new or updated regulations related to AI, privacy, and data protection (e.g., GDPR, CCPA, NIST 800-53 Rev 5). Support internal policy review cycles, ensuring consistent version control and executive approval. Risk Management Participate in enterprise risk assessments, including third-party, application, and AI model risk reviews. Help identify, document, and track remediation of security and privacy risks within the GRC platform (e.g., Drata, ServiceNow GRC, OneTrust, Vanta, etc.). Support the development of risk metrics and dashboards for leadership reporting. Learn to evaluate AI-related risks such as model bias, data leakage, data lineage, model transparency, and unintended data exposure. Data Governance & Data Security Assist with data classification, retention, and handling standards, ensuring sensitive data is appropriately protected. Support data inventory and mapping efforts to improve visibility where critical data resides. Help review access controls, encryption standards, and secure data transfer processes in coordination with IT teams. Collaborate with the IT team to ensure alignment between data quality, privacy, and security controls. Compliance & Audit Support Gather and organize evidence for internal and external audits (ISO 27001, PCI, HIPAA, etc.). Maintain control documentation and track audit remediation activities. Support continuous monitoring of compliance requirements and updates to regulatory obligations, including emerging AI governance and data-related laws. AI Governance Support Contribute to inventories of AI tools and use cases across the enterprise. Assist in risk assessments for AI systems, ensuring they align with responsible AI principles such as fairness, accountability, and transparency. Collaborate with IT and legal teams to ensure that AI use complies with company policies. Security Awareness & Communication Help design and distribute training materials related to cybersecurity, data protection, and responsible AI practices. Support internal campaigns promoting secure data handling and ethical technology usage. Prepare metrics, dashboards, and presentations for leadership briefings. Continuous Improvement Participate in projects that automate or streamline GRC processes, such as policy lifecycle management or risk scoring. Stay informed about new threats, regulatory trends, and AI governance frameworks. Engage in ongoing professional development and certification opportunities. Qualifications Bachelor's degree in Cybersecurity, Computer Science, Information Systems, Data Science, or a related field is preferred 0-2 years of experience in cybersecurity, risk management, compliance, or data governance (internship or coursework acceptable). Understanding of cybersecurity principles, risk management, and data privacy fundamentals. Basic familiarity with AI systems, data governance concepts, or information security practices. Strong analytical, communication, and documentation skills. Ability to manage multiple priorities in a fast-paced environment. Proficient in Microsoft Excel, PowerPoint, and data analysis or GRC tools. Exposure to frameworks such as NIST CSF, ISO 27001, SOC 2, NIST AI RMF, or COBIT. Must be able to work in the U.S. without sponsorship Per applicable state requirements, the annual pay range for this position ($60,500 - $84,000) which consists of base salary (subject to performance), reflects the hiring range for candidates. Also note, an individual's offer may vary from this range as it may be impacted by additional factors, including but not limited to the candidate's hiring location, qualifications, experience, and market factors.

St. John's, established in 1870, has two New York City campuses; international locations in Rome, Italy; Limerick, Ireland; and Paris, France; and study abroad locations around the world. The Princeton Review and other top rankings consistently recognize the University's outstanding academics, diverse student body, dynamic internship, and volunteer opportunities, focus on student life, and diverse study abroad offerings. St. John's University offers more than 100 undergraduate and graduate programs in its six colleges and schools, with a growing number of programs offered online. The University is accredited by the Middle States Commission on Higher Education and 12 other major academic and professional associations. A dedication to diversity, equity and inclusion is at the heart of our mission. As a Catholic and Vincentian university, St. John's is committed to institutionalizing practices of inclusive excellence to ensure that we welcome and celebrate the intrinsic worth of all members of our community. We will become an even stronger university as we enhance equity at every level of our institution. Our graduates will excel in the competencies and values needed for leadership and service in a rapidly evolving world. Department: Information Technology Specific Job Title: Information Security Analyst - Identity & Access Mgmt Focus Reports to: Associate Director, Systems & Security Architect Campus: Queens Job Summary: The Information Security Analyst is responsible for managing the security risk of the University's data and infrastructure and the user identity ecosystem. The candidate will oversee the implementation of the various security measures and tools, whether outsourced or in-house, and help safeguard technical assets against a cyber-attack. The role is highly collaborative, involving frequent interaction with various members in the IT organization. In addition to overseeing the implementation of various security measures and tools, the Analyst plays a key role in protecting user credentials, access privileges, and authentication systems, which includes supporting the Identity & Access Management (IAM) platform to ensure proper user provisioning, access governance, and role-based access control (RBAC) across systems. The role is highly collaborative, involving regular interaction with IT leadership, application owners, and external partners. The Information Security Analyst will monitor security threats, lead vulnerability remediation efforts, and support security operations while also contributing to the development and ongoing maintenance of the IAM lifecycle. The candidate will participate in any security investigations and incident management drills, helping analyze security-related data from a wide range of security products and devices. Essential Functions: * Manage the relationship with outsourced security vendors, including regular review of deliverables related to Identity Services controls and data access. * Provide directions to identify, design, and execute security projects that improve detection, response, and access control capabilities. * Collaborate with the Identity & Access Management team to ensure role definitions, access reviews, provisioning/deprovisioning processes, and segregation of duties policies are consistently applied. * Support IAM lifecycle processes by monitoring and assisting with the automation of user access provisioning, changes, and terminations. * Assist with the implementation and administration of IAM solutions, including role mining, entitlement reviews, and access certification campaigns. * Run periodic incident response drills and include identity compromise scenarios and credential misuse as part of test planning. * Assist with the integration of IAM services with systems such as Active Directory, cloud applications, learning management systems, and enterprise applications. * Ensure access governance by monitoring elevated/privileged accounts and supporting the implementation of least privilege policies and just-in-time access where applicable. * Review and respond to security alerts related to unauthorized access attempts, anomalous login behavior, or privilege escalation. * Analyze the impact of identity-related vulnerabilities, including misconfigured permissions and weak credentials, and assist with remediation. * Support security audits and compliance reporting by gathering identity and access data and providing evidence of policy adherence. * Monitor systems and logs for suspicious activity, especially related to identity compromise or misuse of credentials. * Manage cybersecurity awareness training, incorporating education around password hygiene, MFA, phishing, and identity theft. * Partner with HR and IT teams to ensure identity lifecycle events (onboarding, offboarding, transfers) are securely and accurately reflected in system access. * Participate in investigations and forensics activities involving identity compromise or unauthorized access. Competencies: The candidate should have: * Five to seven years of working within information security, with demonstrated experience supporting Identity & Access Management systems (e.g., SailPoint, Okta, Azure AD, or equivalent). * Strong understanding of user identity lifecycle management, directory services (e.g., LDAP, Active Directory), RBAC, and access governance principles. * Demonstrated experience with access reviews, entitlement management, and identity-related workflows. * Demonstrated technical capabilities and excellent understanding of systems, networking, and technology infrastructure, including Firewalls, VPN, DLP, Web-Proxy, DNS/DHCP * Technical capabilities in systems, networking, and infrastructure, including security platforms such as Firewalls, VPNs, DLP, Web-Proxy, and DNS/DHCP. * Familiarity with MFA, SSO, and federation technologies and protocols, such as SAML, OAuth, and SCIM. * Experience writing JavaScript or equivalent programming language * Knowledge of scanning and compliance tools (e.g., Tenable, Qualys) and identity risk scoring. * Familiarity with application security, encryption technologies, and current identity-related cyber threats. * Understanding of the NIST framework and the components of the framework to evaluate risk. * Organizational skills and attention to detail are critical, especially to managing open issues and items that are cross-team within the organization. * Demonstrated experience working in collaboration with a team as an effective team member. * Excellent interpersonal skills and ability to work with a diverse clientele. * Demonstrated ability to communicate effectively verbally and in writing. * Demonstrated ability to work independently. * Be able to exercise good judgment, logic, and troubleshooting skills to anticipate and solve problems independently. * Proven experience in handling multiple priorities simultaneously. * Ability to work a flexible work schedule, including evenings and weekends, when necessary. Work Environment: The candidate can work in a hybrid posture (mix of remote and on-site). Position Type/Expected Hours of Work: This position is full-time, Monday through Friday, 8:30 am to 4:30 pm. At times the candidate may be required to work later hours and/or weekends as needed in the event of any major issues. Required Education and Experience: * Completed a bachelor's degree program or higher in business, computer science, or equivalent field. * Non-bachelor's degrees are accepted with equivalent years of experience and relevant professional certifications. Additional Eligibility Qualifications: * CISSCP or other industry security certification a plus. In compliance with NYC's Pay Transparency Act, the annual salary range for this position is $83,600 - $94,050. St. John's University considers factors such as (but not limited to) scope and responsibilities of the position, candidate's work experience, education/training, key skills, internal peer equity, as well as market and organizational considerations when extending an offer. * Important Note- St. John's is NOT an E-Verify Employer St. John's offers a competitive compensation program which is commensurate with your qualifications, experience, and contingent upon the departmental budget. We also offer an extremely comprehensive benefits program to meet the diverse needs of our workforce. Along with exceptional benefits such as medical, dental, life insurance, long term disability insurance, tuition remission, generous 403(b) employer contribution, employee assistance program, and liberal paid time off policies, faculty and staff can also enjoy St. John's performing arts, libraries, bookstores, dining facilities, campus recreation and sporting events Any offer of employment is subject to receipt by St. John's University of satisfactory references, verification of employment and education. St. John's University is an Equal Opportunity Employer. All qualified applicants will receive consideration without regard to race, color, religion, sex, sexual orientation, gender identity, national or ethnic origin, age, status as an individual with a disability, protected veteran status, or any other characteristic protected by law.

**Intro** Are you ready to explore a world of possibilities, both at work and during your time off? Join our American Airlines family, and you'll travel the world, grow your expertise and become the best version of you. As you embark on a new journey, you'll tackle challenges with flexibility and grace, learning new skills and advancing your career while having the time of your life. Feel free to enrich both your personal and work life and hop on board! **Why you'll love this job** + Responsible for advancing our Airport safety culture and station success through performance observations, station interactions and other engagements. + This job is a member of the Performance Assurance team within the Quality, Safety and Compliance group within the Airport Center of Excellence organization. + The pay range for this role is $51,000 to $86,500, taking into account the qualifications and experience of the selected candidate. **What you'll do** _As noted above, this list is intended to reflect the current job but there may be additional essential functions (and certainly non-essential job functions) that are not referenced. Management will modify the job or require other tasks be performed whenever it is deemed appropriate to do so, observing, of course, any legal obligations including any collective bargaining obligations._ + Recognize and report common challenge areas to provide feedback to the appropriate groups + Monitor effectiveness of corrective action plans to determine effectiveness, scalability, creation of recommendations/best practices + Analyze findings, determine root causes, and develop recommendations, delivered in executive level presentations + Support company delivery transformation projects and change management + Identify and communicate business process inefficiencies through new tools/technology including AI + Use AI to assist in day-to-day work as well as solve complex issues + Support special projects and investigations + Identify changes in emerging business and operational risks + Provide suggested changes to current performance assurance reviews and processes and techniques + Work in a variety of environments, including outdoors in all weather conditions **All you'll need for success** **Minimum Qualifications- Education & Prior Job Experience** + Bachelors degree or equivalent training/experience + Two years audit experience **Preferred Qualifications- Education & Prior Job Experience** + Airline experience, Customer Operations or Cargo preferred + Previous root cause analysis identification **Skills, Licenses & Certifications** + Detail oriented + Excellent organization skills + Comprehensive analytical and problem-solving skills + Ability to effectively communicate with all levels of employees within the organization + Excellent presentation skills + Ability to travel approximately 60 - 75% + Proficient in Microsoft Office software, with advanced Excel and Access skills + Ability to fulfill FAA criminal background checks to qualify for unescorted access privileges to airport security identification display areas (SIDA), if applicable **What you'll get** Feel free to take advantage of all that American Airlines has to offer: + Travel Perks: Ready to explore the world? You, your family and your friends can reach 365 destinations on more than 6,800 daily flights across our global network. + Health Benefits: On day one, you'll have access to your health, dental, prescription and vision benefits to help you stay well. And that's just the start, we also offer virtual doctor visits, flexible spending accounts and more. + Wellness Programs: We want you to be the best version of yourself - that's why our wellness programs provide you with all the right tools, resources and support you need. + 401(k) Program: Available upon hire and, depending on the workgroup, employer contributions to your 401(k) program are available after one year. + Additional Benefits: Other great benefits include our Employee Assistance Program, pet insurance and discounts on hotels, cars, cruises and more **Feel free to be yourself at American** From the team members we hire to the customers we serve, inclusion and diversity are the foundation of the dynamic workforce at American Airlines. Our 20+ Employee Business Resource Groups are focused on connecting our team members to our customers, suppliers, communities and shareholders, helping team members reach their full potential and creating an inclusive work environment to meet and exceed the needs of our diverse world. Are you ready to feel a tremendous sense of pride and satisfaction as you do your part to keep the largest airline in the world running smoothly as we care for people on life's journey? Feel free to be yourself at American. EQUAL EMPLOYMENT OPPORTUNITY/ AFFIRMATIVE ACTION POLICY American Airlines maintains a continuing policy of nondiscrimination in employment. It is our policy to provide equal opportunity and access for all persons, without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or status as a disabled veteran or other protected veteran, in all phases of the employment process and in compliance with applicable federal, state, and local laws and regulations. This policy of nondiscrimination shall include, but not be limited to, the following employment decisions and practices: hiring; upgrading; promotions; demotions or transfers; layoffs; recalls; terminations; rates of pay or other forms of compensation; selection for training, including apprenticeship; and recruitment or recruitment advertising.

Aircall is a unicorn, AI-powered customer communications platform used by 22,000+ companies worldwide to drive revenue, resolve issues faster, and scale customer-facing teams. We're redefining customer communications by bringing voice, SMS, WhatsApp, and AI together into one seamless workspace. Our momentum comes from a simple idea: help teams work smarter, not harder. Aircall's AI Voice Agent automates routine calls, AI Assist streamlines post-call work, and AI Assist Pro delivers real-time guidance so people can do their best work. The result is higher revenue, faster resolutions, and teams that scale with confidence. Aircall is headquartered in Paris, our European HQ, with a strong North American presence anchored in Seattle, our North American HQ, and teams across Madrid, London, Berlin, San Francisco, New York City, Sydney, and Mexico City. We've built a product customers love and a business that's scaling quickly, backed by world-class investors and driven by rapid AI innovation across multiple product lines.At Aircall, you'll join a company in motion. We're ambitious, product-driven, and execution-focused, with visible impact, fast decisions, and real growth. How we work at Aircall: We're customer-obsessed, data-driven, and focused on delivering meaningful outcomes. We value ownership, continuous learning, and thoughtful speed. If you thrive in a collaborative, fast-moving environment where trust and impact matter, you'll feel at home here. Aircall is seeking an experienced Information Security Manager to take ownership of Aircall's information security strategy, governance, and risk management practices. This person will serve as the central coordinating and orchestrating function for all branches of Information Security, ensuring that our security, IT, privacy and product teams are aligned, accountable, and operating against a unified framework. This individual will build and mature our governance, policy, and compliance foundations; ensure readiness against major security frameworks; and drive a security-first culture across the organization. This role will sit within the CTO (Technology) organization, alongside Security & Infrastructure Engineering building the security foundation of a future Governance, Risk & Compliance (GRC) function.Key Responsibilities Develop and maintain the company-wide security strategy, policies, and governance frameworks. Ensure ongoing compliance with SOC 2, GDPR, NIST. Determine in conjunction with the other security stakeholders the company's strategy to pursue additional certifications) and other relevant global security standards (e.g., ISO 27001). Participate in building the Governance, Risk & Compliance (GRC) function, aligning with privacy, compliance, and enterprise risk function; maintaining and executing against a risk matrix Ensure that each branch of Information Security (Product Security, IT Security, GTM, Vendor Due Diligence, Customer facing topics; Governance, Policies & Audits) is performing its responsibilities effectively and operating in a coordinated manner. Lead enterprise-wide security risk assessments, gap analyses, and mitigation planning. Partner closely with Legal/Privacy on regulatory obligations, including GDPR, data residency requirements, and incident reporting. Oversee vendor risk management and security due diligence, ensuring consistent assessment standards and cross-functional alignment. Build and manage a scalable vendor security program, including due diligence, remediation, and monitoring. Maintain and refine incident response policies, workflows, roles, and communication procedures. Coordinate cross-functional participation during security events, ensuring documentation, communication, and post-incident reporting. Serve as the point of escalation for major security events. Ensure clear reporting lines, accountability, and coordination between IT Security and Engineering/Product Security. Work closely with IT, Product, Engineering, and Data teams to embed security-by-design throughout the development lifecycle. Manage dotted-line reporting relationships with Security Engineers and IT team members, ensuring unified strategic direction while respecting functional dependencies. Represent Information Security to the Board, Audit Committee, customers, and regulators, as needed. Lead company-wide security training and awareness initiatives. Promote a security-first culture across all functions, ensuring employees understand their role in protecting company and customer data. Qualifications 8+ years of experience in Information Security, including security governance or GRC leadership roles within SaaS or cloud based companies. Deep knowledge of SOC 2, ISO 27001, NIST, GDPR, and modern security frameworks. Hands-on experience with GRC platform (Drata, One Trust, Vanta etc.) Experience leading cross-functional initiatives and managing multiple stakeholders. Experience with risk management, vendor security, and policy development. Proven ability in dealing with incident response and security operations. Strong communication skills, with experience presenting to executives or boards. $180,000 - $200,000 a year This is not including equity and other benefits. The actual salary offered will carefully consider a wide range of factors, including your skills, qualifications, and experience. Why join us? 🚀 Key moment to join Aircall in terms of growth and opportunities💆 ♀️ Our people matter, work-life balance is important at Aircall📚 Fast-learning environment, entrepreneurial and strong team spirit🌍 45+ Nationalities: cosmopolite & multi-cultural mindset💵 Competitive salary package & equity🏨 Medical, dental, and vision insurance is 100% covered📈 401k plan with company matching!✈️ Unlimited PTO - take the time you need to come to work feeling great!⭐️ Wellness, commuter, and childcare reimbursements💚 Generous parental leave policy DE&I Statement: At Aircall, we believe diversity, equity and inclusion - irrespective of origins, identity, background and orientations - are core to our journey. We pride ourselves on promoting active inclusion within our business to foster a strong sense of belonging for all. We're working to create a place filled with diverse people who can enrich and learn from one another. We're committed to ensuring that everyone not only has a seat at the table but is valued and respected at it by providing equal opportunities to develop and thrive. We will constantly challenge ourselves to make sure that we live up to our ambitions around diversity, equity and inclusion, and keep this conversation open. Above all else, we understand and acknowledge that we have work to do and much to learn. Want to know more about candidate privacy? Find our Candidate Privacy Notice here.We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

Job DescriptionThis role is located in New York City and will require a hybrid work schedule of at least 2 days in office per week. This role is for Vice President level candidates. About the Bank: Sumitomo Mitsui Trust Bank, Limited was established through the merger of The Sumitomo Trust and Banking Co., Ltd with Chuo Mitsui Trust and Banking, Ltd. on April 1, 2012. We are one of the largest asset managers in Asia and number one among Japanese financial institutions by AUM, with approximately $850 Billion USD in AUM. The Bank provides an assortment of financial solutions and manages a broad spectrum of financial products across its global branches. Department Overview: The Americas Division (“AD”) was established in the Sumitomo Mitsui Trust Bank, Limited, New York Branch) (“SMTBNY”) to perform corporate functions and supervise U.S. entities. Established under the AD are the “Global Banking Unit (“GBU”), Americas Division” and “Global Markets Unit (“GMU”), Americas Division” which performs business functions. Information Risk Governance (“IRG”) provides oversight to information and cyber security risk by maintaining and improving branch wide framework that is in-line with the Head Office and regulatory requirements and addresses Confidentiality, Integrity, and Availability for information assets. IRG establishes appropriate policies, procedures, measurement, and monitoring processes to proactively assess and evaluate cyber security and information security risks inherent in the Branch Operations. IRG is directly involved in all information and cyber security related projects, matters, and issues. Your Role Overview: To assist the Head of the Department with the day-to-day management and operation of the department. To assume the role of Information Security Officer and take the lead on overseeing the timely completion of the department's critical risk management projects. To provide direct assistance to the Head of the Department with regards to accomplishing the department's goals and objectives. To manage, guide and mentor other staff members with the preparation and completion of their assigned tasks. To contribute significantly to the overall success of the department in all key risk management and cyber security areas. Directly oversee completion of all critical projects, assist the HOD with implementing desired operational strategies and procedures. Recommend ways to improve efficiency, effectiveness, and productivity. Focus on proactive day-to-day operations. As ISO, assist with overseeing all information and cyber security matters. Your Duties and Responsibilities: Maintain and improve the information risk framework with guidance from HOD, address regulatory requirements, residual information risks specific to NY Branch Operations. Provide Information Security subject-matter-expertise to senior management. Work with IRT and coordinate incident responses to cyber security events. Keep abreast of industry wide information risk issues that could potentially have an impact on Branch Operations. Establish processes for communicating data classification guidelines and its governance. Oversee employee information security awareness training. Assesses and evaluates critical risk management projects: Annual Risk Assessment. Semi-annual Vulnerability Assessments. Special Risk Assessments done for a Particular Purpose Trend analysis of key risk management concepts and principles Attend the ISSRM and Branch Risk Management related meetings. Performs key information risk governance related tasks as described below: Provides User Access Control Governance. Monitors, analyzes and follows-up on Information Risk events/issues. Reviews information risk and proactively advises as necessary on: IT Projects/Issues Management process, Change Management Process, significant changes to IT procedures, IT Asset Management Report, key IT Vendor Contracts, IT Disaster Recovery Plan/Process, Record Retention Process, any related audit findings, etc. Establish and maintain Information Risk Key Risk Indicators (KRI). Periodically updates IT resources on Information risk related practices. Manages all information and cyber security policy and procedures manuals. Assist with the management of all matters related to Information Security and Information Risk Management, including directing appropriate Information/Applications Risk Assessments. Your Qualifications: Certification in Information Security (CISSP) required. 8+ years of Information Security related experience, IT Audit experience, preferred. Knowledge of Information Security principles, terminologies, and technologies required. Knowledge of Information Risk Management framework and principles required. Ability to analyze and design information security monitoring procedures and activities preferred. Detailed Knowledge and expertise in Technology Risk Assessments and Risk Analysis required. Excellent written and verbal communication skills, required. Good computer skills in Microsoft Office Excel and Word required. Strong project management and people management skills. preferred Why you should join SuMi Trust:SuMi Trust embraces flexible ways of working when the business and role permits. We provide employees with a hybrid working model, allowing for in-office work and work from home. Our diverse and inclusive environment along with our global presence enables us to collaborate and communicate to meet our business needs. We believe that efficient teams need truth, loyalty, and a strong sense of purpose to balance risk and their targets. We make sustainable business decisions to improve our society and the world. We believe that each person brings a unique value that drives the business though their creativity and passion. The Employee Benefits package includes: Paid Time Off, medical, HSA, vision, dental, FSA, 401(k), profit sharing, legal plan, cancer indemnity plan, disability insurance, life insurance, employee assistance program, commuter benefits, business travel accident, paid volunteer day, paid memberships, paid seminars, and tuition assistance. We offer many socialization opportunities for wellness, financial wellbeing, runs/walks, team building, happy hours, and activities to support the Sustainable Developmental Goals. Check out our LinkedIn for our employee experience: *************************************** We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, national origin, disability status, protected veteran status or any other characteristic protected by law. SuMi Trust provides reasonable accommodations for employees and applicants with disabilities consistent with applicable law. If you need a reasonable accommodation during the application

The Bronx Defenders (BxD) is an innovative, progressive public defense office in the South Bronx. We are seeking a passionate technology professional with a commitment to public defense to join the Information Technology (IT) Team as an Information Governance & Security Manager. Founded in 1997, BxD is a public defender nonprofit that has developed a nationally recognized model of representation called holistic defense, which provides people with teams of lawyers, social workers, and advocates to defend them zealously in court and address the underlying drivers and enmeshed penalties of legal system involvement. Our office now has more than 400 staff members who defend nearly 20,000 New Yorkers facing incarceration, family separation, eviction, and deportation (among other devastating consequences) in criminal, family, civil, and immigration proceedings each year. We continue reimagining the role of public defense even further, using community organizing and engagement, legislative advocacy, and impact litigation to partner with the communities we represent to bring about long-lasting systemic change. We also share our model and lessons learned on how to move to a holistic model of representation with current and future public defenders throughout the country. Information Technology Our Information Technology (IT) department is our first line of support in assisting our dedicated staff of attorneys, advocates, social workers, and administrative professionals. Ultimately, the work of our department helps to advance the needs of our clients and facilitate the process by which their legal teams support and advocate for them to reach their goals. As the leading office in providing holistic representation, we stay abreast of innovative technological tools and resources that are used to support our staff and clients as they navigate the criminal, family, immigration, and civil court systems. From onboarding new employees to strengthening cybersecurity and modernizing our digital tools, the IT department is dedicated to creating an environment where technology empowers people, minimizes friction, and keeps our organization at the forefront of innovation in public defense. Responsibilities The Information Governance & Security Manager ensures that organizational information (case files, HR data, client records, financial systems) is managed securely, compliantly, and in alignment with regulatory requirements (CJIS, HIPAA, SHIELD). This role develops and enforces information governance policies, manages risk assessments and audits, and coordinates with the MSP and IT leadership to safeguard the integrity, availability, and confidentiality of organizational data. Responsibilities Own and update organizational information governance policies (data retention, access control, encryption, privacy) Coordinate audits and access reviews across systems (M365, LegalServer, HRIS, Finance) Review and respond to SOC/security alerts escalated from the MSP Lead development and testing of Business Continuity (BCP), Disaster Recovery (DRP), and Incident Response (IRP) plans Conduct quarterly data protection and compliance audits Partner with HR, Legal, and IT to enforce retention and preservation schedules Oversee data backup strategy (3-2-1 rule: cloud, onsite, offline) Provide reports on compliance posture and risk exposure to the IT Director and COO Stay current on changes to CJIS, HIPAA, SHIELD, and ABA confidentiality standards Stay current with emerging technologies, security practices, and industry standards relevant to the role, and provide recommendations for improvements Maintain awareness of ongoing IT initiatives, organizational priorities, and cross-departmental projects to ensure alignment with broader business goals Perform other related duties as assigned in response to organizational needs, new compliance requirements, or changes in technology Qualifications 6+ years in IT governance, compliance, or security roles Strong knowledge of NIST CSF, ISO 27001, ITIL Security Mgmt Hands-on experience with M365 Security & Compliance Center, Purview, Intune Familiarity with audits, penetration testing, and risk assessments Ability to develop, test, and maintain BCP/DRP/IRP Excellent communication and report-writing skills for technical and non-technical audiences Experience collaborating with MSPs, auditors, and cross-functional teams Bachelor's degree in Information Systems, Computer Science, Cybersecurity, or related field Professional Certifications (strongly preferred): CISSP,CISM,CISA, ISO 27001, Microsoft certified The following qualifications are preferred, but not : Experience in nonprofit, academic or healthcare environment Experience with unionized employees To cultivate the deep subject matter knowledge, strong interpersonal relationships and collaborative approach that are critical to the position's success, it is essential that the candidate be able to participate in-person and onsite in both internal and external meetings and events. This position has an onsite requirement of in-office, 5 days per week. Approximately 70% of The Bronx Defenders' staff, including attorneys and non-attorneys, are represented by UAW Local 2325 - Association of Legal Aid Attorneys (AFL-CIO). This position is not within the bargaining unit. Salary is commensurate with experience. The salary range for this position is $130,000 to $150,000 annually. Full-time employees are also eligible for a comprehensive benefits package including but not limited to medical, dental, and vision coverage; a 403(b) plan with employer contribution; and a generous vacation, sick leave, and parental leave policy To apply, please click APPLY TO THIS JOB ONLINE and upload your resume and cover letter in one document. Your resume will be used to determine your salary based on the number of years of directly relevant professional experience and should include all relevant professional experience. Applications without a written cover letter will not be considered. The Bronx Defenders is an equal opportunity employer and is cultivating a workplace that embraces staff with a diversity of backgrounds, identities, and experiences. We acknowledge the ways in which systemic oppression and injustice can undermine access to professional opportunities and are committed to conducting hiring and promotion processes that are equitable and accessible to those commonly excluded from the workforce. We do not discriminate against and encourage applicants from marginalized communities to apply, including those who identify as Black, Indigenous, people of color, queer, transgender, gender non-conforming, disabled, neurodivergent, and those directly impacted by criminal, civil, family, and immigration legal systems. We value lived as well as professional experience and particularly welcome applications from the Bronx community that we work with.

ABOUT VAYNERX VaynerX (******************** is the most contemporary family of companies, working together to build and grow brands. Subsidiaries include VaynerMedia, Eva Nosidam Productions, The Sasha Group, Gallery Media Group, Tingley Lane Trading, VaynerSpeakers, and VaynerCommerce. ABOUT VAYNERMEDIA VaynerMedia is a contemporary global creative and media agency with an expertise in driving relevance for clients and delivering impactful business results. The independently-owned company was founded in 2009 by Gary Vaynerchuk, and has offices in New York, Los Angeles, Toronto, Mexico City, London, Amsterdam, Singapore, Delhi, Kuala Lumpur, Bangkok, Tokyo, and Sydney. VaynerMedia has been recognized for its work at Cannes Lions, the Clio Awards and The Webby Awards. It is part of the VaynerX family of companies. About the Role VaynerX is continuing to build on the momentum of its recent transformation and is looking for a Director of Information Security to own and operate our global information security program. This is a highly hands-on role for a security leader who is comfortable getting into the details, making decisions, and executing. The role offers the opportunity to scale systems, processes, and teams over time as the business continues to grow. Leadership responsibility will expand based on impact, execution, and trust earned - not title alone. Key Responsibilities • Own and lead all Information Security operations across VaynerX globally • Manage and optimize core security platforms including Proofpoint, Okta, and related tools • Ensure security policies, standards, and procedures are current, effective, and aligned with business needs • Oversee the Security Operations Center (SOC), including monitoring, incident response, and continuous improvement • Respond directly to real-time security threats and incidents as they arise • Partner closely with IT, Engineering, Operations, and Legal Ops to embed security into daily workflows • Collaborate with Operations on physical security initiatives, including Verkada systems • Assess risk, prioritize remediation, and balance security requirements with operational velocity • Help scale security capabilities and team structure thoughtfully over time • Drive practical, modern approaches to security that support a fast-moving organization What We're Looking For • Experience in information security or cybersecurity roles with increasing responsibility • Hands-on background managing enterprise security tools and responding to incidents • Strong understanding of identity and access management, email security, and SOC operations • Comfort operating in fast-paced, high-accountability environments • Strong communication skills and the ability to work cross-functionally • Ability and willingness to work in-person from our New York office Required Credentials • CISSP certification required or actively working toward completion Nice to Have • Experience working in an agency, media, or high-growth creative environment • Direct experience handling real-time security threats and incidents • Experience working closely with Legal or Legal Operations teams • Exposure to physical security platforms such as Verkada • Experience supporting globally distributed organizations Why This Role This role provides the opportunity to take real ownership of information security at VaynerX, work closely with senior leadership, and build security capabilities that scale with the business. It is best suited for someone who values execution, accountability, and long-term impact. Unsure if you meet the qualifications? We are always looking for talent which will continue to cultivate an inclusive and representative team that will enhance our perspectives, skill sets, background, and behaviors. We encourage those who are passionate about what we do to apply! Exact compensation may vary based on skills, experience, and location. Employer-sponsored 401k with match Medical, Dental, and vision coverage Unlimited PTO Caregiver (Parental) Leave Health and Wellness benefits Base Salary$110,000-$150,000 USD

Qualifications Bachelor's degree required. Minimum five years of full-time professional experience in information technology, including evidence of successful and progressively responsible roles in information security or related area (including growth in levels of responsibility, complexity of work, numbers, and sophistication of employees) related to the essential responsibilities listed. Demonstrated fluency in written and spoken English with the sophistication necessary to effectively communicate technical details to both technical and non-technical individuals. Demonstrated willingness and ability to carry out the essential responsibilities listed with humility, grace, and optimism. Demonstrated understanding of, sensitivity to, and respect for the academic, cultural, and social diversity in the Hofstra University community. Preferred Qualifications Advanced degree in computer science, computer engineering, information security, or related field strongly preferred. One or more relevant professional certifications (e.g., CISSP , CISM /A, etc.) strongly preferred. Experience with state and federal information security regulatory requirements ( GLBA , FERPA , HIPAA , etc.) and other compliance requirements ( PCI , etc.). Knowledge of and experience applying industry-standard IT security frameworks ( NIST , IHECF , etc.). Significant experience in computing and information security, network security issues, and security incident response and recovery in a higher education environment. Significant experience in communicating information security principles and concepts to non-technical stakeholders, and success in improving cybersecurity awareness in a higher education environment. Working knowledge of the information security policy and regulatory environment of information security, particularly in higher education. Demonstrated experience and success in advising and collaborating with key stakeholders relevant to the essential responsibilities listed, including senior leadership, Internal Audit, outside auditors, and consultants. Professional experience in a leadership role in a higher education institution.

A global technology consulting firm is seeking a Senior Security Analyst to support governance in the enterprise security program. The role involves monitoring service provider activities, facilitating audits, and providing expertise on security issues. Ideal candidates should have strong self-management skills, familiarity with security technologies, and security certifications are preferred. This position comes with a comprehensive benefits package and competitive compensation in New York, with a compensation range between $65,586 and $121,980. #J-18808-Ljbffr

Public Health Solutions (PHS) is a 501(c)3 non-profit community-based organization (CBO) that has existed for 70 years to improve health equity and address health-related social needs (HRSN) for historically underserved marginalized communities. As the largest public health nonprofit serving New York City, we improve health outcomes and help communities thrive by providing services directly to vulnerable families, supporting community-based organizations through our long-standing public-private partnerships, and bridging the gap between healthcare and community services. We focus on a wide range of public health issues including food and nutrition, health insurance, maternal and child health, sexual and reproductive health, tobacco control, and HIV/AIDS. Learn more about our work at healthsolutions.org. PHS administers WholeYouNYC (WYNYC), a coordinated community resource network that builds trustworthy and reliable pathways between healthcare providers, health plans and CBOs providing critical resources in the community that address the social drivers of health. WYNYC brings together over 100 organizations offering various programs - such as food, housing, employment, health insurance, and sexual health services - across all five boroughs. These services and programs make it possible for New Yorkers to live their healthiest lives and ultimately reduce health disparities and advance health equity. To date, our network has already impacted thousands of lives through community partnerships and referrals, generating millions in estimated healthcare savings. New York State (NYS) recently announced the availability of $500M statewide to support Social Care Network (SCN) lead entities responsible for coordinating social care delivery in various regions across the state. Public Health Solutions (PHS) and our WYNYC network were awarded the role of regional SCN for Brooklyn, Manhattan, and Queens. This is a grant-funded position ending March 31, 2027. Program Description: The Information Security Analyst is responsible for supporting and maintaining the organization's information security and compliance program in accordance with applicable federal, state, and contractual requirements, including the NYS OHIP, Common Security Framework (CSF), and HIPAA Security practices. This position plays a critical role in safeguarding organizational assets by monitoring information systems, evaluating security controls, and coordinating incident response activities. The Analyst will collaborate closely with internal IT resources, the managed Security Operations Center (SOC), and external partners to ensure adherence to established policies, standards, and regulatory obligations. Key Responsibilities * Regulatory Compliance and Risk Management * Support and maintain compliance with OHIP PM-17 standards, NYS security requirements, HITRUST CSF, and HIPAA regulations. * Participate in internal and external security audits, assessments, and certification readiness efforts. * Document and maintain evidence of compliance activities, corrective action plans, and remediation tracking. * Assist in the periodic review and revision of information security policies, standards, and procedures. * Security Operations * Monitor and respond to alerts generated through the organization's SIEM and security monitoring platforms, in coordination with the SOC. * Investigate, triage, and document security incidents and vulnerabilities in accordance with established escalation protocols. * Prepare and distribute regular security and compliance reports to IT leadership. * Microsoft 365 and Azure Security * Administer and maintain controls within the Microsoft 365 Security & Compliance Center, including data loss prevention (DLP), auditing, retention, and threat protection. * Implement and review Azure Cloud security configurations, including conditional access, identity protection, and secure baselines. * Monitor privileged access and ensure adherence to least-privilege and separation-of-duties principles. * Coordination and Communication * Serve as a liaison with the SOC and external vendors for incident response, threat intelligence, and log management activities. * Collaborate with infrastructure, application, and compliance teams to align security practices with organizational objectives. Qualifications and Experience: * Education: Associate or Bachelor's degree in IT, Computer Science, or related field or equivalent. * Experience: Minimum of one (1) to three (3) years of professional experience in information security, cybersecurity operations, or IT compliance. * Demonstrated knowledge of, NYS OHIP, and HIPAA compliance frameworks. * Proficiency with Microsoft 365 Security & Compliance Center, Azure Security Center, and Defender for Cloud. * Experience with SIEM platforms (e.g., Microsoft Sentinel, Splunk, LogRhythm) and associated reporting functions. * Familiarity with security incident response, vulnerability management, and risk assessment methodologies. * Strong written and verbal communication skills, with the ability to produce audit-ready documentation and reports. * Other duties as assigned. Desired Skills: * Professional certifications such as CompTIA Security+, CISSP, CCSK, Microsoft Certified: Security Operations Analyst Associate, or HITRUST CCSFP. * Prior experience supporting compliance efforts within a public health, nonprofit, or governmental organization. Key Attributes for Success * Strong eagerness to learn and develop new technical skills. * A proactive and problem-solving mindset. * Attention to detail and ability to document IT processes clearly. * Ability to work both independently and collaboratively within an IT team. * Willingness to take on new challenges in a fast-paced IT environment. Reports To: Information Security Manager Direct Reports: This position has no direct reports Benefits: * Hybrid Work Schedule. * Generous Paid Time Off and Holidays. * An attractive and comprehensive benefits package including Medical, Dental and Vision. * Flexible Spending Accounts and Commuter Benefits. * Company Paid Life Insurance and Disability Coverage. * 403(b) + employer matching and discretionary company contributions. * College Savings Plan. * Ongoing training and continuous opportunities for professional growth and development. At PHS, we place immense value on diversity within our teams, understanding that varied backgrounds and experiences significantly enhance our community and propel us toward our goals. If you find you don't have experience in all the areas listed above, we still encourage you to apply and share your background and experiences in your application. We are eager to discover how your unique perspective can bring positive transformations to our team and help advance our mission of creating healthier, more equitable communities. We look forward to learning more about you! PHS is proud to be an equal opportunity employer and encourages applications from women, people of color, persons with disabilities, LGBTQIA+ individuals, and veterans. 9am- 5pm 35 hours