Information security analyst jobs in Passaic, NJ

We invite you to review our current business services professionals openings to learn about the opportunities available across the firm. About Us Skadden, Arps, Slate, Meagher & Flom LLP has forged a reputation as one of the most prestigious law firms in the world. Relying on innovation, intellect, teamwork and tenacity, our lawyers deliver the highest quality advice and novel solutions to our clients' legal issues. We are known for handling the most complex transactions, litigation/controversy issues, and regulatory matters, as well as for the strong partnerships we build with clients and each other. Our attorneys, who reflect a broad range of experiences and perspectives, work together seamlessly across 50-plus practices and 21 offices in the world's major financial centers. The Opportunity We are seeking two Network Security Analysts to join our Firm. These positions will be based in our White Plains office (hybrid), and please note the roles have different shift times, listed below. The Network Security Analysts are responsible for implementing and supporting network security solutions for the Firm and, implementing and enforcing practical solutions to secure the Firm's internal and external network infrastructure. Available Shift Times (EST- Hybrid) 1.) Saturday - Sunday: 7:00 a.m. - 8:00 p.m. EST & Monday 7:00 a.m. - 7:00 p.m. 2.) Monday - Friday: 2:00 p.m. - 10:00 p.m. Note: The scheduled hours listed may be flexible and will be discussed during the interview process. Responsibilities Performs daily review of automated security reports and escalate as necessary. Responds to system generated security alerts and coordinate responses. Assists with internal audits, vulnerability scans and risk assessments. Assists with annual penetration testing, review of findings and tracking issue resolution. Participates in evaluating new technologies or new versions of existing products. Works with project teams to implement secure network connectivity solutions. Writes and maintains technical documentation including procedures and troubleshooting guides. Demonstrates effective interpersonal, written and verbal communication skills to facilitate effective work relationships with others. Manages Firm resources responsibly. Complies with and understands Firm operation, policies and procedures. Performs other related duties as assigned. Qualifications Knowledge of relevant firm computer software programs (e.g., Outlook, Excel, PowerPoint), with the ability to learn new software and operating systems Proficient with Access, Project and Visio Thorough knowledge of network management and security technologies and approaches Thorough knowledge of security techniques, latest protocols and defenses Proficient with Microsoft Active Directory and Operating Systems Basic ability to program scripts and batch files Demonstrates effective interpersonal and communication skills, both verbally and in writing Demonstrates close attention to detail Excellent analytical, troubleshooting, organizational, and planning skills Ability to handle multiple projects and shifting priorities Ability to handle sensitive matters and maintain confidentiality Ability to organize and prioritize work Ability to work well in a demanding and fast-paced environment Ability to work well independently as well as effectively within a team Ability to use discretion and exercise independent and sound judgment Flexibility to adjust hours and work the hours necessary to meet operating and business needs Education/Experience Bachelor's degree or equivalent Minimum of two years' experience in multi-national enterprise IT Culture & Life at Skadden What makes Skadden special is our people and the culture, community and spirit of collaboration we have created. We believe in teamwork and inspiring each other to be our best in an atmosphere that promotes professionalism and excellence in all that we do. We know that inclusion and drawing on the strength of a wide spectrum of talent only make us better and is vital to the firm's success. Our goal is for everyone at the firm to enjoy a challenging career with opportunities for development and growth and to support the well-being of our attorneys and business services professionals. Benefits The overall well-being of our team is important to us. We offer generous benefits to help you achieve wellness in all areas of your life. Competitive salaries and year-end discretionary bonuses. Comprehensive health care (medical, dental, vision), savings plan/401(k) and voluntary benefits. Generous paid time off. Paid leave options, including parental. In-classroom, remote, and on-demand learning and professional development opportunities. Robust well-being classes and programs. Opportunities to give back and make an impact in local communities. For further details, please visit: ******************************************************* Skadden is an Equal Opportunity Employer (Disability/Vet/other protected categories). For more information, please visit Skadden.com/careers. The starting base salary for this position is expected to be within the range listed under Salary Details. Actual salary will be determined based on skills, experience (to the extent relevant) and other-job related factors, consistent with applicable law. Salary Details $125,000 -$140,000 EEO Statement Skadden is an Equal Opportunity Employer. It does not discriminate against applicants or employees based on any legally impermissible factor including, but not limited to, race, color, religion, creed, sex, national origin, ancestry, age, alienage or citizenship status, marital or familial status, domestic partnership status, caregiver status, sexual orientation, gender, gender identity or expression, change of sex or transgender status, genetic information, medical condition, pregnancy, childbirth or related medical conditions, sexual and reproductive health decisions, disability, any protected military or veteran status, or status as a victim of domestic or dating violence, sexual assault or offense, or stalking. Applicants who require an accommodation during the application process should contact Lara Bell at **************. Skadden Equal Employment Opportunity Policy Skadden Equal Employment Opportunity Policy Applicants Have Rights Under Federal Employment Law Applicants Have Rights Under Federal Employment Law In accordance with the Transparency in Coverage Rule, click here to review machine-readable files made available by UnitedHealthcare: Transparency in Coverage

Why us? You will be part of a team that believes that believes in employees success! They are a dynamic, fast growing company with great opportunities and an employee focused company culture. Join this fantastic team today and make a difference in your life and the lives of those around you! They are an equal opportunity employer and value diversity at our company. Job Description Strong knowledge of Information Security concepts such as: •Encryption, Cloud and Mobile Device Security •Data Loss and Prevention tools and solutions •Risk-Threat Analysis and Vulnerability Assessments •Enterprise Security Monitoring, Role-Based Access Control (RBAC) •Identity and Access Management, Computer Forensic •IT Audit and Compliance, Regulatory Requirements (HIPAA, CMS, FISMA, et. al.) •Knowledge of common vulnerability tools, and the ability to identify basic categories of vulnerability. Sounds like you? then ping us with your most updated resume. We'd love to talk to you! We are excited about the companies growth and the role you will play with them. Qualifications Desired Skills & Experience: You hold a Bachelor's degree in any domain. You are certified in CISSP, or CISA, or CEH, required. You have more than 1 year experience working in the IT security function. You have good experience with Operating System, Database, Network and Application Security . Additional Information All your information will be kept confidential according to EEO guidelines. Ping me at **********************

The Information Security Analyst will be a member of the Threat & Vulnerability team within Security Operations. General responsibilities focus on the identification and proactive mitigation of cyber threats, while collaborating with various teams within Information Security to support the company's strategic goals. Essential Job Functions: The following duties and responsibilities are intended to be representative of the work performed by the incumbent(s) in this position and are not all-inclusive. The omission of a specific duty or responsibility will not preclude it from the position. Under direction, report and communicate vulnerabilities to determine objectives, scope, analysis, and the proper actions, needed to respond to security vulnerabilities Partner with stakeholders to document the lifecycle of vulnerabilities and provide recommendations for mitigation strategies. Collaborate on patch validation and reporting of remediation planning and compensating controls of mitigation to address open vulnerabilities Monitors, tracks, responds, investigates, and reports in compliance to security requirements, and partners with the responsible parties to drive timely results and remediation Perform analysis of cyber threats and process timely tasks to help mitigate the risk of exposure. This includes reviewing daily intelligence feeds, working with different Security Operations teams to apply technical controls to detect and protect systems. Experience recognizing threats and conducting analysis on emerging threats. Provide written reports and analysis of findings to communicate potential risks and impact, with a focus on business impact Support risk reporting and escalation to cross-functional teams in a cooperative manner Communicate incidents and vulnerabilities to stakeholders in a timely manner following internal policies and procedures; Follow-up to ensure teams carry-out short-term and long-term remediation. Organizes and maintains documentation for internal process and procedures Participation in after-hours incidents when required Assist with additional projects as needed Basic Qualifications: Strong communication and project management skills Requires a highly motivated, dynamic and customer-centric associate who thrives in a challenging and changing environment Working knowledge of crisis management communication, incident response and handling methodologies, NIST cybersecurity standards and FDA cybersecurity guidance Effective meeting management and group facilitation skills Experience with reviewing intrusion detection systems and identifying host and network-based intrusions via intrusion detection technologies

Job Description We is seeking a talented Cyber Security Analyst. As a Cyber Security Analyst, you will play a key role in ensuring the security and integrity of our organization's data and systems. Requirements Responsibilities: Monitor, detect, and respond to cyber threats and security incidents, Conduct vulnerability assessments and penetration testing to identify potential weaknesses in our systems, Develop and implement security measures and best practices to protect against cyber attacks, Stay up-to-date with the latest cyber security trends and technologies, Collaborate with cross-functional teams to identify security risks and implement appropriate solutions, Provide training and guidance to employees on cyber security awareness and best practices. Requirements: Bachelor's degree in Computer Science, Information Security, or a related field, Proven experience in cyber security or a related role, Strong knowledge of security protocols and tools, Ability to analyze and interpret complex data and make informed decisions, Excellent problem-solving and communication skills, Relevant certifications (e.g. CISSP, CISM) are preferred but not required. Benefits About Us Zone IT Solutions is an Australia-based Recruitment Company. We specialise in Digital, ERP and larger IT Services. We offer flexible, efficient and collaborative solutions to any organisation that requires IT, experts. Our agile, agnostic and flexible solutions will help you source the IT Expertise you need. If you are looking for new opportunities, your profile at *******************************. Also, follow our LinkedIn page for new job opportunities and more. Zone IT Solutions is an equal-opportunity employer, and our recruitment process focuses on essential skills and abilities.

Join our global Cyber team as a Wordings Analyst supporting the Global Cyber Wordings Manager in the strategic development and governance of our Cyber and Tech policy suite, including Liberty Cyber Resolution and Liberty Tech Resolution. This role is a hands-on business enabler: you will help translate complex legal and regulatory requirements into clear, market-ready wordings, maintain our global clause library, support manuscript negotiations, and produce practical tools that empower underwriters and strengthen broker confidence. It's an excellent opportunity for an early-career insurance wordings or legal professional to build expertise in a fast-moving, global specialty line and make a visible impact on growth, innovation, and client experience. Key responsibilities: Wording library and drafting support Maintain and expand the global wording library centered on Liberty Cyber Resolution and Liberty Tech Resolution, including endorsements, exclusions, and guidance notes. Redline and prepare first drafts of standard clauses and endorsements; ensure consistency with definitions, coverage intent, and plain-language standards. Track version control, change logs, approvals, and archiving; Assist with localization for different jurisdictions, coordinating translations and filing documentation with Legal/Compliance. Commercial enablement Build practical tools (playbooks, FAQs, objection-handling guides, coverage summaries) to help regional teams position our products and close deals efficiently. Prepare broker/client comparison decks and battlecards; support pitches, RFP/RFI responses, and manuscript negotiations with clause comparisons and recommended alternatives. Triage wording queries from regions; track SLAs and referral approvals per the global governance framework. Partner closely with Underwriting, Product, Global Cyber Engagement, Claims, Legal/Compliance, and regional leaders to deliver accurate, timely support and uphold governance standards. Regulatory and legal stewardship Monitor and synthesize global regulatory and market developments (e.g., Lloyd's cyber war/systemic guidance, GDPR, DORA, NIS2, sanctions) into succinct briefs and recommended wording actions. Maintain audit-ready documentation; assist with regulatory filings or attestations where required. Claims partnership and feedback loop Collaborate with Claims to capture lessons from disputes and litigation trends; draft guidance notes and propose clarifications to improve coverage certainty. Support coverage position letters and documentation packs with research, citations, and clause histories. Innovation and product development support Help draft prototype wordings for new propositions Check alignment between underlying policy wordings and reinsurance treaty/facultative clauses. Administer wording management tools, ensuring robust version control, approval workflows, and usage analytics. Build dashboards and trackers for adoption of standard forms, deviation rates, SLA performance, disputes, and audit findings; provide monthly reporting to stakeholders. Qualifications Bachelor's degree in business, economics, or other quantitative field. Minimum 3 years, typically 4 years or more of relevant work experience. 2 - 5 years of experience in insurance wordings, legal/paralegal support, underwriting support, or product documentation; cyber specialty experience preferred. Strong drafting, redlining, and proofreading skills with a plain-language mindset and exceptional attention to detail. Working knowledge of insurance policy structures, endorsements, exclusions, and coverage interpretation; familiarity with cyber war/systemic language, sanctions, and privacy regulations is advantageous. Research and synthesis skills to translate complex regulatory/legal topics into practical guidance and actionable updates. Proficiency with MS Word (advanced track changes/redlining), Excel (trackers and dashboards), PowerPoint (training/pitch materials), and document/enablement tools. Collaborative, service-oriented approach; comfortable operating in a global matrix and meeting defined SLAs. Curiosity about cybersecurity risks and the incident response ecosystem; willingness to learn common threat scenarios to inform practical drafting. About Us Pay Philosophy: The typical starting salary range for this role is determined by a number of factors including skills, experience, education, certifications and location. The full salary range for this role reflects the competitive labor market value for all employees in these positions across the national market and provides an opportunity to progress as employees grow and develop within the role. Some roles at Liberty Mutual have a corresponding compensation plan which may include commission and/or bonus earnings at rates that vary based on multiple factors set forth in the compensation plan for the role. At Liberty Mutual, our goal is to create a workplace where everyone feels valued, supported, and can thrive. We build an environment that welcomes a wide range of perspectives and experiences, with inclusion embedded in every aspect of our culture and reflected in everyday interactions. This comes to life through comprehensive benefits, workplace flexibility, professional development opportunities, and a host of opportunities provided through our Employee Resource Groups. Each employee plays a role in creating our inclusive culture, which supports every individual to do their best work. Together, we cultivate a community where everyone can make a meaningful impact for our business, our customers, and the communities we serve. We value your hard work, integrity and commitment to make things better, and we put people first by offering you benefits that support your life and well-being. To learn more about our benefit offerings please visit: *********************** Liberty Mutual is an equal opportunity employer. We will not tolerate discrimination on the basis of race, color, national origin, sex, sexual orientation, gender identity, religion, age, disability, veteran's status, pregnancy, genetic information or on any basis prohibited by federal, state or local law. Fair Chance Notices California Los Angeles Incorporated Los Angeles Unincorporated Philadelphia San Francisco We can recommend jobs specifically for you! Click here to get started.

Principal Information Security Analyst (Tier 2) As a Principal Information Security Analyst within Gen Digital's global Security Operations Center (SOC), you will play a key role in strengthening threat detection and response across the organization. The role focuses on improving SOC monitoring and detection processes through technical expertise, continuous development, and close collaboration with other security teams. In this position, you will serve as a senior specialist, leading automation and detection engineering efforts, mentoring junior analysts and contributing to projects that enhance security visibility and overall SOC performance. Operating in a follow-the-sun model, the SOC ensures 24/7 global coverage, with regional teams working during their respective business hours and sharing on-call responsibilities for weekend. Key Responsibilities: * Monitor, analyze, and correlate security alerts and events across multiple platforms (SIEM, WAF, EDR, email, cloud, network, and threat intelligence tools) to identify and validate suspicious or malicious activity * Continuously develop and fine-tune detection rules, correlation searches, security policies, and dashboards to improve visibility, reduce false positives, and increase alert accuracy across security platforms * Support and mentor Tier 1 analysts in alert triage, escalation quality, and use of tools * Collaborate with security engineers on automation and enrichment initiatives to streamline operational workflows and improve detection efficiency * Maintain complete and up-to-date documentation for all detection use cases, workflows and process improvements * Participate in security projects and collaborate with internal stakeholders (e.g., Incident Response, Security Engineering, Application Security, and IT) to enhance detection coverage, visibility, and response capabilities * Support the execution of incident response playbooks Qualification and Work Experience: * 3-5 years of hands-on experience in SOC operations, cybersecurity monitoring, or related areas such as detection engineering or threat analysis * Solid understanding of networking concepts (TCP/IP, DNS, HTTP/S) and how they apply to security monitoring and threat analysis * Strong knowledge of cybersecurity principles, common attack techniques, and threat types (e.g., phishing, malware, brute force, web application attacks) * Proven experience working with security logs, alerts, and structured data across multiple platforms (SIEM, EDR, WAF, cloud, and network telemetry) * Hands-on experience with SIEM platforms - Splunk preferred - including detection content development, rule tuning, and dashboard creation * Familiarity with Web Application Firewall (WAF) technologies and the ability to analyze or tune related alerts and policies * Understanding of cloud security concepts and experience with monitoring tools for major providers (AWS, Azure, GCP) * Working knowledge of scripting or automation (e.g., Python, PowerShell, or API-based integrations) to support analysis and enrichment workflows * Experience using AI-based tools to support daily SOC operations, including data analysis, investigation, documentation, and collaboration * Strong analytical and problem-solving skills with attention to detail and curiosity for continuous learning * Effective communication and documentation skills in English, both written and verbal * Experience collaborating across teams (e.g., Security Engineering, Incident Response, Application Security) on detection improvements or automation projects * Prior experience in a Security Operations Center (SOC) or similar environment is highly preferred * Familiarity with the fintech environment or experience supporting financial services infrastructure is considered a strong advantage #LI-AS1 Gen is proud to be an equal-opportunity employer, committed to diversity and inclusivity. We base employment decisions on merit, experience, and business needs, without considering race, color, national origin, age, religion, sex, pregnancy, genetic information, disability, medical condition, marital status, sexual orientation, gender identity or expression, military or veteran status, or other unlawful factors. Gen prohibits discrimination based on these protected characteristics and recruits talented candidates from diverse backgrounds. We consider individuals with arrest and conviction records and do not discriminate against employees for discussing their own pay or that of other employees or applicants. Learn more about pay transparency. To conform to U.S. export control regulations, applicant should be eligible for any required authorizations from the U.S. Government.

Information Security Specialist Job Responsibilities: Safeguards information system assets by identifying and solving potential and actual security problems. Protects system by defining access privileges, control structures, and resources. Recognizes problems by identifying abnormalities; reporting violations. Implements security improvements by assessing current situation; evaluating trends; anticipating requirements. Determines security violations and inefficiencies by conducting periodic audits. Upgrades system by implementing and maintaining security controls. Keeps users informed by preparing performance reports; communicating system status. Maintains quality service by following organization standards. Maintains technical knowledge by attending educational workshops; reviewing publications. Contributes to team effort by accomplishing related results as needed. Information Security Specialist Skills and Qualifications: System Administration, Network Security, Problem Solving, Information Security Policies, Informing Others, Process Improvement, On-Call, Network Troubleshooting, Firewall Administration, Network Protocols, Routers, Hubs, and Switches.

Select Cyber is looking for a Junior Security & Strategy Analyst for a client SOC office in Northern New Jersey. The employer is a world leader in cybersecurity services so your career will be in great hands! The position requires an interest in technology, leadership, and strategy, with a focus on information security. Although we prefer 1-3 years experience, New College Grads (with a computer science degree can apply! This position will assist in duties including, but not limited to, the following: Staying aware of the latest security threats, assessing impact, and suggesting solutions in addressing the emerging risks Use state-of-the-art software to monitor and report on potential cyber threats affecting our client Partnering across a variety of different teams to assess vulnerabilities, and conduct security reviews Help assess organizational cyber risk through industry standard frameworks Requirements Must have a degree in Business, Technology or related field Ability to manage/prioritize projects and tasks In-depth knowledge of diverse and emerging technology concepts, strategies, and methodologies Benefits FULL Competitive Benefits including 401K and medical

ADP is Hiring a Lead Information Security Analyst - Identity Unlock Your Career Potential: Global Security Organization at ADP. Do you have a passion for going on the offensive to safeguard critical information? As ADP's Global Security Organization (GSO), we know that our clients rely on us for human capital management solutions, but beyond that, they entrust us with one of their most valuable assets -- their employee data. We are honored by this trust and are laser focused on securing data at every step in the information lifecycle, ensuring integrity, confidentiality and compliance with industry and government regulations at all times. From the cloud to the data center and across every emerging device, you'll join a team of experts in the GSO who are always staying one step ahead in this ever-changing world of data by continually evolving our strategies and technologies to protect ADP and our clients. Like what you see? Apply now! Learn more about ADP at tech.adp.com/careers Responsibilities: Develop and lead IAM security programs, with a primary focus on Active Directory (on-prem and Azure AD), identity lifecycle management, authentication systems, and overall directory hygiene Provide security oversight and guidance for directory services (Active Directory, Azure AD), including accounts, Group Policy, OU structure, domain trusts, and federation services. Oversight and compliance monitoring for role-based access control (RBAC), conditional access, and least privilege principles across AD and cloud identity platforms. Oversight and compliance monitoring for SSO, MFA, Privileged Access Management (PAM), and Identity Governance & Administration (IGA) tools. Align IAM configurations and controls to meet compliance, audit, and security requirements as necessary (e.g., CIS, SOX, NIST, ISO 27001). Mentor junior team members in support of IAM security program via process documentation and knowledge sharing. Analyze identity-related incidents and participate in incident response and root cause analysis. Knowledge of modern identity strategies (Zero Trust, passwordless authentication, Just-In-Time access). To Succeed in This Role: You will have a bachelor's degree or equivalent. Skills: 5+ years of experience in IAM or Security Operations, with hands-on expertise in Active Directory and Azure AD Strong knowledge of identity protocols (LDAP, Kerberos, SAML, OAuth2, OpenID Connect) Experience with hybrid identity environments, including Azure AD Connect, conditional access, and authentication flows Familiarity with IAM and PAM solutions such as SailPoint, CyberArk, etc. Understanding of security frameworks (NIST, ISO, CIS) and regulatory compliance requirements (SOX, HIPAA, GDPR) Strong knowledge of Cloud IAM concepts and implementations across the major cloud providers (AWS, Azure, OCI, GCP) Strong scripting or automation skills (e.g., PowerShell, Python) Excellent analytical, communication, and documentation skills What are you waiting for? Apply today! Find out why people come to ADP and why they stay: **************************** (ADA version: **************************** )

ADP is Hiring a Lead Information Security Analyst - Identity Unlock Your Career Potential: Global Security Organization at ADP. Do you have a passion for going on the offensive to safeguard critical information? As ADP's Global Security Organization (GSO), we know that our clients rely on us for human capital management solutions, but beyond that, they entrust us with one of their most valuable assets -- their employee data. We are honored by this trust and are laser focused on securing data at every step in the information lifecycle, ensuring integrity, confidentiality and compliance with industry and government regulations at all times. From the cloud to the data center and across every emerging device, you'll join a team of experts in the GSO who are always staying one step ahead in this ever-changing world of data by continually evolving our strategies and technologies to protect ADP and our clients. Like what you see? Apply now! Learn more about ADP at tech.adp.com/careers Responsibilities: Develop and lead IAM security programs, with a primary focus on Active Directory (on-prem and Azure AD), identity lifecycle management, authentication systems, and overall directory hygiene Provide security oversight and guidance for directory services (Active Directory, Azure AD), including accounts, Group Policy, OU structure, domain trusts, and federation services. Oversight and compliance monitoring for role-based access control (RBAC), conditional access, and least privilege principles across AD and cloud identity platforms. Oversight and compliance monitoring for SSO, MFA, Privileged Access Management (PAM), and Identity Governance & Administration (IGA) tools. Align IAM configurations and controls to meet compliance, audit, and security requirements as necessary (e.g., CIS, SOX, NIST, ISO 27001). Mentor junior team members in support of IAM security program via process documentation and knowledge sharing. Analyze identity-related incidents and participate in incident response and root cause analysis. Knowledge of modern identity strategies (Zero Trust, passwordless authentication, Just-In-Time access). To Succeed in This Role: You will have a bachelor's degree or equivalent. Skills: 5+ years of experience in IAM or Security Operations, with hands-on expertise in Active Directory and Azure AD Strong knowledge of identity protocols (LDAP, Kerberos, SAML, OAuth2, OpenID Connect) Experience with hybrid identity environments, including Azure AD Connect, conditional access, and authentication flows Familiarity with IAM and PAM solutions such as SailPoint, CyberArk, etc. Understanding of security frameworks (NIST, ISO, CIS) and regulatory compliance requirements (SOX, HIPAA, GDPR) Strong knowledge of Cloud IAM concepts and implementations across the major cloud providers (AWS, Azure, OCI, GCP) Strong scripting or automation skills (e.g., PowerShell, Python) Excellent analytical, communication, and documentation skills What are you waiting for? Apply today! Find out why people come to ADP and why they stay: https://youtu.be/ODb8lxBrxrY (ADA version: https://youtu.be/IQjUCA8SOoA )

Department Description At Disney, we're storytellers. We make the impossible, possible. The Walt Disney Company (TWDC) is a world-class entertainment and technological leader. Walt's passion was to continuously envision new ways to move audiences around the world-a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences - and we're constantly looking for new ways to enhance these exciting experiences. The Enterprise Technology mission is to deliver technological solutions that align to business strategies while enabling enterprise efficiency and promoting cross-company collaborative innovation. Our group drives competitive advantage by enhancing our consumer experiences, enabling business growth, and advancing operational excellence. The Global Information Security (GIS) organization strives to secure the magic by employing best-in-class services to assess, prevent, detect, and respond to cyber threats that present risk to The Walt Disney Company. We enable the business by integrating enterprise and business segment-specific supported services to create a robust, efficient, and adaptable cybersecurity program. Our key objectives are to: * Secure the Magic by protecting information systems and platforms. * Reduce Risk by proactively assessing, preventing, and detecting to prevent harm to the Company and our Guests. * Strengthen the business through optimizing execution, application, and technology used to protect the Company. * Innovate by investing in core capabilities to enhance operational efficiency. Team Description: Global Information Security (GIS) supports all of Disney's business segments, including Disney Entertainment & ESPN (DE&E). DE&E encompasses the operations of Disney's streaming services-Disney+, Hulu, ESPN+, Disney+ Hotstar, Star, and the upcoming Venu Sports streaming service-as well as Disney's broadcast and cable networks, including ABC, ESPN, FX, Disney Channels, and National Geographic. DE&E sits at the intersection of entertainment, sports, and technology, striving to connect viewers with beloved stories while advancing the streaming industry with consumer-first innovations. Security professionals supporting DE&E work with industry-leading technologies to deliver world-class, highly secure services to customers. What You'll Do: * Independent audit support for: * SOX 404 ITGCs * PII * PCI * ISPS * Collaborate with Enterprise Controls and Compliance (ECC) to scope systems and respective ITGCs. * Perform control health checks and remediation testing procedures to address issues identified via audit assessments, access control reviews, internal or external audits and/or other assessments. * Develop and lead the Control Assurance Programs (ISPS and SOX). * Lead Audit Readiness efforts to ensure proper system scoping and respective ITGCs, control validations and timely program onboarding. * Participate in audit walkthrough meetings to help establish internal testing procedures to gain operational comfort in the design of the Company's automated controls. * This includes control self-evaluations of new controls or processes that impact the effectiveness of an existing control. * Perform impact analysis and risk assessment on deficiency findings and documentation associated with the assessment. * Work with management and internal audit on maintaining the master Risk and Control Matrix over the systems material to Disney Entertainment and ESPN (Broadcast TV and Streaming - Hulu, Disney+, ESPN+, STAR+ products) * Ensure for timely management response of audit findings into our corporate SOCD/SAD. * Oversee ISPS Management Audit coordination and open action plans. * Provide consultancy to Development leads to identify and implement automation and efficiency opportunities to meet governance and compliance demands. * Management of GRC workflows around coordination of certifications and attestations. * Partner with leadership to support the PCI-DSS compliance program. * Develop training materials, coordinate training sessions, and monitor compliance with training requirements. * Oversee and manage a team of compliance analysts, ensuring day-to-day operations run smoothly and efficiently. * Assign tasks and projects to team members based on priorities, deadlines, and individual strengths. * Provide executive level updates on Compliance programs Must Haves (Years of Experience, languages, programs, tools, etc.): * Minimum of 8 years of related work experience, with 3 in management roles * IT SOX experience and proven experience in supporting IT audit/compliance functions * Experience in managing people * Thorough understanding of SOX ITGC and ICFR 404 standards and audit objectives * Interpersonal skills with the ability to work with teams cross-functionally * Strong verbal and written communication skills and ability to effectively communicate to technical and non-technical audiences, including developers and tech operators * Detail-oriented but able to understand the big picture. Highly organized and efficient * Ability to navigate through ambiguity, manage and coordinate multiple project assignments simultaneously in a fast-paced, deadline-driven environment, accepting ownership and accountability of the process and deliver on commitments * Experience with cloud-based services, specifically AWS Nice To Haves (see above): * Experience and knowledge of NIST framework, ISO 27001, K-ISMS, GDPR * Experience working with companies that have a heavy microservice architecture Education: Bachelor's degree in Computer Science, CPA license, Information Systems, Software, Electrical or Electronics Engineering, or comparable field of study, and/or equivalent work experience The hiring range for this position in Glendale, CA and Santa Monica, CA is $141,900 to $190,300 per year and in New York, NY is $148,700 to $199,400 per year. The base pay actually offered will take into account internal equity and also may vary depending on the candidate's geographic region, job-related knowledge, skills, and experience among other factors. A bonus and/or long-term incentive units may be provided as part of the compensation package, in addition to the full range of medical, financial, and/or other benefits, dependent on the level and position offered. About The Walt Disney Company (Corporate): At Disney Corporate you can see how the businesses behind the Company's powerful brands come together to create the most innovative, far-reaching and admired entertainment company in the world. As a member of a corporate team, you'll work with world-class leaders driving the strategies that keep The Walt Disney Company at the leading edge of entertainment. See and be seen by other innovative thinkers as you enable the greatest storytellers in the world to create memories for millions of families around the globe. About The Walt Disney Company: The Walt Disney Company, together with its subsidiaries and affiliates, is a leading diversified international family entertainment and media enterprise that includes three core business segments: Disney Entertainment, ESPN, and Disney Experiences. From humble beginnings as a cartoon studio in the 1920s to its preeminent name in the entertainment industry today, Disney proudly continues its legacy of creating world-class stories and experiences for every member of the family. Disney's stories, characters and experiences reach consumers and guests from every corner of the globe. With operations in more than 40 countries, our employees and cast members work together to create entertainment experiences that are both universally and locally cherished. This position is with Disney Worldwide Services, Inc., which is part of a business we call The Walt Disney Company (Corporate). Disney Worldwide Services, Inc. is an equal opportunity employer. Applicants will receive consideration for employment without regard to race, religion, color, sex, sexual orientation, gender, gender identity, gender expression, national origin, ancestry, age, marital status, military or veteran status, medical condition, genetic information or disability, or any other basis prohibited by federal, state or local law. Disney champions a business environment where ideas and decisions from all people help us grow, innovate, create the best stories and be relevant in a constantly evolving world. Apply Now Apply Later Current Employees Apply via My Disney Career Explore Location

Aircall is a unicorn AI-powered customer communications platform used by 22,000+ companies worldwide to drive revenue, faster resolutions, and scale. We're redefining what a customer communications platform can be-by combining voice, SMS, WhatsApp, and AI into one seamless workspace. Our momentum comes from a simple but powerful idea: help every customer-facing team work smarter, not harder. Aircall's AI Voice Agent automates routine calls, AI Assist streamlines post-call tasks, and AI Assist Pro delivers real-time guidance that helps people do their best work. The result-companies grow revenue, deliver faster resolutions, and scale service. We've built a product customers love and a business that scales fast. Aircall operates in nine global offices (Paris, New York, San Francisco, Sydney, Madrid, London, Berlin, Seattle, and Mexico City), and is backed by world-class investors. Our teams are shipping AI innovation faster than ever and expanding across new product lines and markets. At Aircall, you'll join a company in motion-ambitious, profitable, and product-driven-where impact is visible, decisions are fast, and growth is real. How We Work at Aircall: At Aircall, we believe in customer obsession, continuous learning, and delivering extraordinary outcomes. We value open collaboration, taking ownership, and making smart, informed decisions with speed and precision. If you thrive in a fast-paced, team-driven environment where curiosity, trust, and impact matter, you'll fit right in Aircall is seeking an experienced Information Security Manager to take ownership of Aircall's information security strategy, governance, and risk management practices. This person will serve as the central coordinating and orchestrating function for all branches of Information Security, ensuring that our security, IT, privacy and product teams are aligned, accountable, and operating against a unified framework. This individual will build and mature our governance, policy, and compliance foundations; ensure readiness against major security frameworks; and drive a security-first culture across the organization. This role will sit within the CTO (Technology) organization, alongside Security & Infrastructure Engineering building the security foundation of a future Governance, Risk & Compliance (GRC) function.Key Responsibilities Develop and maintain the company-wide security strategy, policies, and governance frameworks. Ensure ongoing compliance with SOC 2, GDPR, NIST. Determine in conjunction with the other security stakeholders the company's strategy to pursue additional certifications) and other relevant global security standards (e.g., ISO 27001). Participate in building the Governance, Risk & Compliance (GRC) function, aligning with privacy, compliance, and enterprise risk function; maintaining and executing against a risk matrix Ensure that each branch of Information Security (Product Security, IT Security, GTM, Vendor Due Diligence, Customer facing topics; Governance, Policies & Audits) is performing its responsibilities effectively and operating in a coordinated manner. Lead enterprise-wide security risk assessments, gap analyses, and mitigation planning. Partner closely with Legal/Privacy on regulatory obligations, including GDPR, data residency requirements, and incident reporting. Oversee vendor risk management and security due diligence, ensuring consistent assessment standards and cross-functional alignment. Build and manage a scalable vendor security program, including due diligence, remediation, and monitoring. Maintain and refine incident response policies, workflows, roles, and communication procedures. Coordinate cross-functional participation during security events, ensuring documentation, communication, and post-incident reporting. Serve as the point of escalation for major security events. Ensure clear reporting lines, accountability, and coordination between IT Security and Engineering/Product Security. Work closely with IT, Product, Engineering, and Data teams to embed security-by-design throughout the development lifecycle. Manage dotted-line reporting relationships with Security Engineers and IT team members, ensuring unified strategic direction while respecting functional dependencies. Represent Information Security to the Board, Audit Committee, customers, and regulators, as needed. Lead company-wide security training and awareness initiatives. Promote a security-first culture across all functions, ensuring employees understand their role in protecting company and customer data. Qualifications 8+ years of experience in Information Security, including security governance or GRC leadership roles within SaaS or cloud based companies. Deep knowledge of SOC 2, ISO 27001, NIST, GDPR, and modern security frameworks. Hands-on experience with GRC platform (Drata, One Trust, Vanta etc.) Experience leading cross-functional initiatives and managing multiple stakeholders. Experience with risk management, vendor security, and policy development. Proven ability in dealing with incident response and security operations. Strong communication skills, with experience presenting to executives or boards. $180,000 - $200,000 a year This is not including equity and other benefits. The actual salary offered will carefully consider a wide range of factors, including your skills, qualifications, and experience. Why join us? 🚀 Key moment to join Aircall in terms of growth and opportunities💆 ♀️ Our people matter, work-life balance is important at Aircall📚 Fast-learning environment, entrepreneurial and strong team spirit🌍 45+ Nationalities: cosmopolite & multi-cultural mindset💵 Competitive salary package & equity🏨 Medical, dental, and vision insurance is 100% covered📈 401k plan with company matching!✈️ Unlimited PTO - take the time you need to come to work feeling great!⭐️ Wellness, commuter, and childcare reimbursements💚 Generous parental leave policy DE&I Statement: At Aircall, we believe diversity, equity and inclusion - irrespective of origins, identity, background and orientations - are core to our journey. We pride ourselves on promoting active inclusion within our business to foster a strong sense of belonging for all. We're working to create a place filled with diverse people who can enrich and learn from one another. We're committed to ensuring that everyone not only has a seat at the table but is valued and respected at it by providing equal opportunities to develop and thrive. We will constantly challenge ourselves to make sure that we live up to our ambitions around diversity, equity and inclusion, and keep this conversation open. Above all else, we understand and acknowledge that we have work to do and much to learn. Want to know more about candidate privacy? Find our Candidate Privacy Notice here.We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

A Few Words About Us Integrated Resources, Inc is a premier staffing firm recognized as one of the tri-states most well-respected professional specialty firms. IRI has built its reputation on excellent service and integrity since its inception in 1996. Our mission centers on delivering only the best quality talent, the first time and every time. We provide quality resources in four specialty areas: Information Technology (IT), Clinical Research, Rehabilitation Therapy and Nursing. Job Description: Network Security Analyst 6 months CTH • 3+ years of designing, implementing and supporting CISCO ISE is required Responsibilities: Work with vendor to ensure the quality design, implementation, installation/configuration, and provide technical admin support for Cisco ISE Authentication Authorization, Posture Assessment, and AnyConnect end point Malware Prevention solutions. • Upgrade Cisco ISE infrastructure including hardware, software, and AnyConnect • Perform Cisco ISE Authentication and Authorization • Enforce security Posture compliance for wired and wireless endpoints and enhance infrastructure security using the Cisco ISE • Deploy Cisco ISE Profiling and client provisioning services • Integrate Endpoint Malware Protection Services (AMP) with AnyConnect and Cisco ISE • Provide Reports, Monitoring, Troubleshooting, and Security Work with vendor on problem resolution Create policies and reports to meet the business requirements Participate in Planning, Design, and Tests Perform security audits, scan and monitor servers Investigate and report on security alerts and perform security incident reporting Requirements: Expert-level knowledge and experience with design, implementation and support of Cisco ISE 3-5 year of experience working with Network Security applications Complex routing and switching solutions (Cisco is a must, Nexus strongly preferred, other manufacturers are a plus) Advance knowledge of networking, TCP/IP, FTP, SCP, firewalls, ACLs, Authentication protocols, Authorization, VPN, PKI, RSA, and Encryption Knowledge of Directory Services including Active Directory, LDAP, and TDS Knowledge of F5 load balancers Knowledge of IT security principles, HIPAA, SOX and PCI regulations Knowledge of IDS/IPS, Malware Prevention (Sourcefire & Fireye desired, Palo Alto a plus) Business Analysis skills and ability to translate business requirements into technical requirements Excellent oral/written communication and organizational skills Security certification a plus such as CISSP, CEH or CISA Qualifications Bachelor's Degree in Computer Science, Programming, or IT required Additional Information Contact- 732-549-2030 ext 242 Harshad

The Bronx Defenders (BxD) is an innovative, progressive public defense office in the South Bronx. We are seeking a passionate technology professional with a commitment to public defense to join the Information Technology (IT) Team as an Information Governance & Security Manager. Founded in 1997, BxD is a public defender nonprofit that has developed a nationally recognized model of representation called holistic defense, which provides people with teams of lawyers, social workers, and advocates to defend them zealously in court and address the underlying drivers and enmeshed penalties of legal system involvement. Our office now has more than 400 staff members who defend nearly 20,000 New Yorkers facing incarceration, family separation, eviction, and deportation (among other devastating consequences) in criminal, family, civil, and immigration proceedings each year. We continue reimagining the role of public defense even further, using community organizing and engagement, legislative advocacy, and impact litigation to partner with the communities we represent to bring about long-lasting systemic change. We also share our model and lessons learned on how to move to a holistic model of representation with current and future public defenders throughout the country. Information Technology Our Information Technology (IT) department is our first line of support in assisting our dedicated staff of attorneys, advocates, social workers, and administrative professionals. Ultimately, the work of our department helps to advance the needs of our clients and facilitate the process by which their legal teams support and advocate for them to reach their goals. As the leading office in providing holistic representation, we stay abreast of innovative technological tools and resources that are used to support our staff and clients as they navigate the criminal, family, immigration, and civil court systems. From onboarding new employees to strengthening cybersecurity and modernizing our digital tools, the IT department is dedicated to creating an environment where technology empowers people, minimizes friction, and keeps our organization at the forefront of innovation in public defense. Responsibilities The Information Governance & Security Manager ensures that organizational information (case files, HR data, client records, financial systems) is managed securely, compliantly, and in alignment with regulatory requirements (CJIS, HIPAA, SHIELD). This role develops and enforces information governance policies, manages risk assessments and audits, and coordinates with the MSP and IT leadership to safeguard the integrity, availability, and confidentiality of organizational data. Responsibilities Own and update organizational information governance policies (data retention, access control, encryption, privacy) Coordinate audits and access reviews across systems (M365, LegalServer, HRIS, Finance) Review and respond to SOC/security alerts escalated from the MSP Lead development and testing of Business Continuity (BCP), Disaster Recovery (DRP), and Incident Response (IRP) plans Conduct quarterly data protection and compliance audits Partner with HR, Legal, and IT to enforce retention and preservation schedules Oversee data backup strategy (3-2-1 rule: cloud, onsite, offline) Provide reports on compliance posture and risk exposure to the IT Director and COO Stay current on changes to CJIS, HIPAA, SHIELD, and ABA confidentiality standards Stay current with emerging technologies, security practices, and industry standards relevant to the role, and provide recommendations for improvements Maintain awareness of ongoing IT initiatives, organizational priorities, and cross-departmental projects to ensure alignment with broader business goals Perform other related duties as assigned in response to organizational needs, new compliance requirements, or changes in technology Qualifications 6+ years in IT governance, compliance, or security roles Strong knowledge of NIST CSF, ISO 27001, ITIL Security Mgmt Hands-on experience with M365 Security & Compliance Center, Purview, Intune Familiarity with audits, penetration testing, and risk assessments Ability to develop, test, and maintain BCP/DRP/IRP Excellent communication and report-writing skills for technical and non-technical audiences Experience collaborating with MSPs, auditors, and cross-functional teams Bachelor's degree in Information Systems, Computer Science, Cybersecurity, or related field Professional Certifications (strongly preferred): CISSP,CISM,CISA, ISO 27001, Microsoft certified The following qualifications are preferred, but not : Experience in nonprofit, academic or healthcare environment Experience with unionized employees To cultivate the deep subject matter knowledge, strong interpersonal relationships and collaborative approach that are critical to the position's success, it is essential that the candidate be able to participate in-person and onsite in both internal and external meetings and events. This position has an onsite requirement of in-office, 5 days per week. Approximately 70% of The Bronx Defenders' staff, including attorneys and non-attorneys, are represented by UAW Local 2325 - Association of Legal Aid Attorneys (AFL-CIO). This position is not within the bargaining unit. Salary is commensurate with experience. The salary range for this position is $130,000 to $150,000 annually. Full-time employees are also eligible for a comprehensive benefits package including but not limited to medical, dental, and vision coverage; a 403(b) plan with employer contribution; and a generous vacation, sick leave, and parental leave policy To apply, please click APPLY TO THIS JOB ONLINE and upload your resume and cover letter in one document. Your resume will be used to determine your salary based on the number of years of directly relevant professional experience and should include all relevant professional experience. Applications without a written cover letter will not be considered. The Bronx Defenders is an equal opportunity employer and is cultivating a workplace that embraces staff with a diversity of backgrounds, identities, and experiences. We acknowledge the ways in which systemic oppression and injustice can undermine access to professional opportunities and are committed to conducting hiring and promotion processes that are equitable and accessible to those commonly excluded from the workforce. We do not discriminate against and encourage applicants from marginalized communities to apply, including those who identify as Black, Indigenous, people of color, queer, transgender, gender non-conforming, disabled, neurodivergent, and those directly impacted by criminal, civil, family, and immigration legal systems. We value lived as well as professional experience and particularly welcome applications from the Bronx community that we work with.

The Cloud Security Specialist is a senior technical and leadership position responsible for implementing, managing, and continuously improving cloud security across multi cloud environments including AWS, Azure, Google Cloud, and Oracle Cloud Infrastructure (OCI).This role combines hands on technical execution with team leadership. The successful candidate will lead a team of cloud security engineers, develop secure architectures, and manage enterprise grade cloud security solutions such as Cloud Security Posture Management (CSPM), Cloud Workload Protection (CWP), Container Security, API Security, and AI Security Posture Management (AISPM).The individual will partner with cloud service, DevOps, and application teams to design secure deployments, enforce policies, and integrate automation for vulnerability remediation, threat detection, and compliance. They will also implement secure private connectivity between cloud and on premise networks using technologies such as AWS PrivateLink and Azure ExpressRoute. Required Education/Experience * Master's Degree and with 3 years of relevant experience IT or Information security or * Bachelor's Degree and with 5 years of relevant experience IT or Information security or * Associate's Degree and with 6 years of relevant experience IT or Information security or * High School Diploma/GED and with 8 years of relevant experience IT or Information security. Preferred Education/Experience * Master's Degree in Cybersecurity, Computer Engineering, Computer Science, Information Systems Security, Information Technology. and 3 years in Information security, Cloud Security or Cloud Architect in a senior technical role. With certifications such as CCSP, AWS Certified Security, Azure Security Engineer Associate, or GCP Cloud Security Engineer. Experience in cloud security or cloud architecture. Experience with CSPM, CWP, AISPM, and API security implementations. Handson work with identity management, hybrid connectivity (PrivateLink, ExpressRoute). * Bachelor's Degree in Cybersecurity, Computer Engineering, Computer Science, Information Systems Security, Information Technology. and 5 years in Information security, Cloud Security or Cloud Architect in a senior technical role. With certifications such as CCSP, AWS Certified Security, Azure Security Engineer Associate, or GCP Cloud Security Engineer. Experience in cloud security or cloud architecture. Experience with CSPM, CWP, AISPM, and API security implementations. Handson work with identity management, hybrid connectivity (PrivateLink, ExpressRoute). Relevant Work Experience * Handson experience with at least two major cloud providers (AWS, Azure, GCP, or OCI), required. * Implementation and management experience with CSPM, CWP, AISPM, and API security platforms, required. * Knowledge of IAM, rolebased access control, and policy enforcement, required. * Experience integrating cloud telemetry and logs with SIEM tools, required. * Understanding of hybrid connectivity and private link technologies (PrivateLink, ExpressRoute), required. * Experience with scripting (Python, PowerShell, Bash) and automation, required. * Experience with WAF and cloud API gateway configurations, required. * Strong understanding of cloud network fundamentals and background in cloud network security, and secure architecture design, required. * Experience collaborating with cloud service teams for planning and remediation, required. * Experience implementing application security best practices and training engineering teams, required. * Familiarity with CDN operations, certificates, and brand monitoring preferred, required. * Experience with SIEM integration, telemetry collection, and event analysis, preferred. * Demonstrated experience leading technical teams or project groups, preferred. * Experience with Container Security, preferred. * Experience securing API endpoints and implementing advanced cloud application protections, preferred. * Knowledge of AI/ML data protection and secure model deployment practices, preferred. * Experience integrating security automation into DevSecOps workflows using Terraform or Ansible, preferred. * Experience developing and delivering cloud security training and awareness programs, preferred. Skills and Abilities * Effective leadership skills * Demonstrated problem solving skills * Demonstrated problem solving skills * Strong written and verbal communication skills * Ability to drive multiple projects to successful completion * Proactively approaches responsibilities Licenses and Certifications * Driver's License Required * Other: CISSP, CCNP Security, GSEC, GCIH, CEH, or equivalent certifications. Preferred * Other: CCSP, AWS Certified Security, Azure Security Engineer Associate, GCP Professional Cloud Security Engineer, or OCI Security Professional. Preferred Physical Demands * Ability to push, pull, and lift up to 25 pounds * Sit or stand to use a keyboard, mouse, and computer for the duration of the workday Additional Physical Demands * The selected candidate will be assigned a System Emergency Assignment (i.e., an emergency response role) and will be expected to work non-business hours during emergencies, which may include nights, weekends, and holidays. * The selected candidate will be assigned a System Emergency Assignment (i.e., an emergency response role) and will be expected to work non-business hours during emergencies, which may include nights, weekends, and holidays. Core Responsibilities * Lead and mentor a team of cloud security engineers, fostering technical excellence and professional growth. * Architect and maintain secure multi-cloud environments across AWS, Azure, GCP, and OCI in partnership with Enterprise Architecture. * Deploy and manage CSPM platforms to drive continuous visibility, compliance, and risk posture improvement. * Implement CWP solutions to protect cloud workloads, prevent threats, and manage vulnerabilities effectively. * Define and enforce IAM policies and least-privilege principles to strengthen identity security across all platforms. * Design and secure private and hybrid connectivity using technologies such as AWS PrivateLink, Azure ExpressRoute, and Google Cloud Interconnect. * Integrate cloud telemetry and security events with SIEM systems to enhance incident detection and response capabilities. * Automate provisioning, configuration, and remediation workflows using IaC tools like Terraform and Ansible, supported by Python or PowerShell scripting. * Implement and manage WAF policies and API gateways to safeguard cloud applications and services. * Partner with DevOps and engineering teams to embed security within CI/CD pipelines and promote secure development practices. * Collaborate with risk and architecture teams to assess emerging technologies and align them with enterprise security strategy. * Stay informed on evolving threats, regulatory frameworks, and AI security trends to continuously improve cloud security posture.

This role is located in New York City and will require a hybrid work schedule of at least 2 days in office per week. This role is for Vice President level candidates. About the Bank: Sumitomo Mitsui Trust Bank, Limited was established through the merger of The Sumitomo Trust and Banking Co., Ltd with Chuo Mitsui Trust and Banking, Ltd. on April 1, 2012. We are one of the largest asset managers in Asia and number one among Japanese financial institutions by AUM, with approximately $850 Billion USD in AUM. The Bank provides an assortment of financial solutions and manages a broad spectrum of financial products across its global branches. Department Overview: The Americas Division (“AD”) was established in the Sumitomo Mitsui Trust Bank, Limited, New York Branch) (“SMTBNY”) to perform corporate functions and supervise U.S. entities. Established under the AD are the “Global Banking Unit (“GBU”), Americas Division” and “Global Markets Unit (“GMU”), Americas Division” which performs business functions. Information Risk Governance (“IRG”) provides oversight to information and cyber security risk by maintaining and improving branch wide framework that is in-line with the Head Office and regulatory requirements and addresses Confidentiality, Integrity, and Availability for information assets. IRG establishes appropriate policies, procedures, measurement, and monitoring processes to proactively assess and evaluate cyber security and information security risks inherent in the Branch Operations. IRG is directly involved in all information and cyber security related projects, matters, and issues. Your Role Overview: To assist the Head of the Department with the day-to-day management and operation of the department. To assume the role of Information Security Officer and take the lead on overseeing the timely completion of the department's critical risk management projects. To provide direct assistance to the Head of the Department with regards to accomplishing the department's goals and objectives. To manage, guide and mentor other staff members with the preparation and completion of their assigned tasks. To contribute significantly to the overall success of the department in all key risk management and cyber security areas. Directly oversee completion of all critical projects, assist the HOD with implementing desired operational strategies and procedures. Recommend ways to improve efficiency, effectiveness, and productivity. Focus on proactive day-to-day operations. As ISO, assist with overseeing all information and cyber security matters. Your Duties and Responsibilities: Maintain and improve the information risk framework with guidance from HOD, address regulatory requirements, residual information risks specific to NY Branch Operations. Provide Information Security subject-matter-expertise to senior management. Work with IRT and coordinate incident responses to cyber security events. Keep abreast of industry wide information risk issues that could potentially have an impact on Branch Operations. Establish processes for communicating data classification guidelines and its governance. Oversee employee information security awareness training. Assesses and evaluates critical risk management projects: Annual Risk Assessment. Semi-annual Vulnerability Assessments. Special Risk Assessments done for a Particular Purpose Trend analysis of key risk management concepts and principles Attend the ISSRM and Branch Risk Management related meetings. Performs key information risk governance related tasks as described below: Provides User Access Control Governance. Monitors, analyzes and follows-up on Information Risk events/issues. Reviews information risk and proactively advises as necessary on: IT Projects/Issues Management process, Change Management Process, significant changes to IT procedures, IT Asset Management Report, key IT Vendor Contracts, IT Disaster Recovery Plan/Process, Record Retention Process, any related audit findings, etc. Establish and maintain Information Risk Key Risk Indicators (KRI). Periodically updates IT resources on Information risk related practices. Manages all information and cyber security policy and procedures manuals. Assist with the management of all matters related to Information Security and Information Risk Management, including directing appropriate Information/Applications Risk Assessments. Your Qualifications: Certification in Information Security (CISSP) required. 8+ years of Information Security related experience, IT Audit experience, preferred. Knowledge of Information Security principles, terminologies, and technologies required. Knowledge of Information Risk Management framework and principles required. Ability to analyze and design information security monitoring procedures and activities preferred. Detailed Knowledge and expertise in Technology Risk Assessments and Risk Analysis required. Excellent written and verbal communication skills, required. Good computer skills in Microsoft Office Excel and Word required. Strong project management and people management skills. preferred Why you should join SuMi Trust:SuMi Trust embraces flexible ways of working when the business and role permits. We provide employees with a hybrid working model, allowing for in-office work and work from home. Our diverse and inclusive environment along with our global presence enables us to collaborate and communicate to meet our business needs. We believe that efficient teams need truth, loyalty, and a strong sense of purpose to balance risk and their targets. We make sustainable business decisions to improve our society and the world. We believe that each person brings a unique value that drives the business though their creativity and passion. The Employee Benefits package includes: Paid Time Off, medical, HSA, vision, dental, FSA, 401(k), profit sharing, legal plan, cancer indemnity plan, disability insurance, life insurance, employee assistance program, commuter benefits, business travel accident, paid volunteer day, paid memberships, paid seminars, and tuition assistance. We offer many socialization opportunities for wellness, financial wellbeing, runs/walks, team building, happy hours, and activities to support the Sustainable Developmental Goals. Check out our LinkedIn for our employee experience: *************************************** We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, national origin, disability status, protected veteran status or any other characteristic protected by law. SuMi Trust provides reasonable accommodations for employees and applicants with disabilities consistent with applicable law. If you need a reasonable accommodation during the application

Job Title:Information Security Risk Compliance Manager Descrption Seeks an Information Security Risk Compliance Manager who will have the responsibility for several functions associated with IT security - from ensuring the security of software to selecting and/or constructing and deploying broader network security systems. Scope of Work Objectives: The Information Security Risk Compliance Manager oversees the organization's efforts in Risk assessment, Risk mitigation, Compliance management, Security governance, incident response, vendor risk management, Security awareness and training, Security audits and assessments, reporting and communication, continual improvement, and cross-functional collaboration. Their role is to ensure that the organization's systems, networks, and processes are secure, compliant with regulations and standards, and aligned with organizational goals and objectives. Requirements Responsibilities: Conduct risk assessments to identify potential threats and vulnerabilities to the organization. Develop and implement risk management strategies and policies to mitigate identified risks. Monitor and evaluate risk exposure across various departments and business units. Coordinate with stakeholders to ensure compliance with regulatory requirements and industry standards. Communicate risk management strategies and findings to senior management and relevant stakeholders. Lead the development and maintenance of the organization's risk register and risk management framework. Provide guidance and support to departments and teams in implementing risk mitigation measures. Conduct training and awareness programs on risk management principles and practices. Continuously monitor and review the effectiveness of risk management strategies and adjust as necessary. Stay updated on emerging risks and industry trends to proactively address potential threats to the organization. Maintain and enhance the company-wide security awareness program. Take ownership of establishing and enforcing security standards both within the team and across the organization. Work proactively and collaboratively to achieve change management and buy-in. Deliverables: Compliance Management: Ensure compliance with relevant regulations, standards, and frameworks such as GDPR, HIPAA, ISO 27001, NIST, etc., by establishing and maintaining appropriate controls and processes. Risk Mitigation: Develop and oversee risk mitigation strategies and controls to address identified security risks, including implementing technical controls, security best practices, and security awareness training programs. Incident Response: Develop and implement incident response plans and procedures to effectively respond to and manage security incidents, including data breaches, cyberattacks, and security breaches. Vendor Risk Management: Assess and manage risks associated with third-party vendors and service providers, including evaluating their security posture, conducting due diligence assessments, and ensuring contractual compliance. Cross-functional collaboration: Collaborate with IT teams, legal, HR, compliance, and other departments to ensure a holistic approach to information security risk management and compliance. Continual Improvement: Monitor industry trends, emerging threats, and regulatory changes to ensure that the organization's information security risk and compliance programs remain up-todate and effective. Preferred Skills: Excellent verbal and written communication skills. Ability to work both independently and as part of a team. Knowledge of Networking (Firewall, Networking Protocols); Working knowledge Frameworks Working knowledge of Information Security Domains Working knowledge of Security protocols Working knowledge of Cloud

Hours: 37.5 Line of Business: Technology Solutions Pay Details: 91,200 - 136,800 CAD TD is committed to providing fair and equitable compensation opportunities to all colleagues. Growth opportunities and skill development are defining features of the colleague experience at TD. Our compensation policies and practices have been designed to allow colleagues to progress through the salary range over time as they progress in their role. The base pay actually offered may vary based upon the candidate's skills and experience, job-related knowledge, geographic location, and other specific business and organizational needs. As a candidate, you are encouraged to ask compensation related questions and have an open dialogue with your recruiter who can provide you more specific details for this role. Job Description: TD Bank is seeking a strategic and technically skilled Manager to join our Information Security team, focused on strengthening our fraud detection, authentication, and CIAM (Customer Identity and Access Management) capabilities. This role will lead the expansion of our monitoring and alerting footprint across enterprise platforms, ensuring control effectiveness, regulatory alignment, and rapid incident response in a complex financial environment. Key Responsibilities * Lead the design and deployment of monitoring and alerting strategies using Splunk, Datadog, Dynatrace, and Databricks across TD's digital ecosystem * Define alert thresholds and tuning logic to minimize false positives while maintaining high sensitivity to fraud and access anomalies * Oversee triage workflows for triggered alerts, coordinating with global teams to ensure timely investigation and resolution * Develop governance frameworks for alert lifecycle management, including setup, ownership, escalation, and audit readiness * Monitor control effectiveness across CIAM, authentication, and fraud domains, driving continuous improvement * Collaborate with fraud and cybersecurity teams to support incident investigations and mitigation strategies * Analyze alert trends and performance metrics to inform strategic improvements and risk prioritization * Champion automation and workflow optimization for alert handling, reporting, and compliance documentation * Ensure alignment with TD's enterprise risk management and regulatory obligations (e.g., OSFI, OCC) * Provide mentorship and leadership within the security monitoring team, fostering a culture of accountability and innovation Required Qualifications & Expertise * 5+ years of experience in information security, CIAM/fraud detection, or observability engineering within financial services * Hands-on expertise with Splunk, Datadog, Dynatrace, and Databricks for alert creation, analytics, and dashboarding * Strong understanding of CIAM, authentication protocols, and fraud risk indicators in regulated environments * Experience designing governance frameworks and control monitoring programs aligned with financial compliance standards * Proven ability to lead cross-functional teams and drive incident response processes across geographies * Excellent communication and documentation skills, with a strategic mindset and attention to regulatory detail Who We Are: TD is one of the world's leading global financial institutions and is the fifth largest bank in North America by branches/stores. Every day, we deliver legendary customer experiences to over 27 million households and businesses in Canada, the United States and around the world. More than 95,000 TD colleagues bring their skills, talent, and creativity to the Bank, those we serve, and the economies we support. We are guided by our vision to Be the Better Bank and our purpose to enrich the lives of our customers, communities and colleagues. TD is deeply committed to being a leader in customer experience, that is why we believe that all colleagues, no matter where they work, are customer facing. As we build our business and deliver on our strategy, we are innovating to enhance the customer experience and build capabilities to shape the future of banking. Whether you've got years of banking experience or are just starting your career in financial services, we can help you realize your potential. Through regular leadership and development conversations to mentorship and training programs, we're here to support you towards your goals. As an organization, we keep growing - and so will you. Our Total Rewards Package Our Total Rewards package reflects the investments we make in our colleagues to help them and their families achieve their financial, physical, and mental well-being goals. Total Rewards at TD includes a base salary, variable compensation, and several other key plans such as health and well-being benefits, savings and retirement programs, paid time off, banking benefits and discounts, career development, and reward and recognition programs. Learn more Additional Information: We're delighted that you're considering building a career with TD. Through regular development conversations, training programs, and a competitive benefits plan, we're committed to providing the support our colleagues need to thrive both at work and at home. Please be advised that this job opportunity is subject to provincial regulation for employment purposes. It is imperative to acknowledge that each province or territory within the jurisdiction of Canada may have its own set of regulations, requirements. Colleague Development If you're interested in a specific career path or are looking to build certain skills, we want to help you succeed. You'll have regular career, development, and performance conversations with your manager, as well as access to an online learning platform and a variety of mentoring programs to help you unlock future opportunities. Whether you have a passion for helping customers and want to expand your experience, or you want to coach and inspire your colleagues, there are many different career paths within our organization at TD - and we're committed to helping you identify opportunities that support your goals. Training & Onboarding We will provide training and onboarding sessions to ensure that you've got everything you need to succeed in your new role. Interview Process We'll reach out to candidates of interest to schedule an interview. We do our best to communicate outcomes to all applicants by email or phone call. Accommodation Your accessibility is important to us. Please let us know if you'd like accommodations (including accessible meeting rooms, captioning for virtual interviews, etc.) to help us remove barriers so that you can participate throughout the interview process. We look forward to hearing from you! Language Requirement (Quebec only): Sans Objet

The Cloud Security Specialist is a senior technical and leadership position responsible for implementing, managing, and continuously improving cloud security across multi cloud environments including AWS, Azure, Google Cloud, and Oracle Cloud Infrastructure (OCI).This role combines hands on technical execution with team leadership. The successful candidate will lead a team of cloud security engineers, develop secure architectures, and manage enterprise grade cloud security solutions such as Cloud Security Posture Management (CSPM), Cloud Workload Protection (CWP), Container Security, API Security, and AI Security Posture Management (AISPM).The individual will partner with cloud service, DevOps, and application teams to design secure deployments, enforce policies, and integrate automation for vulnerability remediation, threat detection, and compliance. They will also implement secure private connectivity between cloud and on premise networks using technologies such as AWS PrivateLink and Azure ExpressRoute. Required Education/Experience Master's Degree and with 3 years of relevant experience IT or Information security or Bachelor's Degree and with 5 years of relevant experience IT or Information security or Associate's Degree and with 6 years of relevant experience IT or Information security or High School Diploma/GED and with 8 years of relevant experience IT or Information security. Preferred Education/Experience Master's Degree in Cybersecurity, Computer Engineering, Computer Science, Information Systems Security, Information Technology. and 3 years in Information security, Cloud Security or Cloud Architect in a senior technical role. With certifications such as CCSP, AWS Certified Security, Azure Security Engineer Associate, or GCP Cloud Security Engineer. Experience in cloud security or cloud architecture. Experience with CSPM, CWP, AISPM, and API security implementations. Handson work with identity management, hybrid connectivity (PrivateLink, ExpressRoute). Bachelor's Degree in Cybersecurity, Computer Engineering, Computer Science, Information Systems Security, Information Technology. and 5 years in Information security, Cloud Security or Cloud Architect in a senior technical role. With certifications such as CCSP, AWS Certified Security, Azure Security Engineer Associate, or GCP Cloud Security Engineer. Experience in cloud security or cloud architecture. Experience with CSPM, CWP, AISPM, and API security implementations. Handson work with identity management, hybrid connectivity (PrivateLink, ExpressRoute). Relevant Work Experience Handson experience with at least two major cloud providers (AWS, Azure, GCP, or OCI), required. Implementation and management experience with CSPM, CWP, AISPM, and API security platforms, required. Knowledge of IAM, rolebased access control, and policy enforcement, required. Experience integrating cloud telemetry and logs with SIEM tools, required. Understanding of hybrid connectivity and private link technologies (PrivateLink, ExpressRoute), required. Experience with scripting (Python, PowerShell, Bash) and automation, required. Experience with WAF and cloud API gateway configurations, required. Strong understanding of cloud network fundamentals and background in cloud network security, and secure architecture design, required. Experience collaborating with cloud service teams for planning and remediation, required. Experience implementing application security best practices and training engineering teams, required. Familiarity with CDN operations, certificates, and brand monitoring preferred, required. Experience with SIEM integration, telemetry collection, and event analysis, preferred. Demonstrated experience leading technical teams or project groups, preferred. Experience with Container Security, preferred. Experience securing API endpoints and implementing advanced cloud application protections, preferred. Knowledge of AI/ML data protection and secure model deployment practices, preferred. Experience integrating security automation into DevSecOps workflows using Terraform or Ansible, preferred. Experience developing and delivering cloud security training and awareness programs, preferred. Skills and Abilities Effective leadership skills Demonstrated problem solving skills Demonstrated problem solving skills Strong written and verbal communication skills Ability to drive multiple projects to successful completion Proactively approaches responsibilities Licenses and Certifications Driver's License Required Other: CISSP, CCNP Security, GSEC, GCIH, CEH, or equivalent certifications. Preferred Other: CCSP, AWS Certified Security, Azure Security Engineer Associate, GCP Professional Cloud Security Engineer, or OCI Security Professional. Preferred Physical Demands Ability to push, pull, and lift up to 25 pounds Sit or stand to use a keyboard, mouse, and computer for the duration of the workday Additional Physical Demands The selected candidate will be assigned a System Emergency Assignment (i.e., an emergency response role) and will be expected to work non-business hours during emergencies, which may include nights, weekends, and holidays. The selected candidate will be assigned a System Emergency Assignment (i.e., an emergency response role) and will be expected to work non-business hours during emergencies, which may include nights, weekends, and holidays. Core Responsibilities Lead and mentor a team of cloud security engineers, fostering technical excellence and professional growth. Architect and maintain secure multi-cloud environments across AWS, Azure, GCP, and OCI in partnership with Enterprise Architecture. Deploy and manage CSPM platforms to drive continuous visibility, compliance, and risk posture improvement. Implement CWP solutions to protect cloud workloads, prevent threats, and manage vulnerabilities effectively. Define and enforce IAM policies and least-privilege principles to strengthen identity security across all platforms. Design and secure private and hybrid connectivity using technologies such as AWS PrivateLink, Azure ExpressRoute, and Google Cloud Interconnect. Integrate cloud telemetry and security events with SIEM systems to enhance incident detection and response capabilities. Automate provisioning, configuration, and remediation workflows using IaC tools like Terraform and Ansible, supported by Python or PowerShell scripting. Implement and manage WAF policies and API gateways to safeguard cloud applications and services. Partner with DevOps and engineering teams to embed security within CI/CD pipelines and promote secure development practices. Collaborate with risk and architecture teams to assess emerging technologies and align them with enterprise security strategy. Stay informed on evolving threats, regulatory frameworks, and AI security trends to continuously improve cloud security posture.