Information security analyst jobs in Pittsburg, CA

Role: Cybersecurity Manager Duration: 6+ months Overview: The Cybersecurity Manager leads global cybersecurity operations, incident response, cloud security, and vulnerability management across IT, OT, and cloud environments. This role drives security maturity by overseeing Security Operations (SOC), continuous threat exposure management (CTES), and proactive risk reduction initiatives. The role ensures the organization's security posture aligns with enterprise risk, Zero Trust principles, and regulatory frameworks including ISO 27001, NIST, and ITAR. Key Responsibilities:Lead cybersecurity operations, including SOC oversight, threat detection, endpoint security, and continuous threat exposure monitoring across identity, endpoint, network, and cloud attack surfaces. Manage incident response for ransomware, APTs, insider threats, and major security events, leveraging threat intelligence, exposure context, and automation to prioritize response efforts. Oversee vulnerability, configuration, and exposure management programs using platforms such as Tenable, Automox, and CrowdStrike, ensuring remediation is risk-based and threat-informed. Strengthen cloud and identity security across Azure, Entra ID, and Microsoft 365, with a focus on reducing attack paths, misconfigurations, and identity-based exposures. Implement Zero Trust architecture, secure configuration baselines, and attack surface reduction strategies across enterprise environments. Support compliance efforts aligned with ISO 27001, NIST CSF / 800-53 / 800-171, ITAR, GDPR, HIPAA, and PCI, ensuring CTES practices support audit and risk requirements. Lead and mentor global cybersecurity teams, contractors, and MSSP partners, ensuring SOC, CTES, and IR functions operate as a unified security program. Provide executive-level reporting on risk posture, threat exposure trends, incidents, and security metrics, translating technical exposure into business risk. Requirements:10+ years of cybersecurity experience, including leadership of security operations, SOC, or enterprise security programs. Strong background in SOC operations, incident response, EDR/XDR, SIEM/SOAR, and continuous threat exposure or attack surface management. Hands-on experience with tools such as Microsoft Sentinel, XSOAR, CrowdStrike, Defender, and Tenable, with the ability to correlate exposure data, threat intelligence, and detection signals. Demonstrated experience implementing CTES / CTEM practices, including exposure prioritization, attack path analysis, and proactive risk reduction. Solid understanding of ISO 27001, NIST frameworks, ITAR, and enterprise regulatory environments. Strong communication skills with the ability to lead teams, influence stakeholders, and present exposure-driven risk insights to executives.

We are seeking a Cybersecurity Risk Analyst to support managing and mitigating security risks across processes, technologies, and cloud environments. The ideal candidate will combine technical expertise, business acumen, and cybersecurity experience to advise partners, assess risks, and drive improvements in secure operations. This role requires hands on experience with Kusto Query Language (KQL), cloud security, and risk assessment, as well as the ability to communicate effectively with stakeholders at all levels. Must be local to San Francisco or Los Angeles (LA) or Salt Lake City (SLC). Responsibilities: Support risk strategies by identifying and mitigating security risks in bank systems and processes. Apply and interpret security policies, provide guidance and input on policy enhancements. Advise business and technical partners on security controls, procedures, and best practices. Assess cloud and on-prem environments to identify risks and recommend control improvements. Conduct security control assessments, document findings, and develop actionable remediation plans. Evaluate third-party vendors to determine shared security responsibilities and associated risks. Communicate security risks and mitigation strategies effectively to technical teams and executives. Collaborate across teams to drive secure operations and deliver results in a fast-paced environment. Qualifications: Bachelor's degree in Cybersecurity, Information Security, Computer Science, or related technical discipline (or equivalent experience). 3+ years of experience in cybersecurity, information security, or technology risk management. Proficiency in Kusto Query Language (KQL) for data analysis, log correlation, and threat detection. In-depth understanding of security frameworks such as NIST, ISO 27001, or FedRAMP. Demonstrated experience assessing and improving security posture across Cloud (Azure, AWS) and on-premises environments. Proven ability to conduct security control assessments, identify risk exposures, and develop actionable remediation plans. Skilled at translating technical security concepts into clear, business-relevant insights for stakeholders and executives. Excellent communication, collaboration, and interpersonal skills, with a focus on building trusted partnerships across technical and business teams. Strong organizational and analytical skills, with the ability to manage multiple initiatives in a fast-paced, results-driven environment.

About the Company Atomus' mission is to provide world class cybersecurity for the world's most critical organizations. We build security compliance software delivered as managed services sold directly, with relevant professional services and support. Examples of our commercial customers include hypersonic aircraft companies, satellite and space mission systems companies, AI and software companies, among many other companies serving primarily the aerospace and defense industry. At Atomus we are hardworking, we move fast, and we put our customers first. About the Role As a Cybersecurity Engineer will work closely with customers to help them implement and fully leverage Atomus' cybersecurity products, maintain compliance with NIST 800-171 and CMMC cybersecurity standards, and solve technical challenges. Our customers depend on Atomus to manage and secure their Windows, MacOS, Ubuntu, iOS, Android devices, and Firewalls while ensuring compliance. We aim to provide the best possible support when they have questions. Our team's main goal is to simplify our customers' lives, for compliance and security. You will serve as the voice of the customer by sharing their feedback and insights with our product team and reporting any issues to our software engineers. We take pride in delivering amazing experiences for our customers. Responsibilities Manage and guide new customers through the onboarding process, ensuring proper setup, configuration, and alignment with their security programs and establishing baseline compliance requirements of NIST 800-171 and CMMC while performing technical tasks/project management required for onboardings. Serve as the first point of contact for technical inquiries, providing debugging, troubleshooting, and solutions for technical IT/security issues related to the Atomus platform. Work closely with internal teams (sales, product, engineering) along with partners/vendors for customer requirements to communicate customer feedback and advocate for customer needs in product development and rolling out 3rd party products. Assist customers in managing and maintaining NIST 800-171 and CMMC compliance requirements, ensuring IT documentation is updated and maintained. Required Skills Experience in a customer-facing technical role, IT administrator, solutions engineer, Technical Customer Success, or TAM role preferably in cybersecurity or compliance. Strong experience with cybersecurity frameworks and technologies (e.g., NIST, CMMC, firewalls, routers, encryption tools). Intermediate networking knowledge of WAN and LAN connectivity, routers, firewalls, switches, security, etc. Experience with Microsoft Intune, Active Directory, Windows, MacOS and ABM, as well as mobile platforms like Android and iOS. Advanced understanding of Microsoft products (Exchange, SharePoint, Windows, Windows Server, Active Directory, etc.). Familiarity with command-line tools (e.g., PowerShell, Terminal) for troubleshooting and deployment. Strong troubleshooting skills, particularly related to network security, software issues, and IT environments. Excellent verbal and written communication skills; ability to explain complex topics to both technical and non-technical audiences. Applicants must have strong emotional intelligence to intuit and match customer sentiment for effective communication. Preferred Skills Prior experience with NIST 800-171, CMMC, or other compliance standards. Ability to manage multiple customer accounts and onboarding projects simultaneously. Familiarity with CRM platforms (HubSpot), and compliance documentation tools while managing SLAs which include customer satisfaction, initial response, and issue resolution times.

Job Title: Security Engineer Department: IT Reports to: IT Manager Job Overview: The Security Engineer is responsible for designing, implementing, and managing the security infrastructure that protects our applications, data, and networks. This role plays a critical part in threat detection, risk mitigation, and the development of secure architectures while ensuring compliance with industry standards and regulatory requirements. Primary Responsibilities: Design, deploy, and manage security tools and technologies (e.g., firewalls, SIEM, IDS/IPS, endpoint protection). Monitor systems and networks for security events, investigate incidents, and lead remediation efforts. Perform threat modeling, risk assessments, and application security reviews. Conduct vulnerability assessments and penetration tests to identify and address security gaps. Develop, implement, and maintain security policies, standards, and procedures aligned with frameworks such as NIST, ISO 27001, SOC 2, and GDPR. Build and maintain secure cloud and infrastructure configurations (e.g., GCP, Oracle Cloud). Conduct code and architecture reviews with a focus on security best practices. Partner with DevOps, IT, and engineering teams to integrate security across the software development lifecycle (DevSecOps). Stay informed about emerging threats, vulnerabilities, and regulatory updates (e.g., ISO 27001, ITAR, CMMC 2.0). Deliver security awareness training to internal teams. Collaborate with compliance, legal, and business stakeholders to support audits and regulatory obligations. Qualifications: Bachelor's degree in Computer Science, Cybersecurity, or a related field. 5+ years of hands-on cybersecurity experience. Strong knowledge of security frameworks and protocols (e.g., NIST, ISO 27001, SOC 2, CIS). Expertise in network security, system hardening, and secure coding practices. Practical experience with SIEM, IDS/IPS, EDR, firewalls, and vulnerability management tools. Due to U.S. export control laws and regulations (ITAR), this position requires U.S. Person status. Preferred: Industry certifications such as CISSP, OSCP, or GIAC. Experience with security audits, penetration testing, or participation in red/blue team exercises. Strong communication skills with the ability to articulate complex security concepts to both technical and non-technical audiences. Experience in an Electronics Manufacturing environment is a plus.

The Endpoint Security Architect will be responsible for designing, assessing, and enhancing the organization's endpoint security posture across laptops, desktops, mobile devices, servers, and VMs. This role ensures alignment of endpoint operations, policies, and enforcement mechanisms with industry standards (NIST), organizational security policies, and regulatory requirements. The ideal candidate has deep experience with EDR/XDR, AV, MDM/Intune, device compliance, endpoint hardening, and integration with SIEM/SOAR/AD environments. Key Responsibilities: 1. Endpoint Security Architecture & Design Review and enhance endpoint architecture, including AV, EDR solutions. Evaluate endpoint configuration, control enforcement, coverage, and security baselines. Assess integration of endpoint platforms with SIEM, SOAR, Active Directory, Intune/MDM, and CMDB. Review architectural components, telemetry flow, and sensor deployment methodology. Validate data exchange between endpoint security tools and central monitoring systems. 2. Policy & Governance Ensure endpoint security operations align with organizational security policies. Review and update endpoint security policies aligned with NIST standards. Validate roles & responsibilities across IT, SecOps, and endpoint management teams. Evaluate policy coverage including patching, EDR/AV, device onboarding, and compliance. 3. Endpoint Operations & Integration Assess GPOs, MDM/Intune policies, device configuration profiles, and enforcement controls. Review endpoint discovery & profiling mechanisms to identify unmanaged/rogue devices. Validate tagging, categorization, and asset mapping across EDR platforms and CMDB. Check integration with NAC, SIEM, AD, vulnerability management, and patching tools. 4. Risk Management, Patching & Compliance Review patch management and vulnerability remediation processes across endpoints. Verify endpoint compliance monitoring, dashboards, and alerting workflows. Assess patching SLAs, automation processes, and compliance reporting. Skills & Qualifications Technical Skills Strong expertise in EDR/XDR platforms (e.g., CrowdStrike, Defender for Endpoint, Trellix, SentinelOne). Hands-on experience with Intune/MDM, SCCM, JAMF, or similar device management tools. Solid understanding of SIEM/SOAR platforms and AD integration. Strong knowledge of NIST CSF, NIST 800-53/171, CIS benchmarks, and endpoint hardening. Familiarity with NAC, vulnerability management, and patching tools (Tenable, Qualys, BigFix, etc.). Experience designing endpoint security architectures for large enterprises.

Help support the CISO at one of the world's largest venture capital firms, working at the intersection of cloud security, AI and cutting-edge technology. You'll be joining a lean and highly technical security team, where your impact will be immediate and visible. This role is balanced between seniority and technical depth. You'll be trusted to support and advise the CISO, contribute to strategic decisions and act a senior technical voice, while remaining deeply hands-on as a cloud security engineer. The environment is heavily cloud based, (primarily Azure, with some AWS) and increasingly focussed on AI platforms and MCP workloads. You'll work closely with AI development, data engineering and platform teams to ensure security is embedded. Ideally, you'll be coming from a similar role, operating in a senior position while remaining technical day-to-day, with coding in python, terraform or SQL. Whilst this role requires general security experience, you will need to have a background specifically in cloud security. This role is based in Menlo Park. Interested in finding out more? No up-to-date resume required.

Job Title: IT Analyst Duration: 36+ months contract Roles/Responsibilities: Deliverables: Help Desk and End-User Support: The IT Consultant shall provide Tier 1 and Tier 2 support to State staff for OIG-HSR IT tools used for the ARS and WCRIS systems. SOW Section 8.1 Current Inventory and Environment describes the OIG HSR's equipment and services for which this support will be needed. These services may include but not be limited to troubleshooting desktops, laptops, mobile devices, peripheral equipment, and other OIG-HSR IT resources, diagnosing and resolving software, hardware, and network connectivity issues, supporting access to State systems and enterprise applications, and assisting users with VPN or remote access. Issues that cannot be resolved at the consultant level shall be escalated to the appropriate State staff or contractor. IT goods and services for which Help Desk and End-User support will be provided are described below in the section OIG-HSR To ensure accountability and transparency, the IT Consultant shall deliver monthly summaries of incidents and service requests, as well as monthly updates to the State's knowledge base of frequently asked questions and support procedures. Deliverables include: • Incident/Service Request Logs (monthly summary of tickets opened, resolved, pending) • User Support Knowledge Base Updates (monthly, updated FAQs and SOPs) Security and Compliance Support: The IT Consultant shall support the OIG-HSR's development and implementation of information security policies and procedures by: Identifying information security requirements applicable to the OIG-HSR's ARS and WCRIS systems; Developing policies and procedures for complying with those requirements. Training OIG-HSR staff on the information security policies and procedures. Monitoring and reporting to OIG-HSR leadership regarding compliance with information security policies and procedures Maintaining documentation demonstrating continuous compliance with requirements Timely developing and submitting required information technology reports to CDT and other oversight entities. Applying security patches, ensuring antivirus and endpoint protection measures are operational. Promptly reporting any identified security incidents in accordance with policy and procedure and supporting mitigation and resolution activities. Deliverables include: System Security Plan identifying needed information security policies and procedures and a schedule for developing each. Information Security Policies and Procedures Patch & Update Compliance Report (quarterly) Security Incident Log & Response Report (as needed) Asset and Inventory Management: The IT Consultant shall assist the State in managing IT equipment and software assets by creating and maintaining accurate inventory records of desktops, laptops, mobile devices, printers, and other technology. The IT Consultant shall support refresh cycles by preparing and deploying new hardware and software, while ensuring retired equipment is properly tracked and removed from the active inventory. Deliverables shall include an annual IT asset inventory report, along with deployment checklists and acceptance forms for each refresh or rollout. Deliverables include: IT Asset Inventory IT Asset Inventory Report (annual, reconciled against OIGHSR records) Deployment Checklist/Acceptance Form for all new hardware/ software rollouts Documentation and Knowledge Transfer: The IT Consultant shall capture recurring technical issues, resolutions, and procedures in order to enhance organizational knowledge. In addition, the IT Consultant shall deliver training sessions for State staff on new technologies, processes, or common issues relevant to the ARS and WCRIS systems to strengthen internal capabilities. Documentation shall include updated standard operating procedures reviewed biannually and a comprehensive knowledge transfer package at the conclusion of the engagement to ensure continuity of operations. Project Participation and Reporting: The IT Consultant shall actively participate in the OIG-HSR's ARS & WCRIS IT Projects. This includes preparing status updates pertaining to assigned project implementation roles, attending meetings, and coordinating with the PM Consultant, CDT, or OIG-HSR staff as needed. This also includes managing maintenance and operations for the two projects, and adhering to, implementing, and updating the Maintenance and Operations Transition Management Plan. Deliverables include: Reports as directed by OIG-HSR Updates as needed to the Maintenance and Operations Transition Management Plan Additional IT Support as Needed: The IT Consultant shall provide additional IT support to the OIG-HSR as requested. This support may include identifying, evaluating, procuring, implementing, and maintaining IT goods and services needed to support the ARS and WCRIS systems and providing IT subject matter expertise to support audit and investigative teams. Regular Status Reports: Present and deliver written and verbal weekly reports that include an overview of: Completed and upcoming activities • Status of IT Consultant tasks • Status of outstanding incident/service request • Other items as requested by the Project DirectorThe Contractor will deliver these oral reports to the OIG-HSR Project Director. Attend OIG-HSR staff and management meetings to provide updates on the Projects as directed by the Project Director. Mandatory Skills: Key personnel must have a minimum of five (5) years of experience applying analytical processes on IT projects. At least three (3) years of that experience must have been in systems analysis and design. Key personnel must have a minimum of three (3) years of recent, full-time experience providing IT support services (help desk, desktop, or end-user support) within the last ten (10) years. Key personnel's experience must include troubleshooting and resolving hardware, software, and network connectivity issues in a business or government environment. Key personnel must have working knowledge of state of California information security requirements, including SIMM 5300. Key personnel must have a minimum of one (1) year experience supporting California state agencies or departments in developing and implementing information security policies and procedures. Key personnel must have a CompTIA A+, Network+, Security+, or ITIL certification. A copy of certification must be provided with the offer. The certificate must be active and not expired by the time of offer submission and certification must be maintained during the contract term. Equivalent certifications may be accepted at the State's discretion. Key personnel must possess a bachelor's degree. Additional qualifying project management experience may be substituted for the required education on a year-for-year basis, up to four (4) years. Desirable Skills: More than one (1) year experience supporting California state agencies or departments in developing and implementing information security policies and procedures. Experience applying analytical and technical skills to assist in implementing business solutions, including some or all of the following tasks: Documenting an organization's current business process flows Identifying and documenting functional requirements for information systems Working with a product manager to define a product approach to meet user needs Designing, coding and testing functional components of information systems according to project specifications Developing project documentation and user training materials according to program specifications Conducting user training sessions

Create the product vision, customer persona identification, product framework for IT's compliance practices including the scopes of SOX and GxP Our client is a public biopharmaceutical company that is regulated by different governmental agencies. It is important that IT operates in a manner that is consistent, accurate, and high quality so that they stay in compliance with GxP and SOX procedures, protocols and audits. This role collaborates with IT members, QA leadership, Finance/SOX leadership, to align plans and activities to achieve successful results for GxP and SOX. ESSENTIAL DUTIES/RESPONSIBILITIES: Manage our IT systems' SOX related Governance, Risk and Compliance (SAP-GRC) component, framework and operations to maintain high quality and transparent results. Collaborate and work closely with Finance teams to set expectation and align activities. Oversee the cyclical SOX evidence sample selection, collection, data analysis, corrective actions and actively participate with the internal and external audit processes Drive the SOX Segregation of Duty analysis and related actions Ensure that IT Product Owners and product teams operate their SOX procedures with exceptions Coordinate and collaborate with business partners (e.g. Finance SOX Operations, Corporate Quality Assurance) to set priorities and directions to achieve reliable and optimal results for accurate and quality operations with successful compliance results. Represent IT's philosophy and operational requirements to our business partners Experience: Minimum of 5 years of experience with SOX compliance. Minimum of 3 years of experience managing SAP-GRC, ITGC, and SOX Experience leading IT GxP compliance practices Experience with operating and testing SOX controls a plus (in accordance with Governance Risk Compliance framework). Knowledge, Skills and Abilities: General knowledge of the Sarbanes-Oxley Act and the application to IT General knowledge of SOX IT controls and the operations and execution of SOX IT Controls Advance skills and abilities managing consultants and Managed Service Providers Comprehensive experience with IT development lifecycle and support methodologies Comprehensive experience with project management The salary range provided for this contract role represents our good faith estimate for this position. Within the range, individual offers will vary based on the selected candidate's experience, industry knowledge, technical and communication skills, location and other factors that may prove relevant during the interview process (W2 or C2C). In addition to compensation, the company provides eligible W2 employees with a comprehensive and highly competitive benefits package. I.T. Solutions, Inc. provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.

About Company, Droisys is an innovation technology company focused on helping companies accelerate their digital initiatives from strategy and planning through execution. We leverage deep technical expertise, Agile methodologies, and data-driven intelligence to modernize systems of engagement and simplify human/tech interaction. Amazing things happen when we work in environments where everyone feels a true sense of belonging and when candidates have the requisite skills and opportunities to succeed. At Droisys, we invest in our talent and support career growth, and we are always on the lookout for amazing talent who can contribute to our growth by delivering top results for our clients. Join us to challenge yourself and accomplish work that matters. We're hiring Senior Backend Engineer - Cloud Security in Sunnyvale, CA What You Will Do Build containerized microservices and related components for a multi-tenant, distributed system that ingests and processes real-time cloud events, system telemetry, and network data across major cloud platforms. Your work will enable customers to detect risks and strengthen their cloud security posture. Mentor junior engineers, interns, and new graduates, helping them develop strong technical skills and become effective contributors. Write production-quality software primarily in Java using Spring Boot, and work extensively with Kafka, SQL, and other data interfaces. Work within a Kubernetes-based service infrastructure, while learning new technologies as needed. Take ownership of major features and subsystems through the entire development lifecycle-requirements, design, implementation, deployment, and customer adoption. Participate in operational responsibilities, gaining firsthand experience with real-world performance, reliability, and support scenarios-informing how you design and build better systems. Prioritize quality at every stage, performing thorough developer testing, functional validation, integration checks, and performance testing to ensure highly resilient systems. Collaborate closely with Product Management to review, refine, and finalize requirements. Develop a deep understanding of customer needs by engaging with peers, stakeholders, and real-world use cases. What You Bring Bachelor's degree in computer science or similar (Master's preferred). 5+ years of experience building scalable, distributed systems. Passion for software engineering, continuous learning, and working in a collaborative environment. Hands-on experience with AWS, Azure, or GCP, with strong familiarity at the API/programming level. Experience with networking and/or security concepts is a plus. Experience developing containerized services on Kubernetes is strongly desired. Strong programming experience in Java/Spring Boot or Golang. Experience building or using REST APIs. Knowledge of infrastructure-as-code tools such as CloudFormation, Terraform, or Ansible is a plus. Understanding of TCP/IP networking fundamentals. Experience developing in Unix/Linux environments. Droisys is an equal opportunity employer. We do not discriminate based on race, religion, color, national origin, gender, gender expression, sexual orientation, age, marital status, veteran status, disability status or any other characteristic protected by law. Droisys believes in diversity, inclusion, and belonging, and we are committed to fostering a diverse work environment

Security Architect / Implementation Engineer Duration: 6 Months contract with possibility of extension We are seeking a highly skilled Security Architect / Security Implementation Engineer with expertise in designing, implementing, and integrating Google Cloud Security Command Center (SCC), Chronicle SIEM, and Cybereason XDR. The candidate will be responsible for architecting the end-to-end solution, implementing GCP native security controls, integrating third-party security tools, and producing detailed design and operational documentation. Key Responsibilities: Design and architect cloud-native security controls in GCP aligned with security and compliance frameworks (CIS, ISO 27001, NIST, etc.). Implement Google Security Command Center (SCC) for threat detection, vulnerability management, and risk insights. Architect and configure Chronicle SIEM for log ingestion, correlation, and advanced threat analytics. Integrate Cybereason XDR with SCC, Chronicle, and other security tools to establish end-to-end threat detection and response workflows. Define use cases, rules, policies, and security playbooks to automate detection and response. Document the solution architecture, design decisions, configuration standards, and integration workflows. Conduct knowledge transfer sessions with security operations and support teams. Collaborate with GCP Cloud Platform teams, SOC teams, and compliance teams to align solutions with enterprise policies. Required Skills & Experience: 8-12 years of overall IT security experience with at least 4-5 years in Google Cloud Security. Proven experience with Google Security Command Center (SCC), Chronicle SIEM, and XDR platforms (Cybereason preferred). Strong knowledge of GCP IAM, VPC Service Controls, Cloud Armor, DLP, Cloud Logging, Cloud Monitoring. Hands-on experience in integrating SIEM, XDR, and native GCP security tools. Experience with Terraform, Deployment Manager, or automation frameworks for security deployment. Strong documentation and presentation skills. Security certifications preferred: Google Professional Cloud Security Engineer, GCP Professional Architect, CISSP, CISM, CCSP.

Job Description Forhyre is seeking a talented individual that will be able to provide security architecture support and interface across the program as needed. This support includes, but is not limited to, cybersecurity solutions, providing technical strategy for solutions, guidance, policy, and implementations. The successful candidate for this position is a highly motivated individual, with a strong IT security background who excels integrating, operating, and deploying security technology and solutions and interacts well with both internal teams and clients. Note: U.S. citizens and those authorized to work in the U.S. are encouraged to apply. We are unable to sponsor at this time. Responsibilities: Engineer, implement and monitor security measures for the protection of computer systems, networks and information Develop and implement security policies and controls to support the Cyber Security framework Manage the existing cyber security training program across global, multilingual business Assists in ensuring global Information security program meets all industry regulations, standards, and compliance requirements Drive adoption of infrastructure security best practices and work with Information Technology teams to ensure security standards are maintained Implement technology to proactively scan Information Technology environment for security breaches and suspicious activity Continuous improvement in the areas of Information Security technologies, techniques and processes Develops and maintains an effective system for the distribution of regular key performance indicator reports and dashboard Ability to interpret penetration test results and describe issues and fixes to non-security expert Responsible for leading an accurate & comprehensive status reporting to the executive steering committee Create and implement SOP/ process improvement initiatives to achieve outcomes that align or exceed the expectations of strategic roadmap Skills & Experience Bachelor's degree and 12+ years of experience; additional years of directly applicable experience may be accepted in lieu of a degree. Certified Information Systems Security Professional (CISSP) 8+ years hands-on experience designing or implementing security solutions, including all related documentation and artifacts Analytical ability, problem-solving skills, and ability to break down complex problems into actionable steps Extensive experience in design and development of enterprise security architectures. Experience must include a wide range of work in creating diagrams and documentation with all components that comprise IT systems including network topology. Strong knowledge and experience in secure enterprise architecture design, especially with regard to IAM, NDR, EDR, SIEM, AI/ML, and other cybersecurity tools and resultant applications Experience selecting effective methods, techniques, and evaluation criteria to achieve desired outcomes Previous experience developing architectures, strategies, strategic plans, roadmaps, and technical standards for the federal IT enterprise environment. Vulnerability Assessment testing and/or Penetration Testing (preferred) Robotic Process Automation/Intelligent Automation (preferred) Business case development supporting security technology solutions (preferred) Additional certifications demonstrating cybersecurity/technical mastery (preferred)

• Analyzes information security practices to ensure alignment with industry standards and guidelines. • Identifies, investigates, and resolves security breaches detected by security solutions. • Contributes to the creation and maintenance of security policies, standards, guidelines, and procedures. • Leads and delivers staff training on information security and breach prevention. What You Will Do: • Staying current on information security trends, news and security standards, especially those related to the healthcare industry • Participating in the development of security standards and best practices for the organization • Participating in the evaluation, design and implementation of new information security solutions to protect the organization's computer networks from cyber attacks • Assessing the efficacy of existing security measures and processes to ensure that these measures and processes meet Health Insurance Portability and Accountability Act (HIPAA) and Federal Information System Controls Audit Manual (FISCAM) security standards and making recommendations for improvement • Recommending security enhancements to management and senior ITS staff • Analyzing software and systems requirements and providing objective advice on the level of security risks and remediation options • Monitoring computer networks for security issues in order to reduce the risk of security incidents • Leading investigation of security breaches and other cyber security incidents in collaboration with the Information Security Manager and the infrastructure team • Documenting security breaches and assessing the damage caused • Collaborating with the infrastructure team to ensure security measures and software to protect systems and information infrastructure, including firewalls and data encryption programs, are up to date • Conducting system vulnerability audits and assessments on a proactive basis and collaborating with the infrastructure team to perform tests and uncover network vulnerabilities • Managing efforts with vendors on annual security audit, including pen testing • Assisting with developing and documenting preventive measures to ensure system security • Staying informed of best practices and new developments in the field, analyzing applicability, making related recommendations, and developing written documentation of adopted practices • Documenting computer security procedures, and tests • Assisting with the development of policies, procedures, standards, and guidelines related to information security • Developing information, training materials and presentations to educate the organization about information security management, data security, and prevention of breaches • Assisting staff with the installation and utilization of new security products and procedures • Conferring with staff regarding issues such as computer data access needs, security violations, and programming changes • Monitoring systems and providing frequent training to staff regarding how to detect and avoid phishing attempts • Reviewing any violations of security procedures and providing remedial training to staff, as needed • Performs other duties as assigned You Will Be Successful If: • In-depth knowledge of HIPAA and FISCAM security guidelines. • Strong understanding of firewalls, proxies, SIEM, antivirus, and IDPS concepts. • Proficiency with operating systems, virtualization, and security systems. • High proficiency in Windows-based PC systems and Microsoft Office Suite. • Working knowledge of penetration testing, patch management, and security frameworks (NIST, ISO 27001, COBIT). • Familiarity with project management principles and customer service practices. • Awareness of emerging security technologies such as AI, IoT, and blockchain. • Strong analytical, problem-solving, and decision-making skills. • Clear and concise writing and communication skills, with ability to present technical content to non-technical audiences. • Experience creating training materials and leading staff training. • Ability to manage multiple priorities, meet deadlines, and adapt to shifting needs. • Leadership ability to facilitate meetings, resolve issues, and guide staff. • Strong collaboration skills and diplomacy across teams and levels of the organization. • Willingness to respond to after-hours information security incidents. What You Will Bring: • Bachelor's degree in Information Technology, Cybersecurity, Computer Science, or a related field. • 8 years of professional level information technology experience • 3 years of experience performing information security functions in a health care environment (a Master?s degree may substitute for two years of the required experience); or an equivalent combination of education and experience may be qualifying • Experience working in the health care industry • Certification as a Certified Information Systems Security Professional (CISSP) issued by the International Information System Security Certification Consortium (ISC2), Certified Information Security Manager (CISM) issued by the Information Systems Audit and Control Association (ISACA), and/or Certified Ethical Hacker (CEH) issued by the Council of E-commerce Consultants (EC-Council), or equivalent

Our client seeking a Cyber Security Operations Analyst to support an operations team that supports a large government customer. The candidate will be relied upon to assist teammates and perform troubleshooting as needed. The candidate should excel in a fast-paced work environment and be willing to face new challenges. Qualifications • Proficiency with vulnerability scanning, remediation and reporting • Knowledge in web application scanning using various tools • Demonstrated proficiency with Windows, UNIX, & LINUX operating systems • Experience working in a customer service information technology environment • Network security and system security experience • Ability to discuss real world troubleshooting; problems and solutions encountered • Knowledge of IT security best practices, US federal government standards, regulations and policy (FedRamp, TIC, NIST 800-37rev1 & 800-53rev3) • Must be motivated and able to work independently • Proven project leadership (PowerPoint presenting, MS Project Planning) • Experience working with change implementation in a controlled environment • Excellent verbal, written communication and technical writing skills Bachelors Degree in Computer Science or a related technical discipline, or the equivalent combination of education, professional training or work experience. 2-5 years of related experience in data security administration. Experience using some of the following tools: o Nessus o Tenable Security Center o Netsparker o WebInspect o BurpSite Additional Information Work with blue Stone recruiting to find your next Cyber Security role. You can find us at ******************************* We look forward to speaking with you.

Mindlance is a national recruiting company which partners with many of the leading employers across the country. Feel free to check us out at ************************* Hope you are doing fine, Please have a look at the job description and if you are comfortable with the role and responsibilities please revert with your updated resume. Job title:- Threat Intelligence Analyst/Security Analyst Location:- San Francisco CA Duration:- 6- 12 Months Contract Responsibilities: • Differentiate, collect, and evaluate technical and open source data to produce threat intelligence products; • Identify credible, new intelligence and subject matter resources relative to current/emerging threats; • Analyze reports to understand threat campaign techniques and lateral movements and extract indicators of compromise (IOCs). • Manage and maintain threat intelligence platforms and feeds • Conduct research on emerging products, services, protocols, and standards relative to the information security arena Required Qualifications: • 3-5 year's experience performing threat i management operational activities, including threat intelligence gathering and analysis, and threat metrics development and reporting • Experience working with large/multi-national organizations • Demonstrated use of analytic tools and platforms • In-depth knowledge of information security threats Windows and Unix/Linux platforms • The demonstrated ability to work effectively in a collaborative team environment as an individual contributor. • The ability to provide support after normal business hours, as needed. Preferred Qualifications: • Direct experience with Threat intelligence Platform tools • Experience with developing threat intelligence briefings Additional Information Thanks & Regards, Vikrant Thakur ************

**Be visionary** Teledyne Technologies Incorporated provides enabling technologies for industrial growth markets that require advanced technology and high reliability. These markets include aerospace and defense, factory automation, air and water quality environmental monitoring, electronics design and development, oceanographic research, deepwater oil and gas exploration and production, medical imaging and pharmaceutical research. We are looking for individuals who thrive on making an impact and want the excitement of being on a team that wins. **Job Description** **Make an impact where security meets innovation.** At Teledyne RF & Microwave, we design and deliver advanced technologies that power aerospace, defense, and communications worldwide. Our team thrives on precision, collaboration, and a commitment to protecting critical systems. If you're passionate about cybersecurity and want to work for a trusted leader in high-tech solutions, this role is for you. **What you'll do** + Maintain the security posture of classified systems in line with approved policies + Verify implementation of security controls and keep documentation current + Manage system accounts and ensure proper authorization procedures + Conduct regular system assessments and report findings to the ISSM + Monitor audit logs and analyze user activity for compliance + Respond to security incidents and oversee recovery processes + Notify ISSM of system changes that impact authorization + Support hardware maintenance, backups, and virus updates + Train employees on internal security policies and assist with spill containment + Participate in configuration control activities when designated **What you need** + Strong problem-solving and organizational skills (required) + Ability to analyze security data and enforce compliance (required) + Excellent communication and teamwork skills (required) + U.S. citizenship and eligibility for security clearance (required) + Bachelor's degree in Information Systems or Security+ certification (required) + Experience with classified systems and security audits (advantage) + Familiarity with DAAPM and ITPSO policies (advantage) + Hands-on technical competence with system administration (advantage) **What we offer** + Competitive pay and comprehensive health benefits + 401(k) with company match and retirement plans + Paid time off and flexible work arrangements + Professional development and training opportunities + Employee wellness programs and assistance resources + A collaborative environment working on mission-critical technology **What happens next** Apply online through Teledyne's careers page. If your qualifications align, our team will contact you for interviews and guide you through the clearance process. _Teledyne is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status._ **Salary Range:** $61,600.00-$82,100.000 **Pay Transparency** The anticipated salary range listed for this role is only an estimate. Actual compensation for successful candidates is carefully determined based on several factors including, but not limited to, location, education/training, work experience, key skills, and type of position. Teledyne and all of our employees are committed to conducting business with the highest ethical standards. We require all employees to comply with all applicable laws, regulations, rules and regulatory orders. Our reputation for honesty, integrity and high ethics is as important to us as our reputation for making innovative sensing solutions. Teledyne is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age, or any other characteristic or non-merit based factor made unlawful by federal, state, or local laws. You may not realize it, but Teledyne enables many of the products and services you use every day **.** Teledyne provides enabling technologies to sense, transmit and analyze information for industrial growth markets, including aerospace and defense, factory automation, air and water quality environmental monitoring, electronics design and development, oceanographic research, energy, medical imaging and pharmaceutical research.

Job Description About us: Lucence is a pioneering precision oncology company with a bold vision: a world where cancer is defeated through early detection and timely treatment. Our cutting-edge liquid biopsy tests use advanced molecular profiling to guide personalized cancer therapies, transforming how cancer is diagnosed and treated. At Lucence, we are shaping the future of precision medicine by capturing both genetic and cellular data from a single blood draw, bringing us closer to our mission of overcoming cancer. We are looking for an Information Security & Compliance Manager to lead Lucence's SOC 2 compliance programmes. You will own our internal controls, audits, and security governance frameworks, ensuring the company meets the standards required for global diagnostics operations. Key Responsibilities Compliance Ownership Own SOC 2 Type I/II, and build on HIPAA and cybersecurity certification roadmaps. Maintain documentation, evidence repositories, and ongoing readiness. Internal Controls & Policies Build, refine, and enforce security policies, risk registers, and access-control processes. Audit Management Partner with external auditors, coordinate internal contributors, drive remediation plans, and ensure timely closure of findings. Vendor & Data Protection Reviews Conduct security due diligence for vendors, manage DPAs, and ensure data-flow compliance for global partners. Security Governance Implement quarterly control testing, internal audits, DR/BCP drills, and continuous monitoring of compliance gaps. Cross-Functional Partnering Work closely with external vendors, Informatics, IT, Lab Ops, and Commercial teams to embed security into product and operational workflows. Preferred Qualifications Experience owning SOC 2 or ISO audit cycles end-to-end. Familiarity with cloud environments (AWS/Azure/GCP) and modern security tooling. Attention to detail to improve policies, controls, and audit documentation. Certifications: ISO Lead Auditor, CISA, CISSP, or equivalent.

ABOUT THE ROLE You'll be our first dedicated security leader, owning the technical execution of our security and compliance program. You'll drive SOC 2 and PCI DSS compliance, manage our vulnerability program, and build security capabilities that enable our engineering teams to move fast while staying secure. This is a hands-on role-you'll design controls, write policies, respond to incidents, and work directly with auditors. This is initially an individual contributor role with high impact and visibility. As our security program matures, you'll have the opportunity to build and lead a security team. IN THIS ROLE, YOU WILL Own Compliance Lead SOC 2 Type II and PCI DSS programs through successful audit Design and implement security controls without blocking velocity Serve as primary technical contact for external auditors and assessors Manage third-party vendor security assessments and ongoing monitoring Build automated evidence collection and continuous compliance monitoring Report security metrics and program status to executive leadership Manage Security Operations Establish vulnerability management program with defined SLAs and remediation workflows Own end-to-end vulnerability management: identify, assess, prioritize, and drive remediation to completion across infrastructure and applications Manage external penetration testing program with third-party vendors, including scoping, assessment review, and remediation tracking Perform internal penetration testing and security assessments of applications, APIs, and infrastructure Build SIEM detection rules, security dashboards, and alert triage processes Develop and test incident response runbooks Conduct threat modeling for critical systems and architectural changes Lead security assessments of new technologies and third-party integrations Enable & Collaborate Partner with platform engineering to implement security roadmap: AWS landing zone design, PAM/JIT workflows, account segmentation, disaster recovery testing Enforce enterprise security controls (SSO, secrets management, RBAC) Build and deliver security awareness training program for all employees Develop and maintain security policies, standards, and procedures Translate compliance requirements into actionable engineering tasks and drive completion YOU HAVE Security & Compliance: 5+ years in information security, with 2+ years in fintech or highly regulated industry CISSP certification (or actively pursuing - must obtain within 12 months of hire) Hands-on experience leading SOC 2 and PCI DSS audits from start to finish Strong incident response background-you've led real security incidents Experience with vulnerability management platforms (Wiz, Snyk, Tenable) Technical Skills: Solid understanding of AWS security: IAM, Security Hub, GuardDuty, CloudTrail, KMS Experience with SIEM platforms (Splunk, Datadog, Elastic)-you can write detection rules and build dashboards Hands-on experience with vulnerability assessment and penetration testing tools (Burp Suite, Nessus, Qualys, or similar) Ability to read code (Ruby, JavaScript, Python) and assess security implications Knowledge of web application security, API security, and OWASP Top 10 Understanding of access control patterns (PAM, SSO, RBAC, least privilege) Core Competencies: Strong communication-you can explain risks to engineers and executives alike Pragmatic risk management in fast-paced environments Self-starter who builds programs from scratch Collaborative mindset-security as enabler, not blocker Ability to drive remediation to completion across teams NICE TO HAVE Additional certifications (CISM, CISA, CCSP, CEH, OSCP, CRISC) Experience managing WAF deployments (Palo Alto, Cloudflare, AWS WAF) Infrastructure-as-code experience (Pulumi, Terraform) Kubernetes security knowledge SOAR platform experience DevSecOps or security automation background Scripting skills (Python, Bash) for security tooling and automation Kikoff: A FinTech Unicorn Powering Financial Progress with AI At Kikoff, our mission is to provide radically affordable financial tools to help consumers achieve financial security. We're a profitable, high growth FinTech unicorn serving millions of people, many of whom are building credit or navigating life paycheck to paycheck. With innovative technology and AI, we simplify credit building, reduce debt, and expand access to financial opportunities to those who need them the most. Founded in 2019, Kikoff is headquartered in San Francisco and backed by top-tier VC investors and NBA star Stephen Curry. Why Kikoff: This is a consumer fintech startup, and you will be working with serial entrepreneurs who have built strong consumer brands and innovative products. We value extreme ownership, clear communication, a strong sense of craftsmanship, and the desire to create lasting work and work relationships. Yes, you can build an exciting business AND have real-life real-customer impact. 🏥 Medical, dental, and vision coverage - Kikoff covers the full cost of health insurance for the employee! 📈 Meaningful equity in the form of RSU's 🏝 Flexible vacation policy to help you recharge 💰 Competitive pay based on experience consisting of base + equity + benefits Location: Hybrid, 3 days onsite in San Francisco, CA. Visa sponsorship available: Kikoff is willing to provide sponsorship for H1-B visas and U.S. green cards for exceptional talent. Equal Employment Opportunity Statement Kikoff Inc. is an equal opportunity employer. We are committed to complying with all federal, state, and local laws providing equal employment opportunities and considers qualified applicants without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, marital status, pregnancy, sex, gender expression or identity, sexual orientation, citizenship, or any other legally protected class. Please reference the following for more information. If you need reasonable accommodation for a job opening please connect with us at ***************** and describe the specific accommodation requested for a disability-related limitation. Reasonable accommodations are modifications or adjustments to the application or hiring process that would enable you to fully participate in that process. San Francisco Fair Chance Ordinance: Pursuant to the San Francisco Fair Chance Ordinance, Kikoff will consider for employment qualified applicants with arrest and conviction records.

LinkedIn is the world's largest professional network, built to create economic opportunity for every member of the global workforce. Our products help people make powerful connections, discover exciting opportunities, build necessary skills, and gain valuable insights every day. We're also committed to providing transformational opportunities for our own employees by investing in their growth. We aspire to create a culture that's built on trust, care, inclusion, and fun - where everyone can succeed. Join us to transform the way the world works. Job Description At LinkedIn, our approach to flexible work is centered on trust and optimized for culture, connection, clarity, and the evolving needs of our business. This role may be remote or hybrid. At LinkedIn, hybrid roles are performed both from home and from a LinkedIn office on select days, as determined by the business needs of the team. Remote roles are performed from the designated home work location upon time of hire, and any changes to this home work location requires a review of remote status and approval. LinkedIn's members entrust us with their information every day and we take their security seriously. Our core value of putting our members first powers all the decisions we make, including how we manage and protect the data of our members and customers. We never stop working to ensure LinkedIn is secure. We follow industry standards and have developed our own best practices to stay ahead of the increasing number of threats facing all Internet services and infrastructure. LinkedIn is looking for an experienced Engineering Manager to lead the Detection Engineering team in the US and to be an integral part of our Information Security organization. The Detection Engineering team is responsible for developing and maintaining threat detection capabilities, security monitoring systems, and detection rules to protect our infrastructure, applications, and, most importantly, our members. This is a key role in supporting and growing our security detection and monitoring capabilities. Responsibilities: Leadership and Team Management Lead and manage the detection engineering team, including hiring, training, and mentoring team members. Develop and maintain detection engineering policies, procedures, infrastructure, and guidelines. Coordinate and oversee all activities of the detection engineering team during threat detection development and implementation. Detection Development and Management Serve as the primary point of contact for all threat detection development and enhancement initiatives. Ensure timely development, testing, and deployment of detection rules and monitoring capabilities. Conduct post-deployment analysis and create detailed reports on detection effectiveness with KPIs, including tuning recommendations and optimization strategies. Communication and Coordination Communicate detection development status, updates, metrics and reporting, and capabilities to senior management, stakeholders, and security teams regularly. Coordinate with internal and external teams, including security operations, defense infrastructure, incident response, and product engineering teams to develop and maintain effective detection capabilities. Develop and maintain an effective detection engineering communication plan. Continuous Improvement Continuously evaluate and improve detection engineering processes, tools, and capabilities. Conduct and report on regular detection testing and validation exercises to test and refine detection rules and monitoring systems. Stay current with emerging threats, attack techniques, and detection technologies to enhance the detection engineering program. Reporting and Documentation Maintain comprehensive documentation of all detection rules, including development rationale, testing results, and performance metrics. Prepare and present detection engineering reports and metrics to senior leadership and stakeholders. Ensure compliance with regulatory requirements and industry standards related to threat detection and monitoring. Training and Awareness Develop and deliver detection engineering training programs for team members and other relevant personnel. Promote security detection awareness and best practices across the organization. Ensure the detection engineering team is up-to-date with the latest tools, techniques, and procedures. Budget and Resource Management Manage the detection engineering budget and allocate resources effectively. Evaluate and recommend tools, technologies, and services to enhance the detection engineering program. Ensure the team has the necessary resources and support to perform their duties effectively. Qualifications Basic Qualifications: Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or related technical discipline, or equivalent practical experience. 1+ year(s) of management experience or 1+ year(s) of staff level engineering experience with management training. 7+ years of experience in cybersecurity, with a focus on detection engineering, security monitoring, threat intelligence, incident response, or related security roles. Experience leading or managing a cybersecurity, incident response, or detection engineering team. Experience in cybersecurity frameworks and standards (e.g., NIST, MITRE ATT&CK, OCSF). Experience in detection engineering tools and technologies (e.g., Query Languages, CI/CD, YARA, Sigma rules, threat intelligence platforms). Experience with threat analysis, detection rule development, automation engineering, and security monitoring optimization. Project management experience with managing budgets and resources. Preferred Qualifications: Master's degree in Cybersecurity, Information Assurance, or a related field. 10+ years of experience in cybersecurity, with significant experience in detection engineering, threat intelligence, or incident response. 3+ years of management experience in building small to medium-sized teams, demonstrating growth and a track record of successful deliveries. Ability to work under pressure and manage multiple detection development projects simultaneously as well as managing an oncall team. Relevant certifications (e.g., CISSP, CISM, GCIH, GCFA, SANS). Experience in developing and delivering detection engineering training and awareness programs. Strong proficiency in Kusto Query Language (KQL) and SQL. Proficiency in programming or scripting languages (e.g., Python, Go, etc.) for automating detection development and testing processes. Experience with cloud security and detection engineering in cloud environments especially Azure. Knowledge of advanced threat detection techniques, including threat hunting and behavioral analysis as well as applied threat intelligence. Familiarity with detection engineering frameworks and best practices (e.g., Sigma, YARA, STIX/TAXII, OCSF). Strong communication skills, both written and verbal, with the ability to convey complex technical information to non-technical stakeholders. Suggested Skills : Security Information and Event Management (SIEM) Query languages (KQL, SPL, SQL, Elastic, etc.) Detection Rule Development (YARA, Sigma) Scripting and Automation (e.g., Python, PowerShell, SQL) Threat Intelligence Integration Cloud Security (e.g., Azure, GCP) You will Benefit from our Culture We strongly believe in the well-being of our employees and their families. That is why we offer generous health and wellness programs and time away for employees of all levels. LinkedIn is committed to fair and equitable compensation practices. The pay range for this role is $152,000 - $248,000. Actual compensation packages are based on a wide array of factors unique to each candidate, including but not limited to skill set, years & depth of experience, certifications and specific office location. This may differ in other locations due to cost of labor considerations. The total compensation package for this position may also include annual performance bonus, stock, benefits and/or other applicable incentive compensation plans. For additional information, visit: ************************************** Additional Information Equal Opportunity Statement We seek candidates with a wide range of perspectives and backgrounds and we are proud to be an equal opportunity employer. LinkedIn considers qualified applicants without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, marital status, pregnancy, sex, gender expression or identity, sexual orientation, citizenship, or any other legally protected class. LinkedIn is committed to offering an inclusive and accessible experience for all job seekers, including individuals with disabilities. Our goal is to foster an inclusive and accessible workplace where everyone has the opportunity to be successful. If you need a reasonable accommodation to search for a job opening, apply for a position, or participate in the interview process, connect with us at [email protected] and describe the specific accommodation requested for a disability-related limitation. Reasonable accommodations are modifications or adjustments to the application or hiring process that would enable you to fully participate in that process. Examples of reasonable accommodations include but are not limited to: Documents in alternate formats or read aloud to you Having interviews in an accessible location Being accompanied by a service dog Having a sign language interpreter present for the interview A request for an accommodation will be responded to within three business days. However, non-disability related requests, such as following up on an application, will not receive a response. LinkedIn will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by LinkedIn, or (c) consistent with LinkedIn's legal duty to furnish information. San Francisco Fair Chance Ordinance Pursuant to the San Francisco Fair Chance Ordinance, LinkedIn will consider for employment qualified applicants with arrest and conviction records. Pay Transparency Policy Statement As a federal contractor, LinkedIn follows the Pay Transparency and non-discrimination provisions described at this link: ******************************** Global Data Privacy Notice for Job Candidates Please follow this link to access the document that provides transparency around the way in which LinkedIn handles personal data of employees and job applicants: ********************************************

We are seeking a Cybersecurity Risk Analyst to support managing and mitigating security risks across processes, technologies, and cloud environments. The ideal candidate will combine technical expertise, business acumen, and cybersecurity experience to advise partners, assess risks, and drive improvements in secure operations. This role requires hands on experience with Kusto Query Language (KQL), cloud security, and risk assessment, as well as the ability to communicate effectively with stakeholders at all levels. Must be local to San Francisco or Los Angeles (LA) or Salt Lake City (SLC). Responsibilities: Support risk strategies by identifying and mitigating security risks in bank systems and processes. Apply and interpret security policies, provide guidance and input on policy enhancements. Advise business and technical partners on security controls, procedures, and best practices. Assess cloud and on-prem environments to identify risks and recommend control improvements. Conduct security control assessments, document findings, and develop actionable remediation plans. Evaluate third-party vendors to determine shared security responsibilities and associated risks. Communicate security risks and mitigation strategies effectively to technical teams and executives. Collaborate across teams to drive secure operations and deliver results in a fast-paced environment. Qualifications: Bachelor's degree in Cybersecurity, Information Security, Computer Science, or related technical discipline (or equivalent experience). 3+ years of experience in cybersecurity, information security, or technology risk management. Proficiency in Kusto Query Language (KQL) for data analysis, log correlation, and threat detection. In-depth understanding of security frameworks such as NIST, ISO 27001, or FedRAMP. Demonstrated experience assessing and improving security posture across Cloud (Azure, AWS) and on-premises environments. Proven ability to conduct security control assessments, identify risk exposures, and develop actionable remediation plans. Skilled at translating technical security concepts into clear, business-relevant insights for stakeholders and executives. Excellent communication, collaboration, and interpersonal skills, with a focus on building trusted partnerships across technical and business teams. Strong organizational and analytical skills, with the ability to manage multiple initiatives in a fast-paced, results-driven environment.