Information security analyst jobs in Pleasanton, CA

Role: Cybersecurity Manager Duration: 6+ months Overview: The Cybersecurity Manager leads global cybersecurity operations, incident response, cloud security, and vulnerability management across IT, OT, and cloud environments. This role drives security maturity by overseeing Security Operations (SOC), continuous threat exposure management (CTES), and proactive risk reduction initiatives. The role ensures the organization's security posture aligns with enterprise risk, Zero Trust principles, and regulatory frameworks including ISO 27001, NIST, and ITAR. Key Responsibilities:Lead cybersecurity operations, including SOC oversight, threat detection, endpoint security, and continuous threat exposure monitoring across identity, endpoint, network, and cloud attack surfaces. Manage incident response for ransomware, APTs, insider threats, and major security events, leveraging threat intelligence, exposure context, and automation to prioritize response efforts. Oversee vulnerability, configuration, and exposure management programs using platforms such as Tenable, Automox, and CrowdStrike, ensuring remediation is risk-based and threat-informed. Strengthen cloud and identity security across Azure, Entra ID, and Microsoft 365, with a focus on reducing attack paths, misconfigurations, and identity-based exposures. Implement Zero Trust architecture, secure configuration baselines, and attack surface reduction strategies across enterprise environments. Support compliance efforts aligned with ISO 27001, NIST CSF / 800-53 / 800-171, ITAR, GDPR, HIPAA, and PCI, ensuring CTES practices support audit and risk requirements. Lead and mentor global cybersecurity teams, contractors, and MSSP partners, ensuring SOC, CTES, and IR functions operate as a unified security program. Provide executive-level reporting on risk posture, threat exposure trends, incidents, and security metrics, translating technical exposure into business risk. Requirements:10+ years of cybersecurity experience, including leadership of security operations, SOC, or enterprise security programs. Strong background in SOC operations, incident response, EDR/XDR, SIEM/SOAR, and continuous threat exposure or attack surface management. Hands-on experience with tools such as Microsoft Sentinel, XSOAR, CrowdStrike, Defender, and Tenable, with the ability to correlate exposure data, threat intelligence, and detection signals. Demonstrated experience implementing CTES / CTEM practices, including exposure prioritization, attack path analysis, and proactive risk reduction. Solid understanding of ISO 27001, NIST frameworks, ITAR, and enterprise regulatory environments. Strong communication skills with the ability to lead teams, influence stakeholders, and present exposure-driven risk insights to executives.

We are seeking a Cybersecurity Risk Analyst to support managing and mitigating security risks across processes, technologies, and cloud environments. The ideal candidate will combine technical expertise, business acumen, and cybersecurity experience to advise partners, assess risks, and drive improvements in secure operations. This role requires hands on experience with Kusto Query Language (KQL), cloud security, and risk assessment, as well as the ability to communicate effectively with stakeholders at all levels. Must be local to San Francisco or Los Angeles (LA) or Salt Lake City (SLC). Responsibilities: Support risk strategies by identifying and mitigating security risks in bank systems and processes. Apply and interpret security policies, provide guidance and input on policy enhancements. Advise business and technical partners on security controls, procedures, and best practices. Assess cloud and on-prem environments to identify risks and recommend control improvements. Conduct security control assessments, document findings, and develop actionable remediation plans. Evaluate third-party vendors to determine shared security responsibilities and associated risks. Communicate security risks and mitigation strategies effectively to technical teams and executives. Collaborate across teams to drive secure operations and deliver results in a fast-paced environment. Qualifications: Bachelor's degree in Cybersecurity, Information Security, Computer Science, or related technical discipline (or equivalent experience). 3+ years of experience in cybersecurity, information security, or technology risk management. Proficiency in Kusto Query Language (KQL) for data analysis, log correlation, and threat detection. In-depth understanding of security frameworks such as NIST, ISO 27001, or FedRAMP. Demonstrated experience assessing and improving security posture across Cloud (Azure, AWS) and on-premises environments. Proven ability to conduct security control assessments, identify risk exposures, and develop actionable remediation plans. Skilled at translating technical security concepts into clear, business-relevant insights for stakeholders and executives. Excellent communication, collaboration, and interpersonal skills, with a focus on building trusted partnerships across technical and business teams. Strong organizational and analytical skills, with the ability to manage multiple initiatives in a fast-paced, results-driven environment.

About the Company Atomus' mission is to provide world class cybersecurity for the world's most critical organizations. We build security compliance software delivered as managed services sold directly, with relevant professional services and support. Examples of our commercial customers include hypersonic aircraft companies, satellite and space mission systems companies, AI and software companies, among many other companies serving primarily the aerospace and defense industry. At Atomus we are hardworking, we move fast, and we put our customers first. About the Role As a Cybersecurity Engineer will work closely with customers to help them implement and fully leverage Atomus' cybersecurity products, maintain compliance with NIST 800-171 and CMMC cybersecurity standards, and solve technical challenges. Our customers depend on Atomus to manage and secure their Windows, MacOS, Ubuntu, iOS, Android devices, and Firewalls while ensuring compliance. We aim to provide the best possible support when they have questions. Our team's main goal is to simplify our customers' lives, for compliance and security. You will serve as the voice of the customer by sharing their feedback and insights with our product team and reporting any issues to our software engineers. We take pride in delivering amazing experiences for our customers. Responsibilities Manage and guide new customers through the onboarding process, ensuring proper setup, configuration, and alignment with their security programs and establishing baseline compliance requirements of NIST 800-171 and CMMC while performing technical tasks/project management required for onboardings. Serve as the first point of contact for technical inquiries, providing debugging, troubleshooting, and solutions for technical IT/security issues related to the Atomus platform. Work closely with internal teams (sales, product, engineering) along with partners/vendors for customer requirements to communicate customer feedback and advocate for customer needs in product development and rolling out 3rd party products. Assist customers in managing and maintaining NIST 800-171 and CMMC compliance requirements, ensuring IT documentation is updated and maintained. Required Skills Experience in a customer-facing technical role, IT administrator, solutions engineer, Technical Customer Success, or TAM role preferably in cybersecurity or compliance. Strong experience with cybersecurity frameworks and technologies (e.g., NIST, CMMC, firewalls, routers, encryption tools). Intermediate networking knowledge of WAN and LAN connectivity, routers, firewalls, switches, security, etc. Experience with Microsoft Intune, Active Directory, Windows, MacOS and ABM, as well as mobile platforms like Android and iOS. Advanced understanding of Microsoft products (Exchange, SharePoint, Windows, Windows Server, Active Directory, etc.). Familiarity with command-line tools (e.g., PowerShell, Terminal) for troubleshooting and deployment. Strong troubleshooting skills, particularly related to network security, software issues, and IT environments. Excellent verbal and written communication skills; ability to explain complex topics to both technical and non-technical audiences. Applicants must have strong emotional intelligence to intuit and match customer sentiment for effective communication. Preferred Skills Prior experience with NIST 800-171, CMMC, or other compliance standards. Ability to manage multiple customer accounts and onboarding projects simultaneously. Familiarity with CRM platforms (HubSpot), and compliance documentation tools while managing SLAs which include customer satisfaction, initial response, and issue resolution times.

Job Title: Security Engineer Department: IT Reports to: IT Manager Job Overview: The Security Engineer is responsible for designing, implementing, and managing the security infrastructure that protects our applications, data, and networks. This role plays a critical part in threat detection, risk mitigation, and the development of secure architectures while ensuring compliance with industry standards and regulatory requirements. Primary Responsibilities: Design, deploy, and manage security tools and technologies (e.g., firewalls, SIEM, IDS/IPS, endpoint protection). Monitor systems and networks for security events, investigate incidents, and lead remediation efforts. Perform threat modeling, risk assessments, and application security reviews. Conduct vulnerability assessments and penetration tests to identify and address security gaps. Develop, implement, and maintain security policies, standards, and procedures aligned with frameworks such as NIST, ISO 27001, SOC 2, and GDPR. Build and maintain secure cloud and infrastructure configurations (e.g., GCP, Oracle Cloud). Conduct code and architecture reviews with a focus on security best practices. Partner with DevOps, IT, and engineering teams to integrate security across the software development lifecycle (DevSecOps). Stay informed about emerging threats, vulnerabilities, and regulatory updates (e.g., ISO 27001, ITAR, CMMC 2.0). Deliver security awareness training to internal teams. Collaborate with compliance, legal, and business stakeholders to support audits and regulatory obligations. Qualifications: Bachelor's degree in Computer Science, Cybersecurity, or a related field. 5+ years of hands-on cybersecurity experience. Strong knowledge of security frameworks and protocols (e.g., NIST, ISO 27001, SOC 2, CIS). Expertise in network security, system hardening, and secure coding practices. Practical experience with SIEM, IDS/IPS, EDR, firewalls, and vulnerability management tools. Due to U.S. export control laws and regulations (ITAR), this position requires U.S. Person status. Preferred: Industry certifications such as CISSP, OSCP, or GIAC. Experience with security audits, penetration testing, or participation in red/blue team exercises. Strong communication skills with the ability to articulate complex security concepts to both technical and non-technical audiences. Experience in an Electronics Manufacturing environment is a plus.

The Endpoint Security Architect will be responsible for designing, assessing, and enhancing the organization's endpoint security posture across laptops, desktops, mobile devices, servers, and VMs. This role ensures alignment of endpoint operations, policies, and enforcement mechanisms with industry standards (NIST), organizational security policies, and regulatory requirements. The ideal candidate has deep experience with EDR/XDR, AV, MDM/Intune, device compliance, endpoint hardening, and integration with SIEM/SOAR/AD environments. Key Responsibilities: 1. Endpoint Security Architecture & Design Review and enhance endpoint architecture, including AV, EDR solutions. Evaluate endpoint configuration, control enforcement, coverage, and security baselines. Assess integration of endpoint platforms with SIEM, SOAR, Active Directory, Intune/MDM, and CMDB. Review architectural components, telemetry flow, and sensor deployment methodology. Validate data exchange between endpoint security tools and central monitoring systems. 2. Policy & Governance Ensure endpoint security operations align with organizational security policies. Review and update endpoint security policies aligned with NIST standards. Validate roles & responsibilities across IT, SecOps, and endpoint management teams. Evaluate policy coverage including patching, EDR/AV, device onboarding, and compliance. 3. Endpoint Operations & Integration Assess GPOs, MDM/Intune policies, device configuration profiles, and enforcement controls. Review endpoint discovery & profiling mechanisms to identify unmanaged/rogue devices. Validate tagging, categorization, and asset mapping across EDR platforms and CMDB. Check integration with NAC, SIEM, AD, vulnerability management, and patching tools. 4. Risk Management, Patching & Compliance Review patch management and vulnerability remediation processes across endpoints. Verify endpoint compliance monitoring, dashboards, and alerting workflows. Assess patching SLAs, automation processes, and compliance reporting. Skills & Qualifications Technical Skills Strong expertise in EDR/XDR platforms (e.g., CrowdStrike, Defender for Endpoint, Trellix, SentinelOne). Hands-on experience with Intune/MDM, SCCM, JAMF, or similar device management tools. Solid understanding of SIEM/SOAR platforms and AD integration. Strong knowledge of NIST CSF, NIST 800-53/171, CIS benchmarks, and endpoint hardening. Familiarity with NAC, vulnerability management, and patching tools (Tenable, Qualys, BigFix, etc.). Experience designing endpoint security architectures for large enterprises.

Help support the CISO at one of the world's largest venture capital firms, working at the intersection of cloud security, AI and cutting-edge technology. You'll be joining a lean and highly technical security team, where your impact will be immediate and visible. This role is balanced between seniority and technical depth. You'll be trusted to support and advise the CISO, contribute to strategic decisions and act a senior technical voice, while remaining deeply hands-on as a cloud security engineer. The environment is heavily cloud based, (primarily Azure, with some AWS) and increasingly focussed on AI platforms and MCP workloads. You'll work closely with AI development, data engineering and platform teams to ensure security is embedded. Ideally, you'll be coming from a similar role, operating in a senior position while remaining technical day-to-day, with coding in python, terraform or SQL. Whilst this role requires general security experience, you will need to have a background specifically in cloud security. This role is based in Menlo Park. Interested in finding out more? No up-to-date resume required.

Create the product vision, customer persona identification, product framework for IT's compliance practices including the scopes of SOX and GxP Our client is a public biopharmaceutical company that is regulated by different governmental agencies. It is important that IT operates in a manner that is consistent, accurate, and high quality so that they stay in compliance with GxP and SOX procedures, protocols and audits. This role collaborates with IT members, QA leadership, Finance/SOX leadership, to align plans and activities to achieve successful results for GxP and SOX. ESSENTIAL DUTIES/RESPONSIBILITIES: Manage our IT systems' SOX related Governance, Risk and Compliance (SAP-GRC) component, framework and operations to maintain high quality and transparent results. Collaborate and work closely with Finance teams to set expectation and align activities. Oversee the cyclical SOX evidence sample selection, collection, data analysis, corrective actions and actively participate with the internal and external audit processes Drive the SOX Segregation of Duty analysis and related actions Ensure that IT Product Owners and product teams operate their SOX procedures with exceptions Coordinate and collaborate with business partners (e.g. Finance SOX Operations, Corporate Quality Assurance) to set priorities and directions to achieve reliable and optimal results for accurate and quality operations with successful compliance results. Represent IT's philosophy and operational requirements to our business partners Experience: Minimum of 5 years of experience with SOX compliance. Minimum of 3 years of experience managing SAP-GRC, ITGC, and SOX Experience leading IT GxP compliance practices Experience with operating and testing SOX controls a plus (in accordance with Governance Risk Compliance framework). Knowledge, Skills and Abilities: General knowledge of the Sarbanes-Oxley Act and the application to IT General knowledge of SOX IT controls and the operations and execution of SOX IT Controls Advance skills and abilities managing consultants and Managed Service Providers Comprehensive experience with IT development lifecycle and support methodologies Comprehensive experience with project management The salary range provided for this contract role represents our good faith estimate for this position. Within the range, individual offers will vary based on the selected candidate's experience, industry knowledge, technical and communication skills, location and other factors that may prove relevant during the interview process (W2 or C2C). In addition to compensation, the company provides eligible W2 employees with a comprehensive and highly competitive benefits package. I.T. Solutions, Inc. provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.

In this role, you will drive the evolution of our infrastructure and security posture. You will have substantial ownership over our technology choices and implementation for deployment, observability, storage, and security. You will identify, triage, and implement incremental improvements in all of these domains, working closely with backend engineers and internal and external auditors to develop appropriately scoped interventions. You will work with engineers to ensure that security considerations are baked into software development from the outset. You should have a broad understanding of modern best practices around cloud architecture, data governance and infrastructure as code. You should approach questions of infrastructure and security risk with a sense of nuance and good judgment. You should be able to build consensus around your threat models such that the necessary consequences seem natural to other stakeholders. In this role, you will need to be fluent in Python and Terraform (at least to start). Company & Funding We're building the world's largest long-term insurer, using digital money and AI to serve billions of people profitably. We want anyone, anywhere, to be able to save for their future, protect their family, and build wealth across generations. We face a once-in-a-century opportunity to build a vertically integrated life (re)insurer. Our product offerings are globally unique, making it possible for us to scale our balance sheet, build modern systems from scratch, and then directly compete to win a market that is 3% of global GDP. We've raised over $140M to date. Sam Altman and Lachy Groom led our initial raise, and they've since been joined by leading investors in AI, insurance, and Bitcoin, including Northwestern Mutual, Apollo, Bain Capital, Pantera, Haun, Framework, Fulgur Ventures, MS&AD, Mouro, Stillmark, and Wences Casares. Our Bermuda operating subsidiary holds the the world's only license to issue life insurance denominated entirely in Bitcoin. It's also the only company in the world with audited financials stated in Bitcoin. (If you join us, you can expect to do a lot of things no one's ever done before.) Engineering at Meanwhile With the advent of ubiquitous AI tooling, the dynamic range in individual engineering effectiveness is only widening. At Meanwhile, we're planning for a world in which small, tight-knit engineering teams (supported by a small, tight-knit platform team) own entire lines of business, and are compensated accordingly. We're attacking a huge market with the leanest, most effective team in insurance. Where incumbents employ a thousand people, we think we can make it work with a hundred or a dozen. We're looking for hungry ICs (and former managers who see the writing on the wall) interested in pushing the boundaries of engineering productivity in a vertically integrated, regulated organization. We're growing quickly. You will fix million-dollar bugs. On the business side, we hire for deep domain expertise, ambition, and the creativity to figure out the previously impossible. Because our engineers work closely with people from the business, they need curiosity, flexibility, an appetite for (and the ability to digest) complex context, and strong communication skills. Our view is that ownership is taken, not given. You will be successful here if your work progressively builds others' trust in your ability to identify, attack, and solve larger and larger problems, including those that no one else has anticipated. We believe that "code wins arguments," that prototyping is often the best first step in a design process, and that the impact of velocity is non-linear. You are excited by putting up multiple meaningful changes, or writing thousands of lines of code, in a day (even though you know that deleting lines of code is more exciting than writing them, and that, occasionally, deep reflection is required in order to ship anything). You aren't fazed by building systems that don't work out - sometimes, you have to throw code away. Intellectual honesty is non-negotiable. You love to learn and to teach, to ask questions and to answer them, and to be transparent about your uncertainty. You are eager to learn, with the rest of the team, how to work with AI tools, including agents, in order to move faster and ship better, more complete versions of your ideas. You will experiment with new ways of working, with the expectation that some of them will be unsuccessful, and you will teach others what works. This is the most exciting time in decades to be a competent, technically ambitious engineer. We want to offer you the opportunity to see what's really possible and how much better you can get at your craft.

About Company, Droisys is an innovation technology company focused on helping companies accelerate their digital initiatives from strategy and planning through execution. We leverage deep technical expertise, Agile methodologies, and data-driven intelligence to modernize systems of engagement and simplify human/tech interaction. Amazing things happen when we work in environments where everyone feels a true sense of belonging and when candidates have the requisite skills and opportunities to succeed. At Droisys, we invest in our talent and support career growth, and we are always on the lookout for amazing talent who can contribute to our growth by delivering top results for our clients. Join us to challenge yourself and accomplish work that matters. We're hiring Senior Backend Engineer - Cloud Security in Sunnyvale, CA What You Will Do Build containerized microservices and related components for a multi-tenant, distributed system that ingests and processes real-time cloud events, system telemetry, and network data across major cloud platforms. Your work will enable customers to detect risks and strengthen their cloud security posture. Mentor junior engineers, interns, and new graduates, helping them develop strong technical skills and become effective contributors. Write production-quality software primarily in Java using Spring Boot, and work extensively with Kafka, SQL, and other data interfaces. Work within a Kubernetes-based service infrastructure, while learning new technologies as needed. Take ownership of major features and subsystems through the entire development lifecycle-requirements, design, implementation, deployment, and customer adoption. Participate in operational responsibilities, gaining firsthand experience with real-world performance, reliability, and support scenarios-informing how you design and build better systems. Prioritize quality at every stage, performing thorough developer testing, functional validation, integration checks, and performance testing to ensure highly resilient systems. Collaborate closely with Product Management to review, refine, and finalize requirements. Develop a deep understanding of customer needs by engaging with peers, stakeholders, and real-world use cases. What You Bring Bachelor's degree in computer science or similar (Master's preferred). 5+ years of experience building scalable, distributed systems. Passion for software engineering, continuous learning, and working in a collaborative environment. Hands-on experience with AWS, Azure, or GCP, with strong familiarity at the API/programming level. Experience with networking and/or security concepts is a plus. Experience developing containerized services on Kubernetes is strongly desired. Strong programming experience in Java/Spring Boot or Golang. Experience building or using REST APIs. Knowledge of infrastructure-as-code tools such as CloudFormation, Terraform, or Ansible is a plus. Understanding of TCP/IP networking fundamentals. Experience developing in Unix/Linux environments. Droisys is an equal opportunity employer. We do not discriminate based on race, religion, color, national origin, gender, gender expression, sexual orientation, age, marital status, veteran status, disability status or any other characteristic protected by law. Droisys believes in diversity, inclusion, and belonging, and we are committed to fostering a diverse work environment

Security Architect / Implementation Engineer Duration: 6 Months contract with possibility of extension We are seeking a highly skilled Security Architect / Security Implementation Engineer with expertise in designing, implementing, and integrating Google Cloud Security Command Center (SCC), Chronicle SIEM, and Cybereason XDR. The candidate will be responsible for architecting the end-to-end solution, implementing GCP native security controls, integrating third-party security tools, and producing detailed design and operational documentation. Key Responsibilities: Design and architect cloud-native security controls in GCP aligned with security and compliance frameworks (CIS, ISO 27001, NIST, etc.). Implement Google Security Command Center (SCC) for threat detection, vulnerability management, and risk insights. Architect and configure Chronicle SIEM for log ingestion, correlation, and advanced threat analytics. Integrate Cybereason XDR with SCC, Chronicle, and other security tools to establish end-to-end threat detection and response workflows. Define use cases, rules, policies, and security playbooks to automate detection and response. Document the solution architecture, design decisions, configuration standards, and integration workflows. Conduct knowledge transfer sessions with security operations and support teams. Collaborate with GCP Cloud Platform teams, SOC teams, and compliance teams to align solutions with enterprise policies. Required Skills & Experience: 8-12 years of overall IT security experience with at least 4-5 years in Google Cloud Security. Proven experience with Google Security Command Center (SCC), Chronicle SIEM, and XDR platforms (Cybereason preferred). Strong knowledge of GCP IAM, VPC Service Controls, Cloud Armor, DLP, Cloud Logging, Cloud Monitoring. Hands-on experience in integrating SIEM, XDR, and native GCP security tools. Experience with Terraform, Deployment Manager, or automation frameworks for security deployment. Strong documentation and presentation skills. Security certifications preferred: Google Professional Cloud Security Engineer, GCP Professional Architect, CISSP, CISM, CCSP.

Team Intro The Access Assurance vertical within USDS Data Identity and Access Management (DIAM) Team is responsible for designing and maintaining an access management program with a mission to enforce the principle of least privilege. We strive to establish secure and compliant processes around provisioning, deprovisioning and governance of access to USDS data and infrastructure proactively identifying and reducing risks. Job Overview: As an Access Assurance Analyst, you will be part of the team responsible for Access Assurance within TikTok USDS. You will be responsible for supporting the team along with a team of cross-functional cyber, privacy, engineering, and data protection analysts to define, implement, manage, and measure controls to protect data in accordance with USDS policies and standards relevant to geographical regulations, contractual commitments, and confidentiality requirements. The Access Assurance Analyst will play a pivotal role in operationalization of access management programs in USDS. In order to enhance collaboration and cross-functional partnerships, among other things, at this time, our organization follows a hybrid work schedule that requires employees to work in the office 3 days a week, or as directed by their manager/department. We regularly review our hybrid work model, and the specific requirements may change at any time. Responsibilities: * Design access management program that addresses data residency and fine-grained role-based access requirements and controls as necessitated by business need and regulations * Assist in the development and implementation of Access governance frameworks, policies, and procedures. * Build and review technical and functional requirements for in-house or external technologies to support access management and assurance needs, including applying appropriate security measures * Operationalize access management workflows to improve efficiency * Support periodic reviews of access to USDS data and systems * Drive remediation of non-compliant access in a timely fashion * Implement and enforce mechanisms to proactively monitor, respond and report on inappropriate data access events * Work with other information security teams to classify and categorize data based on sensitivity and compliance requirements * Support interactions with Risk and Compliance to understand control requirements and provide information to support findings for non-compliance with internal security policies * Responsible for designing and reporting key metrics and visualizations for weekly, monthly and bimonthly cadences across multiple audiences * Participate in security reviews to ensure compliance with access governance policies. * Foster a principle of least privilege for access management * Collaborate with key stakeholders to ensure alignment of access governance initiatives with organizational goals.Minimum Qualifications: * Bachelor's degree in a related field (e.g., Information Management, Computer Science, Business Analytics, Cyber Security) * 5+ years of experience in identity and access management or access governance & 5+ years of experience working with IAM tools and strong knowledge of Access management concepts (RBAC, PAM, Access Reviews, SOD, LCM, provisioning and deprovisioning of Access) * Experience in designing/deploying Access management solutions, Experience analyzing large data sets across multiple database types (e.g., MySQL, Hive, Redis etc) leveraging SQL etc., Experience with industry frameworks, standards and regulations (e.g. ISO, NIST) * Ability to write scripts, develop automations, configure tools, work with APIs and databases while being Proficient in at least one software programming language (Python,Java,Ruby etc) along with Familiarity with Cloud-based technology deployments * Demonstrate ability to quickly assimilate to new knowledge and remain current on new developments in cybersecurity capabilities and industry knowledge * Strong analytical and problem-solving skills with the Ability to communicate technical concepts to a broad range of technical and non-technical staff * Comfortable working in a fast-paced, dynamic environment Preferred Qualifications: * Strong understanding of technology environments and various databases * Experience working with technology partners to validate data-related problems * Experience working with Microservices architecture * Experience in automating access management workflows to reduce operational overhead * Experience with risk and controls frameworks including (ISO 27001, NIST CSF, NIST RMF, FAIR, COBIT, NIST RMF, ISO 31000 etc.)

Job Description Forhyre is seeking a talented individual that will be able to provide security architecture support and interface across the program as needed. This support includes, but is not limited to, cybersecurity solutions, providing technical strategy for solutions, guidance, policy, and implementations. The successful candidate for this position is a highly motivated individual, with a strong IT security background who excels integrating, operating, and deploying security technology and solutions and interacts well with both internal teams and clients. Note: U.S. citizens and those authorized to work in the U.S. are encouraged to apply. We are unable to sponsor at this time. Responsibilities: Engineer, implement and monitor security measures for the protection of computer systems, networks and information Develop and implement security policies and controls to support the Cyber Security framework Manage the existing cyber security training program across global, multilingual business Assists in ensuring global Information security program meets all industry regulations, standards, and compliance requirements Drive adoption of infrastructure security best practices and work with Information Technology teams to ensure security standards are maintained Implement technology to proactively scan Information Technology environment for security breaches and suspicious activity Continuous improvement in the areas of Information Security technologies, techniques and processes Develops and maintains an effective system for the distribution of regular key performance indicator reports and dashboard Ability to interpret penetration test results and describe issues and fixes to non-security expert Responsible for leading an accurate & comprehensive status reporting to the executive steering committee Create and implement SOP/ process improvement initiatives to achieve outcomes that align or exceed the expectations of strategic roadmap Skills & Experience Bachelor's degree and 12+ years of experience; additional years of directly applicable experience may be accepted in lieu of a degree. Certified Information Systems Security Professional (CISSP) 8+ years hands-on experience designing or implementing security solutions, including all related documentation and artifacts Analytical ability, problem-solving skills, and ability to break down complex problems into actionable steps Extensive experience in design and development of enterprise security architectures. Experience must include a wide range of work in creating diagrams and documentation with all components that comprise IT systems including network topology. Strong knowledge and experience in secure enterprise architecture design, especially with regard to IAM, NDR, EDR, SIEM, AI/ML, and other cybersecurity tools and resultant applications Experience selecting effective methods, techniques, and evaluation criteria to achieve desired outcomes Previous experience developing architectures, strategies, strategic plans, roadmaps, and technical standards for the federal IT enterprise environment. Vulnerability Assessment testing and/or Penetration Testing (preferred) Robotic Process Automation/Intelligent Automation (preferred) Business case development supporting security technology solutions (preferred) Additional certifications demonstrating cybersecurity/technical mastery (preferred)

• Analyzes information security practices to ensure alignment with industry standards and guidelines. • Identifies, investigates, and resolves security breaches detected by security solutions. • Contributes to the creation and maintenance of security policies, standards, guidelines, and procedures. • Leads and delivers staff training on information security and breach prevention. What You Will Do: • Staying current on information security trends, news and security standards, especially those related to the healthcare industry • Participating in the development of security standards and best practices for the organization • Participating in the evaluation, design and implementation of new information security solutions to protect the organization's computer networks from cyber attacks • Assessing the efficacy of existing security measures and processes to ensure that these measures and processes meet Health Insurance Portability and Accountability Act (HIPAA) and Federal Information System Controls Audit Manual (FISCAM) security standards and making recommendations for improvement • Recommending security enhancements to management and senior ITS staff • Analyzing software and systems requirements and providing objective advice on the level of security risks and remediation options • Monitoring computer networks for security issues in order to reduce the risk of security incidents • Leading investigation of security breaches and other cyber security incidents in collaboration with the Information Security Manager and the infrastructure team • Documenting security breaches and assessing the damage caused • Collaborating with the infrastructure team to ensure security measures and software to protect systems and information infrastructure, including firewalls and data encryption programs, are up to date • Conducting system vulnerability audits and assessments on a proactive basis and collaborating with the infrastructure team to perform tests and uncover network vulnerabilities • Managing efforts with vendors on annual security audit, including pen testing • Assisting with developing and documenting preventive measures to ensure system security • Staying informed of best practices and new developments in the field, analyzing applicability, making related recommendations, and developing written documentation of adopted practices • Documenting computer security procedures, and tests • Assisting with the development of policies, procedures, standards, and guidelines related to information security • Developing information, training materials and presentations to educate the organization about information security management, data security, and prevention of breaches • Assisting staff with the installation and utilization of new security products and procedures • Conferring with staff regarding issues such as computer data access needs, security violations, and programming changes • Monitoring systems and providing frequent training to staff regarding how to detect and avoid phishing attempts • Reviewing any violations of security procedures and providing remedial training to staff, as needed • Performs other duties as assigned You Will Be Successful If: • In-depth knowledge of HIPAA and FISCAM security guidelines. • Strong understanding of firewalls, proxies, SIEM, antivirus, and IDPS concepts. • Proficiency with operating systems, virtualization, and security systems. • High proficiency in Windows-based PC systems and Microsoft Office Suite. • Working knowledge of penetration testing, patch management, and security frameworks (NIST, ISO 27001, COBIT). • Familiarity with project management principles and customer service practices. • Awareness of emerging security technologies such as AI, IoT, and blockchain. • Strong analytical, problem-solving, and decision-making skills. • Clear and concise writing and communication skills, with ability to present technical content to non-technical audiences. • Experience creating training materials and leading staff training. • Ability to manage multiple priorities, meet deadlines, and adapt to shifting needs. • Leadership ability to facilitate meetings, resolve issues, and guide staff. • Strong collaboration skills and diplomacy across teams and levels of the organization. • Willingness to respond to after-hours information security incidents. What You Will Bring: • Bachelor's degree in Information Technology, Cybersecurity, Computer Science, or a related field. • 8 years of professional level information technology experience • 3 years of experience performing information security functions in a health care environment (a Master?s degree may substitute for two years of the required experience); or an equivalent combination of education and experience may be qualifying • Experience working in the health care industry • Certification as a Certified Information Systems Security Professional (CISSP) issued by the International Information System Security Certification Consortium (ISC2), Certified Information Security Manager (CISM) issued by the Information Systems Audit and Control Association (ISACA), and/or Certified Ethical Hacker (CEH) issued by the Council of E-commerce Consultants (EC-Council), or equivalent

blue Stone Recruiting is a national search firm with a focus of placing top Cyber Security talent from the Analyst level to CISO with prestigious organizations nationwide Job Description Our client seeking a Cyber Security Operations Analyst to support an operations team that supports a large government customer. The candidate will be relied upon to assist teammates and perform troubleshooting as needed. The candidate should excel in a fast-paced work environment and be willing to face new challenges. Qualifications • Proficiency with vulnerability scanning, remediation and reporting • Knowledge in web application scanning using various tools • Demonstrated proficiency with Windows, UNIX, & LINUX operating systems • Experience working in a customer service information technology environment • Network security and system security experience • Ability to discuss real world troubleshooting; problems and solutions encountered • Knowledge of IT security best practices, US federal government standards, regulations and policy (FedRamp, TIC, NIST 800-37rev1 & 800-53rev3) • Must be motivated and able to work independently • Proven project leadership (PowerPoint presenting, MS Project Planning) • Experience working with change implementation in a controlled environment • Excellent verbal, written communication and technical writing skills Bachelors Degree in Computer Science or a related technical discipline, or the equivalent combination of education, professional training or work experience. 2-5 years of related experience in data security administration. Experience using some of the following tools: o Nessus o Tenable Security Center o Netsparker o WebInspect o BurpSite Additional InformationWork with blue Stone recruiting to find your next Cyber Security role. You can find us at ******************************* We look forward to speaking with you.

Opportunity Type CLASSIFIED EMPLOYMENT OPPORTUNITY Position Title INFORMATION SECURITY ANALYST Posting Number S2549 Close/First Review Date 11/16/2025 Department ITSS (Information Technology Support Services) Work Location District Office Position Status Full Time Salary Range $141,330 - $172,437 Annual Salary (Range 150: Classified Salary Schedule Fiscal Year 2025-2026). Starting placement is generally at Step 1. Benefits Summary In addition to the salary, this position qualifies for the choice of one of the District's excellent Health Benefits and Welfare plans, which the premium cost is 100% paid by the District for the employee and their eligible dependents, and one health plan costing an estimated $60,000 for the District for fiscal year 2025-2026. We offer two medical plans (Anthem Blue Cross [PPO] and Kaiser Permanente (HMO]); dental (Delta Dental PPO); vision (VSP Choice); life insurance for the employee (The Hartford); life insurance for eligible dependents (The Hartford); a long term disability/income protection plan (The Hartford); and an employee assistance plan (Anthem EAP). In addition, the District contributes an additional 26.81% of the employee's salary towards an eligible employee's pension (CalPERS). Employees may also elect to participate in optional plans including purchasing additional life insurance for themselves and their eligible dependent(s); enroll in a medical, transportation, and/or dependent care Flexible Spending Account(s) (with the $4 monthly administrative fee paid by the District); and set pre-taxed dollars aside to supplement their pension in a 403b (tax shelter annuity) and/or a 457 (deferred compensation) plan(s). Classified employees also earn 10 to 22 days per year of vacation (based on years of service), and up to 12 sick leave days (pro-rated for less than full-time positions). There are currently 20 paid holidays. Position Description POSITION SUMMARY The Information Security Analyst reports to Executive Director of ITSS (Information Technology Support Services) at the District Office. The work schedule is 12 months per year; 40 hours per week; Monday - Friday; 8:00 a.m. - 5:00 p.m. This position is represented by CSEA (California School Employees Association), Chapter 363. POSITION PURPOSE Reporting to Executive Director, ITSS or an assigned administrator, the Information Security Analyst performs complex work related to the District's information security program including testing, analysis and evaluation of the integrity and confidentiality of enterprise systems, network, assets and communication technology throughout the District. The position monitors security systems and conducts periodic risk assessments to identify, troubleshoot, diagnose, resolve and report security problems and breaches; assists in coordinating and conducting investigations involving District technology resources, and assists with security awareness training. DISTINGUISHING CHARACTERISTICS This position focuses on threat and vulnerability management with exposure and support on all aspects of the cybersecurity practice. Incumbent in this position should have advanced knowledge on risk identification, protection and compliance, threat detection, incident response plan development and annual review, and recovery services to achieve business resilience. KEY DUTIES AND RESPONSIBILITIES 1. Analyze, evaluate and implement security applications, policies, standards and procedures intended to prevent the unauthorized use, disclosure, modification, loss or destruction of data; work with the campus community and other staff to ensure the integrity and security of the information technology infrastructure. 2. Lead the development, testing and implementation of information security products and control techniques in all locations throughout the District. 3. Work with campus and district technology teams to ensure the security of all applications and assets. 4. Monitor and review security systems and logs. Identify, troubleshoot, diagnose, resolve, document and report security problems and incidents; help coordinate and conduct investigations of suspected breaches; respond to emergency information security situations. 5. Collaborate with application programming team and other IT staff to ensure production applications meet established security policies and standards. 6. Assist with training and education on information security and privacy awareness topics for District administrators, faculty and staff; assist in the development of appropriate security-incident notification procedures for District management. 7. Work with vendors to conduct vulnerability assessments to identify existing or potential electronic data and assets compromises and their sources; participate in investigative matters with appropriate law enforcement agencies. 8. Perform audits and periodic inspections of District information systems to ensure security measures are functioning and effectively utilized and recommend appropriate remedial measures to eliminate or mitigate future system compromises. 9. Review, evaluate, and recommend software products related to IT systems security, such as virus scanning and repair, encryption, firewalls, internet filtering and monitoring, intrusion detection, etc. 10. Monitor and maintain the District's security event information system (SEIM) and data loss prevention software. 11. Manage security systems and policies including but not limited to servers, firewalls, email security, and Microsoft 365 environment. 12. Recommend and implement security policies, protocols, practices and lead in creation of security training and guidance to staff. 13. Assist in the secure management and maintenance of the District's network authentication systems for wired and wireless network access. 14. Review security practices and controls of third-party service providers that handle District sensitive data, and review security controls and features of third-party software systems. 15. Ensure that maintenance, configuration, repair and patching of systems occurs on a scheduled and timely basis utilizing best practices in change management and consistent with policies and procedures. 16. Keep current with latest emerging security issues and threats through list servers, blogs, newsletters, conferences, user groups, and networking and collaboration with peers in other institutions. 17. Perform other duties reasonably related to the job classification. EMPLOYMENT STANDARD Knowledge of: 1. Compliance and industry cybersecurity standards frameworks such as NIST 800 and ISO standards. 2. Emerging technologies and the possible impact on existing information systems, instructional processes and business operations. 3. Incident response best practices and software license compliance laws. 4. Troubleshooting tools for computing hardware, servers and network equipment including but not limited to switches, routers, and firewalls. 5. Enterprise resource planning systems, Microsoft 365 and Active Directory and Azure Active Directory. 6. Principles of program design, coding, testing and implementation. 7. Advanced knowledge of desktop and server operating systems including Windows and Linux. 8. Disaster recovery and backup including business continuity planning. 9. Principles of training, support, and services to end-users. 10. General research techniques and data driven analytics. 11. Modern office administrative practices and use of tools including computers, websites and other applications related to this job. Skills and Ability to: 1. Apply current NIST and ISO standards to current operations. 2. Respond to incidents and events in a timely manner. 3. Prepare clear and concise system documentation and reports. 4. Prioritize assigned tasks and projects. 5. Communicate complicated technical issues and the risks they pose to stakeholders and management. 6. Establish and maintain effective and cooperative working relationships with others. 7. Analyze situations accurately and adopt effective course of action. 8. Coordinate, develop, and implement projects. 9. Work with attention to detail and independently with minimum supervision. Required Qualifications EDUCATION AND EXPERIENCE 1. A Bachelor's degree from an accredited institution with major course work in computer information systems, computer science, business administration, or related field. 2. Two years of experience performing information security duties, which may include implementing, overseeing, and/or managing information security technologies, process, or programs, including identification, protection, detection, response, and recovery activities. Certification: 1. Professional security or privacy certification, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or other similar credentials. District's Diversity * Demonstrated sensitivity, knowledge and understanding of the diverse academic, socioeconomic, gender identity, sexual orientation, cultural, disability, and ethnic background of groups historically underrepresented, and groups who may have experienced discrimination. * Success integrating diversity as appropriate into the major duties outlined in the job description and in the duties listed in the District's hiring policy; or demonstrated equivalent transferable skills to do so. Desired Qualifications 1. Bilingual abilities, desirable. Foreign Degree For positions that require a degree or coursework: Degree(s) must have been awarded by a college or university accredited by an accrediting body recognized by the U.S. Council on Post-Secondary Accreditation and/or the U.S. Department of Education. All degrees and credits earned outside of the United States must have a U.S. evaluation (course by course) of the transcripts and must be submitted with the application. Degrees earned outside of the U.S. without a U.S. credential evaluation attached, will not be considered. Working Environment Physical Demands: 1. Must sit for long periods of time, use hands and fingers to operate an electronic keyboard, reach with hands and arms, and speak clearly and distinctly to ask questions and provide information, hear and understand voices over telephone and in person. 2. The physical demands described here are representative of those that must be met by an individual to successfully perform the essential functions of this job. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions. About San Jose/Evergreen Community College District The District is represented by dedicated and talented employees who are passionate about providing our student population with the best educational experience possible. The District recognizes that cultural diversity in the academic environment promotes academic excellence; fosters cultural, racial and human understanding; provides positive roles models for all students, and creates an inclusive and supportive educational and work environment for its employees, students, and the community it serves. As of Spring 2024, with enrollment of approximately 15,655 students per semester, and an extremely diverse student population (Hispanic/Latino 45.20%, Black/African-American 3.45%, Asian/Pacific Islander 31.70%, American Indian/Native American 0.36%, White/Caucasian 12.76%) attaining educational goals reflecting 56% - Transfer to a 4-Year College/ University, the District's emphasis on student success makes it a recognized educational leader in the State. The District encourages a diverse pool of applicants to serve as colleagues to an existing diverse classified staff consisting of 43.9% Latinx, 25.3% Asian/Pacific Islander, 4.2% Black/African American, 0.3% American Indian/Native American, 17.9% White/Caucasian, and as well as encouraging applications from all qualified, outstanding applicants. Important Information EQUAL OPPORTUNITY EMPLOYER STATEMENT: San José-Evergreen Community College District is an Equal Opportunity Employer committed to nondiscrimination on the basis of ethnic group identification, race, color, language, accent, immigration status, ancestry, national origin, age, gender, gender identity, religion, sexual orientation, transgender, marital status, veteran status, medical condition, and physical or mental disability consistent with applicable federal and state laws. CONTACT: Employment Services, Human Resources, SJECCD 40 S. Market Street, San Jose, CA 95113 Phone: ************** Email: ******************************* Employment Website: ****************************** District Website: ************** APPLICATION PROCEDURES: Interested applicants MUST SUBMIT ONLINE ALL of the following materials by the First Review Date/Closing Date as listed on the job announcement. Applications received after the First Review Date will only be forwarded to the hiring committee at their request. 1. A completed online San José-Evergreen Community College District APPLICATION. 2. A COVER LETTER (Stating how you feel you meet the qualifications as outline in the job announcement). 3. A current RESUME/CURRICULUM VITAE 4. TRANSCRIPT - (If Required) If a degree is listed as a requirement, transcripts (Not Diplomas) MUST INCLUDE confer or award date of stated degree. Unofficial transcripts will be accepted; however if the position is offered, official transcripts will be required prior to employment. If the transcripts or degrees are from outside of the United States, an official certification of equivalency to U.S. degrees by a certified U.S. credential review service (course by course of the transcripts) MUST also be submitted. (See below for a list of suggested services that provide foreign degree equivalency evaluation to U.S. degrees). Note: Some positions may require additional documents and/or certificates, in addition to the items listed above. Please refer to the job announcement. OTHER APPLICANT INFORMATION: 1. Only complete application materials will be considered. No exceptions. 2. Letters of Recommendation are NOT required and will not be forwarded to the hiring committee. 3. Upon hire the successful candidate must provide the required documents of identity and authorization to work and attest he/she is authorized to work in the United States. 4. Application materials become the property of the District and will not be returned or duplicated. 5. Travel expenses to attend the interview are the responsibility of the candidate. 6. Meeting the minimum qualifications does NOT assure an interview. 7. The District may re-advertise, delay, choose not to fill the position, or choose to fill more than one position. Suggested services that provide foreign degree equivalency evaluation to U.S. degrees: Academic Credentials Evaluation Institute, Inc. Website: *************************** Education Records Evaluation Services Website: ************ International Education Research Foundation Website: ******************** World Education Services Website: ***********

Mindlance is a national recruiting company which partners with many of the leading employers across the country. Feel free to check us out at ************************* Hope you are doing fine, Please have a look at the job description and if you are comfortable with the role and responsibilities please revert with your updated resume. Job title:- Threat Intelligence Analyst/Security Analyst Location:- San Francisco CA Duration:- 6- 12 Months Contract Responsibilities: • Differentiate, collect, and evaluate technical and open source data to produce threat intelligence products; • Identify credible, new intelligence and subject matter resources relative to current/emerging threats; • Analyze reports to understand threat campaign techniques and lateral movements and extract indicators of compromise (IOCs). • Manage and maintain threat intelligence platforms and feeds • Conduct research on emerging products, services, protocols, and standards relative to the information security arena Required Qualifications: • 3-5 year's experience performing threat i management operational activities, including threat intelligence gathering and analysis, and threat metrics development and reporting • Experience working with large/multi-national organizations • Demonstrated use of analytic tools and platforms • In-depth knowledge of information security threats Windows and Unix/Linux platforms • The demonstrated ability to work effectively in a collaborative team environment as an individual contributor. • The ability to provide support after normal business hours, as needed. Preferred Qualifications: • Direct experience with Threat intelligence Platform tools • Experience with developing threat intelligence briefings Additional Information Thanks & Regards, Vikrant Thakur ************

**Be visionary** Teledyne Technologies Incorporated provides enabling technologies for industrial growth markets that require advanced technology and high reliability. These markets include aerospace and defense, factory automation, air and water quality environmental monitoring, electronics design and development, oceanographic research, deepwater oil and gas exploration and production, medical imaging and pharmaceutical research. We are looking for individuals who thrive on making an impact and want the excitement of being on a team that wins. **Job Description** **Make an impact where security meets innovation.** At Teledyne RF & Microwave, we design and deliver advanced technologies that power aerospace, defense, and communications worldwide. Our team thrives on precision, collaboration, and a commitment to protecting critical systems. If you're passionate about cybersecurity and want to work for a trusted leader in high-tech solutions, this role is for you. **What you'll do** + Maintain the security posture of classified systems in line with approved policies + Verify implementation of security controls and keep documentation current + Manage system accounts and ensure proper authorization procedures + Conduct regular system assessments and report findings to the ISSM + Monitor audit logs and analyze user activity for compliance + Respond to security incidents and oversee recovery processes + Notify ISSM of system changes that impact authorization + Support hardware maintenance, backups, and virus updates + Train employees on internal security policies and assist with spill containment + Participate in configuration control activities when designated **What you need** + Strong problem-solving and organizational skills (required) + Ability to analyze security data and enforce compliance (required) + Excellent communication and teamwork skills (required) + U.S. citizenship and eligibility for security clearance (required) + Bachelor's degree in Information Systems or Security+ certification (required) + Experience with classified systems and security audits (advantage) + Familiarity with DAAPM and ITPSO policies (advantage) + Hands-on technical competence with system administration (advantage) **What we offer** + Competitive pay and comprehensive health benefits + 401(k) with company match and retirement plans + Paid time off and flexible work arrangements + Professional development and training opportunities + Employee wellness programs and assistance resources + A collaborative environment working on mission-critical technology **What happens next** Apply online through Teledyne's careers page. If your qualifications align, our team will contact you for interviews and guide you through the clearance process. _Teledyne is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status._ **Salary Range:** $61,600.00-$82,100.000 **Pay Transparency** The anticipated salary range listed for this role is only an estimate. Actual compensation for successful candidates is carefully determined based on several factors including, but not limited to, location, education/training, work experience, key skills, and type of position. Teledyne and all of our employees are committed to conducting business with the highest ethical standards. We require all employees to comply with all applicable laws, regulations, rules and regulatory orders. Our reputation for honesty, integrity and high ethics is as important to us as our reputation for making innovative sensing solutions. Teledyne is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age, or any other characteristic or non-merit based factor made unlawful by federal, state, or local laws. You may not realize it, but Teledyne enables many of the products and services you use every day **.** Teledyne provides enabling technologies to sense, transmit and analyze information for industrial growth markets, including aerospace and defense, factory automation, air and water quality environmental monitoring, electronics design and development, oceanographic research, energy, medical imaging and pharmaceutical research.

LinkedIn is the world's largest professional network, built to create economic opportunity for every member of the global workforce. Our products help people make powerful connections, discover exciting opportunities, build necessary skills, and gain valuable insights every day. We're also committed to providing transformational opportunities for our own employees by investing in their growth. We aspire to create a culture that's built on trust, care, inclusion, and fun - where everyone can succeed. Join us to transform the way the world works. Job Description At LinkedIn, our approach to flexible work is centered on trust and optimized for culture, connection, clarity, and the evolving needs of our business. This role may be remote or hybrid. At LinkedIn, hybrid roles are performed both from home and from a LinkedIn office on select days, as determined by the business needs of the team. Remote roles are performed from the designated home work location upon time of hire, and any changes to this home work location requires a review of remote status and approval. LinkedIn's members entrust us with their information every day and we take their security seriously. Our core value of putting our members first powers all the decisions we make, including how we manage and protect the data of our members and customers. We never stop working to ensure LinkedIn is secure. We follow industry standards and have developed our own best practices to stay ahead of the increasing number of threats facing all Internet services and infrastructure. LinkedIn is looking for an experienced Engineering Manager to lead the Detection Engineering team in the US and to be an integral part of our Information Security organization. The Detection Engineering team is responsible for developing and maintaining threat detection capabilities, security monitoring systems, and detection rules to protect our infrastructure, applications, and, most importantly, our members. This is a key role in supporting and growing our security detection and monitoring capabilities. Responsibilities: Leadership and Team Management Lead and manage the detection engineering team, including hiring, training, and mentoring team members. Develop and maintain detection engineering policies, procedures, infrastructure, and guidelines. Coordinate and oversee all activities of the detection engineering team during threat detection development and implementation. Detection Development and Management Serve as the primary point of contact for all threat detection development and enhancement initiatives. Ensure timely development, testing, and deployment of detection rules and monitoring capabilities. Conduct post-deployment analysis and create detailed reports on detection effectiveness with KPIs, including tuning recommendations and optimization strategies. Communication and Coordination Communicate detection development status, updates, metrics and reporting, and capabilities to senior management, stakeholders, and security teams regularly. Coordinate with internal and external teams, including security operations, defense infrastructure, incident response, and product engineering teams to develop and maintain effective detection capabilities. Develop and maintain an effective detection engineering communication plan. Continuous Improvement Continuously evaluate and improve detection engineering processes, tools, and capabilities. Conduct and report on regular detection testing and validation exercises to test and refine detection rules and monitoring systems. Stay current with emerging threats, attack techniques, and detection technologies to enhance the detection engineering program. Reporting and Documentation Maintain comprehensive documentation of all detection rules, including development rationale, testing results, and performance metrics. Prepare and present detection engineering reports and metrics to senior leadership and stakeholders. Ensure compliance with regulatory requirements and industry standards related to threat detection and monitoring. Training and Awareness Develop and deliver detection engineering training programs for team members and other relevant personnel. Promote security detection awareness and best practices across the organization. Ensure the detection engineering team is up-to-date with the latest tools, techniques, and procedures. Budget and Resource Management Manage the detection engineering budget and allocate resources effectively. Evaluate and recommend tools, technologies, and services to enhance the detection engineering program. Ensure the team has the necessary resources and support to perform their duties effectively. Qualifications Basic Qualifications: Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or related technical discipline, or equivalent practical experience. 1+ year(s) of management experience or 1+ year(s) of staff level engineering experience with management training. 7+ years of experience in cybersecurity, with a focus on detection engineering, security monitoring, threat intelligence, incident response, or related security roles. Experience leading or managing a cybersecurity, incident response, or detection engineering team. Experience in cybersecurity frameworks and standards (e.g., NIST, MITRE ATT&CK, OCSF). Experience in detection engineering tools and technologies (e.g., Query Languages, CI/CD, YARA, Sigma rules, threat intelligence platforms). Experience with threat analysis, detection rule development, automation engineering, and security monitoring optimization. Project management experience with managing budgets and resources. Preferred Qualifications: Master's degree in Cybersecurity, Information Assurance, or a related field. 10+ years of experience in cybersecurity, with significant experience in detection engineering, threat intelligence, or incident response. 3+ years of management experience in building small to medium-sized teams, demonstrating growth and a track record of successful deliveries. Ability to work under pressure and manage multiple detection development projects simultaneously as well as managing an oncall team. Relevant certifications (e.g., CISSP, CISM, GCIH, GCFA, SANS). Experience in developing and delivering detection engineering training and awareness programs. Strong proficiency in Kusto Query Language (KQL) and SQL. Proficiency in programming or scripting languages (e.g., Python, Go, etc.) for automating detection development and testing processes. Experience with cloud security and detection engineering in cloud environments especially Azure. Knowledge of advanced threat detection techniques, including threat hunting and behavioral analysis as well as applied threat intelligence. Familiarity with detection engineering frameworks and best practices (e.g., Sigma, YARA, STIX/TAXII, OCSF). Strong communication skills, both written and verbal, with the ability to convey complex technical information to non-technical stakeholders. Suggested Skills : Security Information and Event Management (SIEM) Query languages (KQL, SPL, SQL, Elastic, etc.) Detection Rule Development (YARA, Sigma) Scripting and Automation (e.g., Python, PowerShell, SQL) Threat Intelligence Integration Cloud Security (e.g., Azure, GCP) You will Benefit from our Culture We strongly believe in the well-being of our employees and their families. That is why we offer generous health and wellness programs and time away for employees of all levels. LinkedIn is committed to fair and equitable compensation practices. The pay range for this role is $152,000 - $248,000. Actual compensation packages are based on a wide array of factors unique to each candidate, including but not limited to skill set, years & depth of experience, certifications and specific office location. This may differ in other locations due to cost of labor considerations. The total compensation package for this position may also include annual performance bonus, stock, benefits and/or other applicable incentive compensation plans. For additional information, visit: ************************************** Additional Information Equal Opportunity Statement We seek candidates with a wide range of perspectives and backgrounds and we are proud to be an equal opportunity employer. LinkedIn considers qualified applicants without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, marital status, pregnancy, sex, gender expression or identity, sexual orientation, citizenship, or any other legally protected class. LinkedIn is committed to offering an inclusive and accessible experience for all job seekers, including individuals with disabilities. Our goal is to foster an inclusive and accessible workplace where everyone has the opportunity to be successful. If you need a reasonable accommodation to search for a job opening, apply for a position, or participate in the interview process, connect with us at [email protected] and describe the specific accommodation requested for a disability-related limitation. Reasonable accommodations are modifications or adjustments to the application or hiring process that would enable you to fully participate in that process. Examples of reasonable accommodations include but are not limited to: Documents in alternate formats or read aloud to you Having interviews in an accessible location Being accompanied by a service dog Having a sign language interpreter present for the interview A request for an accommodation will be responded to within three business days. However, non-disability related requests, such as following up on an application, will not receive a response. LinkedIn will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by LinkedIn, or (c) consistent with LinkedIn's legal duty to furnish information. San Francisco Fair Chance Ordinance Pursuant to the San Francisco Fair Chance Ordinance, LinkedIn will consider for employment qualified applicants with arrest and conviction records. Pay Transparency Policy Statement As a federal contractor, LinkedIn follows the Pay Transparency and non-discrimination provisions described at this link: ******************************** Global Data Privacy Notice for Job Candidates Please follow this link to access the document that provides transparency around the way in which LinkedIn handles personal data of employees and job applicants: ********************************************

We are seeking a Cybersecurity Risk Analyst to support managing and mitigating security risks across processes, technologies, and cloud environments. The ideal candidate will combine technical expertise, business acumen, and cybersecurity experience to advise partners, assess risks, and drive improvements in secure operations. This role requires hands on experience with Kusto Query Language (KQL), cloud security, and risk assessment, as well as the ability to communicate effectively with stakeholders at all levels. Must be local to San Francisco or Los Angeles (LA) or Salt Lake City (SLC). Responsibilities: Support risk strategies by identifying and mitigating security risks in bank systems and processes. Apply and interpret security policies, provide guidance and input on policy enhancements. Advise business and technical partners on security controls, procedures, and best practices. Assess cloud and on-prem environments to identify risks and recommend control improvements. Conduct security control assessments, document findings, and develop actionable remediation plans. Evaluate third-party vendors to determine shared security responsibilities and associated risks. Communicate security risks and mitigation strategies effectively to technical teams and executives. Collaborate across teams to drive secure operations and deliver results in a fast-paced environment. Qualifications: Bachelor's degree in Cybersecurity, Information Security, Computer Science, or related technical discipline (or equivalent experience). 3+ years of experience in cybersecurity, information security, or technology risk management. Proficiency in Kusto Query Language (KQL) for data analysis, log correlation, and threat detection. In-depth understanding of security frameworks such as NIST, ISO 27001, or FedRAMP. Demonstrated experience assessing and improving security posture across Cloud (Azure, AWS) and on-premises environments. Proven ability to conduct security control assessments, identify risk exposures, and develop actionable remediation plans. Skilled at translating technical security concepts into clear, business-relevant insights for stakeholders and executives. Excellent communication, collaboration, and interpersonal skills, with a focus on building trusted partnerships across technical and business teams. Strong organizational and analytical skills, with the ability to manage multiple initiatives in a fast-paced, results-driven environment.