Information security analyst jobs in Providence, RI - 279 jobs

A leading cloud technology firm in Boston seeks a Principal Cloud Security Architect to evaluate cloud architectures for security gaps. This role involves reviewing IAM configurations and network designs while identifying risks and misconfigurations in AWS, Azure, and GCP environments. Candidates should have extensive experience in cloud security architecture and document complex systems effectively. The position offers competitive compensation at $40 - $80 an hour, providing an opportunity to influence robust security practices. #J-18808-Ljbffr

Hybrid## Principal SaaS Security EngineerBoston, MA, USAOur world is transforming, and PTC is leading the way.Our software brings the physical and digital worlds together, enabling companies to improve operations, create better products, and empower people in all aspects of their business.Our people make all the difference in our success. Today, we are a global team of nearly 7,000 and our main objective is to create opportunities for our team members to explore, learn, and grow - all while seeing their ideas come to life and celebrating the differences that make us who we are and the work we do possible.**Principal Security Engineer-SaaS**JR110938**Key Responsibilities*** **Secure Architecture & Design** + Architect and implement security controls for multi-tenant SaaS environments for both commercial and US federal customers + Harden cloud infrastructure (AWS preferred) and enforce least-privilege IAM policies. + Integrate encryption and key management solutions for data at rest and in transit.* **Threat Detection & Incident Response** + Configure and monitor security tools like Wiz and Crowdstrike. Guide remediation efforts. + Develop and maintain SIEM rules and dashboards for real-time threat monitoring. + Lead incident response efforts, including root cause analysis and remediation.* **Vulnerability Management** + Own vulnerability scanning, prioritization, and remediation across services. + Tune automated scanning in CI/CD pipelines using tools like **Black Duck, or Checkmarx**.* **DevSecOps & Automation** + Build scripts and automation for security posture validation and drift detection.* **Collaboration & Leadership** + Partner with engineering teams to integrate security best practices early in development. + Mentor junior engineers and advocate for secure coding principles.**Required Qualifications*** 8+ years in security engineering, with at least 3 years in SaaS or cloud-native environments (DevSecOps).* Deep expertise in **AWS security services** (IAM, KMS, Security Hub, GuardDuty).* Strong background in **vulnerability management, SIEM tools (Splunk, Opensearch), and automation scripting** (Terraform, Ansible, Python).* Experience with **container security** and orchestration (Docker, Kubernetes).* Experience securing Linux deployments.**Nice-to-Have*** Working knowledge of **FedRAMP, NIST SP 800-53, or similar compliance processes**.* Relevant certifications: CISSP, CCSP, AWS Security Specialty.* Work on cutting-edge SaaS security challenges.* Influence architecture and security strategy at scale.* Collaborate with a team passionate about building secure, resilient systems.**Work Environment:**The candidate may be required to participate in an on-call rotation to respond to security incidents.The SecOps Engineer position will be a member of the Onshape Technical Operations team. This is a primarily US-based operations, site reliability, compliance, and security team. The team is part of Onshape Engineering and works very closely with other teams in engineering to deliver a reliable, secure service to our customers.PTC carefully considers a wide range of factors when determining compensation. The anticipated annual salary range for this position is between $118,000 - 165,000. The anticipated annual salary range encompasses both the base salary and the on-target incentive compensation that may be attained in this role. The salary range reflects a good-faith estimate of compensation at the time of posting.Actual compensation may vary based on a candidate's skills, qualifications, experience, and location. Eligible employees also have the opportunity to become a PTC shareholder through our employee share purchase program (ESPP) which allows for the purchase of discounted PTC stock. Certain roles may also be eligible for participation in our equity programs. Employees may be eligible for medical, dental and vision insurance, paid time off and sick leave, tuition reimbursement, 401(k) contributions and employer match, flexible spending accounts, life insurance, disability coverage and if you are an office-assigned employee, a generous commuter subsidy. All total rewards and benefits programs are subject to plan eligibility and other terms and conditions.For more information about PTC's comprehensive benefits, please visit our .Applications will be accepted on an on-going basis.At PTC, we believe in the power of diverse ideas and perspectives. As a global company that values and respects all identities, cultures, and perspectives, we strive to create an inclusive PTC for ALL through an environment where everyone feels like they belong and are empowered to bring their true, authentic selves to work. Proud to be an Equal Opportunity Employer, we welcome applicants from all backgrounds and hire without regard to race, national origin, religion, age, color, ethnicity, ancestry, marital status, sex (including pregnancy), sexual orientation, gender identity, gender expression, genetic information, disability, veteran status, or any other characteristic protected by local, state, or federal laws, rules, or regulations. It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.PTC endeavors to make ptc.com/careers accessible to all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact PTC's Talent Acquisition team at *************************. This contact information is for accommodation requests only and cannot be used to inquire about the status of applications.Life at PTC is about more than working with today's most cutting-edge technologies to transform the physical world. It's about showing up as you are and working alongside some of today's most talented industry leaders to transform the world around you.We respect the privacy rights of individuals and are committed to handling Personal Information responsibly and in accordance with all applicable privacy and data protection laws. ."**Onshape** is a next-generation, global Software-as-a-Service (SaaS) product development platform that helps businesses of all sizes modernize and accelerate their design and manufacturing processes. The cloud-native platform is the only all-in-one system that combines robust computer-aided design (CAD) with powerful data management and collaboration tools. **Onshape** helps extended design teams work together faster from any location and helps executives make better decisions with real-time business analytics and unprecedented visibility into their company's operations.We are seeking a **Principal Security Engineer-SaaS** to lead the design, implementation, and continuous improvement of security for our cloud-native SaaS platform. This role is deeply technical and hands-on, focused on **threat detection, vulnerability management, secure architecture, and SecOps integration**. Compliance knowledge (e.g., FedRAMP, NIST) is a plus but secondary to strong security engineering expertise.You can learn more about who we are, what we do, and what sets us apart by following us on social media. The #lifeat PTC experience is one that we're proud to share and it just keeps getting better.Top skills Active DirectoryCloud ComputingFirewallsEthical HackingIPsecNetworkingInformation Technology #J-18808-Ljbffr

A leading security technology firm is looking for a Senior Java Engineer to design, develop, and maintain cloud-native SaaS solutions for their RSA ID Plus platform. Candidates should have over 5 years of experience in Java and cloud-native applications. This role emphasizes collaboration within a distributed team to deliver secure Identity and Access Management products. The position offers a competitive salary range of $90k to $195k along with comprehensive benefits including flexible paid time off and a 401(k) retirement plan. #J-18808-Ljbffr

A federal services provider located in Boston is seeking a Cyber Security Engineer to enhance software security for federal clients. The ideal candidate will possess a Bachelor's degree in a relevant field and experience with DevSecOps tools. Responsibilities include implementing security in software, maintaining security processes, and conducting assessments. This role promises to offer impactful career opportunities within a company that emphasizes employee ownership and diversity. #J-18808-Ljbffr

Title: Senior Security Engineer Type: Full‑time exempt, 50 hours per week Compensation: $112.5K-$155K* + 15% bonus + Full Benefits day one Who Are We We are fiercely disrupting the concept of automobile ownership. Flexcar is on a mission to replace car ownership for the majority of car owners. We are currently operational in 4 markets and continuing to grow. Our goal is to offer a flexible alternative to car ownership that puts our members in the driver's seat of their budget and their vehicle. Flexcar covers all maintenance costs, insurance costs, registration costs, and more, to provide the flexible ownership alternative that is simple and seamless for our members. Flexcar empowers all walks of life to have the flexibility of a car of their own without the hassles of traditional car ownership. Role Overview Flexcar is seeking a dedicated Security Engineer as an individual contributor responsible for safeguarding a broad attack surface that includes Flexcar's web and mobile applications, physical locations, and its remote team members. This is a highly collaborative role that will require working across all facets of the Flexcar organization. You will be expected to champion the development and implementation of proactive defense measures across the entire organization, collaborating across multiple teams to maintain our high security standards, and educating members of the organization in the realms of general security awareness as well as best practices when it comes to delivering software. This role requires a candidate who is a self‑starter and capable of managing multiple requests from various teams within the Flexcar organization. Key Requirements Web Application Security Hands‑on experience with managing a Web Application Firewall, including the creation of custom rules, rate limiting, and managing vendor rulesets. Must understand the current OWASP Top 10 and demonstrate the ability to educate others on how to identify and mitigate associated risks. Must have experience with deploying and managing defensive measures, aka “Blue Teaming”. Must have experience organizing and managing third‑party penetration tests and ensuring that all findings are addressed in a timely manner. Hands‑on experience with threat modeling. Experience leading tabletop sessions with members of the engineering team as well as non‑technical members of the organization. Demonstrated ability to conduct Open‑Source Intelligence (OSINT) against the organization and its resources. Demonstrated ability to conduct internal offensive security campaigns against Flexcar's web application and the organization itself. Secure Infrastructure & Tooling Experience creating CI/CD workflows and utilizing open‑source security tools. Experience with static analysis tools for code, dependencies, and container images. Familiarity with AWS security tools and resources. Familiarity with Terraform. Experience with hardening Microsoft Entra (Azure AD) and O365. Proven experience with Identity and Access Management. Experience with administration of common Managed Detection and Response (MDR) solutions. Hands‑on experience with scripting languages like Python. Incident Management Proven ability to serve as a Security Incident Commander. Ability to use the tools available for leading forensic analyses and guiding investigative efforts. Demonstrated ability to conduct threat hunting based on new threats as they are discovered or disclosed by the larger security community. Governance, Risk, and Compliance Familiarity with maintaining compliance with frameworks such as PCI, CCPA, and US Data Privacy. Familiarity with compliance automation platforms. Experience creating and maintaining foundational security policies. Ability to manage Flexcar's third‑party vendor assessment process. Ability to create both general security awareness content for the organization as well as targeted training for a variety of individual teams. What Tops Off the Tank Rest & Relax! Flexible Paid Time Off and Sick Time Save for Your Future! 401(k) with company match from day one of hire Benefits: Excellent, low‑cost healthcare coverage including medical, dental, vision, eligibility day one Drive a Flexcar! Discounted employee rate on Flexcar products and no annual membership fee Weekly Pay and other amazing perks! *Actual compensation will vary depending on geographic location, job‑related knowledge, skills, experience, and market conditions. Disclaimer This job description may not be inclusive of all assigned duties, responsibilities, or aspects of the job described, and may be amended at any time at the sole discretion of the Employer. Flexcar is an Equal Opportunity Employer and prohibits discrimination and harassment of any kind. Flexcar provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws. #J-18808-Ljbffr

Information Security Engineer 3 page is loaded## Information Security Engineer 3locations: Portland, ME: Boston, MAtime type: Full timeposted on: Posted Todayjob requisition id: R20174****About the Team/Role****We're the Global Information Security Team at WEX, responsible for implementing and operating security technologies and processes throughout WEX. We partner closely with internal teams and customers to assure WEX operates in a secure and compliant manner. Our team holds itself to a high-standard and we collaborate closely with one another to ensure strong, reliable and effective relationships. We own our results and we take pride of ownership in everything we do. **We need help!** Changing the world isn't easy, and we have a lot of work ahead of us. From securing applications, data centers and cloud resources, we've got more work than we can handle and we're looking for great people to come along for the ride. We are looking for an application security engineer is responsible for ensuring the secure function of software security and familiarity with multiple general security practices and toolsets**How you'll make an impact** **Culturally, you're:*** A highly motivated security engineer who loves working on small, high performing teams that interface with the entire enterprise* A collaborative, solid communicator who works well with your team and stakeholders to drive projects from inception to completion* Someone who cares deeply for team results but is able to work independently to deliver high quality solutions for projects and operational tasks* Comfortable balancing the need to move fast with the realities of working in a highly regulated organization* Someone who thrives in situations where details and accuracy are vital* A skilled worker that has the motivation, expertise, and work ethic to operate independently across global time zones, and who is able to complete tasks and deliverables with minimal oversight* Work closely with Enterprise IT teams on securing Wex's infrastructure and applications* Able to mentor other engineers both technically and professionally**Technically, you:*** Engineer, implement, and monitor security measures to protect the enterprise* Configure and troubleshoot security infrastructure devices* Regularly review configurations and develop improvement plans* Develop technical solutions and new security tools to help mitigate security findings* Write comprehensive reports including assessment-based findings, outcomes and recommendations for security enhancement.* Have a general background in IT, Security, and supporting processes* Deep experience working with compliance and regulatory frameworks such as PCI-DSS, HIPAA/HITRUST, SOX, GDPR, NIST, etc.**Experience you'll bring*** Have 3-5 years of experience in Enterprise Information Security Engineering* Have 3-5 years of broad experience with security technologies such as NextGen AV (EDR), DLP, email security (SPF, DMARC, DKIM), web filtering, HSM, Key and Certificate management, or Identity and Access Management* Have a strong, practical understanding of modern cloud IT infrastructure, networking, and security engineering concepts* Are able to troubleshoot network and security issues within a complex environment* Have 3-5 years of experience in engineering solutions which meet security, compliance, and business needs* Can commit and deliver on very specific project/delivery timelines with minimal supervision* Are able work in an on-call rotation which may include some night and weekend shifts* Have excellent customer support skills, both written and verbal* Have 3-5 years of experience Linux and Unix operating systems* Have 3-5 years of experience with securing applications and enabling secure communication through HTTPS**It would be nice if you*** Have cloud experience with AWS and Azure* Experience working with AI/LLM Security* Experience working with Splunk* Experience working with CrowdStrike* Experience with automation technologies (SOAR) and writing code for automation* Experience working with Fortanix, Venafi, or similar Pay Range: $102,000.00 - $135,000.00WEX is a global commerce platform that helps businesses solve for operational complexities like employee benefits, managing and mobilizing fleets, and streamlining payments.With over 6,500 employees, we work with large and small companies in more than 200 countries and territories, and can tailor our services to meet the unique needs of their businesses.We hire people who share our passion for continuous innovation and client service that is unparalleled in the industry. Offering comprehensive and market competitive benefits, our offerings are designed to support your personal and professional well-being. If you're looking for a growing career - come be part of WEX today. To learn more about our employee benefits, please .WEX is an equal opportunity employer committed to diversity and inclusion in the workplace. All qualified applicants will receive consideration for employment without regard to sex, race, color, age, national origin, religion, sexual orientation, gender identity, protected veteran status, disability or other protected status. WEX promotes a drug-free workplace.Qualified individuals with a disability have the right to request a reasonable accommodation. If you require a reasonable accommodation as a result of your disability at any point in the job application process, please submit your request through our .This form is for accommodation requests only and cannot be used to inquire about the status of applications. #J-18808-Ljbffr

A leading technology firm is seeking an experienced Cybersecurity Engineer to implement and maintain cloud network security systems. The role includes daily monitoring of security alerts, incident response, and collaboration with engineering teams. Candidates must have a minimum of 4 years in cybersecurity engineering, proficiency in AWS, and familiarity with security technologies. This position offers a supportive team environment and flexibility in work location, as well as competitive benefits. #J-18808-Ljbffr

Security & IT Engineer About the Role We're looking for a hands‑on Security & IT Engineer to own and strengthen Givzey's security posture while managing our internal IT infrastructure. This is a hybrid role combining security engineering, cloud infrastructure management, and IT operations. You'll be responsible for everything from ensuring SOC 2 / ISO compliance and securing AWS environments to managing employee devices and implementing company‑wide security best practices. This role is perfect for someone who can think strategically about risk and compliance while still getting into the weeds of configuration, automation, and incident response. About Givzey: Givzey is a Boston‑based, rapidly growing digital fundraising solutions company, built by fundraisers for nonprofit organizations. Join a fast‑growing, mission‑driven team working across two innovative platforms: Givzey, the first donor commitment management platform revolutionizing nonprofit fundraising, and Version2.ai, a cutting‑edge AI platform helping individuals and organizations create their most authentic, effective digital presence. As an engineer at the intersection of philanthropy and artificial intelligence, you'll build scalable, high‑impact solutions that empower nonprofit fundraisers and redefine how people tell their stories online. We're a collaborative, agile team that values curiosity, autonomy, and purpose. Whether you're refining AI‑driven experiences or architecting tools for the future of giving, your work will help shape meaningful technology that makes a difference. What You'll Do Security & Compliance Own and evolve our information security program, including policies, controls, and procedures aligned with SOC 2, ISO 27001, and other frameworks. Conduct regular security risk assessments and audits; maintain continuous compliance readiness. Manage vulnerability scanning, penetration testing, and incident response processes. Oversee access control, identity management, and data protection across all systems. Partner with legal and operations teams to ensure vendor and data processing compliance. Cloud Infrastructure Security Secure and manage AWS infrastructure (IAM, networking, encryption, logging, monitoring, etc.). Implement security automation for configuration management, secrets management, and incident alerts. Collaborate with engineering teams to embed security into CI/CD pipelines and software lifecycle. IT Administration Manage company devices (Macs) using MDM and endpoint protection tools. Set up and maintain SSO, MFA, and access control across tools and services. Handle onboarding/offboarding from a security and IT perspective. Support internal IT operations and ensure systems run securely and smoothly. Governance & Culture Build a strong security culture through training, awareness, and best practices. Stay current on emerging security threats and compliance standards. What You'll Bring 5+ years of experience in IT, DevOps, or security engineering roles. Hands‑on experience with AWS, IAM, and cloud security tools. Strong familiarity with SOC 2, ISO 27001, and related compliance frameworks (TX‑RAMP). Understanding of network security, identity & access management, and incident response. Comfortable being both strategic and tactical - from writing policies to hardening infrastructure. Bonus: experience with Pulumi #J-18808-Ljbffr

Key Responsibilities Support business operations and development initiatives for the analysis, design & implementation of manufacturing IT solutions (MES, LIMS, SCADA, IoT, Data Historian) Functionally oriented Identify technical issues and communicate effectively across teams Required Experience: 6+ years in Business Analysis roles Manufacturing background req MES experience is a plus Must be a US Citizen or US Permanent Resident Bachelor's degree in Computer Science, Information Technology, or a related field required

A state governmental agency in Chelsea, Massachusetts is seeking an Accounts Management Analyst II to manage employee provisioning and deprovisioning, ensure timely completion of requests, and support end-users with IT issues. The ideal candidate should have extensive experience in technical support, strong knowledge in Windows, Azure, and service management tools like ServiceNow, along with excellent problem-solving and communication skills. This full-time role offers a salary range between $77,290 and $116,401 annually. #J-18808-Ljbffr

Information Security Data Analyst Large Banking Client Duration: 6+ month contract; Strong potential for extension / full time hire Our client in the banking industry is seeking a Data Analyst to join the Information Security & Risk team. This role will focus on data protection, compliance, and security analytics, ensuring sensitive information is safeguarded across systems and processes. The position offers an opportunity to contribute to risk mitigation, regulatory adherence, and the development of robust data security controls in a dynamic financial services environment. Responsibilities * Monitor, analyze, and report on data security events and potential data loss incidents * Collect, validate, and analyze data from multiple sources to ensure accuracy and integrity * Develop and maintain dashboards for security metrics using Power BI and AWS QuickSight * Execute queries to identify anomalies, trends, and potential vulnerabilities in data flows * Implement and enforce Data Loss Prevention (DLP) rules and policies across systems * Conduct testing and validation of DLP rules to ensure accuracy and effectiveness * Manage website whitelisting processes to support secure business operations * Support compliance with regulatory standards and internal security frameworks * Collaborate with security, risk, and IT teams to design and optimize data protection strategies * Communicate findings and actionable recommendations to leadership and stakeholders Required Experience * Minimum 3+ years of experience in data analytics with a focus on security or compliance * Strong understanding of data protection principles, DLP tools, and regulatory frameworks * Hands-on experience implementing and testing DLP rules and security controls * Proficiency in SQL Server for query writing and data validation * Dashboarding experience with Power BI and AWS QuickSight * Working knowledge of Python for automation and data analysis * Familiarity with security monitoring tools and incident response processes * Prior experience in financial services, preferably banking or fintech Desired Experience * Exposure to DLP solutions (e.g., Purview, Netskope) * Experience with identity and access management concepts * Understanding of data classification and encryption standards Soft Skills * Strong communication skills to engage leadership and cross-functional teams * Detail-oriented with a proactive approach to risk identification * Ability to work in a fast-paced, compliance-driven environment * Apex Benefits Overview * Apex offers a range of supplemental benefits, including medical, dental, vision, life, disability, and other insurance plans that offer an optional layer of financial protection. We offer an ESPP (employee stock purchase program) and a retirement plan (401k or local country equivalent) program. Apex also offers a HSA (Health Savings Account on the HDHP plan), a SupportLinc Employee Assistance Program (EAP) with up to 8 free counseling sessions, a corporate discount savings program and other discounts. In terms of professional development, Apex hosts an on-demand training program, provides access to certification prep and a library of technical and leadership courses/books/seminars once you have 6+ months of tenure, and certification discounts and other perks to associations that include CompTIA and IIBA. Apex has a dedicated customer service team for our consultants that can address questions around benefits and other resources, as well as a certified Career Coach. You can access a full list of our benefits, programs, support teams and resources within our 'Welcome Packet' as well, which an Apex team member can provide. * · EEO Employer * Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at [email protected] or ************. Apex Systems is a world-class IT services company that serves thousands of clients across the globe. When you join Apex, you become part of a team that values innovation, collaboration, and continuous learning. We offer quality career resources, training, certifications, development opportunities, and a comprehensive benefits package. Our commitment to excellence is reflected in many awards, including ClearlyRated's Best of Staffing in Talent Satisfaction in the United States and Great Place to Work in the United Kingdom and Mexico. Apex uses a virtual recruiter as part of the application process. Click here for more details. Apex Benefits Overview: Apex offers a range of supplemental benefits, including medical, dental, vision, life, disability, and other insurance plans that offer an optional layer of financial protection. We offer an ESPP (employee stock purchase program) and a 401K program which allows you to contribute typically within 30 days of starting, with a company match after 12 months of tenure. Apex also offers a HSA (Health Savings Account on the HDHP plan), a SupportLinc Employee Assistance Program (EAP) with up to 8 free counseling sessions, a corporate discount savings program and other discounts. In terms of professional development, Apex hosts an on-demand training program, provides access to certification prep and a library of technical and leadership courses/books/seminars once you have 6+ months of tenure, and certification discounts and other perks to associations that include CompTIA and IIBA. Apex has a dedicated customer service team for our Consultants that can address questions around benefits and other resources, as well as a certified Career Coach. You can access a full list of our benefits, programs, support teams and resources within our 'Welcome Packet' as well, which an Apex team member can provide. Employee Type: Contract Remote: Yes Location: Boston, MA, US Job Type: Date Posted: November 18, 2025 Pay Range: $45 - $60 per hour Similar Jobs * Information Security Analyst * Information Security Analyst * Information Systems Security Officer * Information Systems Analyst * Application Security Analyst

Join our global Cyber team as a Wordings Analyst supporting the Global Cyber Wordings Manager in the strategic development and governance of our Cyber and Tech policy suite, including Liberty Cyber Resolution and Liberty Tech Resolution. This role is a hands-on business enabler: you will help translate complex legal and regulatory requirements into clear, market-ready wordings, maintain our global clause library, support manuscript negotiations, and produce practical tools that empower underwriters and strengthen broker confidence. It's an excellent opportunity for an early-career insurance wordings or legal professional to build expertise in a fast-moving, global specialty line and make a visible impact on growth, innovation, and client experience. Key responsibilities: Wording library and drafting support Maintain and expand the global wording library centered on Liberty Cyber Resolution and Liberty Tech Resolution, including endorsements, exclusions, and guidance notes. Redline and prepare first drafts of standard clauses and endorsements; ensure consistency with definitions, coverage intent, and plain-language standards. Track version control, change logs, approvals, and archiving; Assist with localization for different jurisdictions, coordinating translations and filing documentation with Legal/Compliance. Commercial enablement Build practical tools (playbooks, FAQs, objection-handling guides, coverage summaries) to help regional teams position our products and close deals efficiently. Prepare broker/client comparison decks and battlecards; support pitches, RFP/RFI responses, and manuscript negotiations with clause comparisons and recommended alternatives. Triage wording queries from regions; track SLAs and referral approvals per the global governance framework. Partner closely with Underwriting, Product, Global Cyber Engagement, Claims, Legal/Compliance, and regional leaders to deliver accurate, timely support and uphold governance standards. Regulatory and legal stewardship Monitor and synthesize global regulatory and market developments (e.g., Lloyd's cyber war/systemic guidance, GDPR, DORA, NIS2, sanctions) into succinct briefs and recommended wording actions. Maintain audit-ready documentation; assist with regulatory filings or attestations where required. Claims partnership and feedback loop Collaborate with Claims to capture lessons from disputes and litigation trends; draft guidance notes and propose clarifications to improve coverage certainty. Support coverage position letters and documentation packs with research, citations, and clause histories. Innovation and product development support Help draft prototype wordings for new propositions Check alignment between underlying policy wordings and reinsurance treaty/facultative clauses. Administer wording management tools, ensuring robust version control, approval workflows, and usage analytics. Build dashboards and trackers for adoption of standard forms, deviation rates, SLA performance, disputes, and audit findings; provide monthly reporting to stakeholders. Qualifications Bachelor's degree in business, economics, or other quantitative field. Minimum 3 years, typically 4 years or more of relevant work experience. 2 - 5 years of experience in insurance wordings, legal/paralegal support, underwriting support, or product documentation; cyber specialty experience preferred. Strong drafting, redlining, and proofreading skills with a plain-language mindset and exceptional attention to detail. Working knowledge of insurance policy structures, endorsements, exclusions, and coverage interpretation; familiarity with cyber war/systemic language, sanctions, and privacy regulations is advantageous. Research and synthesis skills to translate complex regulatory/legal topics into practical guidance and actionable updates. Proficiency with MS Word (advanced track changes/redlining), Excel (trackers and dashboards), PowerPoint (training/pitch materials), and document/enablement tools. Collaborative, service-oriented approach; comfortable operating in a global matrix and meeting defined SLAs. Curiosity about cybersecurity risks and the incident response ecosystem; willingness to learn common threat scenarios to inform practical drafting. About Us Pay Philosophy: The typical starting salary range for this role is determined by a number of factors including skills, experience, education, certifications and location. The full salary range for this role reflects the competitive labor market value for all employees in these positions across the national market and provides an opportunity to progress as employees grow and develop within the role. Some roles at Liberty Mutual have a corresponding compensation plan which may include commission and/or bonus earnings at rates that vary based on multiple factors set forth in the compensation plan for the role. At Liberty Mutual, our goal is to create a workplace where everyone feels valued, supported, and can thrive. We build an environment that welcomes a wide range of perspectives and experiences, with inclusion embedded in every aspect of our culture and reflected in everyday interactions. This comes to life through comprehensive benefits, workplace flexibility, professional development opportunities, and a host of opportunities provided through our Employee Resource Groups. Each employee plays a role in creating our inclusive culture, which supports every individual to do their best work. Together, we cultivate a community where everyone can make a meaningful impact for our business, our customers, and the communities we serve. We value your hard work, integrity and commitment to make things better, and we put people first by offering you benefits that support your life and well-being. To learn more about our benefit offerings please visit: *********************** Liberty Mutual is an equal opportunity employer. We will not tolerate discrimination on the basis of race, color, national origin, sex, sexual orientation, gender identity, religion, age, disability, veteran's status, pregnancy, genetic information or on any basis prohibited by federal, state or local law. Fair Chance Notices California Los Angeles Incorporated Los Angeles Unincorporated Philadelphia San Francisco We can recommend jobs specifically for you! Click here to get started.

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day. Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being an inclusive workplace, attracting and developing exceptional talent, supporting our teammates' physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve. Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations. At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us! Position Summary: Global Information Security (GIS) is responsible for protecting bank information systems, confidential and proprietary data, and customer information. GIS develops the bank's Information Security strategy and policy, manages the Information Security program, identifies and addresses vulnerabilities and operates a global security operations center that monitors, detects and responds to cybersecurity incidents. Within GIS, Identity and Access Management (IAM) is a security discipline that enables the right individuals to access the right resources at the right times and in the right context. IAM addresses the mission-critical need to ensure appropriate access to the resources across increasingly heterogeneous technology environments, and to meet increasingly rigorous compliance requirements. Role Description: This role is primarily responsible for ensuring that relevant Privileged Access Controls are adequately enforced across platforms and applications to comply with IAM Standard. Partner with PAM Governance leads to ensure that Privileged Access Controls are appropriately measured, reported and governed. Apply industry PAM best practices, templates, and documentation while also proposing improvements based on practical knowledge. Document and convey PAM related requirements to technology partners to build/implement enhanced PAM solutions that are efficient, effective, and modern and able to result in material risk reduction in sustainable manner. Collaborate with stakeholders to develop PAM requirements that iteratively support long term PAM modernization and transformation (covers Process, Data and Technology aspects). Provide education to team members and technology partners regarding the proposed changes to PAM controls. Partners with the policy governance team for socialization and publication of proposed changes to the PAM Standard Takes accountability for addressing PAM risks. Proactively identify risk and ways to continuously enhance and improve BAC's PAM controls. Implement and take decisive actions in finding solutions. Drives towards intended outcomes. Engage senior management to provide factual, transparent, and timely reporting on existing and emerging PAM or information security risks. Active participation in GIS IAM/PAM forums including but not limited to Monthly IAM Stakeholder Forum and Control Owner Forum for standard and Single Process Inventory (SPI) enhancements. Supports audit issues for closure and sustainability Required Qualifications: 7 years relevant hands-on experience in PAM in complex and heterogenous technology environment. Deep experience with Linux, Windows, Cloud scale Identity, Access Management (Single Sign-On, Multi Factor Authentication), Authorization services or design and architecture of PAM services Deep knowledge of bank financial practices and policies and ability to adapt to fast changing environment Working level experience with IAM platforms such as Ping Identity, Active Directory OpenLDAP, OpenDJ Experience in consumption of Web Service APIs such as JSON / XML Hands on experience and involvement in large and complex projects. Expert level knowledge of privileged access management methodologies and techniques for on-prem and Cloud implementation. Expert level knowledge of authentication platforms such as Active Directory, LDAP, Kerberos, LDAP, Radius. Expert knowledge of PAM related tools which support session proxy, vaulting, just-in-time provision, integration with service management tool would be an advantage. Deep security knowledge which covers core technology infrastructure (network, storage, servers, databases, etc.) identity management and application security practice. Deep knowledge on Federation platforms or protocols such as Oauth, OpenID, SAML, WS-Fed, etc. Good knowledge and understanding of PAM-specific laws, rules, and regulations within the financial services sector. Proficient in Microsoft Office suite of products with ability to quickly analyze and synthesize large volumes of data. Familiarity with security standards such as NIST, ISO/EC, FFIEC. Understanding and interpreting BAC's established information security Policy, Standards, Procedure and Guides, and applying this knowledge to related PAM decisions and response. Possession of CISSP certification would be an advantage. Knowledge of Compliance Certifications such as SOX, SOC, SOC2. Serve as the Subject Matter Experts in advising BAC business and technology counterparts on effective ways to achieve or exceed compliance with applicable Policy, Standards, Procedures and Guides. Proficient in articulating facts and data-driven plans and to partner with stakeholders to implement intended solutions to drive risk reductions and adherence to PAM standards. Strong attention to detail and advanced analytical skills. Excellent communication and presentation skills. Able to effectively prioritize multiple tasks. Proven track record in delivering outcomes that result in sustainable risk reductions in PAM. Ability to work independently on initiatives with little oversight. Motivated and willing to learn. Confident and effective in delivering messages across a wide spectrum of individuals with varying degrees of technical and business understanding This job will be open and accepting applications for a minimum of seven days from the date it was posted Shift: 1st shift (United States of America) Hours Per Week: 40 Pay Transparency details US - DC - Washington - 1800 K St NW - 1800 K Street NW (DC1842), US - MA - Boston - 100 Federal St - 100 Federal St Lp (MA5100) Pay and benefits information Pay range$78,200.00 - $137,700.00 annualized salary, offers to be determined based on experience, education and skill set.Discretionary incentive eligible This role is eligible to participate in the annual discretionary plan. Employees are eligible for an annual discretionary award based on their overall individual performance results and behaviors, the performance and contributions of their line of business and/or group; and the overall success of the Company.BenefitsThis role is currently benefits eligible. We provide industry-leading benefits, access to paid time off, resources and support to our employees so they can make a genuine impact and contribute to the sustainable growth of our business and the communities we serve.

Basic Qualifications CLEARANCE REQUIREMENTS: Department of Defense Secret security clearance is required at time of hire. Applicants selected will be subject to a U.S. Government security investigation and must meet eligibility requirements for access to classified information. Due to the nature of work performed within our facilities, U.S. citizenship is required. Responsibilities for this Position We are seeking a Systems Security Engineer who has experience in the design and development of NSA-certified Cybersecurity devices. Key Responsibilities: Design and develop specifications for mission-critical NSA-certified Cybersecurity devices Collaborate with software and validation engineering teams to deliver high-speed data solutions Develop real-time multi-threaded Embedded System architecture using Model-based Systems Engineering (MBSE) tools and techniques Analyze and maintain system security requirements throughout product development lifecycle Conduct trade studies, perform functional analysis, and design system security. Preferred Skills and Experiences: NSA approved Cryptography/Encryption Security requirements analysis Real-Time multi-threaded Embedded System architecture and development Model-based Systems Engineering (MBSE) CISSP certification or similar INCOSE ASEP, CSEP, or ESEP certification We value candidates who possess: Drive to expand knowledge and experience in designing complex systems Ability to define project scope, schedule, and expected results Initiative to complete assignments and ability to engage in technical direction and leadership Our Commitment to You: An exciting career path with opportunities for continuous learning and development Research-oriented work with award-winning teams Competitive benefits package Salary Note This estimate represents the typical salary range for this position based on experience and other factors (geographic location, etc.). Actual pay may vary. This job posting will remain open until the position is filled. Combined Salary Range USD $100,219.00 - USD $111,180.00 /Yr. Company Overview General Dynamics Mission Systems (GDMS) engineers a diverse portfolio of high technology solutions, products and services that enable customers to successfully execute missions across all domains of operation. With a global team of 12,000+ top professionals, we partner with the best in industry to expand the bounds of innovation in the defense and scientific arenas. Given the nature of our work and who we are, we value trust, honesty, alignment and transparency. We offer highly competitive benefits and pride ourselves in being a great place to work with a shared sense of purpose. You will also enjoy a flexible work environment where contributions are recognized and rewarded. If who we are and what we do resonates with you, we invite you to join our high-performance team! Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans

Are you a Cybersecurity compliance expert ready to take the lead in a dynamic, high-impact role? Join a globally recognized firm where you'll play a key role in shaping and strengthening our cybersecurity strategy. This is your chance to make a difference in a fast-paced, professional environment that values innovation, collaboration, and technical excellence. Why You'll Love This Role: Drive Security Initiatives - Lead firmwide cybersecurity programs, ensuring compliance with ISO 27001 and other industry standards. Be a Decision-Maker - Approve security risks, implement best practices, and enhance policies to safeguard critical systems. Third-Party & Risk Management - Oversee vendor risk assessments, vulnerability management, and client security audits. Lead & Mentor - Supervise a Compliance Analyst and provide strategic guidance across teams. Innovate & Protect - Collaborate with IT leadership to integrate cutting-edge security solutions into firm operations. What You Bring to the Table: 5+ years of cybersecurity experience in a complex IT environment. Strong knowledge of security frameworks (ISO 27001, NIST, etc.). Hands-on experience with security tools, compliance audits, and risk assessments. Leadership experience with a passion for mentoring and developing security professionals. Bachelor's degree in Cyber Security, Computer Science, or a related field. Security certifications (CISSP, CRISC, etc.) strongly preferred. Offer includes: Competitive salary: $145,000 - $170,000 Hybrid work environment Excellent benefits package A culture of excellence, diversity, and professional growth Ready to step into a leadership role where your expertise will make a real impact? Apply today and be a key player in securing the future of a top international firm. Apply to this post or email your resume directly to Dan Gilliam, email: **************************** Tags: Cybersecurity, IT, ISO, Compliance, Security Manager

New England College of Optometry seeks an entry level Information Security Manager to develop, implement, and oversee a robust information security strategy and program. This critical role involves establishing and enforcing policies, procedures, and technologies to protect the confidentiality, integrity, and availability of institutional and student data. The Information Security Manager will be responsible for risk assessment, incident response, security operations, and ensuring compliance with all relevant regulations and standards. This role requires strong leadership, technical expertise, and excellent communication skills to collaborate effectively across the institution. Responsibilities * Develop, implement, and oversee a robust information security strategy and program in alignment with institutional goals and industry best practices. * Establish and maintain institutional information security policies, standards, and guidelines, ensuring they are regularly reviewed, updated, and communicated. * Manage security operations, including monitoring, detection, prevention, response, and analysis of security threats and vulnerabilities. * Lead and coordinate the information security incident response team, managing security breaches & ensuring timely and effective resolution and post-incident analysis. * Conduct regular risk assessments and penetration testing to identify and mitigate potential security vulnerabilities across systems, networks, and applications. * Ensure compliance with national and international regulatory frameworks (e.g., FERPA, HIPAA, ISO 27001, SOC 2) relevant to the organization. * Oversee security awareness training programs for all employees to promote a culture of security consciousness. * Manage the security budget and evaluate, select, and implement appropriate security tools and technologies. * Report on the status of the security program, vulnerabilities, and incidents to executive leadership. * Work on "special projects" as assigned by the Chief Information Officer. * Other duties as assigned. Requirements * Experience in designing, implementing, and managing enterprise-level information security programs and strategy. * Technical knowledge of network security, application security, cloud security (e.g., AWS, Azure, GCP), and endpoint protection technologies. * Understanding of risk management methodologies and security frameworks (e.g., ISO 27001, NIST, CIS Controls). * Experience leading security incident response and forensic analysis. * Strong communication and interpersonal skills, with the ability to explain complex security issues to technical and non-technical audiences. * Knowledge of networking principles, including wireless networking. * Excellent written and verbal communication skills, professional appearance, punctuality and a sense of urgency. * Experience working with Active Directory and Google Cloud Platform. * Ability and willingness to learn new technologies. Preferred Background/Skills * Professional certifications such as CISSP, CISM, or relevant SANS certifications. * Experience with Governance, Risk, and Compliance (GRC) tools and processes. * Exceptional organizational skills, with the ability to prioritize projects and tasks. * Familiarity with scripting languages (e.g., Python, PowerShell) for security automation. * Ability to write reports and document steps for knowledge sharing. * Ability to work efficiently and independently with minimal supervision. * Excellent customer service and communications skills. Education * Bachelor's degree in Computer Science, Information Technology, Information Security, or a related technical field. Experience * A minimum of 2 years of progressive experience in the field of information security. NECO is an Equal Opportunity employer and encourages all qualified candidates to apply. New England College of Optometry offers a robust benefits program including: * 3 plan options for BCBS medical coverage (employer subsidized at 75% or greater) * Mental Health and Wellness benefits * BCBS Dental * Discounted vision services * 13 paid holidays and generous paid time off for sick, vacation, and personal days * Employer-paid life insurance, and short-term and long-term disability * Voluntary Insurance: life, critical illness, hospital indemnity, accident, * Voluntary Benefits: employee discounts and pet insurance * 9% employer contribution to a 403(b) retirement plan after 1 year of service with no vesting schedule or match requirement * Qualified Public Service Loan Forgiveness Employer

Full-time Description New England College of Optometry seeks an entry level Information Security Manager to develop, implement, and oversee a robust information security strategy and program. This critical role involves establishing and enforcing policies, procedures, and technologies to protect the confidentiality, integrity, and availability of institutional and student data. The Information Security Manager will be responsible for risk assessment, incident response, security operations, and ensuring compliance with all relevant regulations and standards. This role requires strong leadership, technical expertise, and excellent communication skills to collaborate effectively across the institution. Responsibilities Develop, implement, and oversee a robust information security strategy and program in alignment with institutional goals and industry best practices. Establish and maintain institutional information security policies, standards, and guidelines, ensuring they are regularly reviewed, updated, and communicated. Manage security operations, including monitoring, detection, prevention, response, and analysis of security threats and vulnerabilities. Lead and coordinate the information security incident response team, managing security breaches & ensuring timely and effective resolution and post-incident analysis. Conduct regular risk assessments and penetration testing to identify and mitigate potential security vulnerabilities across systems, networks, and applications. Ensure compliance with national and international regulatory frameworks (e.g., FERPA, HIPAA, ISO 27001, SOC 2) relevant to the organization. Oversee security awareness training programs for all employees to promote a culture of security consciousness. Manage the security budget and evaluate, select, and implement appropriate security tools and technologies. Report on the status of the security program, vulnerabilities, and incidents to executive leadership. Work on "special projects" as assigned by the Chief Information Officer. Other duties as assigned. Requirements Experience in designing, implementing, and managing enterprise-level information security programs and strategy. Technical knowledge of network security, application security, cloud security (e.g., AWS, Azure, GCP), and endpoint protection technologies. Understanding of risk management methodologies and security frameworks (e.g., ISO 27001, NIST, CIS Controls). Experience leading security incident response and forensic analysis. Strong communication and interpersonal skills, with the ability to explain complex security issues to technical and non-technical audiences. Knowledge of networking principles, including wireless networking. Excellent written and verbal communication skills, professional appearance, punctuality and a sense of urgency. Experience working with Active Directory and Google Cloud Platform. Ability and willingness to learn new technologies. Preferred Background/Skills Professional certifications such as CISSP, CISM, or relevant SANS certifications. Experience with Governance, Risk, and Compliance (GRC) tools and processes. Exceptional organizational skills, with the ability to prioritize projects and tasks. Familiarity with scripting languages (e.g., Python, PowerShell) for security automation. Ability to write reports and document steps for knowledge sharing. Ability to work efficiently and independently with minimal supervision. Excellent customer service and communications skills. Education Bachelor's degree in Computer Science, Information Technology, Information Security, or a related technical field. Experience A minimum of 2 years of progressive experience in the field of information security. NECO is an Equal Opportunity employer and encourages all qualified candidates to apply. New England College of Optometry offers a robust benefits program including: 3 plan options for BCBS medical coverage (employer subsidized at 75% or greater) Mental Health and Wellness benefits BCBS Dental Discounted vision services 13 paid holidays and generous paid time off for sick, vacation, and personal days Employer-paid life insurance, and short-term and long-term disability Voluntary Insurance: life, critical illness, hospital indemnity, accident, Voluntary Benefits: employee discounts and pet insurance 9% employer contribution to a 403(b) retirement plan after 1 year of service with no vesting schedule or match requirement Qualified Public Service Loan Forgiveness Employer

Highligth is seeking a Cyber Security Engineer to join our software team supporting a federal customer in Bedford, MA. Responsibilities This individual must have advanced knowledge and hands‑on experience in developing and implementing security into software programs. They will be responsible for maintaining and improving the performance of existing security process for development code, with duties to write and update software code and security processes under direction from the assigned Government Product Manager. Individual must have hands‑on experience in software security assessments, and be capable of documenting and communicating the outcome of these assessments to leadership. Qualifications Bachelor Degree in Computer Science, Mathematics or equivalent technical degree, with concentrations/focus on security or equivalent. Or an additional 4 years of software security assessment experience (total of 6 years, added to requirement below) 1+ years experience with DevSecOps tools and processes to include, but not limited to Git, Concourse, SonarQube, Fortify and Sysdig 2 years experience in some software development discipline to include Java, Web services, Database, or web application development. 2 years in software security assessments and/or reviews. 2 years experience of reviewing software documentation, security findings/comments, and source code (if available) for accuracy, completeness, and associated risk About Highlight For over ten years, Highlight has provided Development and Modernization, Secure IT, and Mission Solution services to our federal government customers. Our team knows the technology; we understand how our customers and their stakeholders work; and we know how to implement industry best practices to deliver high‑quality, end‑to‑end solutions that minimize risk and maximize results. Since our inception, Highlight has had an employee‑first mindset. Our mission is to provide employees with rewarding and impactful career opportunities. In 2021, Highlight's founder, Rebecca Andino, implemented an Employee Stock Ownership Plan to embody and expand our culture of transparency, teamwork and rewarding the work of our employees. By becoming an ESOP, our employee‑owners share in the success of the company through their ownership stake. To learn more about ESOPS, check out: ***************** We're an Equal Opportunity Employer (EOE) that empowers our people to fearlessly drive change - regardless of their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other characteristics. Our team is dedicated to foster diversity within our teams to promote creativity, innovation, and teamwork to deliver the best solutions for our customers. To receive compensation and benefits information for this role, contact us or email us at **************************** Please include the Req ID (this is at the top of the posting under the position title) in the subject line of the email. Recruitment Fraud Disclaimer Highlight takes your security seriously. Please be aware that fraudulent actors may attempt to circulate fictitious job opportunities and impersonate our recruiters. The main purpose of these correspondences is to obtain privileged information from individuals. To protect yourself, keep the following in mind: All emails will come from an official @highlighttech.com or @talent.icims.com email address. We will never request payment or personal financial information during the recruitment process. We will not send job offers via email. All offers are first extended verbally by a member of our recruitment team whenever possible, and then followed up via written communication through official channels. If you suspect fraudulent activity or have any doubts about the authenticity of an email, letter, or telephone communication supposedly from, for, or on behalf of Highlight, please contact our team directly at ****************************. #J-18808-Ljbffr

A leading automotive service company in Downtown Boston seeks a dedicated Senior Security Engineer to safeguard its web and mobile applications, manage various security incidents, and ensure compliance with safety standards. This role requires collaboration across teams to implement defense strategies and educate staff on security practices. Self-starters with expertise in threat management and a solid understanding of compliance frameworks will thrive in this vibrant environment. Join the mission to revolutionize car ownership and enjoy competitive pay and exceptional benefits. #J-18808-Ljbffr