Information security analyst jobs in Prunedale, CA - 296 jobs

Team Intro The Access Assurance vertical within USDS Data Identity and Access Management (DIAM) Team is responsible for designing and maintaining an access management program with a mission to enforce the principle of least privilege. We strive to establish secure and compliant processes around provisioning, deprovisioning and governance of access to USDS data and infrastructure proactively identifying and reducing risks. Job Overview: As an Access Assurance Analyst, you will be part of the team responsible for Access Assurance within TikTok USDS. You will be responsible for supporting the team along with a team of cross-functional cyber, privacy, engineering, and data protection analysts to define, implement, manage, and measure controls to protect data in accordance with USDS policies and standards relevant to geographical regulations, contractual commitments, and confidentiality requirements. The Access Assurance Analyst will play a pivotal role in operationalization of access management programs in USDS. Responsibilities: * Design access management program that addresses data residency and fine-grained role-based access requirements and controls as necessitated by business need and regulations * Assist in the development and implementation of Access governance frameworks, policies, and procedures. * Build and review technical and functional requirements for in-house or external technologies to support access management and assurance needs, including applying appropriate security measures * Operationalize access management workflows to improve efficiency * Support periodic reviews of access to USDS data and systems * Drive remediation of non-compliant access in a timely fashion * Implement and enforce mechanisms to proactively monitor, respond and report on inappropriate data access events * Work with other information security teams to classify and categorize data based on sensitivity and compliance requirements * Support interactions with Risk and Compliance to understand control requirements and provide information to support findings for non-compliance with internal security policies * Responsible for designing and reporting key metrics and visualizations for weekly, monthly and bimonthly cadences across multiple audiences * Participate in security reviews to ensure compliance with access governance policies. * Foster a principle of least privilege for access management * Collaborate with key stakeholders to ensure alignment of access governance initiatives with organizational goals.Minimum Qualifications: * Bachelor's degree in a related field (e.g., Information Management, Computer Science, Business Analytics, Cyber Security) * 5+ years of experience in identity and access management or access governance & 5+ years of experience working with IAM tools and strong knowledge of Access management concepts (RBAC, PAM, Access Reviews, SOD, LCM, provisioning and deprovisioning of Access) * Experience in designing/deploying Access management solutions, Experience analyzing large data sets across multiple database types (e.g., MySQL, Hive, Redis etc) leveraging SQL etc., Experience with industry frameworks, standards and regulations (e.g. ISO, NIST) * Ability to write scripts, develop automations, configure tools, work with APIs and databases while being Proficient in at least one software programming language (Python,Java,Ruby etc) along with Familiarity with Cloud-based technology deployments * Demonstrate ability to quickly assimilate to new knowledge and remain current on new developments in cybersecurity capabilities and industry knowledge * Strong analytical and problem-solving skills with the Ability to communicate technical concepts to a broad range of technical and non-technical staff * Comfortable working in a fast-paced, dynamic environment Preferred Qualifications: * Strong understanding of technology environments and various databases * Experience working with technology partners to validate data-related problems * Experience working with Microservices architecture * Experience in automating access management workflows to reduce operational overhead * Experience with risk and controls frameworks including (ISO 27001, NIST CSF, NIST RMF, FAIR, COBIT, NIST RMF, ISO 31000 etc.)

Onto Innovation is a leader in process control, combining global scale with an expanded portfolio of leading-edge technologies that include: 3D metrology spanning the chip from nanometer-scale transistors to micron-level die-interconnects; macro defect inspection of wafers and packages; metal interconnect composition; factory analytics; and lithography for advanced semiconductor packaging. Our breadth of offerings across the entire semiconductor value chain helps our customers solve their most difficult yield, device performance, quality, and reliability issues. Onto Innovation strives to optimize customers' critical path of progress by making them smarter, faster and more efficient. Job Summary & Responsibilities The Desktop Technician's role is to provide a single point of contact for end-users to receive support and maintenance within the organization's desktop computing environment. This includes installing, diagnosing, repairing, maintaining, and upgrading all PC hardware and equipment to ensure optimal workstation performance. The person will also troubleshoot problem areas (in person, by telephone, or via e-mail) in a timely and accurate fashion and provide end-user assistance where required. Perform on-site analysis, diagnosis, and resolution of complex desktop problems for end-users, and recommend and implement corrective solutions, including off-site repair for remote users as needed. Install, configure, test, maintain, monitor, and troubleshoot end-user workstations and related hardware and software in order to deliver required desktop service levels. Assess the need for and implement performance upgrades to computers, including the installation of CPUs, I/O and NIC cards, hard disks, hard drives, RAM, CD-ROMs, etc. Collaborate with LAN technicians/network administrators to ensure efficient operation of the company's desktop computing environment. Where required, administer and resolve issues with associated end-user workstation networking software products. Receive and respond to incoming calls, e-mails and tickets regarding desktop problems. Prepare tests and applications for monitoring desktop performance, then provide performance statistics and reports. Maintain an inventory of computers and equipment Accurately document instances of desktop equipment or component failure, repair, installation, and removal. Qualifications College diploma or university degree in the field of computer science and/or equivalent work experience. Excellent technical knowledge of PC and desktop hardware. Excellent technical knowledge of PC internal components. Hands-on hardware troubleshooting experience. Extensive equipment support experience. Working technical knowledge of current protocols, operating systems, and standards. Ability to operate tools, components, and peripheral accessories. Able to read and understand technical manuals and procedural documentation. Ability to conduct research into PC issues and products as required. Effective interpersonal skills and relationship-building skills. Strong written and oral communication skills. Ability to present ideas in user-friendly language. Analytical and problem-solving abilities, with keen attention to detail. Self motivated and directed, with the ability to effectively prioritize and execute tasks in a high-pressure environment. Experience working in a team-oriented, collaborative environment. Strong customer-service orientation. Why Join Onto Innovation? At Onto Innovation, we believe your work should matter-and so should your well-being. That's why we offer competitive salaries and a comprehensive benefits package designed to support you and your family. From health, dental, and vision coverage to life and disability insurance, PTO, and a 401(k) with employer match, we've got you covered. You'll also enjoy access to our Employee Stock Purchase Program (ESPP), wellness initiatives, and cutting-edge tools-all within a collaborative, inclusive culture where your contributions are valued and recognized. Compensation & Growth • Base Salary Range: $ - $, offered in good faith and based on experience, location, and qualifications. Additional Rewards: Annual bonus opportunities and potential long-term incentives tied to both company and individual success. Empowering Every Voice to Shape the Future: Onto Innovation is committed to creating a workplace where every qualified candidate has an equal opportunity to succeed. We evaluate applicants based on skills, experience, and potential - without regard to race, color, religion, gender, sexual orientation, national origin, age, disability, veteran status, or any other characteristic protected by law. We believe diversity of thought and background drives innovation and strengthens our team. Important Note on Export Compliance For certain positions requiring access to technical data, U.S. export licensing review may be necessary for applicants who are not U.S. Citizens, Permanent Residents, or other protected persons under 8 U.S.C. 1324b(a)(3).

Onto Innovation is a leader in process control, combining global scale with an expanded portfolio of leading-edge technologies that include: 3D metrology spanning the chip from nanometer-scale transistors to micron-level die-interconnects; macro defect inspection of wafers and packages; metal interconnect composition; factory analytics; and lithography for advanced semiconductor packaging. Our breadth of offerings across the entire semiconductor value chain helps our customers solve their most difficult yield, device performance, quality, and reliability issues. Onto Innovation strives to optimize customers' critical path of progress by making them smarter, faster and more efficient. Job Summary & Responsibilities The Desktop Technician's role is to provide a single point of contact for end-users to receive support and maintenance within the organization's desktop computing environment. This includes installing, diagnosing, repairing, maintaining, and upgrading all PC hardware and equipment to ensure optimal workstation performance. The person will also troubleshoot problem areas (in person, by telephone, or via e-mail) in a timely and accurate fashion and provide end-user assistance where required. * Perform on-site analysis, diagnosis, and resolution of complex desktop problems for end-users, and recommend and implement corrective solutions, including off-site repair for remote users as needed. * Install, configure, test, maintain, monitor, and troubleshoot end-user workstations and related hardware and software in order to deliver required desktop service levels. * Assess the need for and implement performance upgrades to computers, including the installation of CPUs, I/O and NIC cards, hard disks, hard drives, RAM, CD-ROMs, etc. * Collaborate with LAN technicians/network administrators to ensure efficient operation of the company's desktop computing environment. * Where required, administer and resolve issues with associated end-user workstation networking software products. * Receive and respond to incoming calls, e-mails and tickets regarding desktop problems. * Prepare tests and applications for monitoring desktop performance, then provide performance statistics and reports. * Maintain an inventory of computers and equipment * Accurately document instances of desktop equipment or component failure, repair, installation, and removal. Qualifications * College diploma or university degree in the field of computer science and/or equivalent work experience. * Excellent technical knowledge of PC and desktop hardware. * Excellent technical knowledge of PC internal components. * Hands-on hardware troubleshooting experience. * Extensive equipment support experience. * Working technical knowledge of current protocols, operating systems, and standards. * Ability to operate tools, components, and peripheral accessories. * Able to read and understand technical manuals and procedural documentation. * Ability to conduct research into PC issues and products as required. * Effective interpersonal skills and relationship-building skills. * Strong written and oral communication skills. * Ability to present ideas in user-friendly language. * Analytical and problem-solving abilities, with keen attention to detail. * Self motivated and directed, with the ability to effectively prioritize and execute tasks in a high-pressure environment. * Experience working in a team-oriented, collaborative environment. * Strong customer-service orientation. Why Join Onto Innovation? At Onto Innovation, we believe your work should matter-and so should your well-being. That's why we offer competitive salaries and a comprehensive benefits package designed to support you and your family. From health, dental, and vision coverage to life and disability insurance, PTO, and a 401(k) with employer match, we've got you covered. You'll also enjoy access to our Employee Stock Purchase Program (ESPP), wellness initiatives, and cutting-edge tools-all within a collaborative, inclusive culture where your contributions are valued and recognized. Compensation & Growth * Base Salary Range: $ - $, offered in good faith and based on experience, location, and qualifications. * Additional Rewards: Annual bonus opportunities and potential long-term incentives tied to both company and individual success. Empowering Every Voice to Shape the Future: Onto Innovation is committed to creating a workplace where every qualified candidate has an equal opportunity to succeed. We evaluate applicants based on skills, experience, and potential - without regard to race, color, religion, gender, sexual orientation, national origin, age, disability, veteran status, or any other characteristic protected by law. We believe diversity of thought and background drives innovation and strengthens our team. Important Note on Export Compliance For certain positions requiring access to technical data, U.S. export licensing review may be necessary for applicants who are not U.S. Citizens, Permanent Residents, or other protected persons under 8 U.S.C. 1324b(a)(3).

The TV u0026 Sports Engineering team delivers the Apple TV+ streaming service, bringing customers Apple Original shows and movies, and live sports from MLS and MLB on Apple, Windows, Android, and third-party TV platforms. The team works on the Apple Sports app, the ultra-fast and easy-to-navigate app with real-time scores and stats for sports fans. This team is also responsible for ensuring the security of our Apple devices, users' identity, and content with FairPlay technologies. Our team is seeking a Software System Engineer to work on our software security technologies to develop and launch new products. You'll work on projects that touch all aspects of Apple products, and will demonstrate your strong software and interpersonal skills as you integrate new technology on multiple platforms and architectures. We are looking for someone who has a track record of software developement. You have a familiarity with various architectures (x86/ARM, mac OS/iOS, Android and others), and the ability to work with dynamic teams to produce reliable, robust code. Familiarity with security technologies (DRM, TrustZone, cryptography) is a huge plus. This is an outstanding opportunity to be involved in something new from the beginning. Show us your talent. It's meaningful, fun, and exciting. It's what makes us Apple. 5+ years of Experience with or passion for Systems security 5+ years of Experience with containerized server applications and their deployment Strong Software Engineering programming skills (C, C++) Experience with Embedded Systems Development Experience with or passion for Systems Security Experience with Android development Able to clearly communicate ideas and concerns Able to work effectively with different teams

Analyzes information security practices to ensure alignment with industry standards and guidelines. Identifies, investigates, and resolves security breaches detected by security solutions. Contributes to the creation and maintenance of security policies, standards, guidelines, and procedures. Leads and delivers staff training on information security and breach prevention. What You Will Do: Staying current on information security trends, news and security standards, especially those related to the healthcare industry Participating in the development of security standards and best practices for the organization Participating in the evaluation, design and implementation of new information security solutions to protect the organization's computer networks from cyber attacks Assessing the efficacy of existing security measures and processes to ensure that these measures and processes meet Health Insurance Portability and Accountability Act (HIPAA) and Federal Information System Controls Audit Manual (FISCAM) security standards and making recommendations for improvement Recommending security enhancements to management and senior ITS staff Analyzing software and systems requirements and providing objective advice on the level of security risks and remediation options Monitoring computer networks for security issues in order to reduce the risk of security incidents Leading investigation of security breaches and other cyber security incidents in collaboration with the Information Security Manager and the infrastructure team Documenting security breaches and assessing the damage caused Collaborating with the infrastructure team to ensure security measures and software to protect systems and information infrastructure, including firewalls and data encryption programs, are up to date Conducting system vulnerability audits and assessments on a proactive basis and collaborating with the infrastructure team to perform tests and uncover network vulnerabilities Managing efforts with vendors on annual security audit, including pen testing Assisting with developing and documenting preventive measures to ensure system security Staying informed of best practices and new developments in the field, analyzing applicability, making related recommendations, and developing written documentation of adopted practices Documenting computer security procedures, and tests Assisting with the development of policies, procedures, standards, and guidelines related to information security Developing information, training materials and presentations to educate the organization about information security management, data security, and prevention of breaches Assisting staff with the installation and utilization of new security products and procedures Conferring with staff regarding issues such as computer data access needs, security violations, and programming changes Monitoring systems and providing frequent training to staff regarding how to detect and avoid phishing attempts Reviewing any violations of security procedures and providing remedial training to staff, as needed Performs other duties as assigned You Will Be Successful If: In-depth knowledge of HIPAA and FISCAM security guidelines. Strong understanding of firewalls, proxies, SIEM, antivirus, and IDPS concepts. Proficiency with operating systems, virtualization, and security systems. High proficiency in Windows-based PC systems and Microsoft Office Suite. Working knowledge of penetration testing, patch management, and security frameworks (NIST, ISO 27001, COBIT). Familiarity with project management principles and customer service practices. Awareness of emerging security technologies such as AI, IoT, and blockchain. Strong analytical, problem-solving, and decision-making skills. Clear and concise writing and communication skills, with ability to present technical content to non-technical audiences. Experience creating training materials and leading staff training. Ability to manage multiple priorities, meet deadlines, and adapt to shifting needs. Leadership ability to facilitate meetings, resolve issues, and guide staff. Strong collaboration skills and diplomacy across teams and levels of the organization. Willingness to respond to after-hours information security incidents. What You Will Bring: Bachelor's degree in Information Technology, Cybersecurity, Computer Science, or a related field. 8 years of professional level information technology experience 3 years of experience performing information security functions in a health care environment (a Master?s degree may substitute for two years of the required experience); or an equivalent combination of education and experience may be qualifying Experience working in the health care industry Certification as a Certified Information Systems Security Professional (CISSP) issued by the International Information System Security Certification Consortium (ISC2), Certified Information Security Manager (CISM) issued by the Information Systems Audit and Control Association (ISACA), and/or Certified Ethical Hacker (CEH) issued by the Council of E-commerce Consultants (EC-Council), or equivalent

Job Description Forhyre is seeking a talented individual that will be able to provide security architecture support and interface across the program as needed. This support includes, but is not limited to, cybersecurity solutions, providing technical strategy for solutions, guidance, policy, and implementations. The successful candidate for this position is a highly motivated individual, with a strong IT security background who excels integrating, operating, and deploying security technology and solutions and interacts well with both internal teams and clients. Note: U.S. citizens and those authorized to work in the U.S. are encouraged to apply. We are unable to sponsor at this time. Responsibilities: Engineer, implement and monitor security measures for the protection of computer systems, networks and information Develop and implement security policies and controls to support the Cyber Security framework Manage the existing cyber security training program across global, multilingual business Assists in ensuring global Information security program meets all industry regulations, standards, and compliance requirements Drive adoption of infrastructure security best practices and work with Information Technology teams to ensure security standards are maintained Implement technology to proactively scan Information Technology environment for security breaches and suspicious activity Continuous improvement in the areas of Information Security technologies, techniques and processes Develops and maintains an effective system for the distribution of regular key performance indicator reports and dashboard Ability to interpret penetration test results and describe issues and fixes to non-security expert Responsible for leading an accurate & comprehensive status reporting to the executive steering committee Create and implement SOP/ process improvement initiatives to achieve outcomes that align or exceed the expectations of strategic roadmap Skills & Experience Bachelor's degree and 12+ years of experience; additional years of directly applicable experience may be accepted in lieu of a degree. Certified Information Systems Security Professional (CISSP) 8+ years hands-on experience designing or implementing security solutions, including all related documentation and artifacts Analytical ability, problem-solving skills, and ability to break down complex problems into actionable steps Extensive experience in design and development of enterprise security architectures. Experience must include a wide range of work in creating diagrams and documentation with all components that comprise IT systems including network topology. Strong knowledge and experience in secure enterprise architecture design, especially with regard to IAM, NDR, EDR, SIEM, AI/ML, and other cybersecurity tools and resultant applications Experience selecting effective methods, techniques, and evaluation criteria to achieve desired outcomes Previous experience developing architectures, strategies, strategic plans, roadmaps, and technical standards for the federal IT enterprise environment. Vulnerability Assessment testing and/or Penetration Testing (preferred) Robotic Process Automation/Intelligent Automation (preferred) Business case development supporting security technology solutions (preferred) Additional certifications demonstrating cybersecurity/technical mastery (preferred)

Opportunity Type CLASSIFIED EMPLOYMENT OPPORTUNITY Position Title INFORMATION SECURITY ANALYST Posting Number S2549 Close/First Review Date 11/16/2025 Department ITSS (Information Technology Support Services) Work Location District Office Position Status Full Time Salary Range $141,330 - $172,437 Annual Salary (Range 150: Classified Salary Schedule Fiscal Year 2025-2026). Starting placement is generally at Step 1. Benefits Summary In addition to the salary, this position qualifies for the choice of one of the District's excellent Health Benefits and Welfare plans, which the premium cost is 100% paid by the District for the employee and their eligible dependents, and one health plan costing an estimated $60,000 for the District for fiscal year 2025-2026. We offer two medical plans (Anthem Blue Cross [PPO] and Kaiser Permanente (HMO]); dental (Delta Dental PPO); vision (VSP Choice); life insurance for the employee (The Hartford); life insurance for eligible dependents (The Hartford); a long term disability/income protection plan (The Hartford); and an employee assistance plan (Anthem EAP). In addition, the District contributes an additional 26.81% of the employee's salary towards an eligible employee's pension (CalPERS). Employees may also elect to participate in optional plans including purchasing additional life insurance for themselves and their eligible dependent(s); enroll in a medical, transportation, and/or dependent care Flexible Spending Account(s) (with the $4 monthly administrative fee paid by the District); and set pre-taxed dollars aside to supplement their pension in a 403b (tax shelter annuity) and/or a 457 (deferred compensation) plan(s). Classified employees also earn 10 to 22 days per year of vacation (based on years of service), and up to 12 sick leave days (pro-rated for less than full-time positions). There are currently 20 paid holidays. Position Description POSITION SUMMARY The Information Security Analyst reports to Executive Director of ITSS (Information Technology Support Services) at the District Office. The work schedule is 12 months per year; 40 hours per week; Monday - Friday; 8:00 a.m. - 5:00 p.m. This position is represented by CSEA (California School Employees Association), Chapter 363. POSITION PURPOSE Reporting to Executive Director, ITSS or an assigned administrator, the Information Security Analyst performs complex work related to the District's information security program including testing, analysis and evaluation of the integrity and confidentiality of enterprise systems, network, assets and communication technology throughout the District. The position monitors security systems and conducts periodic risk assessments to identify, troubleshoot, diagnose, resolve and report security problems and breaches; assists in coordinating and conducting investigations involving District technology resources, and assists with security awareness training. DISTINGUISHING CHARACTERISTICS This position focuses on threat and vulnerability management with exposure and support on all aspects of the cybersecurity practice. Incumbent in this position should have advanced knowledge on risk identification, protection and compliance, threat detection, incident response plan development and annual review, and recovery services to achieve business resilience. KEY DUTIES AND RESPONSIBILITIES 1. Analyze, evaluate and implement security applications, policies, standards and procedures intended to prevent the unauthorized use, disclosure, modification, loss or destruction of data; work with the campus community and other staff to ensure the integrity and security of the information technology infrastructure. 2. Lead the development, testing and implementation of information security products and control techniques in all locations throughout the District. 3. Work with campus and district technology teams to ensure the security of all applications and assets. 4. Monitor and review security systems and logs. Identify, troubleshoot, diagnose, resolve, document and report security problems and incidents; help coordinate and conduct investigations of suspected breaches; respond to emergency information security situations. 5. Collaborate with application programming team and other IT staff to ensure production applications meet established security policies and standards. 6. Assist with training and education on information security and privacy awareness topics for District administrators, faculty and staff; assist in the development of appropriate security-incident notification procedures for District management. 7. Work with vendors to conduct vulnerability assessments to identify existing or potential electronic data and assets compromises and their sources; participate in investigative matters with appropriate law enforcement agencies. 8. Perform audits and periodic inspections of District information systems to ensure security measures are functioning and effectively utilized and recommend appropriate remedial measures to eliminate or mitigate future system compromises. 9. Review, evaluate, and recommend software products related to IT systems security, such as virus scanning and repair, encryption, firewalls, internet filtering and monitoring, intrusion detection, etc. 10. Monitor and maintain the District's security event information system (SEIM) and data loss prevention software. 11. Manage security systems and policies including but not limited to servers, firewalls, email security, and Microsoft 365 environment. 12. Recommend and implement security policies, protocols, practices and lead in creation of security training and guidance to staff. 13. Assist in the secure management and maintenance of the District's network authentication systems for wired and wireless network access. 14. Review security practices and controls of third-party service providers that handle District sensitive data, and review security controls and features of third-party software systems. 15. Ensure that maintenance, configuration, repair and patching of systems occurs on a scheduled and timely basis utilizing best practices in change management and consistent with policies and procedures. 16. Keep current with latest emerging security issues and threats through list servers, blogs, newsletters, conferences, user groups, and networking and collaboration with peers in other institutions. 17. Perform other duties reasonably related to the job classification. EMPLOYMENT STANDARD Knowledge of: 1. Compliance and industry cybersecurity standards frameworks such as NIST 800 and ISO standards. 2. Emerging technologies and the possible impact on existing information systems, instructional processes and business operations. 3. Incident response best practices and software license compliance laws. 4. Troubleshooting tools for computing hardware, servers and network equipment including but not limited to switches, routers, and firewalls. 5. Enterprise resource planning systems, Microsoft 365 and Active Directory and Azure Active Directory. 6. Principles of program design, coding, testing and implementation. 7. Advanced knowledge of desktop and server operating systems including Windows and Linux. 8. Disaster recovery and backup including business continuity planning. 9. Principles of training, support, and services to end-users. 10. General research techniques and data driven analytics. 11. Modern office administrative practices and use of tools including computers, websites and other applications related to this job. Skills and Ability to: 1. Apply current NIST and ISO standards to current operations. 2. Respond to incidents and events in a timely manner. 3. Prepare clear and concise system documentation and reports. 4. Prioritize assigned tasks and projects. 5. Communicate complicated technical issues and the risks they pose to stakeholders and management. 6. Establish and maintain effective and cooperative working relationships with others. 7. Analyze situations accurately and adopt effective course of action. 8. Coordinate, develop, and implement projects. 9. Work with attention to detail and independently with minimum supervision. Required Qualifications EDUCATION AND EXPERIENCE 1. A Bachelor's degree from an accredited institution with major course work in computer information systems, computer science, business administration, or related field. 2. Two years of experience performing information security duties, which may include implementing, overseeing, and/or managing information security technologies, process, or programs, including identification, protection, detection, response, and recovery activities. Certification: 1. Professional security or privacy certification, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or other similar credentials. District's Diversity * Demonstrated sensitivity, knowledge and understanding of the diverse academic, socioeconomic, gender identity, sexual orientation, cultural, disability, and ethnic background of groups historically underrepresented, and groups who may have experienced discrimination. * Success integrating diversity as appropriate into the major duties outlined in the job description and in the duties listed in the District's hiring policy; or demonstrated equivalent transferable skills to do so. Desired Qualifications 1. Bilingual abilities, desirable. Foreign Degree For positions that require a degree or coursework: Degree(s) must have been awarded by a college or university accredited by an accrediting body recognized by the U.S. Council on Post-Secondary Accreditation and/or the U.S. Department of Education. All degrees and credits earned outside of the United States must have a U.S. evaluation (course by course) of the transcripts and must be submitted with the application. Degrees earned outside of the U.S. without a U.S. credential evaluation attached, will not be considered. Working Environment Physical Demands: 1. Must sit for long periods of time, use hands and fingers to operate an electronic keyboard, reach with hands and arms, and speak clearly and distinctly to ask questions and provide information, hear and understand voices over telephone and in person. 2. The physical demands described here are representative of those that must be met by an individual to successfully perform the essential functions of this job. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions. About San Jose/Evergreen Community College District The District is represented by dedicated and talented employees who are passionate about providing our student population with the best educational experience possible. The District recognizes that cultural diversity in the academic environment promotes academic excellence; fosters cultural, racial and human understanding; provides positive roles models for all students, and creates an inclusive and supportive educational and work environment for its employees, students, and the community it serves. As of Spring 2024, with enrollment of approximately 15,655 students per semester, and an extremely diverse student population (Hispanic/Latino 45.20%, Black/African-American 3.45%, Asian/Pacific Islander 31.70%, American Indian/Native American 0.36%, White/Caucasian 12.76%) attaining educational goals reflecting 56% - Transfer to a 4-Year College/ University, the District's emphasis on student success makes it a recognized educational leader in the State. The District encourages a diverse pool of applicants to serve as colleagues to an existing diverse classified staff consisting of 43.9% Latinx, 25.3% Asian/Pacific Islander, 4.2% Black/African American, 0.3% American Indian/Native American, 17.9% White/Caucasian, and as well as encouraging applications from all qualified, outstanding applicants. Important Information EQUAL OPPORTUNITY EMPLOYER STATEMENT: San José-Evergreen Community College District is an Equal Opportunity Employer committed to nondiscrimination on the basis of ethnic group identification, race, color, language, accent, immigration status, ancestry, national origin, age, gender, gender identity, religion, sexual orientation, transgender, marital status, veteran status, medical condition, and physical or mental disability consistent with applicable federal and state laws. CONTACT: Employment Services, Human Resources, SJECCD 40 S. Market Street, San Jose, CA 95113 Phone: ************** Email: ******************************* Employment Website: ****************************** District Website: ************** APPLICATION PROCEDURES: Interested applicants MUST SUBMIT ONLINE ALL of the following materials by the First Review Date/Closing Date as listed on the job announcement. Applications received after the First Review Date will only be forwarded to the hiring committee at their request. 1. A completed online San José-Evergreen Community College District APPLICATION. 2. A COVER LETTER (Stating how you feel you meet the qualifications as outline in the job announcement). 3. A current RESUME/CURRICULUM VITAE 4. TRANSCRIPT - (If Required) If a degree is listed as a requirement, transcripts (Not Diplomas) MUST INCLUDE confer or award date of stated degree. Unofficial transcripts will be accepted; however if the position is offered, official transcripts will be required prior to employment. If the transcripts or degrees are from outside of the United States, an official certification of equivalency to U.S. degrees by a certified U.S. credential review service (course by course of the transcripts) MUST also be submitted. (See below for a list of suggested services that provide foreign degree equivalency evaluation to U.S. degrees). Note: Some positions may require additional documents and/or certificates, in addition to the items listed above. Please refer to the job announcement. OTHER APPLICANT INFORMATION: 1. Only complete application materials will be considered. No exceptions. 2. Letters of Recommendation are NOT required and will not be forwarded to the hiring committee. 3. Upon hire the successful candidate must provide the required documents of identity and authorization to work and attest he/she is authorized to work in the United States. 4. Application materials become the property of the District and will not be returned or duplicated. 5. Travel expenses to attend the interview are the responsibility of the candidate. 6. Meeting the minimum qualifications does NOT assure an interview. 7. The District may re-advertise, delay, choose not to fill the position, or choose to fill more than one position. Suggested services that provide foreign degree equivalency evaluation to U.S. degrees: Academic Credentials Evaluation Institute, Inc. Website: *************************** Education Records Evaluation Services Website: ************ International Education Research Foundation Website: ******************** World Education Services Website: ***********

Team Introduction The Physical Security System and Technology Team, falls under the physical security department of the Corporate Services. Its core responsibility is to leverage technological means to guard against security risks within the workplace. In addition, the team undertakes the daily operation, maintenance, and upgrade of global physical security and prevention systems (such as Lenel, Hikvision, Avigilon, etc.), and is also responsible for the management and maintenance of physical security-related data. Responsibilities: - Provide technical support to users, document system issues reported, analyse & identify root-cause, recommend solutions, fix issues, provide status updates to users, and provide periodical incident reports & updates to management. - Experienced with SQL database open connectivity development. Able to provide guidance to the internal R&D team members on the integration between internal developed applications and security systems. - Coordinate with security system vendors to ensure outstanding issues raised by internal R&D teams are being addressed by vendors in a timely manner. Document issues and provide status updates to management on a periodical basis. - Act as the primary point of contact to the security system vendor. Attend a periodical meeting with the security system vendor as required. - Perform periodical system health checks to ensure safe, stable and efficient operation of the security system on a global basis. - Perform application & system upgrade based on recommendation by the vendor to ensure the version in used meets standard operation. Enhances existing software capabilities, and develops direct system testing and validation procedures. Minimum Qualifications: - Studied in any of these faculties: Computer Science, Information Technology, Programming & Systems Analysis, Science. - Experienced in one or more programming languages, such as scripting experience in Shell and Python, and SQL. - Experienced in designing, building, and maintaining large-scale distributed applications & systems or experience in databases, operating systems, and server management & maintenance. Preferred Qualifications: - Be highly self-motivated, able to proactively identify problems, and promote the continuous development and progress of related projects. - Lenel physical security-related applications & systems certified/trained.

reports to the Cyber Security Manager and is responsible for reviewing and analyzing threat feeds in order to assist in optimizing currently deployed tools/procedures/processes throughout the organization. Analyst must analyze escalated security incidents from linear departments to validate, understand, and create lessons learned to help strengthen the posture of the organization. Analyst must also be able to advise on IT initiatives, IT business projects, and IT engineering in regards to security industry best practice. The analyst must also have a firm understanding of penetration testing and vulnerability assessments. A strong networking background and security certifications are preferred. Qualifications Demonstrate a comprehensive understanding of security processes for installation, management, monitoring and response of enterprise networks In depth experience with Information System Security (ISS), PKI, firewalls, intrusion detection/protection and related vulnerability assessment tools for network periphery and internal network/service discovery and topology mapping Experience working with a Security Operation Center Experience in full life cycle information technology solution implementation from conceptualization, requirements, design and specification through development (coding), integration testing and commissioning Demonstrate the ability to communicate clearly, to both technical and non-technical audiences, risks, threats, and vulnerabilities identified during assessments Demonstrated understanding of TCP/IP networking Must have strong incident handling experience including knowledge of common probing and attack methods, network/service discovery, system auditing, viruses, and worms Security testing of Enterprise networks through ethical hacking Experience responding to incidents in a 24/7 environment Experience working in a fast paced industry dealing with sensitive data Demonstrate strong understanding of Windows, networking, telephony and wireless security skills

NVIDIA has been transforming computer graphics, PC gaming, and accelerated computing for more than 25 years. It's a unique legacy of innovation that's fueled by great technology-and amazing people. Today, we're tapping into the unlimited potential of AI to define the next era of computing. An era in which our GPU acts as the brains of computers, robots, and self-driving cars that can understand the world. Doing what's never been done before takes vision, innovation, and the world's best talent. As an NVIDIAN, you'll be immersed in a diverse, supportive environment where everyone is inspired to do their best work. Come join the team and see how you can make a lasting impact on the world. We're looking for a hardworking ATE Security Engineer to work on provisioning of security keys for our next-generation GPU, CPU, Tegra, and Automotive products. In this role, you'll play a critical part in developing solutions to provision security keys in the manufacturing process. If you enjoy solving complex technical challenges, working closely with latest test platforms, and contributing to the secure foundation of advanced silicon products, this role is for you. What You'll be doing: * Develop and integrate ATE solutions for secure key provisioning across our entire product range. * Work alongside security architecture teams to define and validate product security key features. * Work with HSM suppliers to incorporate secure key provisioning solutions that align with ATE environments. * Develop and optimize ATE test methods and programs in partnership with ATE Test Engineers. * Drive innovation in ATE solutions to streamline and strengthen security key provisioning processes. What we need to see: * Bachelor's degree or higher in Electrical Engineering, Computer Engineering, or a related field (or equivalent experience). * 2+ years of proven experience in the semiconductor industry. * Strong understanding of silicon verification, testing, and manufacturing. * Hands-on experience with the Advantest 93K ATE platform. * Proficiency in Linux and programming languages such as Java, C++, C#, Perl, or Python. * Excellent communication skills, with the ability to work effectively in global, cross-functional teams. * Thrive in a high-speed work setting. Way to stand out from the crowd: * Knowledge of cryptography and its applications at the chip and system levels. * Experience with system-level testing or validation. * A collaborative approach and passion for secure, scalable engineering. With competitive salaries and a generous benefits package, NVIDIA is widely considered to be one of the technology world's most desirable employers. We have some of the most thoughtful and talented people in the world working for us. Due to unprecedented growth, our best-in-class engineering teams are rapidly growing. If you're a creative and autonomous engineer with a real passion for technology, we want to hear from you. Your base salary will be determined based on your location, experience, and the pay of employees in similar positions. The base salary range is 100,000 USD - 166,750 USD for Level 2, and 132,000 USD - 207,000 USD for Level 3. You will also be eligible for equity and benefits. Applications for this job will be accepted at least until January 13, 2026. This posting is for an existing vacancy. NVIDIA uses AI tools in its recruiting processes. NVIDIA is committed to fostering a diverse work environment and proud to be an equal opportunity employer. As we highly value diversity in our current and future employees, we do not discriminate (including in our hiring and promotion practices) on the basis of race, religion, color, national origin, gender, gender expression, sexual orientation, age, marital status, veteran status, disability status or any other characteristic protected by law.

The Senior Security Operations Specialist will provide expert support, analysis and research into complex problems and processes relating to the security infrastructure environment. As a key member of the Security Operations team, the security administrator will implement and provide support for operations of Firewalls, Proxies, Load Balancers, IPS / IDS, SIEM, Vulnerability Management and other technologies. The security administrator will ensure appropriate security controls and monitoring are in place for external network connections by coordinating with project teams, users and company partners. Key Responsibilities: Create and maintain security infrastructure that follows industry best practices including a high level of availability and ease of user access. Evaluate and develop systems to enhance our security posture while reducing overall digital security risk. Lead IT infrastructure integrations with partners from a security perspective. Maintain awareness of industry security threats and respond to security incidents. Assist in the architecting of new products, features, and capabilities. Coordinate with team and Global Operation peers to test and troubleshoot alarm and access control devices.

The Information Security Director is responsible for the development and oversight of a comprehensive information security, compliance and privacy program. The scope of this position is global and requires a working knowledge of the various regulations. This role is responsible for the integration of IT systems with security policies and information protection strategies. The role is also responsible for developing, maintaining, and publishing privacy and information security standards, procedures, and guidelines for use within the IT organization. This position will require some day-to-day, hands on management of the various applications used for information security companywide. The candidate will make sure security policies, standards and procedures are established and enforced. The candidate must be prepared to provide presentations to Audit Committee on company security posture exhibiting professionalism and maturity at all times. Job Responsibilities include (but are not limited to): Develops and maintains a risk strategy that formalizes risk into a comprehensive program for management to assess areas of concern. Maintains a governance program that ensures all Information Security controls are adequately maintained and reported. Works with business teams to maintain information security policies, procedures, and standards and assists the various departments and practice groups in adhering to them Develops, publishes, and maintains a comprehensive organization-wide information privacy and security strategy, plans, policies, procedures, and guidelines. Manages the development, implementation, and maintenance of security policies, standards, and guidelines. Directs the development and enforcement of information security and privacy policies in compliance with federal and state regulations and standards. Coordinates the development of an ongoing information security awareness and knowledge program to ensure that employees are aware of threats and how to help ensure privacy of company information. Identifies current security infrastructure and defines what kind of security must be designed and implemented in order to meet organization requirements. Work with legal to ensure data protection practices are consistent with international regulatory requirements. Researches and maintains proficiency in tools, techniques, countermeasures, and basic trends in computer and network threats and exploits. Maintains appropriate security measures and mechanisms to guard against unauthorized access to electronically stored and /or transmitted client information and reasonably protects against anticipated threats and vulnerabilities Conducts risk analysis and assessments to ensure there are solutions in place to mitigate those risks. Assists in the responses to RFI\RFPs and security related concerns. Provides management with up to date information on the different threats and security vulnerabilities that the organization may face. Ensures compliance through adequate training programs and oversight of periodic internal security audits. Serves as active participant in Information Security Steering Committee and serves as IT owner for security-related incident responses Technical Skills Required: The successful candidate must possess a strong understanding of the following: Technical implications of security threats and vulnerabilities Technical analysis and evaluation of network and security vulnerabilities, and managing security systems such as anti-virus, firewalls, patch management, intrusion detection and encryption Vulnerability scanning, intrusion detection, anomaly detection, and associated technologies Intrusion Detection\Prevention Systems, firewalls, ACLs and encryption technologies Tools, techniques, and standards used to conduct penetration testing of networks and applications The latest information security threats & vulnerabilities and appropriate countermeasures Best Practices related to information\computer forensic investigation processes and techniques TCP/IP and other related protocols Soft Skills Required: The successful candidate must possess the following soft skills: Must be an intelligent, articulate, consensus building, and persuasive leader who can serve as an effective member of the senior management team and communicate information security-related concepts to a broad range of technical and non-technical staff Must demonstrate the ability to maintain strict confidentiality of company internal and personnel affairs. Ability to manage multiple concurrent objectives or activities, and effectively make judgments in prioritizing and time allocation in a high-pressure environment Ability to deal with changes and adapt to a changing environment Ability to work well with others, harness different skills and experience, and build a strong sense of team spirit Highly self-motivated and directed Ability to work in a multi-office environment and willingness to travel to other offices as required Excellent verbal communication and writing skills Presentation Skills - Prepare and deliver formal and informal presentations to illustrate ideas, solutions and issues to upper management Intermediate project management experience Must have strong documentation\technical writing skills Education and Experience: The candidate must have extensive experience in information security with a technical background in computer science, mathematics, engineering, or a related field. This technical background must be balanced with effective management skills, because the Director of Information Security must interact with people at all levels of the organization. Experience with disaster recovery planning and testing, auditing, risk analysis, business resumption planning, and contingency planning Bachelor's degree in Computer Science, Engineering, Mathematics or related disciplines (or equivalent experience) 10+ years practical experience in IT security related positions (IT Security Director, IT Security Manager, Security Auditor, Security Analyst, etc.) CISSP, CISM, CISA, CEH, ITIL, and Project Management certifications preferred.

This company is excited to offer career opportunities within our fast growing organization. Our mission - "Helping people throughout life's journey" and the vision to be the trusted partner for improving the quality of life in the communities we serve. They are a "Top 25" non-profit provider under the AbilityOne Program. This company serves to help people with disabilities find meaningful employment in multiple business service lines in 14 states, including internationally. The IT teams maintains government and commercial contracts and has been honored with numerous awards for service excellence and supporting employee morale. The IT team is a primary federal contractor for DMDC for DoD, where our focus is on identity management and software development credentialing, and personnel security and benefits. They offer competitive compensation and benefits package. Position Summary: The Information Assurance (IA) Specialist V will provide information security support for information systems and IT operations. Job Qualifications: Degree Requirement: Bachelor's Degree in Information Technology or related field. May substitute equivalent combination of education and experience. Fifteen (15) or more years of experience in the field or in a related area. Experience with DoD's RMF, DIACAP, NIST Certification & Accreditation. Must possess Security + or CISSP certification. Advanced understanding of software installation and configuration. Working knowledge of networks and network devices (switches, routers, firewalls, etc.). Applicants selected will be subject to a government security investigation and must meet eligibility requirements. U. S. Citizenship required per government contract. Travel Requirements: Some travel may be required, up to 10% of the time.

Join Fortinet, a cybersecurity pioneer with over two decades of excellence, as we continue to shape the future of cybersecurity and redefine the intersection of networking and security. At Fortinet, our mission is to safeguard people, devices, and data everywhere. Fortinet is seeking an experienced and innovative AI Security Engineer to join our Corporate Information Security team. As an AI Security Engineer, you will play a crucial role in ensuring the security, safety, and privacy of our AI-driven applications while collaborating with cross-functional teams and providing technical expertise. Key Responsibilities: Serve as an AI security subject matter expert who provides guidance to internal teams Work closely with development teams, conduct code reviews, perform AI Red Teaming assessments, to identify vulnerabilities in existing codes and new features, and participate in architectural reviews to ensure security is considered early in the development lifecycle. Perform threat modeling for AI-related products, such as chatbots, MCPs implementations, and autonomous agents. Integrate Security and AI-Specific checks into CI/CD workflows to automate security testing and ensure consistent application of best practices. Develop, implement, and communicate vulnerability mitigation strategies Develop strategies, evaluate solutions, design and implement tools, processes and controls to ensure that security, safety and privacy are designed in Fortinet AI applications. Develop and maintain security guardrails, input/output filters, and policy enforcement layers for LLM interactions Proactively research new attack vectors on AI applications that may affect Fortinet applications and infrastructure. Be part of a global distributed team to share knowledge, workload and assignments. Strong sense of teamwork is required. Coach peers in AI/ML security concepts and best practices. Minimum Qualifications 7+ years of work experience as an Information security, product security, application security, AI/ML or data science related fields. Strong understanding on LLM Based Application architectures, technologies, frameworks, and foundational concepts like training, vector databases, memory, tool usage, MCP, Agentic AI, Guardrails etc. Solid understanding on current attacks on ML models, including adversarial examples, prompt injection, training data extraction, model extraction, and data poisoning. Solid understanding on LLM moderation, prompt engineering and guardrails. Strong understanding on OWASP TOP 10 and OWASP LLM Top 10 risks. Strong understanding of common API security risks Strong understanding on Cloud-Native application architecture, microservices, containerization technologies, secure deployment and implementation issues. Proven experience in manual application penetration testing Proven experience in security code review Strong foundation in computer and network security, authentication & authorization, security protocols and applied cryptography Solid understanding on CI/CD pipelines, build systems and DevSecOps principles. Experience defining security architecture patterns and standards in a large enterprise organization. Experience with cloud-based security solutions and familiarity with cloud service providers, particularly in relation to AI Security Experience working with threat modeling methodologies such as STRIDE, MAESTRO etc. Solid understanding of OAuth and JWT implementations. Ability to organize & communicate effectively, both written and verbal, with technical and non-technical people across functional teams A BS degree in Computer Science, Cyber Security, other tech-related degree, or equivalent experience. Ways to Stand Out MS or PhD in, Artificial Intelligence or related field Experience in AI Red teaming or adversarial testing of AI/ML applications. Use of AI in vulnerability research or some other offensive domain Experience analyzing AI-generated code for security issues Demonstrated experience in MLops or Deep learning related infrastructure Understanding of data science, statistical analysis, and visualization Background of AI Trust principles and familiarity with application of ethical and safety perspectives to AI implementations. Strong understanding on EU AI Act, GDPR, ISO 42001 or NIST AI RMF like frameworks. About Our Team: Join our team, known for its collaborative ethos, working seamlessly with global customers, internal engineering teams and product development groups. Our team culture emphasizes continuous learning, innovation, and a strong commitment to customer satisfaction. We embrace Fortinet's core values of openness, teamwork and innovation, fostering an environment where team members support each other, share knowledge, and leverage AI to solve complex technical challenges. Our inclusive and dynamic team thrives on collaboration and is driven by the shared goal of maintaining Fortinet's high standards of excellence in cybersecurity solutions. Why Join Us: We encourage candidates from all backgrounds and identities to apply. We offer a supportive work environment and a competitive Total Rewards package to support you with your overall health and financial well-being. Embark on a challenging, enjoyable, and rewarding career journey with Fortinet. Join us in bringing solutions that make a meaningful and lasting impact to our 660,000+ customers around the globe. The US base salary range for this full-time position is $160,000-$220,000. Fortinet offers employees a variety of benefits, including medical, dental, vision, life and disability insurance, 401(k), 11 paid holidays, vacation time, and sick time, as well as a comprehensive leave program. Wage ranges are based on various factors, including the labour market, job type, and job level. Exact salary offers will be determined by factors such as the candidate's subject knowledge, skill level, qualifications, experience, and geographic location. All roles are eligible to participate in the Fortinet equity program. Bonus eligibility is reviewed at the time of hire and annually at the Company's discretion.

Apple's Vision Products Group is seeking an engineer with experience in secure software development and a deep understanding of operating systems, hardware, and software security to join their team. The role involves working at the intersection of hardware and software security, with a focus on designing and implementing secure software stacks and applying cryptography for platform security. The ideal candidate should have extensive development experience, particularly in C/C++, and be able to collaborate effectively with cross -functional teams to ensure the highest levels of security and privacy for Apple's products and technologies. This role offers an opportunity to contribute to the security requirements of hardware and software design while advocating for security best practices within the organization. Candidates should hold a BS in Computer Science or Electrical Engineering, and bonus experience in SoC level design is a plus. The compensation for this role is competitive, with a base pay range between $170,700 and $300,200, along with benefits, stock programs, and potential bonuses or commissions, making it an impactful position within Apple's Technology Development Group.

Role Purpose The Director of Information and Data Security will establish and lead Eltropy's IT and Cybersecurity function, responsible for developing foundational systems, processes, and governance across infrastructure, data protection, and compliance. This leader will drive security maturity across the organization, balancing hands-on execution with long-term strategic planning, and partnering with external GRC consultants to build a scalable security and compliance framework aligned with industry standards (e.g., SOC 2, ISO 27001). Key Responsibilities IT and Infrastructure Security Oversee endpoint management, asset inventory, and identity and access management (IAM). Establish standards for device hardening, patch management, and secure configuration. Define and manage the budget for all security and IT tools, services, and human capital, ensuring cost-effectiveness and alignment with the overall security roadmap. Implement centralized visibility and control across systems and SaaS applications. Cybersecurity and Data Protection Lead threat detection, vulnerability management, and incident response operations. Implement and maintain a Cloud Security Posture Management (CSPM) solution to monitor cloud infrastructure (AWS/Azure) for misconfigurations and compliance issues. Deploy and tune SIEM/XDR solutions to enhance visibility and threat detection across environments. Conduct regular penetration testing, track remediation, and drive security awareness programs. Define and enforce data protection policies covering classification, encryption, and retention. Governance, Risk, and Compliance (in partnership with GRC Consultant) Partner with external GRC consultants to design and operationalize Eltropy's information security and compliance framework. Translate consultant-driven recommendations into actionable internal controls, policies, and monitoring mechanisms. Manage the Third-Party Risk Management (TPRM) program, including vendor due diligence, security questionnaires, and ongoing risk monitoring. Maintain a centralized risk register and oversee remediation tracking. Own operational compliance for frameworks such as SOC 2, ISO 27001, and GDPR. Security Architecture and Product Collaboration Work closely with Engineering and Product teams to embed security-by-design principles in SaaS architecture and cloud deployments. Implement automated security testing (SAST/DAST) within the CI/CD pipeline to shift security left and reduce vulnerabilities early in the development lifecycle. Review architecture and third-party integrations to ensure alignment with data security and privacy standards. Incident Management and Business Continuity Establish and operationalize the company's Incident Response Plan (IRP) and Business Continuity/Disaster Recovery (BCP/DR) framework. Conduct tabletop exercises and post-incident reviews to enhance preparedness and learning. Security Awareness and Culture Develop and implement a company-wide security awareness program. Partner with HR and Operations to ensure onboarding/offboarding includes security compliance and periodic training. Foster a security-first culture emphasizing accountability and vigilance across teams. Leadership and Department Setup Build and lead a high-performing IT and Security team, including IT administrators and cybersecurity engineers. Define structure, roles, and hiring priorities aligned with the company's growth stage. Create a phased roadmap for security maturity, including technology adoption and process optimization. Key Performance Indicators (KPIs) Security Tool Coverage: Achieve at least X% deployment and agent coverage across all corporate and cloud assets within the first 6 months. Vulnerability Remediation: Maintain average time-to-remediate critical and high vulnerabilities below X days. Compliance Milestones: Achieve SOC 2 / ISO 27001 readiness within agreed timelines. Asset Visibility: 100% endpoint and asset inventory completeness. Incident Management: Reduction in mean time to detect (MTTD) and mean time to respond (MTTR) for incidents. Team Ramp; Process Setup: Completion of key hires and operational processes within the first year. Requirements Independent, self-starter with strong ownership and execution bias. Ability to prioritize and execute in a resource-constrained, fast-paced SaaS environment. Strategic thinker with operational depth; able to balance long-term maturity goals with immediate risk mitigation. Excellent communication skills with the ability to influence and align cross-functional stakeholders. Proven experience setting up IT or cybersecurity programs in a SaaS or technology environment. Strong understanding of endpoint protection, cloud infrastructure security (AWS/Azure), IAM, and network security. Experience with SIEM and/or XDR deployment and tuning for threat detection and monitoring. Familiarity with CSPM, SAST/DAST, and vulnerability management tools. Knowledge of GRC frameworks (SOC 2, ISO 27001) and translating them into practical, auditable controls. Reporting to: VP of Operations Level: Senior Leadership Direct Reports: - IT Team - Cybersecurity Engineer(s)

Role Purpose The Director of Information and Data Security will establish and lead Eltropy's IT and Cybersecurity function, responsible for developing foundational systems, processes, and governance across infrastructure, data protection, and compliance. This leader will drive security maturity across the organization, balancing hands-on execution with long-term strategic planning, and partnering with external GRC consultants to build a scalable security and compliance framework aligned with industry standards (e.g., SOC 2, ISO 27001). Key Responsibilities IT and Infrastructure Security * Oversee endpoint management, asset inventory, and identity and access management (IAM). * Establish standards for device hardening, patch management, and secure configuration. * Define and manage the budget for all security and IT tools, services, and human capital, ensuring cost-effectiveness and alignment with the overall security roadmap. * Implement centralized visibility and control across systems and SaaS applications. Cybersecurity and Data Protection * Lead threat detection, vulnerability management, and incident response operations. * Implement and maintain a Cloud Security Posture Management (CSPM) solution to monitor cloud infrastructure (AWS/Azure) for misconfigurations and compliance issues. * Deploy and tune SIEM/XDR solutions to enhance visibility and threat detection across environments. * Conduct regular penetration testing, track remediation, and drive security awareness programs. * Define and enforce data protection policies covering classification, encryption, and retention. Governance, Risk, and Compliance (in partnership with GRC Consultant) * Partner with external GRC consultants to design and operationalize Eltropy's information security and compliance framework. * Translate consultant-driven recommendations into actionable internal controls, policies, and monitoring mechanisms. * Manage the Third-Party Risk Management (TPRM) program, including vendor due diligence, security questionnaires, and ongoing risk monitoring. * Maintain a centralized risk register and oversee remediation tracking. * Own operational compliance for frameworks such as SOC 2, ISO 27001, and GDPR. Security Architecture and Product Collaboration * Work closely with Engineering and Product teams to embed security-by-design principles in SaaS architecture and cloud deployments. * Implement automated security testing (SAST/DAST) within the CI/CD pipeline to shift security left and reduce vulnerabilities early in the development lifecycle. * Review architecture and third-party integrations to ensure alignment with data security and privacy standards. Incident Management and Business Continuity * Establish and operationalize the company's Incident Response Plan (IRP) and Business Continuity/Disaster Recovery (BCP/DR) framework. * Conduct tabletop exercises and post-incident reviews to enhance preparedness and learning. Security Awareness and Culture * Develop and implement a company-wide security awareness program. * Partner with HR and Operations to ensure onboarding/offboarding includes security compliance and periodic training. * Foster a security-first culture emphasizing accountability and vigilance across teams. Leadership and Department Setup * Build and lead a high-performing IT and Security team, including IT administrators and cybersecurity engineers. * Define structure, roles, and hiring priorities aligned with the company's growth stage. * Create a phased roadmap for security maturity, including technology adoption and process optimization. Key Performance Indicators (KPIs) * Security Tool Coverage: Achieve at least X% deployment and agent coverage across all corporate and cloud assets within the first 6 months. * Vulnerability Remediation: Maintain average time-to-remediate critical and high vulnerabilities below X days. * Compliance Milestones: Achieve SOC 2 / ISO 27001 readiness within agreed timelines. * Asset Visibility: 100% endpoint and asset inventory completeness. * Incident Management: Reduction in mean time to detect (MTTD) and mean time to respond (MTTR) for incidents. * Team Ramp; Process Setup: Completion of key hires and operational processes within the first year. Requirements * Independent, self-starter with strong ownership and execution bias. * Ability to prioritize and execute in a resource-constrained, fast-paced SaaS environment. * Strategic thinker with operational depth; able to balance long-term maturity goals with immediate risk mitigation. * Excellent communication skills with the ability to influence and align cross-functional stakeholders. * Proven experience setting up IT or cybersecurity programs in a SaaS or technology environment. * Strong understanding of endpoint protection, cloud infrastructure security (AWS/Azure), IAM, and network security. * Experience with SIEM and/or XDR deployment and tuning for threat detection and monitoring. * Familiarity with CSPM, SAST/DAST, and vulnerability management tools. * Knowledge of GRC frameworks (SOC 2, ISO 27001) and translating them into practical, auditable controls. Reporting to: VP of Operations Level: Senior Leadership Direct Reports: * IT Team * Cybersecurity Engineer(s)

The Opportunity We are seeking an experienced Security Engineer to join our team and help secure Otter's cloud infrastructure and the systems behind our AI-powered meeting products. In this role, you will design and implement security controls, improve detection and response, reduce cloud risk through automation, and partner closely with DevOps and Engineering to ensure secure-by-default cloud deployments. This is a highly hands-on role for someone who thrives in fast-moving environments, can balance risk reduction with shipping velocity, and enjoys building security capabilities that scale. Your Impact * Design and implement secure cloud architectures and guardrails across our environments (network segmentation, encryption, key management, secure service patterns). * Own IAM security: access controls, least-privilege policies, privileged access workflows, and recurring access reviews. * Build and scale cloud security infrastructure (logging, monitoring, alerting, vulnerability management, and DLP controls where appropriate). * Harden CI/CD and infrastructure-as-code with security automation (secrets detection, dependency scanning, IaC scanning, policy-as-code). * Monitor cloud security signals and investigate security alerts; continuously improve detection quality and reduce noise. * Lead incident response for cloud security events and help mature playbooks, forensics readiness, and response processes. * Conduct cloud security assessments and threat modeling for new architectures and high-impact changes; partner with Engineering to drive remediation. * Support compliance requirements and security controls aligned to enterprise needs (e.g., HIPAA, PCI-DSS, GDPR; and security frameworks such as NIST / ISO 27001). We're looking for someone who * 5+ years of experience in cloud security engineering or closely related security engineering roles. * Strong knowledge of cloud security architectures, controls, and compliance requirements. * Expertise securing public cloud platforms (e.g., AWS, Azure), including multi-cloud networking considerations and designing cloud-agnostic patterns where needed. * Solid understanding of container security, network security, and cloud security services. * Experience building and operating core security capabilities such as logging/monitoring, vulnerability management, and (bonus) DLP. * Strong understanding of security frameworks such as NIST and ISO 27001. * Excellent problem-solving and analytical skills, plus strong communication and cross-functional collaboration. * Bachelor's degree in Computer Science, Cybersecurity, or related field About Otter.ai We are in the business of shaping the future of work. Our mission is to make conversations more valuable. With over 1B meetings transcribed, Otter.ai is the world's leading tool for meeting transcription, summarization, and collaboration. Using artificial intelligence, Otter generates real-time automated meeting notes, summaries, and other insights from in-person and virtual meetings - turning meetings into accessible, collaborative, and actionable data that can be shared across teams and organizations. The company is backed by early investors in Google, DeepMind, Zoom, and Tesla. Otter.ai is an equal opportunity employer. We proudly celebrate diversity and are committed to building an inclusive and accessible workplace. We provide reasonable accommodations for qualified applicants throughout the hiring process. Accessibility & Accommodations Otter.ai is committed to providing reasonable accommodations for candidates with disabilities in our hiring process. If you need assistance or an accommodation during any stage of the recruitment process, please contact *********** at least 3 business days before your interview. * Otter.ai does not accept unsolicited resumes from 3rd party recruitment agencies without a written agreement in place for permanent placements. Any resume or other candidate information submitted outside of established candidate submission guidelines (including through our website or via email to any Otter.ai employee) and without a written agreement otherwise will be deemed to be our sole property, and no fee will be paid should we hire the candidate. Salary range Salary Range: $185,000 to $210,000 USD per year This salary range represents the low and high end of the estimated salary range for this position. The actual base salary offered for the role is dependent based on several factors. Our base salary is just one component of our comprehensive total rewards package. #LI-Hybrid

Atomic Machines is ushering in a new era of micromanufacturing with its Matter Compiler™ technology platform. This platform enables new classes of micromachines to be designed and built by providing manufacturing processes and a materials library that are inaccessible to semiconductor manufacturing methods. It unlocks MEMS manufacturing not only for device classes that could never be produced by semiconductor methods, but also for entirely new categories. Furthermore, this digital platform is fully programmable in the way 3D printing is digital-but whereas 3D printing produces parts of a single material using a single process, the Matter Compiler™ technology platform is a multi-process, multi-material system: bits and raw materials go in, and complete, functional micromachines come out. The Atomic Machines team has also created an exciting first device-made possible only through the Matter Compiler™ technology platform-that we will be unveiling to the world soon. Our offices are in Emeryville and Santa Clara, California. About The Role: This is a broad-responsibility, high-judgment technical leadership role managing the cyber security function and implementing the security and IT infrastructure of a rapidly growing startup company with engineering offices in Emeryville and Santa Clara. As a Cyber Security Engineer, you will lead and oversee the design, implementation, and maintenance of robust security solutions within platform, data, engineering, and office environments. The ideal candidate will possess strong leadership skills, deep technical expertise, and a strategic mindset to safeguard the organization's digital assets. This is a full-time, onsite position in either our Emeryville or Santa Clara office, with a need to work from the other office occasionally. What You'll Do: Build and manage cyber security at Atomic Machines. Develop and implement a strategic vision for securing Atomic Machines' assets, including IP, financial records, personal data, and physical infrastructure, while designing scalable security architectures for both cloud-native and on-prem systems. Conduct security risk assessments, threat modeling, and incident response, identifying vulnerabilities, implementing mitigations, and managing escalations as needed. Lead IT risk and compliance initiatives, implementing cybersecurity best practices (e.g., ISO 27001, NIST), conducting internal audits, assessing vendor security certifications, and reviewing contractual security requirements. Integrate security into CI/CD pipelines and Git-driven Infrastructure-as-Code (IaC) workflows to support secure software releases. Manage security across networking and infrastructure across engineering teams, including physical access control, on-prem servers, cloud services, CI/CD pipelines, and embedded systems, ensuring scalability and reliability. Develop and deliver formal and informal security training sessions to educate the engineering organization on best practices, risk mitigation strategies, and secure development principles. Partner with and manage external agencies and vendors when additional security coverage and support are needed. What You'll Need: 8+ years of experience in Information Security, including at least 3 years in a management role. Experience managing all aspects of Information Security for a company, including Cyber Security, risk assessment, and incident response (startup experience preferred). Previous industry experience as a System Administrator, with hands-on knowledge of infrastructure management, user access controls, and system security best practices. Expertise in cloud security for modern AWS architectures, including IAM, security monitoring, logging, security configuration, and Infrastructure-as-Code (IaC). Proficiency in Infrastructure-as-Code (IaC) workflows (e.g., Terraform, Ansible, Git). Ability to enable secure cloud environments for production software releases using AWS services (e.g., EC2, Redshift, S3) and hybrid security solutions (e.g., Tailscale, WireGuard). Strong networking expertise across physical and virtual environments, including VLANs, firewalls, DNS, and secure access solutions. Experience balancing infrastructure automation, security, scalability, and developer productivity. Extensive hands-on experience with security tools and technologies, including SIEM, MDR, IDS/IPS, WAF, DLP, and vulnerability scanners. High-level proficiency in SAML/SSO solutions and using hardware MFA keys. Experience developing and presenting cybersecurity training programs for employees. Knowledge of IT processes, risk, and control frameworks, including CoBIT, ISO 27001, NIST, ITIL, and PCI. Familiarity with security regulatory requirements and standards (e.g., SOC 1/2/3, SANS Top 20, NIST 800-53). Security certifications preferred (e.g., CISSP, CCSP, CISM, CSSP). Ability to explain complex security issues to both technical and non-technical audiences. Proven ability to work in fast-paced environments with minimal guidance. Flexibility to work daily in the Emeryville office and commute to Santa Clara as needed. BS in Computer Science, Cybersecurity, Information Security, or a related field preferred. The compensation for this position also includes equity and benefits. Salary Range $175,000 - $235,000 USD